个人信息权的体系化解释——兼论《个人信息保护法》的公法属性

《个人信息保护法》是数字时代个人信息保护的基本法。它采取了将个人信息权作为新兴公法权利的思路,确立了完整的个人信息权利保护体系,在个人信息保护问题上和《民法典》一起形成了公私法共同协力的进路。《个人信息保护法》以权利束的方式规定了个人信息主体的知情权、决定权、查阅权、复制权、更正权、删除权、可携带权和信息权利救济权等。《个人信息保护法》从立法依据、权利体系、条文设计和规制措施上都体现出鲜明的公法属性,这也可以从基本权利的双重面向和个人信息国家保护义务得到理论上的证成。这部法律是数字时代公法秩序的基石,它对公法边界的形塑仍需通过其实施来确立。     

Pricing privacy – the right to know the value of your personal data

The commodification of digital identities is an emerging reality in the data-driven economy. Personal data of individuals represent monetary value in the data-driven economy and are often considered a counter performance for “free” digital services or for discounts for online products and services. Furthermore, customer data and profiling algorithms are already considered a business asset and protected through trade secrets. At the same time, individuals do not seem to be fully aware of the monetary value of their personal data and tend to underestimate their economic power within the data-driven economy and to passively succumb to the propertization of their digital identity. An effort that can increase awareness of consumers/users on their own personal information could be making them aware of the monetary value of their personal data. In other words, if individuals are shown the “price” of their personal data, they can acquire higher awareness about their power in the digital market and thus be effectively empowered for the protection of their information privacy. This paper analyzes whether consumers/users should have a right to know the value of their personal data. After analyzing how EU legislation is already developing in the direction of propertization and monetization of personal data, different models for quantifying the value of personal data are investigated. These models are discussed, not to determine the actual prices of personal data, but to show that the monetary value of personal data can be quantified, a conditio-sine-qua-non for the right to know the value of your personal data. Next, active choice models, in which users are offered the option to pay for online services, either with their personal data or with money, are discussed. It is concluded, however, that these models are incompatible with EU data protection law. Finally, practical, moral and cognitive problems of pricing privacy are discussed as an introduction to further research. We conclude that such research is needed to see to which extent these problems can be solved or mitigated. Only then, it can be determined whether the benefits of introducing a right to know the value of your personal data outweigh the problems and hurdles related to it.     

The Data Subject's Right of Access and to be Informed in Finland: An Experimental Study

The EC Data Protection Directive 95/46/EC emphasises the roleof transparency in fair and lawful processing of personal data.This study describes the results from sending forty requestsfor access to data held and information on processing to controllersof personal data in Finland. The results show that there arestill difficulties in gaining access, in verifying the correctnessof information provided and in the procedures controllers employto provide information. These factors are discussed in lightof Finnish and EC regulation, as well as information systems.Proposals are put forward as to how the difficulties might beaddressed.     

APP主体的立法规制

APP相关主体规范与否直接关乎数据信息安全,关涉公民合法权益和社会公益。基于个人信息保护的不断发展,APP信息泄露问题逐渐显露出来。本文认为,应结合现有的个人信息保护立法,通过完善APP实名制度,构建APP相关主体备案制度,实施数据信息市场主体准入制度和第三方参与数据收集制度,以加强对个人数据信息的保护。     

Looking for needles in a haystack: Key issues affecting children's rights in the General Data Protection Regulation

The EU General Data Protection Regulation (GDPR) devotes particular attention to the protection of personal data of children. The rationale is that children are less aware of the risks and the potential consequences of the processing of their personal data on their rights. Yet, the text of the GDPR offers little clarity as to the actual implementation and impact of a number of provisions that may significantly affect children and their rights, leading to legal uncertainty for data controllers, parents and children. This uncertainty relates for instance to the age of consent for processing children's data in relation to information society services, the technical requirements regarding parental consent in that regard, the interpretation of the extent to which profiling of children is allowed and the level of transparency that is required vis-à-vis children. This article aims to identify a number of key issues and questions – both theoretical and practical – that raise concerns from a multi-dimensional children's rights perspective, and to clarify remaining ambiguities in the run-up to the actual application of the GDPR from 25 May 2018 onwards.     

