Privacy is dead, Super 70% personally identifiable information of Internet users is compromised-privacy, information security-IT information
According to the State administration of quality supervision, the Central comprehensive management office, the national standards committee jointly issued by the social security provisions of the regulation of basic data for, since the beginning of March this year, residents get express delivery needs real name posted.
As early as in express the real-name system introduced at the beginning, this system caused wide discussion from all sides: on one side, a pile of bloodied people called on the Government to further enhance the supervision of cases; the other side, facing the present situation of serious leaks of personal information security, many people express expressed worries about the safety of your personal information under the real-name system.
Super seven Internet users personally identifiable information be leaked
"I don't know what to do! "Chongqing residents Xiao Wu complained to the author.
Small gang, Chongqing not long ago bought a new House, but followed harassing phone calls is to let her add concerns. "After we bought House, always received a call from variety of decoration companies, sometimes even received a dozen a day, but I don't know where they are from my phone. "Wu said.
In real life, like Xiao Wu faced this kind of problem a few people.
Has data statistics, in personal information protection aspects, netizens was leaked of personal information covers range very widely, which 78.2% of netizens personal identity information was leaked had, including netizens of name, and degree, and family address, and ID, and the work units,; 63.4% of netizens personal online activities information was leaked had, including calls records, and network purchased records, and website browse traces, and IP address, and software using traces and the location, . On the adverse impact of disclosure of personal information, 82.3% of Internet users feel impact of personal information leaked to the daily life.
, Chinese Academy of Sciences engineer Jing Tao Dr to author such explained big data times Xia of personal information status: customer of large personal information for express business was save in express logistics management system in the, and the system in the by storage of is social sale relationship of data marine, certainly also including personal identity information, and phone, and work units and the family address,, and on these mass information of regulatory still has blind.
"Express transit agencies such as a district and county level to nearly all of the region's logistics flow information in the underground economy in the context of personal information clearly marked, some people inevitably resist the temptation. "Jing-Tao said," that's why a baby, someone will sell baby products, bought a House, someone will recommend repair, buy a car people would recommend insurance. ”
Should be accountable directly infringed express company
"Chinese law expressly provided for the protection of citizens ' privacy, but there are many problems in the course of implementation. "Dacheng Law offices lawyer Xu Wenping says," due to the confirmed infringer and evidence, burden of proof on the issue more difficult, makes it very difficult to civil rights through litigation, the infringer's responsibility are difficult to hold. ”
"Different from the mass of information leaks, isolated, individual information leak occur, the public security departments is difficult to combat. "The Southwest University of political science and law Professor Yung Ho Chang and presentation," information collection level after level after uploading, information leakage may occur at any level, even for public security organs, the survey is very difficult, not to mention the individual citizens. ”
Forensics, evidentiary difficulties reducing costs, but still has significant economic benefits. According to the Internet Society of China last year 12321 Internet spam protection of Internet users ' rights report issued by the reception center of the China survey (2015) statistics, only in 2015, for personal information disclosure of Internet users, spam, fraudulent information resulted in the total loss of some 80.5 billion yuan, about 124 Yuan per capita.
"Therefore, express the real-name system, driven, we need to establish a set of related system to regulate the industry, which includes establishing the responsibilities and improve accountability mechanisms. "Yung Ho Chang says," for example, once a problem of personal information disclosure, the infringer can be accountable directly to the courier company, express company assume responsibility for information disclosure. To express an individual's oversight responsibilities will be transferred to the courier company, Courier is a member, the difficulty of such litigation would be greatly reduced. ”
Enhanced customer information security sector support
"Citizens ' personal information is not an isolated problem, from the State of information security, information security to businesses and individuals, is a complete whole. Need the whole community to work together, from the legal, aspects to establish a complete, proven system. "Xu Wenping said.
Regulation of Courier industry needs full cooperation of the relevant sector. On October 22 last year, Central comprehensive management office, Ministry of public security, the Ministry, Ministry of land and resources, Ministry of transport, State administration of work safety supervision and other 15 departments, required across the country focus on the dangerous and explosive goods, delivery logistics and special action for rectification, and contradictions and disputes resolved, and full implementation of the "sangebai hundred".
