| It's hard for the traditional protection mode of individual information right to handle various risks brought by the big data era.The traditional system consisted of“informed-consent”,the “identification” definition for dichotomy of individual information,and the principle of limited purposes etc.has limited function.The operation of the giant machine of society requires fossil oil of data to power it.At the same time,the necessity of citizen to protect their rights of individual information and privacy is unprecedently high.With the development of the big data era,balancing the use and protection of individual information has become the primary issue.In order to solve this problem,this thesis examines the traditional individual information protection system from the view of the “scenario integrity theory” proposed by professor Nissenbaum and puts forwards some shortcomings of the traditional system.Then this thesis tries to integrate the “scenario integrity system” into the individual information protection system and give some new ideas about the specific systems.This thesis first introduces several theories about the right of individual information,namely property rights theory,privacy theory,individual information self-determination theory,individuality rights theory and scenario integrity theory.Since this thesis mainly discusses the individual information right protection system under the scenario integrity theory,the article introduces the concept,constituent elements and normative composition of the scenario integrity theory in details.Then,through the method of empirical analysis,the article points out legislation and judicial status of the protection of individual information rights in China,and uses the chart to make the results more stereoscopic.As far as legislation is concerned,at present,China's laws on the protection of individual information rights are very fragmented.There is no top-level legislation that stipulates that Chinese citizens enjoy the right of individual information.There are cross-cutting and even contradictions between the legal provisions in various fields.The most deadly thing is that the process from the generation of individual information to the use of information is a chain,but many laws and regulations only stipulate certain individual links do not cover all the key links of individual information utilization leading to individual information protection loopholes.In terms of specific system design,firstly,in the definition of the object of individual information rights,China adopts the "identification definition",but the simple dichotomy of the data is difficult to meet the requirements of the big data era.Under the "dichotomy",many non-identification information can still identify individual information through cross-validation and accumulation.Secondly,the traditional individual information protection system is based on the “informed consent”mechanism.But as the base,“informed-consent” mechanism is becoming more and more incapable in the era of big data.The heavy reading burden and the deprivation of the user's actual choices make it difficult for the mechanism to exert its actual effect.Thirdly,in terms of the principle of "purpose limitation",the rapid flow of data and the wide use make the principle of purpose limitation incompatible with the era of big data.But in order to meet the requirements of this principle,information processing organizations must formulate an obscure and lengthy privacy policy,which not only increases the burden of users but also reduces the efficiency of information utilization.Finally,in terms of user control and transparency,the traditional individual information protection system user control is too advanced.Therefore,each time the data processing behavior beyond the user's consent requires user re-authorization,which not only increases the burden of the user but also increases the costs of enterprises.With regard to the judicial status quo of the protection of individual information rights in China,since entering the era of big data in 2013,the number of cases concerning the rights of individual information rights in China has risen linearly,and the demand for relief of individual information rights has increased dramatically.However,China's current remedy for personal information rights is far from being sufficient,and the main remedy is criminal relief.Criminal relief is often an after-effect relief,and it requires the situation to reach a serious level.The situation to infringe the right of individual information of a single individual is difficult to be regard as criminal.Even in civil remedies,many courts mix the right of individual information with the right of privacy.Since China does not have the right of individual information,most cases that infringe individual information are handled in a manner that infringe privacy,which causes the right of individual information to be annihilated by the right of privacy.After that,the article comparatively analyzes the shortcomings and the worth learnings of the application of the scenario theory in the EU and the United States.In contrast,the US <Consumer Privacy Bill of Rights Act of 2015(Draft)> basically runs through the entire bill in terms of scenario theory,while the EU <General Data Protection Regulation> is still based primarily on traditional protection structures,but in some specific systems,also added the factors of the scenario theory.By comparing the specific institutional design of the EU and the United States,this paper analyzes its shortcomings and merits,and puts forward some suggestions for the construction of China's individual information rights protection system.Finally,the article puts forward some suggestions on the construction of individual information rights protection system under the scenario theory in China from the perspective of legislation and justice.In terms of legislation,establishing a top-level law and supplemented by other laws of various sectors.Develop a top-level legislation that protects the right of individual information and stipulates that citizens have the right to individual information.In terms of specific systems,firstly,construct a theoretical model of “scenario-oriented and risk-oriented”,which evaluate the risk level expected by users according to the scenario when individual information iscollected,and conduct risk assessment for information utilization behavior beyond the scope of user authorization.Any information utilization behavior that is not higher than the risk level belongs to the "rational use" behavior needn't the user's re-authorization.For information utilization behaviors above this level of risk,the user must be informed to provide the user with an opt-in mechanism.If the user chooses to continue to enter,it is necessary to provide users with measures to reduce risks.Secondly,the focus of regulation should shift from the definition of individual information to the management of the use of individual information.The use of individual information should be hierarchically defined,focusing on unreasonable use of individual information.Thirdly,replace the "limitation principle of purpose" by the "risk limitation principle".The "principle of purpose" under the traditional protection framework can no longer meet the requirements of the era of big data,not only increasing the burden on users but also increasing the operating costs of enterprises.However,the "risk limitation principle" is the embodiment of "reasonable use" under the scene theory.The focus on the protection of individual information rights changes from "quantity" to "risk",that is,the law doesn't require the organization to collect and develop the minimum number of information in order to achieve goals,but require the minimization of the risk of data usage.Again,in terms of user control and transparency,unlike the traditional “informed-consent” framework,user post-control system only requires the user to control individual information processing behaviors which beyond the expected risk.Finally,strengthening user contact with third-party information processing organizations and establishing a individual information user responsibility mechanism to enhance the transparency is required.In the judicial aspect,establishing the civil relief of the individual information rights is necessary.The main remedies include breach of contract and infringement.Secondly,it is necessary to clarify the difference between individual information rights and privacy rights,and give individual information rights an independent legal status. |
PDF Full Text Request