摘要
大数据时代的个人信息容易被滥用,我国《个人信息保护法》确立的知情同意规则正是为了解决这一问题。目前的制度尚存在不足,主要体现在忽略了信息主体的有限理性和其天然的弱势地位。风险管理理念在风险社会具有正当性与合理性,它以承认信息主体有限理性与合理分配个人信息风险为基础,有助于建构起完善个人信息保护知情同意规则的新路径。应当结合风险管理理念,对传统知情同意规则进行纠偏,构建隐私协议评级系统等信息公开路径,不断增强透明度;优化知情同意规则运作的程序设计,以化解“同意”困境;将个人信息保护设计融入产品研发的前置理念;注重风险导向下目的限制原则的动态适用。
In the era of big data,personal information is easy to be abused,and the informed consent rules established by Chinese Personal Information Protection Law are designed to address this problem.The current system still has some shortcomings,which are mainly reflected in ignoring the limited rationality of the information subjects and their natural vulnerability.The concept of risk management,which is justified and reasonable in a risk society,is based on recognition of the limited rationality of information subjects and reasonable allocation of personal information risks,and it helps to construct a new path to improve the informed consent rules of personal information protection.The traditional informed consent rules should be corrected in the light of the risk management concept:firstly,to build an information disclosure path such as a privacy protocol rating system to continuously enhance transparency;secondly,to optimize the procedural design of informed consent rules to resolve the “consent” dilemma;thirdly,to integrate the design of personal information protection into the pre-conception of product research and development;finally,the dynamic application of the risk-based purpose limitation principle should be emphasized.
作者
李冰琦
Li Bingqi(School of Law Tianjin University,Tianjin 300110,China)
出处
《北京化工大学学报(社会科学版)》
2023年第2期68-78,共11页
Journal of Beijing University of Chemical Technology(Social Sciences Edition)
基金
2021年度天津大学自主创新基金项目“广告营销中儿童身心健康法律保护研究”(0903066066)。
关键词
个人信息保护
知情同意规则
风险管理
理性人
隐私协议评级
individual information protection
rule of informed consent
risk management
rational person
privacy protocol rating