How to attribute the right to data portability in Europe: A comparative analysis of legislations

The number of online services is constantly growing, offering numerous and unprecedented advantages for consumers. Often, the access to these services requires the disclosure of personal information. This personal data is very valuable as it concedes significant advantages over competitors, allowing better answers to the customer's needs and therefore offering services of a better quality. For some services, analysing the customers' data is at the core of their business model. Furthermore, personal data has a monetary value as it enables the service providers to pursue targeted advertising. Usually, the first companies who provide a service will benefit from large volumes of data and might create market entrance barriers for new online providers, thus preventing users from the benefits of competition. Furthermore, by holding a grip on this personal data, they are making it more expensive or burdensome for the user to shift to a new service. Because of this value, online services tend to keep collected information and impede their users to reuse the personal data they have provided. This behaviour results in the creation of a lock-in effect. Upcoming awareness for this problem has led to the demand of a right to data portability. The aim of this paper is to analyse the different legislative systems that exist or have been recently created in this regard that would grant a right to data portability. Firstly, this article draws up the framework of data portability, explaining its origin, general aspects, advantages as well as its possible downfalls. Secondly, the core of the article is approached as the different ways of granting data portability are analysed. In this regard, the possible application of European Competition Law to prohibit restrictions to data portability is examined. Afterwards, an examination of the application of U.S. Antitrust Law is made to determine whether it could be a source of inspiration for European legislators. Finally, an analysis of the new General Data Protection Regulation is made with respect to the development of data portability throughout the European legislative procedure. This article makes a cross-examination of legislations, compares them with one another in order to offer a reflection on the future of portable data in Europe, and finally attempts to identify the best approach to attribute data portability.     

The retention of personal information online: A call for international regulation of privacy law

New technologies permit online businesses to reduce expenses and increase efficiency by, for example, storing information in “the cloud”, engaging in online tracking and targeted advertising, location and tracking technologies, and biometrics. However, the potential for technology to facilitate long term retention of customers' personal information raises concerns about the competing right of individuals to the privacy of their personal information. Although the European Commission has recently released a proposal for regulation to “provide a data subject with the right to be forgotten and to erasure”, neither the OECD Privacy Guidelines nor the APEC Privacy Framework includes any requirement to delete personal information. While New Zealand includes a “limited retention principle” in the Privacy Act 1993, apart from one limited exception the privacy principles cannot be enforced in court. Taking New Zealand privacy law as an example, this paper examines the issue of retention of customer data, explains why this is a serious problem and argues that although it could be addressed by appropriate amendments to domestic laws, domestic privacy legislation may not be sufficient in an online environment. In the same way as other areas of law, such as the intellectual property regime, have turned to global regulatory standards which reflect the international nature of their subject matter, international privacy regulation should be the next stage for the information privacy regime.     

捍卫权利模式——个人信息保护中的公共性与权利

个人信息权和个人信息受保护权是两种相对立的模式,学界通常认为个人信息权赋予个人排他性的支配权,这与个人信息的公共性相矛盾。个人信息的公共性并不必然反对权利模式。一种广义的公共性包含着个人信息所负载的公共利益,个人信息的公开化也是网络时代个人和商业交往的必要前提,但这并不意味着要否定个人信息保护的权利模式。公共利益具有多样性,正是某些公共利益支持了权利。权利所蕴涵的主张权确保了人的尊严和自由,这也是个人信息保护法的立法宗旨;个人信息受保护权做不到这一点,它不具有义务指向性。但在立法模式上,个人信息保护法要以义务性规范或禁止性规范为主,这是由网络空间个人信息的性质决定的。     

个人信息的双重属性与行为主义规制

个人信息的法律保护依赖于公法对个人信息的定位。在公法与公法理论上,有两种看待个人信息的观点。一种观点认为个人信息权是一种基本权利,个人信息应当受到法律的确权保护;另一种观点则将个人信息视为他人言论自由的对象,个人信息的自由获取与使用受到法律保护。但这两种观点都无法从整体上理解个人信息,个人信息权的观点忽视了个人信息的自由流通属性与公共属性,而个人信息作为言论自由对象的观点则忽视了个人信息背后的多重权益。个人信息兼具个体属性与社会流通属性,应当确立一种"个人信息相关权益被保护权"。从个人信息的双重属性出发,个人信息保护应当在具体场景中确立个人信息收集与利用行为的合理边界。基于场景的行为主义规制更为符合个人信息保护的根本特征,也将为中国的个人信息保护提供一条超越欧美的中国道路。     

The growth and gaps of genetic data sharing policies in the United States

The 1996 Bermuda Principles launched a new era in data sharing, reflecting a growing belief that the rapid public dissemination of research data was crucial to scientific progress in genetics. A historical review of data sharing policies in the field of genetics and genomics reflects changing scientific norms and evolving views of genomic data, particularly related to human subjects’ protections and privacy concerns. The 2013 NIH Draft Genomic Data Sharing (GDS) Policy incorporates the most significant protections and guidelines to date. The GDS Policy, however, will face difficult challenges ahead as geneticists seek to balance the very real concerns of research participants and the scientific norms that propel research forward. This article provides a novel evaluation of genetic and GDS policies’ treatment of human subjects’ protections. The article examines not only the policies, but also some of the most pertinent scientific, legal, and regulatory developments that occurred alongside data sharing policies. This historical perspective highlights the challenges that future data sharing policies, including the recently disseminated NIH GDS Draft Policy, will encounter.     

