摘要
数据控制者的概念源于欧洲法律,对数据控制者所应承担的义务经立法明确后,随着技术发展历经多次变迁。欧洲数据控制者的义务类别多达12项,其中数据安全、告知、更正和清除是主要的三项义务。数据控制者的义务变迁路径呈现出从原则性义务向规则性义务过渡,从数据主体权利要求向数据控制者义务承担过渡等趋势。义务种类逐渐增多、核心义务长期存续及义务来自同一法源是欧盟数据控制者义务变迁的三大特点。分析欧盟数据控制者的义务类别,及其变迁路径、特点、缘由,有助于我国借鉴欧洲数据控制者义务保障体系。
The concept of data controller originated from the European law.Since the obligations of data controller are required by law,there are many changes due to technological developments.This investigation found that a European data controller has 12 categories of obligations while data security,notification,correction and removal are the three main obligations.At the same time,the change of data controller’s obligations represents the trend of transition from principled obligations to regulatory obligations,and from the rights requirements of the data subject to the legal obligations of the data controller.The gradual increase in the types of obligations,the long-term sustainability of core obligations,and the obligations from the same legal source are the three major characteristics in the development of EU data controller’s obligations.By analyzing the categories of obligations,the course and characteristics of change,and the reasons for change,it can provide guidance for China to fully understand the EU data controller’s obligation system,as well as for allocating data protection obligations and responsibilities to network service providers reasonably in the future.
出处
《图书馆论坛》
CSSCI
北大核心
2019年第3期140-146,共7页
Library Tribune
基金
国家社科基金重点项目"云环境下数字学术资源信息安全的法律保障研究"(项目编号:14AZD076)研究成果
关键词
数据控制者
义务
数据保护
欧盟
data controllers
legal obligations
data protection
European Union