大数据时代下我国个人数据保护的比较研究(硕士)(论文40000字)
论文摘要
大数据时代下,海量的个人数据产生了前所未有的价值。个人数据的广泛收集和处理所带来的个人数据保护的问题愈发严重。这些问题包括个人数据的归属和其权利性质问题,个人数据处理与隐私的问题,个人数据的安全问题以及个人数据跨境后的管辖问题,等等。
欧盟地区是世界上对个人数据保护最为严格的地区,并且有着长期的立法实践和司法实践,其对个人数据保护的相关原则和规则值得我国借鉴。目前,欧盟法律和学术界多使用“隐私”或“个人数据”一词表达“个人数据”这一法律客体。我国法律中较多使用“个人信息”和“隐私”一词,而学术界并无统一的表达。实际上,“个人信息”和“个人数据”之间无明显区分的必要,但是欧盟语境下地“隐私”与我国的“隐私”不同,前者是广义的,后者是狭义的。
欧盟地区对个人数据的保护发源于《欧洲人权公约》第8条所规定“隐私权”。随着2000年《欧盟基本权利宪章》的公布,个人数据保护权成为了独立的表达方式。随着2009年《里斯本条约》对《欧盟基本权利宪章》效力的确认,个人数据保护权成为了一项具备法律效力的基本权利。在“个人数据保护权”具备法律约束力之后的很长一段时间内,欧盟法院仍然一度将“隐私权”与“个人数据保护权”紧密联系,并未认为“个人数据保护权”是一项与“隐私权”不同的权利。但在最近的立法和司法中,“个人数据保护权”从“隐私权”中独立出来的趋势越来越明显。
欧盟于2016年最新发布的《一般数据保护条例》,就其保护原则而言,于1995年的《数据保护指令》并没有相差太多,增加了完整性原则和问责制原则,体现了《一般数据保护条例》更加严格的数据保护原则。
我国并没有像欧盟一样拥有完整的《个人数据保护法》,对于个人数据保护的法律常散见于各个部门之中,如《民法总则》、《网络安全法》、《消费者权益保护法》等。由于各个部门法的执法水平、执法理念不同,我国对个人数据在各个部门法的保护水平参差不弃。同时,由于各个部门法的保护范围有限,并不能涵盖所有的个人数据处理的情况。
此外,我国对于个人数据权的权利性质也并没有统一的认识。学术界观点不一。有观点主张通过财产权对个人数据进行保护,也有观点主张通过人格权对个人数据进行保护,还有观点结合了上述两种观点,认为应当以财产权和人格权共同对个人数据进行保护。大多数学者都承认个人数据上的人格利益和财产利益,仅仅是对其具体的保护方式具有争议。
由于数据所有权无法解决个人数据平等保护、交付、转让、消灭、继承等一系列问题,我国个人数据权不应定性为数据所有权。而又由于个人数据存在着独立于人格之外的财产价值、可强制许可性、多主体特征等原因,使得我国个人数据权也不应定性为人格权。同时,在立法技术上,以欧盟地区个人数据保护立法的情况来看,个人数据保护法庞大的体系结构,使得个人数据保护不宜纳入人格权的范畴之中。
参照欧盟的立法情况,个人数据权在我国不应当单独的定性为财产权或者人格权,而是应当理解为是一种新型的具备财产利益和人格利益的综合型权利,并且应当制定统一的《个人数据保护法》,这有利于个人数据权的自我完善和独立发展,从而提高我国个人数据保护的水平,使我国社会主义法律体系更加和谐。此外,还应当借鉴欧盟已有的关于个人数据保护的相关规定,不断完善我国个人数据保护原则以及规则,丰富我国个人数据保护权利类型,使我国个人数据保护水平与国际接轨。
关键词:个人数据 个人数据权 人格权 财产权
Abstracts
In the age of big data, huge amounts of personal data have generated unprecedented value. The issues about the protection of personal data are more and more severe because of the extensive collection and processing of personal data. These issues include the ownership of personal data, the nature of the right to the
protection of personal data, the processing of personal data, privacy, the security of personal data and the jurisdictional issues after the cross-border flow of personal data.
The EU is the most strict area in the world for personal data protection and has long-term legislative and judicial practice. The relevant principles and rules on the protection of personal data deserve our reference. At present, the EU law and its academic circles mostly use the term "privacy" or "personal data" to express "personal data" as a legal object. Chinese law often uses "personal information" and "privacy", while there is no uniform expression in its academic circles. In fact, there is no necessary distinction between "personal information" and "personal data", but "privacy" in EU legal context is different from that in Chinese legal context. The former is generalized and the latter is sensu stricto.
The protection of personal data in the EU stems from the "the right to privacy" under article 8 of the European Convention on Human Rights. With the proclamation of the EU Charter of Fundamental Rights in 2000, the right to the protection of personal data became an independent expression. With the 2009 Lisbon Treaty confirming the legal force of Fundamental Rights under the EU Charter, the right to the protection of personal data had become a legally binding and fundamental right. Since the right to the protection of personal data came into force, the European Court of Justice once closely linked the right to privacy with the right to the protection of personal data. It did not consider the right to the protection of personal data is difference from the right to privacy right. However, in recent legislative and judicial practice, the tendency that the right to the protection of personal data became independent from the right to privacy has become more and more obvious.
