| In the era of big data,personal information protection faces more severe challenges.The improvement of information collection and analysis not only intensifies the digital gap between information processors and information subjects,but also puts forward higher requirements on the information and technical capabilities of administrative agencies.Under this background,administrative regulation in the protection of personal information have exposed major flaws and urgently need to be restructured.Publicprivate cooperation regulation have brought new ideas to the upgrading and adjustment of administrative regulation,which can better deal with personal information protection problems.Public-private cooperation regulation introduces the positive elements of administrative regulation and self-regulation,realizing the substantive participation of private entities in the regulatory process to varying degrees,and launching institutional arrangements in the three dimensions of the regulatory body,regulatory norms,and regulatory tools.Public-private cooperation regulation is closely related to selfregulation.Self-regulation itself contains the genes of cooperation,and the connotation of cooperative regulation reveals the traces of self-regulation.In order to accurately understand the connotation of public-private cooperation regulation,cooperative administration theory,reflexive law theory and right protection theory provide theoretical justification for the development of public-private cooperation regulations,revealing the possibility of public-private cooperation regulation mode in personal information protection.Of course,it is inevitable to choose public-private cooperation regulation for personal information protection.On the one hand,it is based on a reflection on the current law.The fragmentation of administrative power has led to the imbalance of the personal information protection system,and leading to a chaotic situation of multiple supervision,repeated supervision,and blank supervision.The legality of interview mechanism and the weakness of command and control means have made it difficult for the existing administrative methods to achieve regulatory effects.In addition,the legislation lacks obligations for information processors,making it difficult to achieve the purpose of personal information protection.On the other hand,the advantages of public-private cooperation regulation are fully demonstrated in the era of big data,helping to achieve a tripartite balance of interests in the protection of personal information.Public-private cooperation emphasizes the participation of private subjects,especially the information processor can use its technical and resource advantages to resolve administrative regulation failure.Public-private cooperation regulation incorporates soft law,giving play to the flexible characteristics of soft law,and can flexibly respond to future developments.In addition,the regulatory means not only include administrative regulatory means,but also self-regulatory means,adapting to the regulatory needs of different stages.Whether it is the EU,which favors rights protection,or the United States,which emphasizes the development of the digital economy,have chosen the approach of public-private cooperation to protect personal information.GDPR stipulates the obligations of data controller and data processor,and the configuration of responsibilities of regulatory agencies have shown a clear cooperation and regulation situation.This is embodied in the design and default data protection,data protection impact assessment system,code of conduct.The United States has long implemented a regulatory framework that combines decentralized legislation and industry selfdiscipline,and has introduced privacy protection legislation in different fields.It has chosen to achieve a balance between the free flow of information and the protection of privacy rights through the self-discipline of the internal norms of industry organizations.The US Federal Trade Commission fills loopholes in self-regulation,in which the signing of the consent order reveals the cooperative regulation.In addition,what cannot be ignored is the California Consumer Privacy Act.In addition to the self-regulation tools,the penalty system has great reference significance for our country.The public-private cooperation regulation for personal information protection needs to return to law.Constructing a multiple law system that combines soft law and hard law is the first step.To incorporate soft law into the legal system,attention should be paid to the complementary functions between soft law and hard law,as well as the division of distinction and cooperation in norms.Clarifying the status and authority of public and private subjects in the legislation of personal information protection is the second step.On the one hand,we must integrate administrative resources and clarify responsibilities.On the other hand,it is necessary to clarify the form of participation of private entities,and supplement the legality of self-regulation from the state guarantee responsibility and due process.Accepting multiple regulatory means is the third step.Through the designed privacy protection,personal information security impact assessment and mandatory information disclosure,these obligations appropriately incorporate self-regulation tools into legal norms.The renewal of regulatory measures established by administrative agencies has not only improved interviews mechanism and administrative penalties,but also incorporated administrative reconciliation system. |
PDF Full Text Request