个人信息保护视角下的刑事被遗忘权对应义务研究

信息社会催生出被遗忘权,在刑事司法领域延伸产生了刑事被遗忘权。刑事被遗忘权应受严格限制,研究刑事被遗忘权对应的义务对于理解此种权利有重要意义。刑事被遗忘权对应的义务主体包括刑事诉讼专门机关等国家机关、新闻媒体和社会公众。履行相应义务的法定条件为客观、主观和法律特殊保护等方面的原因使得个人数据的使用不合法或不合理。义务类型包括积极义务和消极义务,其中积极义务以封存和删除为主要内容,消极义务以不采集、不存储、不传递为主要内容。相应义务的履行需遵循特定程序,包括权利主体申请、法院审查与裁判、义务主体履行义务等。为保障义务主体履行对应义务,须设置不履行的违法责任,如民事责任、刑事责任、行政机关及其工作人员的法律责任、国家赔偿责任。     

民法典视野下社交网络账号的继承

社交网络账号为用户与网络服务平台之间的服务协议,社交账号的继承问题本质上为用户对自己网络信息的支配权限界定,属于个人对其数据及信息的利用范畴。社交网络账户具有财产性、身份性与人格性多重法律属性。社交网络账户具有可继承性,其性质、用户协议及个人信息保护义务均不排除账号继承的可能性。社交账号继承规则的构建首先需要区分社交网络账号本身与账号中存储的信息,其次根据社交性网络账户的类型构建不同维度的继承规则。账号内存储信息的继承应当优先保障用户的自主权,可以通过构建数字化信托的模式实现,保障用户决定是否允许继承的自主利益,并消除社交账号继承中的负外部性。同时《民法典》第1122条规定的“遗产”的内涵应当做扩大解释。     

Control over Personal Data in a Digital Age: Google Spain v AEPD and Mario Costeja Gonzalez

In the Google Spain judgment, the Grand Chamber of the EU Court of Justice determined the circumstances in which a search engine is obliged to remove links to data pertaining to an individual from the results displayed. The Court also considered the material and territorial scope of the EU data protection rules. This note argues that the Court's findings, which have been heavily criticised, are normatively coherent. The broad scope of application of data protection rules and the right of individuals to have their data deleted when certain conditions are fulfilled both play a part in granting individuals effective control over their personal data – an objective of EU data protection law.     

隐私权的判定——“合理隐私期待标准”的确立与适用

隐私权存在与否的判定问题是隐私侵权责任承担的关键所在。而美国联邦最高法院在1967年Katz v.United States案中确立的"合理的隐私期待"标准,在世界多个国家的适用已被证明是比较可行的隐私权的判定方法。我国隐私权司法实践在吸收、借鉴"合理的隐私期待"标准时应明确"私人事实"、"法律规定"、"社会习俗"和"利益平衡"四种隐私期待的客观判断要素,实现判决结果的一致性,及对他人隐私利益最大程度的保护。     

论被追诉人通信权的保障——以欧洲人权法院相关裁决为考察重点

我国刑事诉讼制度在保障被追诉人权利方面取得许多重大进展,但还有一些值得改善之处,其中对被追诉人的通信权保障还严重不足,不利于提升辩护的有效性及保障的被追诉人隐私权。而欧洲公约对被追诉人通信权所采取的严格审查机制以及欧洲人权法院在司法实践中确立的拆而不阅原则与禁止例行性检阅原则能较好地保障被追诉人的通信权,值得我们借鉴。     

A comparison of proposed legislative data privacy protections in the United States

The use of online consumer tracking methods has raised significant privacy concerns for consumers and policymakers for decades. Advertisers using these methods analyze web-viewing habits to predict consumer preferences and actions. The advertising industry in the United States has promoted self-regulatory principles to respond to these concerns. However, in December 2010, the U.S. Federal Trade Commission reported that these efforts “have been too slow and up to now have failed to provide adequate and meaningful protection.” President Barack Obama's administration has supported broader legislation for comprehensive protection of individuals' private data. The leading model for data privacy protection is the 1980 Organization for Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. This article examines two leading legislative privacy proposals in the context of the OECD principles. This examination concludes that, although the proposals do not provide sufficient comprehensive privacy protections, they do fill significant gaps in current U.S. privacy laws.     

‘Modernising’ data protection Convention 108: A safe basis for a global privacy treaty?

Proposals for the reform or ‘modernisation’ of Council of Europe Data Protection Convention 108 have now been forwarded from the Convention's Consultative Committee for consideration by the Council of Ministers. This article assesses the changes proposed, which strengthen the obligations of Parties to implement the Convention as a matter of effective practice, not just as a law on paper. It tightens most of the existing data protection principles, and adds new ones which better align the Convention with the EU Directive (and proposed Regulation). The Convention Committee will have explicit new functions including assessing candidates for accession, and periodically reviewing implementation by existing parties. However, the proposals concerning the required standard for data export limitations are in some respects ill-defined and dangerous for data subjects. The existing standard that personal data can only be exported if the recipient provides ‘adequate’ protection has been abandoned for an undefined requirement of ‘appropriate’ protection. The article situates the risk of abandoning meaningful data export restrictions in the context of the USA's push for ‘interoperability’ of very different data protection standards.     

论患者隐私权保护——兼论侵害“告知后同意”之请求权基础

隐私权已从传统消极防御面向发展到兼具积极支配面向,主要包括四项权能:隐私隐瞒权、隐私利用权、隐私维护权和隐私支配权.《侵权责任法》第62条、第61条、第55条和第56条对应以上四种权能并共同构筑了患者隐私权范畴.患者隐私支配权需要借助于对患者的“告知后同意”实现,告知的内容应当包括医师同时兼具的研究者身份与潜在利益冲突.“告知后同意”虽然可以作为一种法益或者注意义务之违反得到救济,但作为某种权利得到保护系必然趋势,这种权利应是隐私权而非自主权.侵害患者“告知后同意”之隐私权的请求权基础应为第6条第1款,涉及赔偿责任时应适用特别规定第55条第2款,所涉损害主要系精神损害.     

试论临床教学基地患者隐私权的限制与保护

医学临床教育的社会公益性、医学生受教育权的法定性和临床教学基地性质与功能的双重性决定了临床教学中患者的隐私权应受到必要的、合理的限制。同时，从防范医疗纠纷等角度来看，也应对隐私权这一重要权益予以法律保护。临床教学中患者隐私权的保护既可规定于患者权利法中，也可规定在相关的临床教学规范中，在内容上应确立告知原则、同意原则和适当原则，并规定医学生的守密义务。     

Predicting public support for the use of license plate recognition technology by police

The use of license plate recognition technology (LPR) by police is becoming increasingly common. LPR may be used for many purposes, ranging from stolen vehicle enforcement to more complex surveillance and predictive functions. Existing research does not examine community support for this technology, despite its potential to impact police legitimacy. Results from the first community LPR survey are presented and multinomial logistic regression models of citizen support for the technology are developed. Regression results suggest that a number of factors significantly predict citizen support for LPR use, including increased trust in police and the belief that LPR information is public information.