| In the modern digital society,personal information protection and data utilization are a pair of major contradictions that cannot be ignored.The concept of personal data in the era of big data emphasizes the development,utilization and sharing of big data based on the importance of information security and the protection of personal data.From the perspective of major contradictions,we are already in the era of big data,and data application scenarios and conflicts of interest are exploding.How to form an effective model and system for data protection in changing data and to promote the new formation of industries and economic model of digital economy cannot be separated from the joint efforts of the whole society.This is also an important issue for global governance of data.From an international perspective,as personal data has become an increasingly important strategic resource,countries are also trying to seek solutions for the balance of the use and protection of personal data on the premise of maintaining their country’s global competitive advantages and balancing the interests of various domestic sectors.The United States cuts in from the perspective of protecting consumer privacy.The EU’s General Data Protection Regulation(GDPR)and its series of legal documents incorporate personal information and data protection into the scope of basic rights protection,while Singapore,Japan,and South Korea in Asia also have their own point of view which can provide a reference for our country’s legislation.In the long run,data rights protection does not conflict with data flow and commercial use.Therefore,our country’s data legislation is not faced with a "choose one" problem,but a "balance" problem.Chapter One,Introduction.First,in the context of the era of big data,achieving a balance between personal information protection and data flow has always been the most important core issue.The key issues that this article attempts to solve include clarifying the relationship between information and data,fully understanding and applying the principle of informed consent,and reviewing the shortcomings of the "triple authorization" at this stage.Chapter Two is the basic theory of the commercial use of personal information.This chapter tends to clarify the definition and definition mode of personal information,and to refine the classification of data,so as to pave the way for the following scenario-based discussion.In addition,the distinction between personal information and data is also in response to the concept confusion menti6oned in the Introduction Chapter.Although the mixed use of information and data concepts does not cause a deviation in understanding in law,it does not mean that there is no difference between information and data in the aspect of concept and object concept.Only by clarifying the relationship between the two can the contradiction between personal information protection and data utilization be better resolved.Chapter Three is about the conflicts in the commercial use of personal information.From the perspective of the subject,this chapter first divides the conflicts into two categories:one is the conflict between the information subject and the data developer;the other is the conflict between different data developers.In the former conflict,the very representative principle of informed consent was selected for analysis.Starting from the current application dilemma of this principle,I examined and compared the experience from outside the region,and then reviewed and analyzed relevant cases in our country.In the latter conflict,the issue of authorization between enterprises in the circulation and utilization of data was emphasized,that is,the authorization logic of the triple authorization principle,data ownership disputes,and obstacles in shared circulation.By examining the practices of the European Union and the United States,a solid foundation was prepared for the following path.Chapter Four is the relief model of the commercial use of personal information.When discussing various relief models in this chapter,I found that these various relief models at this stage are basically plagued by the entanglement of personality attributes and property attributes in personal information,and there are more or less loopholes in pure empowerment or behavioral regulations.In this regard,we might as well learn from the experience of GDPR and combine "behavior regulation" with "property empowerment".Chapter Five is about the construction of a balanced path between personal information protection and commercial use.After a series of discussions on the above-mentioned theories and the defects exposed in the actual application,this chapter proposed the data typing path,the "fair use" and hierarchical consent path,and the application path of the triple authorization typed scenario.Based on data segmentation,different protections were provided according to the level of risk that may arise from the use of data,and as far as possible to adapt to the rules of commercial use.Using the "fair use" exemption grounds to balance the infringement liability caused by the lack of consent is also a conclusion to the Douyin case mentioned in Chapter Three.The path of hierarchical consent is to stimulate the flexibility of the principle of informed consent.Based on this,the discussion of the scenario typology of triple authorization also responds to the authorization logic issues and data ownership issues mentioned above.Through the improvement of the path,it is hoped that this will better balance the contradictions and conflicts in the commercial use of personal information,and provide a reference for the upcoming "Personal Information Protection Law". |
PDF Full Text Request