个人信息保护体系中“非法使用”行为的入罪化

The Criminalization of “Illegal Use” in the Personal Information Protection System

《刑法》第253条之一“侵犯公民个人信息罪”中并未包括“非法使用”公民个人信息行为,司法实践中,对于“非法使用”行为的规制,也大多通过侵犯公民个人信息罪对“非法获取”“提供”“出售”等源头行为的非难而得以实现。但是,并非所有的“非法使用”行为都可以被包含,例如“合法获取,非法使用”行为。当然,对“非法使用”公民个人信息行为入罪化的提出,应当结合当前的个人信息保护体系,建立在完善的前置法规范之上。随着《民法典》《个人信息保护法》的相继通过,个人信息保护体系得以进一步完善,已然形成相对完备的前置法基础,为“非法使用”公民个人信息行为的入罪化提供了充分的违法性认定根据,同时也符合当前时代的应然要求。在此基础上,围绕“公民个人信息权益”以及其衍生法益,对“非法使用”行为予以类型化区分,“非法使用”公民个人信息行为的入罪化得以提出。

The“crime of infringing citizens’personal information”in Article 253 of the Criminal Law does not include the“illegal use”of citizens’personal information.In judicial practice,the regulation of“illegal use”acts is mostly realized by the crime of infringing citizens’personal information when punishing acts of source such as“illegally obtaining”,“providing”and“selling”.However,not all“illegal use”acts can be included,such as“legally acquired,illegally used”acts.Of course,the criminalization of“illegal use”of citizens’personal information should be combined with the current personal information protection system and established on the basis of perfect pre-law norms.With the passing of the Civil Code and the Personal Information Protection Law,the personal information protection system has been further improved.Thus a relatively complete pre-law basis has been formed,which provides a sufficient basis for the determination of illegality for the criminalization of“illegal use”of citizens’personal information,and also meets the requirements of the current era.On this basis,centering on the“rights and interests of citizens’personal information”and its derivative legal interests,the“illegal use”act is categorized and differentiated,and the criminalization of“illegal use”of citizens’personal information can be proposed.