The EU released General Data Protection Regulations recently in 2016. In terms of GDPR’ protection principles, it did not differ too much from Protection Directive provided in 1995, only adding the principle of integrity and confidentiality, which reflected stricter data protection principles under GDPR.
China does not have a complete Personal Data Protection Law as the European Union does. In China, the laws on the protection of personal data are often found in various legal departments such as the General Principle of Civil Law, the Cyber Security Law, the Consumer Protection Law, etc. . Due to the different level of the law enforcement and the different value in various departmental laws, the level of protection of personal data in various departmental laws is not uneven. At the same time, given the limited scope of protection under the various departmental laws, the protection of personal data processing can not be covered in all cases.
In addition, there is no unified understanding of the nature of the rights to the protection of personal data in China. Academic circles have different opinions. Some scholars advocate protecting personal data through the property right. Some advocate protecting personal data through the personality right. There are also opinions that combine the two viewpoints above and that personal data should be jointly protected through the property right and personality right. Most scholars recognize personal interests and property interests of personal data. What is controversial is merely the specific way to the protection of personal data.
There are some problems about equal protection, delivery, transference, elimination and inheritance of personal data if the right to the protection of personal data is regarded as the personal data ownership. Therefore, the right to the protection of personal data in China should not be regarded as the personal data ownership. What’s more, There are some characteristics of personal data not to fall the scope of the personality right, such as its independent property value, the possibility of compulsory licensing, multi-subject characteristics and so on. Therefore, the right to the protection of personal data should not be regarded as the personality right. In addition, in terms of legislative technology, the legislation of personal data protection in the European Union shows that the huge structure of personal data protection law makes the protection of personal data unsuitable to be put under the personality right.
In China, with reference to the EU's legislation, the right to the protection of personal data should not be individually regarded as the property right or the personality rights. Instead of that, it should be understood as a new type of comprehensive rights with property interests and personal interests. A unified Personal Data Protection Law also should be enacted, which would be beneficial to the improvement and independent development of the right to the protection of personal data, so as to raise the level of protection of personal data and make Chinese socialist legal system more harmonious. In addition, we should learn from the existing EU regulations on the protection of personal data, constantly improve Chinese personal data protection principles and rules, enrich the specific type of the right to the protection of personal data and finally make Chinese personal data protection level keep line with the international standards.
Key Words:Personal Data the Nature Of the Right To the Protection Of Personal Data Personality Right Property Right
目录
目录 0
第1章 大数据时代背景下的个人保护 2
1.1大数据时代背景 2
1.2大数据时代下的个人数据价值 2
1.3个人数据保护的相关问题 3
1.3.1个人数据的归属与性质问题 3
1.3.2个人数据处理与隐私问题 4
1.3.3个人数据的安全问题 5
1.3.4个人数据跨境后的管辖问题 7
1.4个人数据相关问题的解决 8
第2章 个人数据概念和特征 8
2.1欧盟地区个人数据的概念和特征 8
2.2国内个人数据的概念和特征 10
2.3小结 13
第3章 欧盟个人数据保护法立法概况 13
3.1欧盟个人数据保护的主要法律文件 13
3.2个人数据保护权的权利性质 16
3.2.1《欧洲人权公约》下的权利性质 16
3.2.2《欧盟基本权利宪章》下的权利性质 17
3.2.3《一般数据保护条例》下的权利性质 19
3.2.4小结 21
3.3个人数据保护权的原则 22
3.3.1合法、公平和透明原则(Lawfulness, Fairness and Transparency) 22
1.3.2目的限制原则(Purpose Limitation) 22
3.3.3数据最小化原则(Data minimization) 23
3.3.4准确原则(Accuracy) 23
3.3.5存储限制原则(Storage Limitation) 24
3.3.6完整性和机密性原则(Integrity and Confidentiality) 24
3.3.7问责制原则(Accountability) 25
第4章 我国个人数据保护的立法概况 25
4.1我国个人数据保护的主要法律文件 25
4.2《民法总则》下的个人数据保护 25
4.3《网络安全法》下的个人数据保护 26
4.4小结 28
第5章 国内法视角下个人数据权的性质分析 28
5.1 我国个人数据权的权利性质的研究路径 28
5.2 数据所有权视角下的个人数据权 29
5.1.1将个人数据权定性为所有权的典型问题 30
5.1.2结论 31
5.3人格权角度分析个人数据权性质 32
5.3.1个人数据权不宜定性为人格权的几点理由 33
5.3.2结论 37
第6章 欧盟立法对我国个人数据保护的启示 38
6.1我国个人数据权权利性质的认定 38
6.2我国个人数据保护具体措施的启示 38
6.2.1个人数据保护立法的统一 38
6.2.2个人数据保护原则的完善 39
6.2.3个人数据保护权利类型的丰富 39 |