反电信网络诈骗中个人信息删除权的实现路径

The realization path of personal information deletion right in anti telecom network fraud

《反电信网络诈骗法》是我国在数字社会中进行前端防控犯罪治理思路的典型转型,其中构建的信息监测共享机制成为政企多方协同治理的范例。该机制授予企业组织一定程度以个人信息工具化利用为特性的用户信息控制权,使得信息主体与信息处理者之间的关系更为紧张,其结果可能表现为个人信息删除权的被迫落空。在信息监测机制通体流程解构为“信息实名-信息留存-风险信息识别-风险信息核验-风险信息共享-中止服务”的程序链条中,包括安全义务主体、信息处理目的、信息留存时限都与删除权的权利场景不相协调。其疏解路径应当分别从《个人信息保护法》和《反电信网络诈骗法》两法规范体系内进行思考,明确在法理和规范性解释下法定个人信息利用行为对信息删除请求权抗辩的合理性,厘清信息监测共享机制中与义务主体、内容有关的模糊地带,同时对信息留存的时限与方式给予上限性规定,实现两法以个人信息保护为核心的共同意志。

The Anti-Telecommunications Network Fraud Law is a typical transformation of China′s approach to front-end crime prevention and control governance in the digital society,in which the information monitoring and sharing mechanism constructed therein serves as an example of collaborative governance between government and enterprises.The mechanism grants business organizations a certain degree of control over user information characterized by the instrumental use of personal information,making the relationship between the subject of information and the information processor more tense,and the result may be that the right to delete personal information is forced to fall through.In the process chain of the information monitoring mechanism,which is deconstructed into the information real name-information retention-risk information identification-risk information verification-risk information sharing-suspension of services,including the subject of the security obligation,the purpose of information processing,and the time limit of information retention are all incompatible with the scenario of the right of deletion.The path of resolution should be considered from within the normative system of the Personal Information Protection Law and the Anti-Telecommunications Network Fraud Law respectively,to clarify the reasonableness of the defense of the right to request for deletion of information under the jurisprudence and normative interpretation of statutory personal information utilization,to clarify the ambiguities related to the subject of the obligation,the scope and the content of the information monitoring and sharing mechanism,and at the same time to give the upper limit to the time limit and the way of information retention to realize the common will of the two laws centering on the protection of personal information.