The Dynamic System Theory of Legal Protection for Personal Information Rights Infringement

The advent of the big data era has presented unprecedented challenges to remedies for personal information infringement in areas such as damage assessment,proof of causation,determination of illegality,fault assessment,and liability.Traditional tort law is unable to provide a robust response for these challenges,which severely hinders human rights protection in the digital society.The dynamic system theory represents a third path between fixed constitutive elements and general clauses.It both overcomes the rigidity of the“allor-nothing”legal effect evaluation mechanism of the“element-effect”model and avoids the uncertainty of the general clause model.It can effectively enhance the flexibility of the legal system in responding to social changes.In light of this,it is necessary to construct a dynamic foundational evaluation framework for personal information infringement under the guidance of the dynamic system theory.By relying on the dynamic interplay effect of various foundational evaluation elements,this framework can achieve a flexible evaluation of the constitutive elements of liability and the legal effects of liability for personal information infringement.Through this approach,the crisis of personal information infringement in the era of big data can be mitigated,and the realization of personal information rights as digital human rights can be promoted.

On the“News Exception”in Personal Information Protection

Protection of personal information is a significant issue in the construction of legal systems in various countries in the information age.Introducing a balanced approach for protecting personal information is an important goal of basic human rights protection and data legislation.Personal information protection involves comprehensive considerations among various values,and the balanced structure between personal information rights and other rights systems has become the key to legislation on personal information protection.The“news exception”is a prominent example representing the balanced structure of personal information protection.As a societal instrument,news not only pursues commercial value but also advocates freedom of expression and public value.There exists a natural tension between news and personal information protection.The“news exception”of the balanced structure has become a fundamental requirement and important connotation for constructing a system for protecting personal information.The balanced structure of the“news exception”requires a reasonable definition of the concept and purpose of news,and both the self-discipline within the news industry and the judicial intervention are necessary factors.China has preliminarily completed the top-level legislative design of personal information protection through laws such as the Civil Code of the People’s Republic of China(PRC)and the Personal Information Protection Law of the People’s Republic of China.However,the balanced mechanism of the“news exception”has not yet been fully established in China.A“news exception”based on the ideas of balance and the improvement of the institutional system is the fundamental principle for the development of China’s personal information protection system.

On the “Reasonable” Handling of Personal Information Disclosed According to the Law

The model for protection of personal information dis-closed according to the law has changed from indirect protection to direct protection.The indirect protection model for traditional repu-tation rights and privacy rights was not enough to meet the practical needs of governance.However;due to the ambiguity in the application of the“reasonable”processing requirements,the direct protection model centered on Article 27 of the Personal Information Protection Law also is not enough to effectively respond to practical disputes.The essence of the problem is to resolve the tension between informa-tion circulation and risk control and reshape the legal order for the protection of personal information disclosed according to the law.The determination of“reasonable”should be centered on the scenario theory and holism interpretation and carried out by using the interpre-tation technique of the dynamic system under Article 998 of the Civil Code.With the support of scenario-based discussions and comparative propositions,the crawling and tag extraction of personal information.disclosed according to the law should be considered as reasonable processing;profiling and automated decision-making should not be covered in the scope of reasonable processing,in principle;for behav-iors such as correlation analysis,elements like information subject,identifiability and sensitivity should be comprehensively considered to draw open and inclusive conclusions in individual cases.

A Method to Improve the Accuracy of Personal Information Detection

It is necessary to confirm the personal data factors and the rules of verification before conducting personal data detection. So that the detection method can be written in the subsequent implementation of the automatic detection tool. This paper will conduct experiments on common personal data factor rules, including domestic personal identity numbers and credit card numbers with checksums. We use ChatGPT to test the accuracy of identifying personal information like ID card identification numbers or credit card numbers. And then use personal data correlation to reduce the time for personal data identification. Although the number of personal information factors found has decreased, it has had a better effect on the actual manual personal data identification. The result shows that it saves about 45% of the calculation time, and the execution efficiency of the accuracy is also improved with the original method by about 22%, which is about 2.2 times higher than the general method. Therefore, the method proposed in this paper can accurately and effectively find out the leftover personal information in the enterprise. .

Research on Residents’Willingness to Protect Privacy in the Context of the Personal Information Protection Law:A Survey Based on Foshan Residents’Data

The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.