网络平台个人信息处理格式条款的效力认定

近年来,以网络平台隐私政策中个人信息处理格式条款为诱因的侵权案件频发,引起学界的广泛关注。消解个人信息处理格式条款与知情权、解释权、被遗忘权、脱离自动化决策权保护冲突的关键是,对格式条款进行类型化处理,分别进行效力认定。网络平台未尽到提示说明义务,致使信息主体没有注意或者理解与其有重大利害关系的条款的,格式条款不应成为合同内容;格式条款显失公平的,信息主体可以请求法院予以撤销;格式条款符合我国《民法典》第497条规定之情形的,应认定为无效;“主要权利”的认定,在考虑合同内容的同时,应奉行合同性质决定论;以“理性人”构建网络平台的解释义务标准,力争在保障网络平台健康发展的同时,切实维护信息主体的个人信息权。     

It depends whose data are being shared: considerations for genomic data sharing policies

There is an urgent need for consistent data sharing policies that promote the advancement of science while respecting the values and interests of those providing their genetic data for research. Responding to the article of Jalayne J. Arias, Genevieve Pham-Kanter, and Eric G. Campbell, ‘The Growth and Gaps of Genetic Data Sharing Policies in the United States’, this commentary further explores the challenges of human subjects’ protection in existing data sharing policies. We will elaborate on the need for data sharing policies to accommodate variation in individual and group preferences around data sharing and privacy concerns by comparing our previously published data on patients’ and parents’ consent to data sharing and attitudes about privacy to data from focus groups with HIV-positive, underserved individuals who were asked about their willingness to participate in genetic research and share their data broadly. These studies support the observation of Arias, Pham-Kanter, and Campbell that researchers, and funding agencies will need to balance the privacy interests of groups as well as individuals in future genomic data sharing policies.     

EU General Data Protection Regulation: Changes and implications for personal data collecting companies

The General Data Protection Regulation (GDPR) will come into force in the European Union (EU) in May 2018 to meet current challenges related to personal data protection and to harmonise data protection across the EU. Although the GDPR is anticipated to benefit companies by offering consistency in data protection activities and liabilities across the EU countries and by enabling more integrated EU-wide data protection policies, it poses new challenges to companies. They are not necessarily prepared for the changes and may lack awareness of the upcoming requirements and the GDPR's coercive measures. The implementation of the GDPR requirements demands substantial financial and human resources, as well as training of employees; hence, companies need guidance to support them in this transition. The purposes of this study were to compare the current Data Protection Directive 95/46/EC with the GDPR by systematically analysing their differences and to identify the GDPR's practical implications, specifically for companies that provide services based on personal data. This study aimed to identify and discuss the changes introduced by the GDPR that would have the most practical relevance to these companies and possibly affect their data management and usage practices. Therefore, a review and a thematic analysis and synthesis of the article-level changes were carried out. Through the analysis, the key practical implications of the changes were identified and classified. As a synthesis of the results, a framework was developed, presenting 12 aspects of these implications and the corresponding guidance on how to prepare for the new requirements. These aspects cover business strategies and practices, as well as organisational and technical measures.     

Privacy and Search Engines: Forgetting or Contextualizing?

This article considers the much‐criticized ‘right to be forgotten’ in the context of the European Court of Justice's judgment in the Google Spain case. It defends the ‘right to be forgotten’ as a metaphor that can provide us with a better understanding of the particular privacy concerns of the search‐engine age and their interaction with the freedom to access information, and draws on Goffman's idea of ‘information games’ and Nissenbaum's theory of ‘contextual integrity’. While supporting the principles that underpin the judgment, the article rejects the Court's binary approach of ‘forgetting’ versus ‘remembering’ personal information. Instead, it argues that the EU legislator should introduce more nuanced means of addressing modern privacy concerns. By establishing two remedies – ‘delisting’ or ‘reordering’, depending on the nature of the information – online information flows can be adjusted to preserve both the right to privacy and the freedom to access information in more contextually appropriate ways.     

