摘要
大数据时代,个人信息面临巨大的安全风险,需要刑法积极介入应对。刑法应当采用预防性保护立法、兼顾个人信息权益保护与数据流通、秉持刑事一体化理念,从风险识别、风险分担和风险防控三方面应对个人信息安全风险。风险识别方面,个人信息分类分级是风险识别的基础,可以综合网络安全等级保护定级标准和个人信息涉及的法益类型,分类分级保护个人信息。风险分担方面,通过合理设置个人信息处理者的义务责任以及基于信息主体同意出罪事由,明确不同主体应当分担个人信息安全风险。风险防控方面,通过严密个人信息保护义务和厘清个人信息犯罪的入罪边界,有效衔接前置法与刑法,构建个人信息安全风险防控法律体系。
In the era of big data,personal information faces huge security risks,which requires the active inter⁃vention of criminal law to deal with them.Criminal law should adopt preventive protection legislation,inte⁃grate the protection of personal data rights and data flow and the concept of criminal integration and address the risk of personal information security from three perspectives of risk identification,risk sharing and risk pre⁃vention and control.In terms of risk identification,the classification and grading of personal information is the basis,and the classification and grading of personal information can be done by integrating the network securi⁃ty level protection grading standards and the types of legal interests involved in personal information.In terms of risk sharing,it is clear that different subjects should share the risk of personal information security by rea⁃sonably setting up the obligations and responsibilities of personal information processors and the reasons for in⁃crimination based on the consent of information subjects.In terms of risk prevention and control,the legal sys⁃tem for the prevention and control of personal information security risks is constructed by tightening the obliga⁃tions of personal information protection and clarifying the boundary of criminalization of personal information crimes,and effectively connecting the predecessor law and criminal law.
出处
《求是学刊》
CSSCI
北大核心
2022年第2期129-141,共13页
Seeking Truth
基金
国家社科基金项目“大数据背景下公民个人信息刑法保护体系研究”(19BFX074)
华东政法大学科学研究项目资助(21HZK011)。
关键词
个人信息
安全风险
刑法模式
personal information
security risk
criminal law model