从保密到安全:数据销毁义务的理论逻辑与制度建构

我国现行立法规定了自然人有请求信息处理者删除个人信息的权利,但这并不等于承认数据生命周期的最后环节是“删除”,因为“删除权”是“信息处理的合法性与必要性基础丧失”的必然结果,而“数据销毁”才是“数据归于消灭”的处理流程末端。数据销毁义务的理论基础在于信息保密方式的扩张,即从维持信息保密状态转向维持数据安全风险的可控性。在数据安全风险评估过程中,倘若义务主体无法保障暂时不使用的重要数据和个人信息处于安全状态,则应当采取适当的数据销毁范式降低数据泄露或非法复原的安全风险。在未来立法活动中,我国应当明确数据销毁义务的义务主体、销毁方式和销毁范围等具体制度内容,完成数据安全立法的“最后闭环”。

From Confidentiality to Security:Theoretical Logic and Institutional Construction of Duty of Data Destruction

China's current legislation stipulates that a natural person has the right to request information processors to delete personal information,but this does not mean that the last link of the data life cycle is“deletion”,because“the right to delete”is the inevitable result of“the loss of the legitimacy and necessity foundation of information processing”,and“data destruction”is the end of the processing process of“data elimination”.The theoretical basis of data destruction obligation lies in the expansion of information confidentiality,that is,from maintaining information confidentiality to maintaining the controllability of data security risk.In the process of data security risk assessment,if the obligatory subject cannot ensure that the important data and personal information not used temporarily are in a safe state,an appropriate data destruction paradigm should be adopted to reduce the security risk of data disclosure or illegal recovery.In future legislative activities,China should clarify the specific system contents such as the obligation subject,destruction mode and destruction scope,and complete the“final closed loop”of data security legislation.