| In the era of big data,there are three prominent problems in the field of personal information infringement damage compensation,namely,the application of liability principle,the identification of risk damage and the determination of causality.First of all,the principle of presumption of fault stipulated in the Personal Information Protection Law is conducive to reducing the burden of proof when the infringed claims the right,which is very beneficial to safeguarding the rights and interests of personal information.However,the uniform application of principle of presumption of fault still has limitations,and the deficiency lies in the weakness of the inversion of the burden of proof and the disadvantages of unified applying the presumption of fault.The introduction of the no-fault liability principle is reasonable and beneficial,but it also needs to carefully regulate its application scope to avoid putting excessive burden on personal information processors.The dual liability principle system of "taking the presumption of fault as the basic principle and taking the no-fault liability principle for the processing of personal information using high-risk algorithm" is in line with the consideration of the setting factors of the liability principle of "hazard source control ability" and "proof and litigation ability",and is reasonable.Secondly,the risk damage compensation of personal information has legal and practical legitimacy.The expenditure of risk prevention and the anxiety caused by risk all produce the interest difference,which makes the risk damage of personal information infringement.Legislation and justice should innovate the concept of damage,conditionally recognize risk damage,and judge whether risk damage meets the deterministic standard according to the type of personal information,the way and purpose of information processing,information misuse and other factors,and take the "privacy degree of personal information" as an important reference factor to determine the amount of compensation according to the actual situation.Finally,the bilayer causality theory should be used in the identification of the causality of damages for the infringement of personal information.In the first layer of "causal relationship of responsibility establishment",the identification of " conditioning theory " is applicable.When multiple processors jointly process or share personal information,but the specific infringer cannot be determined.As long as it can prove that it is highly possible that the together activities for the infringement of personal information rights and interests,the causal relationship of liability can be determined.In the second layer of "scope of responsibility",the causality identification of "equivalent causality theory" is applicable,and different standards of proof are adopted to for the conditional relationship and equivalence,general scenarios and special scenarios.That is,the victim bears the burden of proof of the conditional relationship,and the infringer bears the burden of proof of no equivalence.In general scenes,the high degree of probability standard is adopted to identify the conditional relationship and equivalence;in case of information misuse and processing personal information using high-risk algorithms,the court should consider identifying the scene as a special scene,identify the conditional relationship by the reasonable degree of probability standard,and identify the equivalence by the high degree of probability standard. |
PDF Full Text Request