摘要
为分析《个人信息保护法》框架下个人信息出境安全评估的具体实施机制,确保境外第三方对所接收个人信息提供符合我国法律要求的标准,将国家互联网信息办公室2021年发布的最新个人信息出境安全评估方案与此前的两个草案进行对比分析,发现新草案在评估原则、门槛、评估主体、个人信息处理者义务4个方面取得进展,但仍存在不足,提议在安全评估目的限缩、持续监督机制、再转移要求3个方面对个人信息出境安全评估的管理工作进行强化。
In order to review the rules on security assessment of transborder data flow under the framework of the Personal Information Protection Law, assure the third parity outside China has provided a required protection standard towards the personal information received, it is necessary to compare and analyze the latest proposed provisions on the security assessment of transborder data flow released by the Cyberspace Administration of China with its former proposals. Although there are achievements among the rules of security assessment on the principles, conditions, assessment department, and the obligations of the processor of personal information, it is still necessary to perfect its rules on the purpose limitation,ongoing supervision and onward transfer.
作者
张奕欣
邢潇
张金平
ZHANG Yixin;XING Xiao;ZHANG Jinping(National Computer Network Emergency Response Technical Team/Coordination Center of China,Beijing 100094,China;Central University of Finances and Economics,Beijing 100081,China)
出处
《信息安全与通信保密》
2022年第3期19-26,共8页
Information Security and Communications Privacy
关键词
个人信息
出境信息
再转移
安全评估
持续监督
personal data
transborder data flow
onward transfer
security assessment
ongoing supervision