"Private courier has developed rapidly in recent years, but a cohabitation of express industry, causing a lot of problems. Therefore, in the express on the establishment of the company, industrial and commercial sectors to express the need to protect citizens ' personal information have a rigorous review. "Legal Director Zhou Shangjun Southwest University of politics and law said.
In addition, express on the destruction of personal information held by the company, as well as relevant support. "Strengthened customer information security needs of the social sector support. For example, companies focused on the destruction of courier when they faced a problem: because of the special and express a single material volume, does not receive many recycling companies. If incineration destruction on their own, can cause air pollution and fire hazards. Express a single destruction also needs the support of industry or Government departments. "Zhou Shangjun said.
Use technical means of control of personal information
"Information protection is an integrated project, we turn now to the level of information protection needs to be improved, in addition to constructing the system of, and in many other areas to try to. "Xu Wenping said. "Our ID number, for example, just a set of numbers, most people with a little reading, you can extract a person's birthplace, birthday or even gender, and so on, this is very unsafe. In Western countries, this information is encrypted in a special way that only experts can interpret. ”
"For now, we can set up in such a way to express the real-name system under effective control of citizens ' personal information. "Jing-Tao said," such as the courier scans the sender's ID card through the device, the sender's personal information through this device via the cloud passed to the Terminal Server. Express delivery staff in general do not have permission to view it. So information and express both ends, you can reduce the risk of disclosure of personal information of citizens. ”
Jing-Tao went on to explain, which requires independent third-party to provide assistance. He suggested that the ROC's second-generation ID card equipped with a chip, if express handheld devices through chip Terminal docking information with third parties, while allowing third party docking with the public security Department's information, you can guarantee the authenticity of the sender provides information at the same time, police intervention can also add protection for citizens ' personal information.