Developing a Comprehensive Regime for Personal Information Protection in Networked Chinese Public Sectors

With the increasing sharing and reuse of personal information resources for better public services, the effective protection and management of personal information as organizational and individual assets as well as social resources are becoming more and more important in networked Chinese public sectors. Existing studies of personal information protection in China is mainly conducted from the legal perspective with a focus on the development of appropriate legislation and policies at the national level. There is little research on how specific legislation and polices can actually be implemented in an effective manner and what impacts such legislation and policies have on individuals, organizations, and the society. To adequately address this issue, this study investigates the legal requirements for personal information protection based on the relevant laws, regulations, and standards in China. It proposes a comprehensive regime for personal information protection in the networked public sectors in China. Such a regime takes the advantages of existing discipline-based approaches, legal requirements, and control mechanisms for personal information protection. It can be used to facilitate the provision of public services in the networked Chinese public sectors through the adequate protection of personal information and the effective management of personal information.

The Public Law Construction of Government Agencies’Obligations to Disclose When Handling Personal Information in the Digital Age

The protection of personal information plays an extremely important role in the construction of digital government.The duty to inform is a prerequisite core obligation that the government should fulfill in processing personal information,a concrete expression of the right to self-determination of personal information,and a prerequisite for the right to protection of personal information that works as a fundamental right to defense the intrusion from the government,as well as a procedural regulatory tool to restrain the government’s information power and prevent the risk of infringement.As the rules on the processing of personal information and the duty to inform have both the nature of public law,the government’s processing of personal information is also public law in nature,especially because of the constitutional value and power control function of the duty to inform,the construction of a system for the duty to inform cannot be copied from the rules applicable to private subjects,but should be tailored to the public law characteristics of the government’s processing of personal information,overcoming the shortcomings of the current rough and fragmented legislation,and set up a systematic regulation based on the public law in term of the legal subject,procedure,content,consequences of obligation violations and legal protection.

The Model Selection of Personal Information Protection in Criminal Procedures

In criminal procedures,the right to personal information does not conform to the human rights characteristics of criminal procedures centered on due process right,in which the right to be forgotten and the right to access data possess no attributes of independent litigation right.The theory of the independent right to personal information lacks a legitimate basis and should not be used as the protection model for personal information in criminal proceedings.Given the particularity of interest measurement and the individuality and negativity of human rights in criminal procedures,the protection of personal information in the criminal procedure should be aimed at the risk of transformation from collective general information to private sensitive information.Specifically,it is the right of personal information not to be excessively collected.Accordingly,the personal information protection should be included in the scope of criminal procedures by the conceptual interpretation of the informational privacy,i.e.,the dependency protection model.In this regard,the criminal proceeding should appropriately introduce the basic principles of personal information protection and the limited general forensic to deal with the impact and challenge of emerging right claim on the criminal justice system.

Decentralized Mobile SNS Architecture and Its Personal Information Management Mechanism

Mobile SNS popular topics of mobile is one of the most Internet. In order to fulfill the user demand for self-maintained independent social network and ensure the privacy of their personal information and resources, the paper proposes system architecture of decentralized mobile SNS.In the temporary scenarios, the system makes use of the existent specification of FOAF （Friend- of-a-Friend） to describe users＇ personal information and act as a certificate to be identified by SNS sites. Ticket-based Access Authorization System （TAAS） is provided to grant permission to acquire resources on personal portal. Meanwhile, the mechanism and algorithm are devised for user profile complete deletion when users are going to quit the service for the temporary scenarios.

Compensatory Damages in Personal Information Public Interest Litigation in China: Challenges and Prospects

In contrast to private interest litigation,public interest litigation provides a more potent solution to personal information infringements marked by extensive scope,unspecified victims,and limited individual loss.However,com⁃pensatory damages remain a contentious issue,both in theory and in practice,within the legal framework of personal in⁃formation public interest litigation.Through an empirical study conducted within China's judicial practice,this paper reveals that the pending issue concerning the nature and function of compensatory damages has caused highly contra⁃dictory verdicts regarding their calculation and allocation,as well as their relationship with other forms of pecuniary li⁃abilities.Only by acknowledging the role of compensatory damages imposed in personal information public interest liti⁃gation as"Skimming off Excess Profits",and affirming their function as deterrence rather than compensation can they truly achieve the broader objective of safeguarding personal information security and promoting public welfare,as well as avoid disrupting the harmony of the existing legal landscape.

