The advent of the big data era has presented unprecedented challenges to remedies for personal information infringement in areas such as damage assessment,proof of causation,determination of illegality,fault assessmen...The advent of the big data era has presented unprecedented challenges to remedies for personal information infringement in areas such as damage assessment,proof of causation,determination of illegality,fault assessment,and liability.Traditional tort law is unable to provide a robust response for these challenges,which severely hinders human rights protection in the digital society.The dynamic system theory represents a third path between fixed constitutive elements and general clauses.It both overcomes the rigidity of the“allor-nothing”legal effect evaluation mechanism of the“element-effect”model and avoids the uncertainty of the general clause model.It can effectively enhance the flexibility of the legal system in responding to social changes.In light of this,it is necessary to construct a dynamic foundational evaluation framework for personal information infringement under the guidance of the dynamic system theory.By relying on the dynamic interplay effect of various foundational evaluation elements,this framework can achieve a flexible evaluation of the constitutive elements of liability and the legal effects of liability for personal information infringement.Through this approach,the crisis of personal information infringement in the era of big data can be mitigated,and the realization of personal information rights as digital human rights can be promoted.展开更多
Protection of personal information is a significant issue in the construction of legal systems in various countries in the information age.Introducing a balanced approach for protecting personal information is an impo...Protection of personal information is a significant issue in the construction of legal systems in various countries in the information age.Introducing a balanced approach for protecting personal information is an important goal of basic human rights protection and data legislation.Personal information protection involves comprehensive considerations among various values,and the balanced structure between personal information rights and other rights systems has become the key to legislation on personal information protection.The“news exception”is a prominent example representing the balanced structure of personal information protection.As a societal instrument,news not only pursues commercial value but also advocates freedom of expression and public value.There exists a natural tension between news and personal information protection.The“news exception”of the balanced structure has become a fundamental requirement and important connotation for constructing a system for protecting personal information.The balanced structure of the“news exception”requires a reasonable definition of the concept and purpose of news,and both the self-discipline within the news industry and the judicial intervention are necessary factors.China has preliminarily completed the top-level legislative design of personal information protection through laws such as the Civil Code of the People’s Republic of China(PRC)and the Personal Information Protection Law of the People’s Republic of China.However,the balanced mechanism of the“news exception”has not yet been fully established in China.A“news exception”based on the ideas of balance and the improvement of the institutional system is the fundamental principle for the development of China’s personal information protection system.展开更多
As Interface mediated self-assembly of nanocrystals provide excellent strategy for sensing,catalysis or photonics,the construction of innovative interfaces and development of versatile strategies for nanocrystal synth...As Interface mediated self-assembly of nanocrystals provide excellent strategy for sensing,catalysis or photonics,the construction of innovative interfaces and development of versatile strategies for nanocrystal synthesis are urgently needed.Herein,latent fingerprints(LFPs),the most common markers for human identity,are used as naturally accessible interface for organization of graphene isolated nanocrystals(GINs).Excitingly,the selective adsorption of GINs on lipidic ridge provides a universal approach for the in-situ construction of the plasmonic arrays.Such system with intrinsic chrominance and Raman signal enables the high resolution colorimetric and surfaced-enhanced Raman spectroscopy(SERS)dual-mode imaging,which can detail the structures of the LFPs from 1st to 3rd level even the LFPs are shielded.Furthermore,the interface can be constructed on diverse materials by a simple finger-pressing process and the densely packed arrays can serve as superior SERS substrate for label-free,non-invasive acquisition of molecule information especially residues in LFPs.The combination of chemical composition with detailed structures efficiently recognizes the human identity and could help link it to a crime scene.Overall,the LFPs can act as natural platform for interface mediated localized assembly and personalized information acquisition for forensic science or precise medicine.展开更多
It is necessary to confirm the personal data factors and the rules of verification before conducting personal data detection. So that the detection method can be written in the subsequent implementation of the automat...It is necessary to confirm the personal data factors and the rules of verification before conducting personal data detection. So that the detection method can be written in the subsequent implementation of the automatic detection tool. This paper will conduct experiments on common personal data factor rules, including domestic personal identity numbers and credit card numbers with checksums. We use ChatGPT to test the accuracy of identifying personal information like ID card identification numbers or credit card numbers. And then use personal data correlation to reduce the time for personal data identification. Although the number of personal information factors found has decreased, it has had a better effect on the actual manual personal data identification. The result shows that it saves about 45% of the calculation time, and the execution efficiency of the accuracy is also improved with the original method by about 22%, which is about 2.2 times higher than the general method. Therefore, the method proposed in this paper can accurately and effectively find out the leftover personal information in the enterprise. .展开更多
