摘要
《个人信息保护法》将金融账户信息纳入敏感个人信息的范围,但未作出明确的界定。界定标准的不明确将导致权利主体权益易损、义务主体责任不明、司法裁判依据不清。考察域外立法例,同时结合我国有关立法现状和实践,宜采取“定义+列举+排除”的界定模式,以“信息主体”“信息性质”和“信息处理”为定义的考量因素,从立法、实践的综合角度进行列举,并排除通过间接识别才能确认的金融账户信息。基于此,我国出台“金融账户信息”的司法解释可侧重四个方面,以实现个人信息的保护和社会信息利用的动态平衡。
The Personal Information Protection Law includes financial account information in the scope of sensitive personal information but does not provide a clear definition.The lack of a clear definition for the standard can lead to potential vulnerabilities in the rights of data subjects,unclear responsibilities for data controllers,and ambiguity in judicial decisions.By examining foreign legislation examples and considering the current legislative situation and practices in China,it is advisable to adopt a definition model that combines“definition and enumeration and exclusion.”This model should consider factors such as the“data subject,”“nature of the information,”and“data processing”in its definition,listing financial account information comprehensively from both legislative and practical perspectives while excluding financial account information that can only be confirmed through indirect identification.Based on this,China can issue a judicial interpretation of“financial account information”focusing on four aspects to attain a dynamic equilibrium between the protection of personal information and the utilization of societal information.
作者
尹华容
伍洋宇
YIN Huarong;WU Yangyu(Law School,Xiangtan University,Xiangtan,Hunan 411105,China)
出处
《财经理论与实践》
北大核心
2024年第3期154-160,共7页
The Theory and Practice of Finance and Economics
基金
国家社会科学基金重点项目(21ZD&204)。
关键词
个人信息保护法
金融账户
个人金融信息
敏感个人信息
Personal Information Protection Law
financial account
personal financial information
sensitive personal information
