摘要
网络安全信息共享已成为各国网络安全立法的重点议题。美国通过一系列政策和行政命令确立了信息共享的基本框架,并于2015年通过了《网络安全信息共享法》。该法规定的主要内容包括:联邦政府的网络安全信息共享;非联邦主体的网络安全信息共享;规定私主体的责任豁免以鼓励信息共享;隐私、自由和私权利的保护;限制政府所获网络安全信息的用途;联邦机构向国会定期报告制度。在借鉴美国立法经验的基础上,本文对我国未来立法提出如下建议:尽快建构网络安全信息共享的法治框架;确立网络安全信息共享的公私合作机制;规定相应的责任豁免制度以激励信息共享;平衡维护网络安全与保护私人权利的关系;限定政府所获网络安全信息的特定用途。
Cybersecurity information sharing has been the core issue of cybersecurity legisla- tion all over the world. The United States has established the basic legal framework of cyberse- curity information sharing through a series of policies and orders, and finally passed the Cyberse- curity Information Sharing Act (CISA) in 2015. CISA provides: cybersecurity information sha- ring by federal agencies; cybersecurity information sharing by non-federal entities; immunity from liabilities to encourage information sharing; protection of privacy and civil liberties; limita- tions on federal use of information shared pursuant to CISA; report to congress on implementa- tion. Based on these experiences, the proposals for legislation regarding to information sharing in our country are as follows: establishing the legal framework of cybersecurity information sharing quickly; setting up a mechanism for cybersecurity information sharing among private-sector and government entities; providing according immunity from liabilities to promote sharing; balancing cybersecurity safeguard and private rights protection; limiting the governmental use of informa- tion obtained from sharing.
出处
《财经法学》
2017年第2期22-30,共9页
Law and Economy
基金
国家社会科学基金特别委托项目"大数据时代依法治国战略"(项目编号:15@ZH012)子课题"大数据时代的数据立法研究"
中国法学会2016年度研究课题"我国关键基础设施保护立法研究"[项目编号:CLS(2016)D44]
关键词
网络安全信息共享
网络安全法
美国立法
Cybersecurity information sharing Cybersecurity law Cybersecurity legislation of United States