Why The Constitution Should Protect Personal Credit Information?——An Approach of Right Argumentation

Protecting personal credit information through constitutional rights is not only essemtial for individuals to defend against infringements on their personal credit information rights and interests by public power in the social credit system,but also a requirement for unified legislation on social credit to explore the basis for constitutional norms.In the era of the credit economy,personal credit information has become a vital resource for realizing personal autonomy.Along with the increase in the state’s supervision and control of personal credit,the realization of the autonomous value in the interests related to personal credit information has also set more obligations for the state.Therefore,interests related to personal credit information should be regarded as a constitutional right.Because of its significant economic interest and value,the right to personal credit information should be classified as a constitutional property right.As a constitutional property right,the right to personal credit information can not only help protect people’s economic interests,but also achieve the goal of safeguarding their personality interests.

Selection of a Model for Civil Law Protection of Personal Information

Despite its safety and convenience,modern technology has turned out to be an alienating force independent of humankind.The relationship between modern technology and human development furnishes the macro-background for the discussion of personal information protection issues.Chinese law should respond actively to avoid being reduced to a"morass of rules"in the global context.China’s legislation on personal information protection emphasizes public law at the expense of private law;it lacks the rule based support of basic civil law.Within the legal system,civil law is an important means and basic norm for protecting the agency of human beings,as it can provide systemic support for the protection of personal information.Formulation of the corresponding legislation should establish the independent control of personal information by the subject of the information,and should reinforce the position of the weaker side in the interest relationship.With regard to selecting of a model of civil law protection of personal information,the models of indirect protection and legal interest protection both have flaws;the rights protection model is better suited to China’s legislative and judicial realities.The right to personal information can be embedded in the existing normative system of personality rights to ensure the internal compatibility of the legal system.The rights protection model should be adopted in the personality right section of the Civil Code.

Personal Information Self-Management:A Survey of Technologies Supporting Administrative Services

This paper presents a survey of technologies for personal data self-management interfacing with administrative and territorial public service providers.It classifies a selection of scientific technologies into four categories of solutions:Personal Data Store(PDS),Identity Manager(IdM),Anonymous Certificate System and Access Control Delegation Architecture.Each category,along with its technological approach,is analyzed thanks to 18 identified functional criteria that encompass architectural and communication aspects,as well as user data lifecycle considerations.The originality of the survey is multifold.First,as far as we know,there is no such thorough survey covering such a panel of a dozen of existing solutions.Second,it is the first survey addressing Personally Identifiable Information(PII)management for both administrative and private service providers.Third,this paper achieves a functional comparison of solutions of very different technical natures.The outcome of this paper is the clear identification of functional gaps of each solution.As a result,this paper establishes the research directions to follow in order to fill these functional gaps.

The Bundle of Personal Information Rights from the Perspective of State Protection

The bundle of personal information rights refers to a set of rights belonging to the subject of personal information,including the right to know,decide,inquire,correct,copy,delete,etc.Such a bundle of rights is usually understood in Chinese civil rights legal circles as a civil right falling under the paradigm of individual autonomy and control,and is interpreted as a specific right to personal information.This understanding somewhat misinterprets the nature and function of the bundle of personal information rights.In terms of its nature,the bundle of personal information rights is the outcome of the state’s obligation to actively protect and empower individuals through institutional safeguards,and is thus essentially a means and a tool of protection granted to individuals by the state under the concept of protective law.In terms of its function,the bundle of personal information rights is both a tool enabling individuals to check and counterbalance processors of information and a strategy for the state to regulate data processors.Understanding the nature and functions of the bundle of rights from the perspective of state protection and regulation strategies helps to construct a fairer,more transparent and rational order of public law data governance under the concept of protective law and promotes the structural optimization and capacity enhancement of the data governance system.As an instrumental right under the state’s regulatory strategy,the implementation of the bundle of personal information rights needs to focus on facilitating the individual’s knowledge,participation and ability to negotiate under procedural justice,as well as the reasonable allocation of rights and obligations between individuals and information processors under distributive justice,with a view to continuously developing and enhancing the state’s regulatory rationality.

