大数据，认知与计划经济——与何大安教授商榷

数据是明晰的,客观的,而信息本质上是主观的,隐含的和实践的,数据被个体理解之后才会转化成“他的”信息。人们在使用数据之前先会判断该数据的重要性,这种判断因人因时因地而异,而大数据本身并不能替个人做出这样的判断。信息分散在无数人的头脑中,不能被某个头脑或超级计算机集中掌握。个体确定目标后,才能决定把什么样的数据作为手段来实现自己的目标,否则他会在海量的数据面前不知所措。数据是人们行动的产物。作为“历史”,数据本身不能告诉人们未来他们应该做什么。另外,没有市场的运行,甚至数据本身都不可能产生。正确的进路应该是“让个体的知识得以充分利用”,而不是何大安教授提出的“改善个体的认知”。何大安教授预设的“智慧大脑”类似于计划经济中的“中央计划委员会”,他对“普通大脑”的认知和“智慧大脑”的认知趋同的欲求,也正如中央计划委员会试图让普通大众服从于它的指令。正是市场对分散信息的分散利用使个体在固有的认知局限的情况下也有可能实现自己的目标,而大数据不能扮演同样的角色。何大安教授有关认知与大数据的讨论仍属于新古典经济学的“最大化”范式,他没意识到市场是一个互动（交换）过程,最大化范式并不适用。     

大数据时代的智慧辩护

以大数据、人工智能等为代表的智能科技正在我国刑事司法空间内主导着全面而深远的变革。相较于法检系统面对这场时代潮流所进行的主动、全面的自我革新,智能科技虽在刑事辩护领域得到了一定程度的应用,但技术与业务的交融协同有限,故总体上仍停留在初级发展阶段。实际上,刑事辩护可在大数据驱动下实现向智慧辩护的转型,包括改变律师工作方式,使之从办公自动化跨越为业务智能化;在卷宗审阅、证据审查判断、类案/关联法条推送、司法规律挖掘等工作中强化科技支撑成分,辅助律师作出辩护决策;以及重塑业务导向定位,积极开拓风险防控型业务领域。但在转型过程中,应注意在数据来源上另辟蹊径,在借鉴法院、检察院经验时因地制宜地作出调整,尤其是在法律与技术的融合中坚持住法律的主导地位,把握好智慧的根源所在。     

Ownership of personal data in the Internet of Things

This article analyses, defines, and refines the concepts of ownership and personal data to explore their compatibility in the context of EU law. It critically examines the traditional dividing line between personal and non-personal data and argues for a strict conceptual separation of personal data from personal information. The article also considers whether, and to what extent, the concept of ownership can be applied to personal data in the context of the Internet of Things (IoT). This consideration is framed around two main approaches shaping all ownership theories: a bottom-up and top-down approach. Via these dual lenses, the article reviews existing debates relating to four elements supporting introduction of ownership of personal data, namely the elements of control, protection, valuation, and allocation of personal data. It then explores the explanatory advantages and disadvantages of the two approaches in relation to each of these elements as well as to ownership of personal data in IoT at large. Lastly, this article outlines a revised approach to ownership of personal data in IoT that may serve as a blueprint for future work in this area and inform regulatory and policy debates.     

Are ‘pseudonymised’ data always personal data? Implications of the GDPR for administrative data research in the UK

There has naturally been a good deal of discussion of the forthcoming General Data Protection Regulation. One issue of interest to all data controllers, and of particular concern for researchers, is whether the GDPR expands the scope of personal data through the introduction of the term ‘pseudonymisation’ in Article 4(5). If all data which have been ‘pseudonymised’ in the conventional sense of the word (e.g. key-coded) are to be treated as personal data, this would have serious implications for research. Administrative data research, which is carried out on data routinely collected and held by public authorities, would be particularly affected as the sharing of de-identified data could constitute the unconsented disclosure of identifiable information.Instead, however, we argue that the definition of pseudonymisation in Article 4(5) GDPR will not expand the category of personal data, and that there is no intention that it should do so. The definition of pseudonymisation under the GDPR is not intended to determine whether data are personal data; indeed it is clear that all data falling within this definition are personal data. Rather, it is Recital 26 and its requirement of a ‘means reasonably likely to be used’ which remains the relevant test as to whether data are personal. This leaves open the possibility that data which have been ‘pseudonymised’ in the conventional sense of key-coding can still be rendered anonymous. There may also be circumstances in which data which have undergone pseudonymisation within one organisation could be anonymous for a third party. We explain how, with reference to the data environment factors as set out in the UK Anonymisation Network's Anonymisation Decision-Making Framework.     