Protecting personal credit information through constitutional rights is not only essemtial for individuals to defend against infringements on their personal credit information rights and interests by public power in t...Protecting personal credit information through constitutional rights is not only essemtial for individuals to defend against infringements on their personal credit information rights and interests by public power in the social credit system,but also a requirement for unified legislation on social credit to explore the basis for constitutional norms.In the era of the credit economy,personal credit information has become a vital resource for realizing personal autonomy.Along with the increase in the state’s supervision and control of personal credit,the realization of the autonomous value in the interests related to personal credit information has also set more obligations for the state.Therefore,interests related to personal credit information should be regarded as a constitutional right.Because of its significant economic interest and value,the right to personal credit information should be classified as a constitutional property right.As a constitutional property right,the right to personal credit information can not only help protect people’s economic interests,but also achieve the goal of safeguarding their personality interests.展开更多
The model for protection of personal information dis-closed according to the law has changed from indirect protection to direct protection.The indirect protection model for traditional repu-tation rights and privacy r...The model for protection of personal information dis-closed according to the law has changed from indirect protection to direct protection.The indirect protection model for traditional repu-tation rights and privacy rights was not enough to meet the practical needs of governance.However;due to the ambiguity in the application of the“reasonable”processing requirements,the direct protection model centered on Article 27 of the Personal Information Protection Law also is not enough to effectively respond to practical disputes.The essence of the problem is to resolve the tension between informa-tion circulation and risk control and reshape the legal order for the protection of personal information disclosed according to the law.The determination of“reasonable”should be centered on the scenario theory and holism interpretation and carried out by using the interpre-tation technique of the dynamic system under Article 998 of the Civil Code.With the support of scenario-based discussions and comparative propositions,the crawling and tag extraction of personal information.disclosed according to the law should be considered as reasonable processing;profiling and automated decision-making should not be covered in the scope of reasonable processing,in principle;for behav-iors such as correlation analysis,elements like information subject,identifiability and sensitivity should be comprehensively considered to draw open and inclusive conclusions in individual cases.展开更多
The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremel...The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.展开更多
Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, renderin...Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, rendering many existing defences ineffective. This study performs a large-scale measurement of online tracking mechanisms across a large pool of websites using the OpenWPM (Open Web Privacy Measurement) platform. It systematically evaluates the effectiveness of several ad blockers and underlying Privacy Enhancing Technologies (PET) that are primarily used to mitigate different tracking techniques. By quantifying the strengths and limitations of these tools against modern tracking methods, the findings highlight gaps in existing privacy protections. Actionable recommendations are provided to enhance user privacy defences, guide tool developers and inform policymakers on addressing invasive online tracking practices.展开更多
Big data is playing an important role in preventing,control and monitoring COVID-19,but during the process,the legality of the use of personal information shall be paid attention to.Personal information should be divi...Big data is playing an important role in preventing,control and monitoring COVID-19,but during the process,the legality of the use of personal information shall be paid attention to.Personal information should be divided into general information and sensitive information,and the use of sensitive information should take"Consent"as its legality basis.In the process of personal information collection,the subject qualification of the collection organization or personnel should be clearly defined,and the starting conditions and process specifications of the collection work should be determined.The use of personal information should be in accordance with legal provisions or agreed ways and purposes and should not violate individual privacy rights and other personality rights,and should not improperly display the"digital image"of individuals.展开更多
