Shao Haipeng
With 8 bit money (make an appointment with a RMB 370 thousand yuan) mark a price, can obtain 130 million hotels easily to enter information of the identity that register, open house notes with 240 million hotels.
This is to exploded on August 28 go out China live below group division the circumstance that data of all hotel user is divulged. Up to now, china live bloc government response, the interior that start is checked oneself and already called the police. In the meantime, shanghai police already got involved investigation, state will severe from beginning to end blow is gotten illegally, buying and selling, exchange, offer the illegal criminality such as citizen individual information.
And this already was China live the group is divulged the 2nd times by information of be involved in incident. Black clouds of the platform of domestic safe flaw that monitor (WooYun.org) be in early released a report to say 2013, the record opening a room that waits for large quantities of hotels like the home, Chinese front courtyard is stored by tripartite, and be divulged because of flaw. The Chinese front courtyard that faces masses market is namely China live inn of go with wine of hotel group division.
Face individual information to divulge, vice director of council of law of policy of society of Chinese electron business affairs, Shanghai paragraph mix Liu Chunquan represents paragraph of attorney office partner, at present the be divulged because of information and causes great criminal case of exposure, not be an individual divulge. From national legislation for angle, the train of thought that restrains a company is right.
On August 29, chinese consumer society announces " App individual information divulges case findings report " (next weighing " report " ) proposal, how to protect consumer individual information and privacy, respect the value of consumer and desire, let consumer individual information and privacy data no longer " streaking " , be respected reasonably and be protected, be participated in extensively what cannot leave social all walks of life and administer jointly.
Individual information is collected reach divulge show general trend
Instantly, when it is good that consumer is enjoying mobile Internet to grow all sorts of brought profits quickly, individual privacy information is divulged, embezzle, traffic incident to happen from time to tome, annoy, bilk phone and mail happen from time to tome.
Narrate before " report " say, according to findings of many 5000 effective questionnaire, individual information divulges a circumstance quite serious, information reveals way and expressional form diversity. Individual information divulges overall condition more serious, the number that has encountered individual information to divulge a circumstance is occupied than for 85.2% .
Because the big range of individual information is divulged, telegraphic bilk common occurance. Liu Chunquan expresses, telegraphic bilk prevails time and again, because,be individual information " streaking " flush, cheater can sign up for an accurate individual information, bring about puzzle the gender is strong, have a bit be duped easily carelessly.
Nevertheless, individual information big range divulges as real as the network name to make have very big concern. Because be opposite,the importance understanding of individual information is less than a professional technical ability that protects with devoid individual information, did not get very good technology and law are protected generally.
In addition, mobile phone App is excessive collect individual information to present general trend. " report " say, the attributive sort that mobile phone App needs to get is various, the most outstanding is to get positional information and visit contact limits of authority; And function of existence App oneself gets user privacy limits of authority below use unessential circumstance, increased the risk that individual information divulges; The account that majority gets the person that visit to think mobile phone App gathers individual information is to promote advertisement.
Those who deserve attention is, information is divulged also present growth trend. Data shows, annual was divulged 2016 or by the data bulk of pilfer it is 1.9 billion about. And 2017, yahoo is in the document that submits American finance to superintend an orgnaization, admit 3 billion account is divulged entirely. Divulge data bulk, be equivalent to 2016 1.5 times of annual.
When Yu De of CEO of net of song of researcher of engage by special arrangement of research center of Chinese electron business affairs, ground accepts reporter of the first finance and economics to interview, express, the executive principal part that information reveals has individual also have an organization. Gotten way also can be divided it is two kinds, one kind is to pass functionary action to be gotten illegally, and buy illegally, receive, the means such as exchange is gotten, another kind is the technology is divulged, like flaw, trojan, pull a library (hacker term, meaning be about to all number in the database leave according to all pilfer) etc.
To this China live the information of the group is divulged, also the personage inside course of study is analysed, basically be to have " inside ghost " divulge pertinent information actively.
In addition, after consumer individual information is divulged should be not worth to measure. Investigation data shows, after individual information divulges circumstance happening, consumer worries to be used to be engaged in bilk filch most activity or give tripartite. However, have about 1/3 finally suffer the person that visit to choose " avowed and hapless " , the consciousness of active dimension authority of consumer still remains to strengthen.
Yu De expresses, from citizen individual information encroach dimension to spend in light of, on the history that develops in Internet, the incident that individual information divulges has all the time. If be the member that leave one's post,in office staff inside and outside cooperates illegal " purloin " circumstance, hotel need manages existence flaw for interior and assume corresponding responsibility. If be a hacker " pull a library " inbreak, if the enterprise did not offer the technique that with its dimensions photograph matchs protection, also need to assume corresponding responsibility, resemble China the group company that lives to have huge system to measure individual information so, the security that should provide high level defends grade. Otherwise, the enterprise also is fall victim square.
Improve the knowledge of legislative judiciary
Individual information protects legislative thing to pass every citizen increase, also be all sorts of information that personal feeling gets annoy everybody, the legal issue that telegraphic bilk backside involves.
The research of law of individual information protection has lasted old, although return the project approving program that did not include National People's Congress at present, but academia thinks afterwards network is safe after law and law of electronic business affairs, law of individual information protection is the legislative task that field of next network news must study mainly.
