China's black market in personal information under "naked": legislation to protect short-term difficult to achieve legal, privacy, telecommunication scams-IT information
Girl Xu Yuyu encounters in linyi, Shandong Telecom fraud, again triggered public panic in disclosure of personal information. The age of big data, personal information protection legislation is not perfect, personal data in "naked."
Present data industry has become a sweet pastry, encourage open data at the national level, data security and privacy protection needs to be normative.
The past two years, legislation on personal information, from all walks of life call for many. At national level, however, push is not fast. In accordance with the legislative procedure, issued a law is unlikely in the short term, a number of large industry officials suggested that local practice, Central common Scout standard legislation.
Data black market under the transparent people
The age of big data, big data the value of more and more attention.
2015 China promulgated by the Internet Society of China Internet users ' rights protection investigation report shows that 78.2% personally identifiable information of Internet users had been leaked, 63.4% of the online activities of Internet users information is divulged, for personal information disclosure of Internet users, spam, fraudulent information resulted in the total loss of some 80.5 billion yuan.
Enter the mobile Internet age, more production and exposure of personal data every day.
White-collar Wang up running open round in the morning, breakfast with micro-payments, opened for work drops, open Internet micro-blogging, micro-circle, lunch takeaway, Taobao buy single socks. The day, personal health, home, mobile route, telephone, address, gender and weight, eating habits, even identity card numbers were exposed to the platform.
Based on these data, platforms of our personal data. Businesses based on Wang's information, accurate posting ads, doing interconnection financial credit, or sell data.
According to media reports, the end of 2015, the Zhejiang Provincial higher people's Court on strategic cooperation with Alibaba group, Taobao platforms data lock any such useful phone numbers and addresses, shipping address legal documents sent to Taobao, improving throughput. In addition, Ali platform available to Zhejiang High Court huge amounts of data, on the left in the platform data of persons involved in a lawsuit to draw "portrait", including identity, contact information, consumer data, and so on.
Data, most popular is Apple. In 2014, the Apple event exposed the back door, admitted secretly gets user information by class-action lawsuits. Earlier this year, Apple announced to the world the United States Federal Bureau of investigation (FBI) attempts to monitor Apple users, said an open letter "to protect user data, FBI we dare to refuse."
"Through the black market you can buy data is no secret messages. "A large enterprise in Zhongguancun executives, mainly refers to the law expressly prohibits data black market trading of some data, there are currently several laws explicitly customer privacy data, is not allowed to publish, some laws do not explicitly, but on a moral level are not allowed on public data.
The executives said personal flying records, and data communications operators, China UnionPay data, most can be bought through the black market.
A telecom operator Middle told the 21st century business Herald reporter, platform specification for protection of personal data, their use of your personal data and transactions, desensitization process will be taken, but some small platforms would be hard to say, even if personal data is sold, and is difficult to obtain evidence and human rights defenders.
He is a case study of an e-commerce platform vendor, shopping leads to trafficking of personal information, and how accountability platform and seller responsibilities, the law is not clear, and it is difficult to obtain evidence.
Operator Executive said a big data, do data transactions from their current experience, although there exist black markets, but overall the data transactions standardized and formalized way is still relatively safe. At present, data transactions should be allowed to fly for a while, regulations will gradually improve in the practice.
Short-term legislation at the national level difficult to achieve
21st century business Herald reporters comb found that China's relevant laws and regulations of the criminal law amendment (seven), tort law, identity card law concerning protection of personal information in addition, China's Constitution, the General principles of civil law, civil procedure law, criminal procedure law, also some more general personal information protection requirements.
But laws are not clear about the concept, the legislative provisions scattered; levels vary, most effective levels are not high; poor adaptability, not system problems such as incomplete.
During the two sessions this year, Governor of the people's Bank of China branch in Hangzhou Yin Xingshan accept 21st century business Herald said in an exclusive interview with Xinhua, the NPC should speed up the "personal information protection law" of the legislative process, chapter on the protection of personal financial information as stipulated, the protection of personal financial information rises to the height of national law.
He also suggested that, taking into account the reality of a long legislative process and standardize the management of demand, in the current conditions, may be formulated by the State Council, China's "personal information protection regulations" when conditions are ripe, then upgraded to a law.
On August 24, the central network Office, State administration of quality supervision, the national standards committee jointly issued a circular on strengthening national cybersecurity standardization of opinions, proposed to carry out critical information infrastructure protection, security reviews, industrial control system security, data security, personal data protection, network security information sharing standards development work.
In large data driven by the gold rush, nearly two years at the local level is also exploring personal privacy protection. Earlier this year, Guizhou province, Guizhou province, through the development and application of large data facilitate the Ordinance, as China's first large local regulations is considered to have significance to large data into the orbit of rule of law.
It is regrettable that this regulation focuses on encouraging local industrial park built, about data privacy and security, as well as data transactions, there is no particular.
Recently, the Shanghai trading center has released the personal data protection principles, another local regulations, referring to safeguard the legitimate interests of the data subject.
Xiaoweibing, associate professor at the Shanghai University College of law, said current domestic studies is not mature, future directions are not clear, legislation could not walk in front of the practice and legislation at national level is not clear, in sensitive areas where breakthrough more difficult.
Data Research Institute of Tsinghua University Executive Vice President Han Yishun told the 21st century business Herald press, open data and the protection of personal data privacy, recommended that the district try went behind the legislation in practice.