The protection of personal information plays an extremely important role in the construction of digital government.The duty to inform is a prerequisite core obligation that the government should fulfill in processing ...The protection of personal information plays an extremely important role in the construction of digital government.The duty to inform is a prerequisite core obligation that the government should fulfill in processing personal information,a concrete expression of the right to self-determination of personal information,and a prerequisite for the right to protection of personal information that works as a fundamental right to defense the intrusion from the government,as well as a procedural regulatory tool to restrain the government’s information power and prevent the risk of infringement.As the rules on the processing of personal information and the duty to inform have both the nature of public law,the government’s processing of personal information is also public law in nature,especially because of the constitutional value and power control function of the duty to inform,the construction of a system for the duty to inform cannot be copied from the rules applicable to private subjects,but should be tailored to the public law characteristics of the government’s processing of personal information,overcoming the shortcomings of the current rough and fragmented legislation,and set up a systematic regulation based on the public law in term of the legal subject,procedure,content,consequences of obligation violations and legal protection.展开更多
In criminal procedures,the right to personal information does not conform to the human rights characteristics of criminal procedures centered on due process right,in which the right to be forgotten and the right to ac...In criminal procedures,the right to personal information does not conform to the human rights characteristics of criminal procedures centered on due process right,in which the right to be forgotten and the right to access data possess no attributes of independent litigation right.The theory of the independent right to personal information lacks a legitimate basis and should not be used as the protection model for personal information in criminal proceedings.Given the particularity of interest measurement and the individuality and negativity of human rights in criminal procedures,the protection of personal information in the criminal procedure should be aimed at the risk of transformation from collective general information to private sensitive information.Specifically,it is the right of personal information not to be excessively collected.Accordingly,the personal information protection should be included in the scope of criminal procedures by the conceptual interpretation of the informational privacy,i.e.,the dependency protection model.In this regard,the criminal proceeding should appropriately introduce the basic principles of personal information protection and the limited general forensic to deal with the impact and challenge of emerging right claim on the criminal justice system.展开更多
A new method to evaluate fuzzily user's relevance on the basis of cloud models has been proposed. All factors of personalized information retrieval system are taken into account in this method. So using this method f...A new method to evaluate fuzzily user's relevance on the basis of cloud models has been proposed. All factors of personalized information retrieval system are taken into account in this method. So using this method for personalized information retrieval (PIR) system can efficiently judge multi-value relevance, such as quite relevant, comparatively relevant, commonly relevant, basically relevant and completely non-relevant, and realize a kind of transform of qualitative concepts and quantity and improve accuracy of relevance judgements in PIR system. Experimental data showed that the method is practical and valid. Evaluation results are more accurate and approach to the fact better.展开更多
In this paper, we proposed the idea of personalized information service for enterprises and customers through government visual information service center (GVISC). It discusses an extensible, reusable, reconstructive ...In this paper, we proposed the idea of personalized information service for enterprises and customers through government visual information service center (GVISC). It discusses an extensible, reusable, reconstructive and integrated framework of GVISC with new techniques, such as XML, agent, data mining and information portal. They include the design and analysis of the logical structure, the design of the data layer, and the description of the function application. We show an example of personalized information service for forest fire prevention in the government virtual information service center.展开更多
Information filtering (IF) systems are important for personalized information service. However, most current IF systems suffer from low quality and long training time. In this paper, a refined evolving information fil...Information filtering (IF) systems are important for personalized information service. However, most current IF systems suffer from low quality and long training time. In this paper, a refined evolving information filtering method is presented. This method describes user's information need from multi-aspects and improves filtering quality through a process like natural selection. Experimental result shows this method can shorten training time, improve filtering quality, and reduce the relevance between filtering results and training sequence.展开更多
There are a lot of personal information stored in our smartphones, for instance, contacts, messages, photos, banking credentials and social network access. Therefore, ensuring personal data safety is a critical resear...There are a lot of personal information stored in our smartphones, for instance, contacts, messages, photos, banking credentials and social network access. Therefore, ensuring personal data safety is a critical research and practical issue. The objective of this paper is to evaluate the influence of personal data sect,rity and decrease the privacy risks in the Android system. We apply the concept of privacy impact assessment (PIA) to design a system, which identifies permission requirements of apps, detects the potential activities from the logger and analyses the configuration settings. The system provides a user-friendly interface for users to get in-depth knowledge of the impact of privacy risk, and it could run on Android devices without USB teleport and network connection to avoid other problems. Our research finds that many apps announce numerous unnecessary permissions, and the application installing confirmation dialog does not show all requirement permissions when apps are installed first time.展开更多