A comparison of data protection legislation and policies across the EU

Although the protection of personal data is harmonized within the EU by Directive 95/46/EC and will be further harmonized by the General Data Protection Regulation (GDPR) in 2018, there are significant differences in the ways in which EU member states implemented the protection of privacy and personal data in national laws, policies, and practices. This paper presents the main findings of a research project that compares the protection of privacy and personal data in eight EU member states: France, Germany, the UK, Ireland, Romania, Italy, Sweden, and the Netherlands. The comparison focuses on five major themes: awareness and trust, government policies for personal data protection, the applicable laws and regulations, implementation of those laws and regulations, and supervision and enforcement.The comparison of privacy and data protection regimes across the EU shows some remarkable findings, revealing which countries are frontrunners and which countries are lagging behind on specific aspects. For instance, the roles of and interplay between governments, civil rights organizations, and data protections authorities vary from country to country. Furthermore, with regard to privacy and data protection there are differences in the intensity and scope of political debates, information campaigns, media attention, and public debate. New concepts like privacy impact assessments, privacy by design, data breach notifications and big data are on the agenda in some but not in all countries. Significant differences exist in (the levels of) enforcement by the different data protection authorities, due to different legal competencies, available budgets and personnel, policies, and cultural factors.     

DATA REGULATION IN THE INTERNET OF THINGS

The reflections on data regulation in the internet of things (IoT) in this paper provide an overview of the different conceptions and legal problems of “data property rights.” Beginning with an overview of the existing and possible applications of the future IoT (in particular, smart cars), this paper describes the legal concerns that may arise because of increased commercialization of object-generated data. The author uses German and European Union law to illustrate the legal complexities, solutions, and shortcomings. He demonstrates how and to what extent these issues are covered by traditional data protection regulations and highlights the conceptual blind spots of these regulations. He then contrasts the data protection paradigm (de lege lata) with the idea of a general erga omnes data property right (de lege ferenda) and describes the most common understanding of such a right, that is, a data producers’ property right. Against the background of the possible economic advantages of general data property rights, the paper discusses conceptual problems and constitutional concerns. In conclusion, the author rejects the idea of a general data property right.     

Opinion 1/15 of the Grand Chamber dated 26 July 2017 about the agreement on Passenger Name Record data between the EU and Canada

On 26 July 2017, the Grand Chamber of the European Court of Justice rendered its seminal Opinion 1/15 about the agreement on Passenger Name Record data between the EU and Canada. The Grand Chamber considered that the decision of the Council about the conclusion, on behalf of the Union, of the agreement between the EU and Canada about the transfer and processing of PNR data must be based jointly on Article 16(2) about the protection of personal data and Article 87(2)(a) about police co-operation among member states in criminal matters, but not on Article 82(1)(d) about judicial co-operation in criminal matters in the EU of the Treaty on the Functioning of the EU. The Grand Chamber also considered that the agreement is incompatible with Article 7 on the right to respect for private life, Article 8 on the right to the protection of personal data, Article 21 on non-discrimination and Article 52(1) on the principle of proportionality of the Charter of Fundamental Rights of the EU since it does not preclude the transfer, use and retention of sensitive data. In addition to the requirement to exclude such data, the Grand Chamber listed seven requirements that the agreement must include, specify, limit or guarantee to be compatible with the Charter.The opinion of the Grand Chamber has far-reaching implications for the agreement on PNR data between the EU and Canada. It has also far-reaching implications for international agreements on PNR data between the EU and other third states. Last, it has far-reaching implications for Directive 681 of 27 April 2016 on PNR data.     

数字政府建设中的政务服务

本文基于新公共管理和新公共服务两大理论的学理分析,剖析了数字政府建设中政务服务效能提升的制约瓶颈并提供了相应的对策建议.分析结果表明:分散的政务服务抑制了服务效能、异向的政务数据影响了业务协同、失衡的供给能力制约了发展水平.研究结论认为,优化政务服务基础平台、完善政务信息共享机制、提高政务服务供给能力是数字政府建设中政...     

Policy visions of big data: views from the Global South

Abstract

Government intentions stand at the heart of debates about how big data can and should be used in the Global South. This paper provides new insights by examining the political and economic visions promoted by emerging power governments in Brazil, India and China (the BICs). Doing so is crucial as these countries not only comprise some of the world’s largest populations, but have also demonstrated their initiative in national and international promotion of big data politics. Drawing on a content analysis of strategic and legal documents discussing the use of big data, we identify potential areas for big data cooperation among the BICs by determining the compatibility of national policy visions. Three visions are apparent: data as a force for political liberation or repression, for improving public services and for facilitating development. Successful BIC cooperation is likely related to the latter two, but less probable for the liberation/repression vision. We conclude by identifying the implications of BIC engagement with big data for the Global South more broadly.     

Generating data with sexual offenders using qualitative material: A paradigm to complement not compete with quantitative methodology

This paper proposes triangulation as a research strategy in which the domain of sexual offending may be assessed using both qualitative and quantitative data. Examples of studies that have employed this approach with sexual offenders are outlined, showing the benefit that can be gained from utilizing multiple methods of assessment. The paper also outlines a range of quality criteria when conducting qualitative research, that Gaskell and Bauer (2000) argue are functional equivalents of reliability and validity.