| 数据安全认证:个人信息保护的第三方规制 |
| |
| 引用本文: | 刘权. 数据安全认证:个人信息保护的第三方规制[J]. 法学评论, 2022, 0(1) |
| |
| 作者姓名: | 刘权 |
| |
| 作者单位: | 中央财经大学法学院 |
| |
| 基金项目: | 北京市社会科学基金青年项目“数字经济营商环境优化的法治保障研究”(项目编号:21FXC015)的阶段性成果;“中央财经大学科研创新团队支持计划”资助。 |
| |
| 摘 要: | 契合放管服改革理念的数据安全认证,在数字时代整个规制法体系中必将占据日益重要的地位。数据安全认证通过声誉评价机制,可以引导、激励互联网企业守法合规经营,可以增强用户对中小微互联网企业和新兴数字产业的信任感,可以避免一刀切的政府规制,可以满足社会公众多元的数据安全需求。数据安全认证机构应具有高度的独立性与专业性,防止其被互联网企业俘获或成为政府的附庸。宜实行自愿为主、强制为辅的数据安全认证模式。认证程序应强调公正透明性,认证标准应注重评价企业数据合规的制度建设。根据过错责任原则,分别设置数据安全认证机构相应的赔偿责任或连带责任,并加大对数据安全认证违法行为的公法责任追究。科学构建法治化的数据安全认证体制机制,不仅是保障数据安全的现实需要,而且是弥补数字时代政府规制缺陷的迫切需求。
|
| 关 键 词: | 数据安全认证 个人信息保护 第三方规制 “放管服”改革 |
Data Security Certification:Third-Party Regulation of Personal Information Protection |
| |
| LIU Quan. Data Security Certification:Third-Party Regulation of Personal Information Protection[J]. Law Review, 2022, 0(1) |
| |
| Authors: | LIU Quan |
| |
| Abstract: | Data security certification that conforms to the reform concept ofdecentralization,management and servicewill surely occupy an increasingly important position in the entire regulatory legal system in the digital age.Data security certification through the reputation evaluation mechanism can guide and encourage Internet companies to operate in compliance with laws and regulations,can enhance users’trust in small,medium and micro Internet companies and emerging digital industries,can avoidone size fits allgovernment regulations,and can meet the diverse needs of the public data security requirements.Data security certification agencies should have a high degree of independence and professionalism to prevent them from beingcapturedby internet companies or becomingvassalsof the government.It is advisable to implement a data security certification model with voluntary certification as the primary and compulsory certification as the supplement.The certification process should emphasize fairness and transparency,and certification standards should focus on the establishment of a system for evaluating corporate data compliance.According to the principle of fault liability,the data security certification body shall be set upcorresponding compensation liabilityorjoint and several liability.It is necessary to increase public law accountability for data security certification violations.The establishment of a legalized data security certification system is not only a practical need to ensure data security,but also an urgent need to make up for the deficiencies of government regulations in the digital age. |
| |
| Keywords: | Data Security Certification Personal Information Protection Third-Party Regulation Decentralization,Regulation and ServiceReform |
| 本文献已被 维普 等数据库收录! |
|