中国黑市交易下个人信息“裸奔”:立法保护短期难实现 - 法律,隐私,电信诈骗 - IT资讯
山东临沂女孩徐玉玉遭遇电信诈骗,再次引发全民对个人信息泄露的恐慌。大数据时代,个人信息保护立法不完善,个人数据基本处于“裸奔”状态。
当下大数据产业成为香饽饽,国家层面鼓励数据开放,同时数据安全和个人隐私保护也亟待规范。
近两年,关于个人信息立法,各界呼吁很多。然而从国家层面来说,推进并不快。按照立法程序,短期内出台一部法律不太可能,多位大数据行业人士建议地方实践先行,央地共同探路规范立法。
数据黑市交易下的透明人
大数据时代,大数据的价值越来越受到重视。
中国互联网协会发布的《2015中国网民权益保护调查报告》显示,78.2%的网民个人身份信息被泄露过,63.4%的网民个人网上活动信息被泄露过,网民因个人信息泄露、垃圾信息、诈骗信息等现象导致总体损失约805亿元。
进入移动互联网时代,更多的个人数据每天在生产和曝光。
白领小王早上起来跑步打开咕咚,买早餐用微信支付,上班打开滴滴,上网打开微博,发微信朋友圈,午餐用外卖,淘宝下单买袜子。一天下来,个人的健康、家庭住址、活动路线、电话、办公地址,以及性别、体重、饮食习惯,甚至身份证号码都曝光到了相关平台。
基于这些数据,相关平台可以将我们的个人信息数据化。商家可以根据小王们的信息,精准投递广告,做互联金融征信,甚至卖数据。
据媒体报道,2015年底,浙江省高级人民法院与阿里巴巴集团达成的战略合作,通过淘宝平台的数据锁定当事人常用电话和地址,把法律文书寄往淘宝收货地址,提高送达率。另外,浙江高院可利用阿里平台的海量数据,对在该平台上留下数据的涉诉人员绘制“画像”,包括身份信息、联系信息、消费数据等。
大数据方面,国外最受关注的是苹果公司。2014年,苹果曝出后门事件,承认偷偷获取用户信息,遭集体诉讼。今年初,苹果公司向全世界公布了美国联邦调查局(FBI)监控苹果用户的企图,并发公开信称“保护用户数据,FBI我们都敢拒绝”。
“通过黑市可以买的数据不是什么秘密的消息。”中关村一家大数据企业高管介绍,数据黑市主要是指法律明确禁止的一些数据的交易,目前有一些法律明确的客户隐私信息数据,是不允许公布的,还有一些法律并没有明确的,但是在道德的层面上不允许公开的数据。
上述高管透露,个人乘坐飞机的记录,还有通讯运营商的数据、银联的数据,大多都可以通过黑市买到。
某电信运营商中层告诉21世纪经济报道记者,大平台对个人数据的保护相对规范,其对个人数据的使用和交易,会采取脱敏处理,但是目前一些小的平台就很难说,即便是个人数据被出卖,也很难取证和维权。
他以某电商平台卖家为例,购物导致个人信息被贩卖,如何追究平台责任和卖家责任,法律并不清晰,而且很难取证。
一家大数据运营商高管则表示,从他们目前做数据交易的经历来讲,虽然存在黑市交易,但整体的数据交易规范化和正规化的路子走的还是比较稳当。目前,应该让数据交易先飞一会儿,法规都会在实践中逐渐完善。
国家层面立法短期难实现
21世纪经济报道记者梳理发现,中国相关法律法规中的刑法修正案(七)、侵权责任法、居民身份证法等涉及个人信息保护;此外,中国宪法、民法通则、民事诉讼法、刑事诉讼法等也有一些对个人信息保护较为笼统的规定。
但是相关法律都存在概念不清、立法规定散乱;层次不一,大多效力级别不高;适应性差,不系统不全面等问题。
今年全国两会期间,中国人民银行杭州中心支行行长殷兴山接受21世纪经济报道记者专访时表示,全国人大应加快“个人信息保护法”的立法进程,将个人金融信息保护作为专章予以规定,使个人金融信息保护上升到国家法律的高度。
他还建议,考虑到立法进程较长和规范管理的现实需求,在当前条件下,可先由中国国务院制定“个人信息保护条例”,待条件成熟后再升格为法律。
8月24日,中央网信办、国家质检总局、国家标准委联合印发了《关于加强国家网络安全标准化工作的若干意见》,提出开展关键信息基础设施保护、网络安全审查、工业控制系统安全、大数据安全、个人信息保护、网络安全信息共享等领域标准研制工作。
在大数据淘金热的驱动下,地方层面近两年也在探索个人隐私保护。今年年初,贵州省通过《贵州省大数据发展应用促进条例》,作为中国首部大数据地方法规,被认为具有将大数据产业纳入法治轨道的意义。
遗憾的是,这部法规重在鼓励地方建产业园区,关于数据隐私安全,以及数据交易方面,并无具体涉及。
近日,上海数据交易中心对外发布了《个人数据保护原则》,又一家地方性条例出台,提到保障数据主体的合法权益。
上海政法学院经济法学院副教授肖卫兵表示,目前国内相关研究并不成熟,未来发展方向不清晰,立法不可能走在实践前面;同时国家层面立法不清晰,地方在敏感领域的突破比较难。
清华大学数据科学研究院执行副院长韩亦舜则告诉21世纪经济报道记者,大数据开放和个人数据隐私保护方面,建议地方多尝试探路,立法都是在实践后面。