从利益平衡角度论个人信息泄露的潜在风险

Discussion on Potential Risk of Personal Information Leakage From Perspective of Balance of Interests

在大数据时代,个人信息一旦泄露将面临巨大的潜在风险。然而,目前《个人信息保护法》并未明确个人信息泄露但尚未发生损害时应当如何处理。目前学界的讨论多集中于是否突破侵权行为的构成要件,而对于这类潜在风险背后的利益格局探讨较少。潜在风险是否需要救济、如何救济,应当从平衡个人信息的保护和利用的角度出发,探究在发生潜在风险时不同主体的利益状况,在现行立法的基础上,选择最能实现利益平衡的方案。在考虑个人和信息业者利益的基础上,对风险的救济应当局限于预防费用的支出、精神损害的赔偿,并且不应当将救济潜在风险作为免除信息业者在风险现实化时的赔偿责任的理由。

In the era of big data,once personal information is leaked,it will face huge potential risks.However,“Personal Information Protection Act”currently does not specify what should be done when personal information is leaked but no damage arises.At present,most discussions in this field focus on whether to break through the essential condition of infringement.However,there has been less discussion of the interest landscape behind such potential risks.Does the potential risk require relief,and how?From the perspective of balancing the protection and utilization of personal information,the interests of different subjects should be explored when potential risks occur,and choose the plan that can best achieve the balance of interests on the basis of current legislation.On the basis of considering the interests of individuals and information providers,the remedies for risks should be limited to expenditures for prevention and compensation for mental damage.Moreover,the relief of potential risks should not be used as a reason to exempt information providers from liability for compensation when damages arise.