个人信息侵权的规范构造

The Normative Construction of Personal Information Infringement

个人信息侵权的规范构造需要处理好两对矛盾,一是信息主体和信息处理者能力不对称导致的举证困境,二是个人信息权益保护与合理利用个人信息的对立。在解释论上,法院应当基于是否采用信息自动化处理技术构造二元归责体系,采用自动化处理技术的侵权行为适用过错推定规则,未采用该技术的侵权行为适用过错责任规则。风险本身不构成损害,但信息处理者应当承担风险的预防责任和相关费用;此外,法院宜降低精神损害赔偿的门槛。在常见的存在复数侵权人的情形中,可以基于证据损害理论类推适用共同危险行为的相关规则。违法性要件可以平衡个人信息侵权所涉及的多元利益,应结合《民法典》第998条对其进行动态体系论的综合判断,且这种判断并不排斥前三个要件的加入。

The normative construction of personal information infringement needs to deal with two pairs of contradictions.One is the dilemma of proof caused by the asymmetry of the ability and status between the information subject and the information processor.The other is the opposition between the interests of personal information protection and the rational use of personal information.A dual system of imputation should be constructed based on whether automated information processing technology is used,with the presumption of fault applying to infringements where automated processing technology is used,and the general principle of fault-based liability applying where such technology is not used.The risk itself does not constitute damage,but the information processor should bear the risk prevention responsibility and the related costs.Furthermore,it would be appropriate to lower the threshold for moral damages.As far as causation is concerned,in the case of plural tortfeasors,the relevant rules of joint dangerous acts can be applied by analogy based on the theory of evidential damage.The elements of Criminal defenses can balance the multiple interests involved in personal information infringement.A comprehensive judgment should be made in conjunction with Article 998 of the Civil Code.This judgment does not exclude the join of the first three elements.