Privacy,National Security,and Internet Economy:An Explanation of China's Personal Information Protection Legislation

With the development of the internet and the increasing role played by information technology in the economy,personal information protection has become one of the most significant legal and public policy problems.Since 2013,China has accelerated its legislation efforts towards protecting personal information.The Cybersecurity Law of the People's Republic of China took effect on June 1,2017.Legal scholars focus on the nature of personal information,discuss the necessity of enacting specific laws on protecting personal information,and attempt to propose relevant draft laws regarding personal information protection.Personal information protection,however,is not only a legal issue but also a political one.We need to look at the decision-making process about legislation on personal information protection in China.Why has China sped up its legislation on personal information protection since 2013?Is privacy,civil rights,or legal interest the main reason behind the legislation?Only after placing personal information protection legislation in a broader context,can we have a better understanding of the underlying logic and dynamics of personal information protection in China,and can perceive the potential content and possible future of these legislation.This paper argues that Internet industry development,the social consequences of personal information infringement,and national security are the main drivers of China's personal information protection legislation.

Ad Blockers & Online Privacy: A Comparative Analysis of Privacy Enhancing Technologies (PET)

Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, rendering many existing defences ineffective. This study performs a large-scale measurement of online tracking mechanisms across a large pool of websites using the OpenWPM (Open Web Privacy Measurement) platform. It systematically evaluates the effectiveness of several ad blockers and underlying Privacy Enhancing Technologies (PET) that are primarily used to mitigate different tracking techniques. By quantifying the strengths and limitations of these tools against modern tracking methods, the findings highlight gaps in existing privacy protections. Actionable recommendations are provided to enhance user privacy defences, guide tool developers and inform policymakers on addressing invasive online tracking practices.

Research on the Legality of Information Utilization in Epidemic Prevention and Control

Big data is playing an important role in preventing,control and monitoring COVID-19,but during the process,the legality of the use of personal information shall be paid attention to.Personal information should be divided into general information and sensitive information,and the use of sensitive information should take"Consent"as its legality basis.In the process of personal information collection,the subject qualification of the collection organization or personnel should be clearly defined,and the starting conditions and process specifications of the collection work should be determined.The use of personal information should be in accordance with legal provisions or agreed ways and purposes and should not violate individual privacy rights and other personality rights,and should not improperly display the"digital image"of individuals.

Rainbow:reliable personally identifiable information retrieval across multi-cloud

Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Building a PII retrieval service over multi-cloud,which is a modern strategy to make services stable where multiple servers are deployed,seems to be a promising solution.However,three major technical challenges remain to be solved.The first is the privacy and access control of PII.In fact,each entry in PII can be shared to different users with different access rights.Hence,flexible and fine-grained access control is needed.Second,a reliable user revocation mechanism is required to ensure that users can be revoked efficiently,even if few cloud servers are compromised or collapse,to avoid data leakage.Third,verifying the correctness of received PII and locating a misbehaved server when wrong data are returned is crucial to guarantee user’s privacy,but challenging to realize.In this paper,we propose Rainbow,a secure and practical PII retrieval scheme to solve the above issues.In particular,we design an important cryptographic tool,called Reliable Outsourced Attribute Based Encryption(ROABE)which provides data privacy,flexible and fine-grained access control,reliable immediate user revocation and verification for multiple servers simultaneously,to support Rainbow.Moreover,we present how to build Rainbow with ROABE and several necessary cloud techniques in real world.To evaluate the performance,we deploy Rainbow on multiple mainstream clouds,namely,AWS,GCP and Microsoft Azure,and experiment in browsers on mobile phones and computers.Both theoretical analysis and experimental results indicate that Rainbow is secure and practical.

Design and Implementation of Privacy Impact Assessment for Android Mobile Devices

There are a lot of personal information stored in our smartphones, for instance, contacts, messages, photos, banking credentials and social network access. Therefore, ensuring personal data safety is a critical research and practical issue. The objective of this paper is to evaluate the influence of personal data sect,rity and decrease the privacy risks in the Android system. We apply the concept of privacy impact assessment （PIA） to design a system, which identifies permission requirements of apps, detects the potential activities from the logger and analyses the configuration settings. The system provides a user-friendly interface for users to get in-depth knowledge of the impact of privacy risk, and it could run on Android devices without USB teleport and network connection to avoid other problems. Our research finds that many apps announce numerous unnecessary permissions, and the application installing confirmation dialog does not show all requirement permissions when apps are installed first time.

Topical Issues of Regulation of Economic Relations in Internet Environment

This article examines current issues of regulation of economical relations in the lnternet environment. Complexities, created by global and virtual features of the Internet economy, are characterize＆ Problems associated with the implementation of the tax and customs policy, regulation of e-money circulation, virtual labor, intellectual property rights protection and consumer rights, as well as personal information are analyzed. Specifics of economic crimes and problems of their control in a virtual environment are commented. Also, the ways to address these problems are indicated.