"Achieving security express not only public safety, also including the security of personal information. To allow citizens to enjoy the convenience of the age of big data, not the tired, only ' safe ' to achieve, is the proper meaning of security Express. The "Yungho Chang said.
隐私已死,超七成网民个人身份信息被泄露 - 隐私,信息安全 - IT资讯
根据国家质检总局、中央综治办、国家标准委联合发布的《社会治安综合治理基础数据规范》规定,自今年3月开始,居民寄快递需要实名投寄。
早在快递实名制推出伊始,这项制度就引起了来自各方的广泛讨论:一边,一桩桩血淋淋的案件让人们呼吁政府进一步加强监管;另一边,面对当下个人信息安全严重泄露的现状,不少人对快递实名制下个人信息的安全表示了担心。
超七成网民个人身份信息被泄露
“我都不知道该怎么办好了!”重庆市市民小吴向笔者抱怨道。
前不久重庆市的小吴刚购置了新房,可是接踵而至的各种骚扰电话却让她平添了几分忧虑。“我们家买房子以后,总是接到各种装修公司的电话,有的时候一天甚至能接到十来个,可是我都不知道这些公司是从哪里得到我的电话的。”小吴说道。
在现实生活中,像小吴一样面临这种困扰的人不在少数。
有数据统计,在个人信息保护方面,网民被泄露的个人信息涵盖范围非常广泛,其中78.2%的网民个人身份信息被泄露过,包括网民的姓名、学历、家庭住址、身份证号及工作单位等;63.4%的网民个人网上活动信息被泄露过,包括通话记录、网购记录、网站浏览痕迹、IP地址、软件使用痕迹及地理位置等。在个人信息泄露带来的不良影响上,82.3%的网民亲身感受到了个人信息泄露给日常生活造成的影响。
中国科学院高级工程师荆涛博士向笔者这样解释大数据时代下的个人信息状况:客户的大量个人信息因快递业务被保存在快递物流管理系统中,而该系统中所存储的就是社会买卖关系的数据海洋,当然也包括个人身份信息、电话、工作单位及家庭住址等,而对这些海量信息的监管仍有盲区。
“比如一个区县一级的快递公司中转机构能够掌握本区域近期所有的物流流转信息,在目前地下经济链条中对个人信息买卖明码实价的背景下,难免有人抵制不住诱惑。”荆涛说,“这就是为什么生了孩子就会有人推销母婴用品,买了房子就会有人推荐装修,买了汽车就会有人推荐保险一样。”
建议被侵权人直接问责快递公司
“我国法律对于公民隐私权的保护有明确规定,然而在落实上却存在不少问题。”大成律师事务所律师徐文萍认为,“由于在确认侵权人以及取证、举证等问题上存在较大难度,使得公民通过诉讼来维权变得十分困难,侵权人的责任也难以追究。”
“不同于大批量信息的泄露,零星、个别的信息泄露情况的出现,公安部门很难打击。”西南政法大学教授张永和介绍,“信息收集过后会一级一级上传,任何一级都有可能发生信息泄露,即便是对于公安机关,这个调查难度也非常大,更不用说公民个人了。”
取证、举证的困难降低了违法成本,但背后却依然有巨大的经济收益。根据去年中国互联网协会12321网络不良与垃圾信息举报受理中心发布的《中国网民权益保护调查报告(2015)》统计,仅2015年,网民因个人信息泄露、垃圾信息、诈骗信息等现象导致总体损失约805亿元,人均约124元。
“因此,快递实名制的推动,需要我们建立起一整套相关制度来规范快递行业,这包括确立相关责任以及完善追责机制。”张永和说,“比如一旦发生个人信息泄露的问题,被侵权人可以直接对快递公司进行问责,让快递公司承担信息泄露的责任。而对快递员个人的监督责任就会因此转移给快递员所属的快递公司,这样诉讼的难度就会大大降低。”
强化客户信息安全需部门支持
“公民个人信息安全从来就不是一个孤立的问题,从国家的信息安全,到企业和个人的信息安全,是一个完整的整体。需要整个社会共同努力,从法律、意识等方面建立起一套完整的、行之有效的制度体系。”徐文萍说。
对快递行业的监管需要各相关部门通力配合。去年10月22日,中央综治办、公安部、工信部、国土资源部、交通运输部、安监总局等15个部门,要求在全国范围内集中开展危爆物品、寄递物流清理整顿和矛盾纠纷排查化解专项行动,并全面推行“三个百分百”。
“近年来民营快递发展迅速,但是也存在快递行业鱼龙混杂的情况,引发了不少问题。因此,在快递公司的设立上,需要工商部门对快递公司保障公民个人信息的能力有一个严格的审查。”西南政法大学法理教研室主任周尚君认为。
此外,在对快递公司所持有的个人信息的销毁上,也需要相关单位的支持。“强化客户信息安全需要社会相关部门的支持。比方说,企业在集中销毁快递单时就遇到了难题:由于快递单材质特殊且量大,很多回收处理公司并不接收。如果企业自行焚烧销毁,会造成空气污染并存在火灾隐患。快递单销毁还需要相关产业或政府部门的支持。”周尚君说。
运用技术手段管控公民个人信息
“信息保护是一个整体工程,我们现在对信息保护的程度还有待提高,除了制度的构建,在很多其他方面还可努力。”徐文萍强调说。“比如说我们的身份证号,仅仅凭这一组数字,一般人只要稍加解读,就可以提炼出一个人籍贯、生日甚至性别等等信息,这非常不安全。在西方一些国家,这些信息是用一种特别的方法进行加密,只有相关专家才能解读。”
“就目前而言,我们可以通过设立权限的方式对快递实名制下的公民个人信息进行有效管控。”荆涛说道,“比如快递员通过设备扫描寄件人的身份证,寄件人的个人信息就会通过这个设备经云端传入终端服务器。而一般的快递工作人员没有查看的权限。这样信息和快递件分两头走,就可以减少公民个人信息泄露的风险。”
荆涛进一步解释道,这其中需要比较权威的第三方提供协助。他建议说,我国的二代身份证内设有一个芯片,如果快递员手持的设备通过芯片与第三方的信息终端对接,同时让第三方再与公安部门的信息库对接,就可以保证寄件人提供信息的真实性,同时,公安部门的介入也可以为公民个人信息加一重保障。
“实现安全快递不仅仅指公共安全,同样也应当包括公民个人信息的安全。要让公民享受大数据时代所带来的便利而非受其所累,只有‘两个安全’一并实现,才是安全快递的应有之义。”张永和说道。