Perfection Of China's Personal Information Protection Law From The Perspective Of China's New Cybersecurity Law

On November 7,2016,the Cybersecurity Law of the People's Republic of China was officially passed and will come into force on June 1,2017.Just as its name implies,the main purpose of the law is to safeguard the security of the network,safeguard the sovereignty over cyberspace,and regulate the security of network information.But the cyber-world is in fact the world of digital information,the essence of the network is the exchange of data and information,so when we talk about network security it is inevitable to face with the problem of information and data protection.The provisions relating to information protection that represents in newly promulgated Cybersecurity Law can be regard by far as the China's most comprehensive and applicable information and data protection principles.However,the relevant provisions of this law for the protection of information and data still lack some of the common elements of data-in-use laws in other countries,such as explicit access to personal information,the need for data quality,Special provisions for sensitive information protection and handling.Nor does the law establish a unified national data protection agency such as the European Union's Data Protection Agency(DPA)or the Office of the Privacy Commissioner of Canada(OPC).by comparing with the information protection rules existed in our country,this article will point out the significance of progress of the new rules sites in the Cybersecurity Law,and at the same time by introducing Canada's Privacy Protection system,pointed out its remaining problems and gaps.This article is divided into five chapters.The first section of the first chapter will introduce specific cases to point out the actual risks faced by personal information,including the traditional risks,the threat of personal information from the Internet of Things,and the infringement of personal information by the black industry chain of information trading.The significance of personal information protection and the current plight of personal information protection;Section ? will first view the legislative practices of different countries,and different terms exist under different jurisdictions for identifying "personal information","personal privacy" and "personal data" such related concepts,and derives the precise concepts and connotations of personal information.At the same time,discusses the current mainstream academic doctrine of the right of personal information,and analyzes the problems in these doctrines to derive the right attributes of personal information.The second chapter will mainly introduce and analyze the structure of the Canadian personal information protection system,the evolution of the "protection scope" of personal information,and Canada's "information fairness principle" that rooted in international data protection standards.At the end of this chapter,by reviewing the report made by Office of the Privacy Commissioner of Canada,I will explain the current emergence of problems and countermeasures of personal information protection in Canada.The third chapter will focus on the practice of China information protection.I will briefly describe China's efforts in personal information protection,and from the aspects of"definition of the obligatory subject","personal information definition","network operator's obligations","data subject rights" and "information protection agency" to discuss the relevant provisions of the "Personal Information Protection" in the Cybersecurity Law.By comparing relevant similar provisions that existing in Chinese laws,I will point out the significance of progress,and at the same time,compared to Canada's Privacy Protection system,pointed out its remaining problems and gaps.The fourth chapter will propose several suggestions for improving the protection of personal information in China.First,it can not be deny that the personal information protection law can still follow the rules and regulations of personal information protection in the Cybersecurity Law,as the structure of cybersecurity law shows a good model.When formulating and soliciting opinions on the "Personal Information Protection Law," the following aspects can be considered:clarifying the right to personal information,distinguishing the subject of the obligation and the scope of its obligations,and establishing a unified personal information protection agency.The fifth chapter will be the conclusion part of this article,and put forward the author's expectation of the "Personal Information Protection Law" legislation.In fact,the protection of personal information will not hinder innovation and the information economy.While the Personal Information Protection Law protects the right of personal information,it also protects the right of information collection and control subjects to legally collect,use,and transmit information.Benign development plays a guiding role.It is hoped that the "Personal Information Protection Law" will be able to carry out legislative work as soon as possible.While information technology will promote economic development,everyone can enjoy the fruits of the information economy instead of living in the shadow of information leakage and infringement.