By 2012, standing committee of countrywide National People's Congress also issued the decision that reinforces network news protection, carry out network real name formally to make, made clear the law that individual information protects to ask from legislative level at the same time. On June 1, 2017, " network safety law " apply formally.
A few days ago, civil code allusion makes up draft each minutes the first time submit to the 5th times the conference discusses standing committee of National People's Congress of 13 whole nations. In the light of privacy authority and individual information protect the outstanding issue that the domain exists, character authority makes up draft to stipulate in active law farther aggrandizement is right on the foundation the protection of privacy right and individual information, protect a law to stay for the individual news that is about to make join space.
Chinese law learns civil code to learn Meng Jiang of seminar deputy secretary-general to express: "Draft made those who make clear limit to privacy right first, with alone one chapter counterpoises to protecting privacy and individual information had detailed regulation, responded to actual demand effectively. Responded to actual demand effectively..
Liu Chunquan was written a few days ago civil say, review the legislative mode that information of each country individual protects, one-way law legislation protects individual information is the method that uses more generally. The cognitive rate that although Xu Yuyu case is great,raised individual information to protect necessity, but whole society especially the understanding current situation of the necessity of the value to individual information and protection returns legislative judiciary too low. A lot of people or cannot wait for individual information protection and telegraphic bilk the abominable consequence that individual information abuses is contacted.
Liu Chunquan expresses, "This, china live group information is divulged, likely our information amid, but we prove very hard, what damage consequence. What damage consequence..
"According to general tort behavior, jural have 4 points, tort behavior, damage fault of sequential, causal, party. Wanting a proof is the accused divulged your information, and information divulges this chain is very long actually, ordinary prosecutor party is very difficult proof, this is a very main reason. " Liu Chunquan says.
Liu Chunquan thinks, china stay in the enterprise such as the group to take individual information safety seriously not quite, depend on law doing not have deterrence to them. Nevertheless, legal environment also changed now, " network safety law " also had carried out. If engage in a lawsuit again, also can produce change likely.
He thinks, to this case, spark likely director branch undertakes to its put on record is investigated. Besides criminal case, still meet investigation China lives the group has without fulfill " network safety law " compulsory. If was fulfilled,can reduce liability, information is divulged now, also be to have for certain add up to compasses job to did not become the place that reach the designated position. Because protect the law that information safety is an enterprise to define Wu, good without protection, bring about divulge be suspected of breaking the law.
Chinese consumer society also suggests, from respect of plan of law of perfect and relevant law, the right that both sides trades in service of news of farther clear network is compulsory, serve the obligation of the provider and responsibility tie to App especially, in making good individual information and data application, relevant risk is mixed of the problem answer with grind sentence, the data industry that allows network period grows inside law limits.
In addition, the protection of the superintendency of mobile phone App and individual information, need industry letter, market is superintended, public security, culture, net is installed wait for concerned branch to be treated in all in coordination, trends is superintended. Mix in strict admittance doorsill register put on record while, want severity to penalize of all kinds break the law violate compasses act, severity hits the black industry chain that individual information sells, to violating the act of information of consumer individual privacy, form normalization to superintend a mechanism.
Individual information draws lessons from experience legislatively
Current, the judicatory case that Chinese individual information protects, main by professional of a few law, for example orgnaization of protection of lawyer, consumer driving.
Liu Chunquan says, at present as a result of our country individual information thought fors the time being civil case is original little, protect besides Jiangsu disappear appoint the individual outside sueing Baidu to nolle prosequi loses a lawsuit basically still, consequently the enterprise did not use up the information safety of reasonable discretion to guarantee obligation is naked even tort behavior, original with respect to quote difficulty, basic now it is 0 risks condition.
Current, protection of information of our country individual executes the law in administration domain, basically be " consumer rights and interests protects a law " , " network safety law " . " network safety law " execute the law strength is relative bigger, according to the case that announce, small gain of Tecent small letter, sina, Baidu is stuck be suspected of disobeying " network safety law " be investigated by put on record, BOSS is hired continuously be done to instruct by net letter rectify and reform, this calculates current great execute the law case.
What form bright contrast with this is, although Euramerican also there is no lack of individual information divulges incident, but Euramerican enterprise takes network privacy seriously generally quite or individual information is protected, be not consciousness, however by force of real legal risk.
For example, gu Ge set an issue because of browser Safari 2012, ever was corresponded by American federal committee (FCC) fine 22.5 million dollar; In September 2014 because Verizon company did not offer Optout(to exit to 2 million telephone subscriber) choice, be investigated by FCC, the result reconciles with 7.4 million dollar the investigation that the end is suspected of violating privacy to its.
Liu Chunquan says, china is when legislation, should more referenced research is other the legislation outside region, include India, Singapore, Japan, its individual information protects a level also not under our country.
He thinks, from Chinese antitrust law execute the law in light of, individual information protection executes the law not to eliminate to study the possibility of the European Union. Combine an European Union to wait for amerce of a huge sum for many times to the enterprise antitrust such as Gu Ge, this one administration executes the law measure is superintended really awe power is vast, the administrative responsibility that can fine through a huge sum guides an enterprise to close compasses. Be in at present, judicatory lawsuit still the main protection way that legislation of protection of information of individual of China of can yet be regarded as deserves to consider. From science reasonable with angle of advance gradually process for, through civil suit responsibility guiding enterprise closes compasses, it seems that more scientific and reasonable.