摘要
个人敏感信息在我国规范性文件中已有体现,但规定间存在一定冲突。公众对不同信息敏感度存在差异,通知同意规则也已引发诸多质疑,我国未来个人信息保护法有必要对个人信息进行类型化区分,以实现信息保护与信息利用的更好平衡。敏感信息界定方法,宜在现行定义加列举的基础上,增加信息处理的情境和目的为考量因素。具体种类方面,应结合对泄露该信息是否会导致重大伤害、给信息主体带来伤害的几率、社会大多数人对某类信息的敏感度三个因素的综合考量,立足于中国国情,回应技术的发展,将健康信息、性生活和性取向、身份证件号码、金融信息、政治意见、通讯信息、基因信息、生物特征信息和精确地理位置列为个人敏感信息。
Personal sensitive information has been reflected in China's normative documents, but there is no categorization of personal information in the law. The public's sensitivity to personal information is different, and meanwhile informed consent doctrine faces an infinite challenge in the big data era. Therefore, sensitive information should be defined and stringently protected in the Individual's Information Protection law of China. As for defining sensitive information, based on nature of information and list in law, context and purpose should also be considered. As for the specific types, three factors should be considered: whether the leakage of information may cause serious harm, the probability of harm to information subjects, and the sensitivity of most people in society to information. Therefore, the following information should be defined as sensitive information: health information, identification information, sexual life and sexual orientation, criminal records, political opinions, number, communication information, financial information, genetic biometric information and geographic location
出处
《中国法学》
CSSCI
北大核心
2018年第5期235-254,共20页
China Legal Science
基金
国家社科基金项目"大数据时代金融隐私权保护法律问题研究"(项目批准号:15BFX113)的阶段性成果
