从隐私权角度论人身强制处分

涉及人身的强制处分直接干预了犯罪嫌疑人的人身隐私领域。从隐私权角度研究人身强制处分,可以忽略差别、把握本质,系统地对搜查、人身检查、鉴定等相互关联的强制处分进行理论梳理。个人的身体隐私权旨在维护与人身相关的人格尊严。为保障刑事诉讼中犯罪嫌疑人对其身体享有的人格尊严,立法者应当依据比例原则并发展出具体的考察指标,用以权衡强制处分涉及的隐私利益和执法利益,设定不同的干预门槛。对于涉及人身的强制处分,还应当建立直接强制的审查基准。只有通过三段式审查的强制处分,才能由侦查机关运用强制力施行。对未通过三段式审查的强制处分,侦查机关不可实施直接强制,但刑事诉讼法应当允许司法机关通过间接制裁,以获取相对人的同意。     

论刑法介入隐私权的程度与范畴——兼述刑法第253条之一的解释方法

刑法第253条之一规定了侵犯公民个人信息的犯罪,但这一规定并没有为隐私权提供有力的刑法保护。通过分析隐私权在刑法中的应有地位和刑法对其保护的现状,可看到刑法对隐私权保护的不足。应通过对刑法第253条之一进行解释,以弥补这些不足。     

浅谈刑民交叉案件问题

刑民交叉案件的处理结果既关系到私权利的保护是否充分,也关系到公权力的运用是否得当。针对某些有争议的刑民交叉案件的处理,以案例指导的形式进行发布,可以保障执法的稳定性。通过法律规定或司法解释将刑民交叉案件程序设定例外情况作出规定,能有效实现公私权利的双重满足。     

The rule of law online: Treating data like the sale of goods: Lessons for the internet from OECD and CISG and sacking Google as the regulator

The decision of the Court of Justice of the European Union (“CJEU”) in the case of Google Spain SL v Agencia Española de Protección de Datos (AEPD) ² [“the Google decision”] to require Google to enforce a right to be forgotten has caused a furore and sets a dangerous precedent in internet regulation. ³ It is setting up the search engine as a form of Internet Government and fracturing the balance between privacy and freedom of information in the connected world. In a world where we have become attuned to full exposure by routinely signing over access to information, privacy is no longer the issue – the real concern is control. This paper seeks to address the issues of whether we have a right to privacy anymore, who should be making decisions about what is available and where and how a global convention on access to information might be achieved.     

‘Look to yourselves,that we lose not those things which we have wrought.’ What do the proposed changes to the purpose limitation principle mean for public bodies' rights to access third-party data?

This article analyses the proposed changes to the purpose limitation principles contained in the draft Data Protection Regulation adopted by the European Commission in January 2012. It examines the historical motives for the introduction of the principle as part of the 1995 Data Protection Directive, and looks at the constitutional framework under which it operates both at EU and member state level. It considers the risks and long-term consequences that EU citizens may face if the principle is eroded or substantially abandoned.     

Privacy principles,risks and harms

The protection of privacy is predicated on the individual's right to privacy and stipulates a number of principles that are primarily focused on information privacy or data protection and, as such, are insufficient to apply to other types of privacy and to the protection of other entities beyond the individual. This article identifies additional privacy principles that would apply to other types of privacy and would enhance the consideration of risks or harms to the individual, to groups and to society as a whole if they are violated. They also relate to the way privacy impact assessment (PIA) may be conducted. There are important reasons for generating consideration of and debate about these principles. First, they help to recalibrate a focus in Europe on data protection to the relative neglect of other types of privacy. Second, it is of critical importance at a time when PIA (renamed ‘data protection impact assessment’, or DPIA) may become mandatory under the European Commission's proposed Data Protection Regulation. Such assessment is an important instrument for identifying and mitigating privacy risks, but should address all types of privacy. Third, one can construct an indicative table identifying harms or risks to these additional privacy principles, which can serve as an important tool or instrument for a broader PIA to address other types of privacy.     

Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’ provision in data-protection law

‘Privacy by design’ is an increasingly popular paradigm. It is the principle or concept that privacy should be promoted as a default setting of every new ICT system and should be built into systems from the design stage. The draft General Data Protection Regulation embraces ‘privacy by design’ without detailing how it can or should be applied. This paper discusses what the proposed legal obligation for ‘privacy by design’ implies in practice for online businesses. In particular, does it entail hard-coding privacy requirements in system design? First, the ‘privacy by design’ provision in the proposed Regulation is analysed and interpreted. Next, we discuss an extreme interpretation – embedding data protection requirements in system software – and identify five complicating issues. On the basis of these complications, we conclude that ‘privacy by design’ should not be interpreted as trying to achieve rule compliance by techno-regulation. Instead, fostering the right mindset of those responsible for developing and running data processing systems may prove to be more productive. Therefore, in terms of the regulatory tool-box, privacy by design should be approached less from a ‘code’ perspective, but rather from the perspective of ‘communication’ strategies.     

论新闻媒体侵害隐私权的法律救济方式

随着人们生活方式的多元化,隐私及隐私权成为人们关注的话题。然而,以新闻自由权利为依托的新闻媒体在社会生活中的作用及其带来的影响越来越大。新闻自由的重要价值在于维护公共利益,而隐私权则强调个体权利,因此在行使这两种权利的过程中必然产生矛盾和冲突。因此,如何在两者的博弈中找到良好的契合点,既能发挥新闻媒体在现今社会中的重要作用、又能保障个人的隐私权已成为立法和司法的当务之急。     

Big Data and U.S. Public Policy

This paper examines the growing recognition of the phenomenon called “Big Data” and the policy implications it poses. It is argued that a core policy issue is personal and organizational privacy. At the same time there is a belief that analysis of “Big Data” offers potentially to provide public sector policy makers with extensive new information that would inform policy at unprecedentedly detailed levels. Despite this potential to improve the policy‐making process data often contain individual identifiable information that would negatively impact American core values such as privacy. This makes the use of these data almost impossible. The paper recognizes that there may be a way to strip individual data from Big Data sets thereby making their analysis more policy useful. This approach is not at this time technically feasible but research is ongoing.     

The Singapore Personal Data Protection Act and an assessment of future trends in data privacy reform

In the first part of this paper, I will present and explain the Singapore Personal Data Protection Act (“PDPA”) in the context of legislative developments in the Asian region and against the well-established international baseline privacy standards. In the course of the above evaluation, reference will be made to the national laws and policy on data privacy prior to the enactment of the PDPA as well as current social and market practices in relation to personal data. In the second part of this paper, I will decipher and assess the future trends in data privacy reform and the future development of the privacy regime in Singapore and beyond. In the course of this analysis, international standards, technological trends and recent legal developments in other jurisdictions will be considered.