Contextual information management: An example of independent-checking in the review of laboratory-based bloodstain pattern analysis

This article describes a New Zealand forensic agency's contextual information management protocol for bloodstain pattern evidence examined in the laboratory. In an effort to create a protocol that would have minimal impact on current work-flow, while still effectively removing task-irrelevant contextual information, the protocol was designed following an in-depth consultation with management and forensic staff. The resulting design was for a protocol of independent-checking (i.e. blind peer-review) where the checker's interpretation of the evidence is conducted in the absence of case information and the original examiner's notes or interpretation(s). At the conclusion of a ten-case trial period, there was widespread agreement that the protocol had minimal impact on the number of people required, the cost, or the time to complete an item examination. The agency is now looking to adopt the protocol into standard operating procedures and in some cases the protocol has been extended to cover other laboratory-based examinations (e.g. fabric damage, shoeprint examination, and physical fits). The protocol developed during this trial provides a useful example for agencies seeking to adopt contextual information management into their workflow.     

From electronic health records to personal health records: emerging legal issues in the Italian regulation of e-health

In 2012, the Italian Legislator has provided an appropriate legal framework for the realisation of the national Electronic Health Records (EHR) system, in which the patient plays a pivotal role: with the implementation of the Fascicolo sanitario elettronico (FSE), patients will have access to their EHRs through the online platform, and decide which data to share and with whom. In this perspective, one of the most interesting innovations is the so-called ‘taccuino’, a digital space of patients’ FSE in which they can autonomously record data and information relating to their health. Patients’ ability to access their own health data and EHR at any time and to enter information by themselves in a personal area is a unique form of power at a European level, but their legal consequences are still vague. The aim of this contribution is to offer a first review of the Italian e-health reform, showing the most critical aspects.     

Attitudes toward ex-offenders: A comparison of social stigmas

Ex-offenders have experienced both a loss of certain civil rights and employment discrimination in the past and continuing research is necessary if their problems are to be dealt with effectively. One hundred eighty-three subjects, representing four occupational categories, were exposed to a personnel management problem involving either an ex-offender, an ex-mental patient, an obese person, or a neutral, nonstigmatized person in order to measure relative discrimination. The ex-offenders fared no worse than the others. There was a relationship, however, between subjects' occupational identification and degree of discrimination toward each of the stigmatized persons. Implications for criminal justice and social policy are discussed.     

What do forensic analysts consider relevant to their decision making?

In response to research demonstrating that irrelevant contextual information can bias forensic science analyses, authorities have increasingly urged laboratories to limit analysts' access to irrelevant and potentially biasing information (Dror and Cole (2010) [3]; National Academy of Sciences (2009) [18]; President's Council of Advisors on Science and Technology (2016) [22]; UK Forensic Science Regulator (2015) [26]). However, a great challenge in implementing this reform is determining which information is task-relevant and which is task-irrelevant. In the current study, we surveyed 183 forensic analysts to examine what they consider relevant versus irrelevant in their forensic analyses. Results revealed that analysts generally do not regard information regarding the suspect or victim as essential to their analytic tasks. However, there was significant variability among analysts within and between disciplines. Findings suggest that forensic science disciplines need to agree on what they regard as task-relevant before context management procedures can be properly implemented. The lack of consensus about what is relevant information not only leaves room for biasing information, but also reveals foundational gaps in what analysts consider crucial in forensic decision making.     

个人信息权及其欧盟保护

个人信息权是指自然人依法对以数据电文形式存在的可识别的个人信息所享有的支配、控制并排除他人侵害的权利,大体上从属于人格权范畴,与传统人格权相比较又表现出相对的个性特征。目前个人信息侵权形式主要表现包括ISP对个人信息的非法使用和传播、未经授权搜集利用他人信息、专门的网络窥探和调查业务以及公权力机关工作人员及公共服务单位非法出卖泄露个人信息等。由于目前国内个人信息权侵权与保护相关立法相对缺位,因而从欧盟个人信息保护的立法演进开始,介绍欧盟以《资料保护指令》为代表的系统保护经验,从而推动和促进我国相关立法的发展。     

Location privacy: The challenges of mobile service devices

Adding to the current debate, this article focuses on the personal data and privacy challenges posed by private industry's use of smart mobile devices that provide location-based services to users and consumers. Directly relevant to personal data protection are valid concerns about the collection, retention, use and accessibility of this kind of personal data, in relation to which a key issue is whether valid consent is ever obtained from users. While it is indisputable that geo-location technologies serve important functions, their potential use for surveillance and invasion of privacy should not be overlooked. Thus, in this study we address the question of how a legal regime can ensure the proper functionality of geo-location technologies while preventing their misuse. In doing so, we examine whether information gathered from geo-location technologies is a form of personal data, how it is related to privacy and whether current legal protection mechanisms are adequate. We argue that geo-location data are indeed a type of personal data. Not only is this kind of data related to an identified or identifiable person, it can reveal also core biographical personal data. What is needed is the strengthening of the existing law that protects personal data (including location data), and a flexible legal response that can incorporate the ever-evolving and unknown advances in technology.