Introducing the human rights perspective into the multi-dimensional governance of human genome editing activities would help define boundaries for the behaviors of stakeholders such as the state, researchers, ethics c...Introducing the human rights perspective into the multi-dimensional governance of human genome editing activities would help define boundaries for the behaviors of stakeholders such as the state, researchers, ethics committee members, and the public, and clarify specific practices of these subjects or entities to meet the requirements of human rights obligations. Based on the human dignity principle, humans must never be used as a means to an end in scientific research. The right to physical and mental health requires the implementation of the principles of informed consent, the primacy of life, and risk control in genome editing, as well as the proper treatment of embryos. The right to privacy corresponds to the confidentiality obligations and non-intervention obligations of relevant parties, and the protection of sensitive personal information points to the special compliance requirements regarding information processing. Differential treatment of genome-edited humans requires objective and reasonable justification, and should also meet the requirements of the proportionality principle.展开更多
Purpose:This study was conducted to investigate the current situation of privacy disclosure(in the Chinese social networking sites.Design/methodology/approach:Data analysis was based on profiles of 240 college student...Purpose:This study was conducted to investigate the current situation of privacy disclosure(in the Chinese social networking sites.Design/methodology/approach:Data analysis was based on profiles of 240 college students on Renren.com,a popular college-oriented social networking site in China.Users’ privacy disclosure behaviors were studied and gender difference was analyzed particularly.Correlation analysis was conducted to examine the relationships among evaluation indicators involving user name,image,page visibility,message board visibility,completeness of education information and provision of personal information.Findings:A large amount of personal information was disclosed via social networking sites in China.Greater percentage of male users than female users disclosed their personal information.Furthermore,significantly positive relationships were found among page visibility,message board visibility,completeness of education information and provision of personal information.Research limitations:Subjects were collected from only one social networking website.Meanwhile,our survey involves subjective judgments of user name reliability,category of profile images and completeness of information.Practical implications:This study will be of benefit for college administrators,teachers and librarians to design courses for college students on how to use social networking sites safely.Originality /value:This empirical study is one of the first studies to reveal the current situation of privacy disclosure in the Chinese social networking sites and will help the research community gain a deeper understanding of privacy disclosure in the Chinese social networking sites.展开更多
Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Buildin...Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Building a PII retrieval service over multi-cloud,which is a modern strategy to make services stable where multiple servers are deployed,seems to be a promising solution.However,three major technical challenges remain to be solved.The first is the privacy and access control of PII.In fact,each entry in PII can be shared to different users with different access rights.Hence,flexible and fine-grained access control is needed.Second,a reliable user revocation mechanism is required to ensure that users can be revoked efficiently,even if few cloud servers are compromised or collapse,to avoid data leakage.Third,verifying the correctness of received PII and locating a misbehaved server when wrong data are returned is crucial to guarantee user’s privacy,but challenging to realize.In this paper,we propose Rainbow,a secure and practical PII retrieval scheme to solve the above issues.In particular,we design an important cryptographic tool,called Reliable Outsourced Attribute Based Encryption(ROABE)which provides data privacy,flexible and fine-grained access control,reliable immediate user revocation and verification for multiple servers simultaneously,to support Rainbow.Moreover,we present how to build Rainbow with ROABE and several necessary cloud techniques in real world.To evaluate the performance,we deploy Rainbow on multiple mainstream clouds,namely,AWS,GCP and Microsoft Azure,and experiment in browsers on mobile phones and computers.Both theoretical analysis and experimental results indicate that Rainbow is secure and practical.展开更多
It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide preci...It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide precise and recommending services.Meanwhile,Internet service providers(ISPs)or local network providers also have strong requirements to collect PIIs for finer-grained traffic control and security services.However,it is a challenge to locate PIIs accurately in the massive data of network traffic just like looking a needle in a haystack.In this paper,we address this challenge by presenting an efficient and light-weight approach,namely TPII,which can locate and track PIIs from the HTTP layer rebuilt from raw network traffics.This approach only collects three features from HTTP fields as users'behaviors and then establishes a tree-based decision model to dig PIIs efficiently and accurately.Without any priori knowledge,TPII can identify any types of PIIs from any mobile applications,which has a broad vision of applications.We evaluate the proposed approach on a real dataset collected from a campus network with more than 13k users.The experimental results show that the precision and recall of TPII are 91.72%and 94.51%respectively and a parallel implementation of TPII can achieve 213 million records digging and labelling within one hour,reaching near to support 1Gbps wirespeed inspection in practice.Our approach provides network service providers a practical way to collect PIIs for better services.展开更多
This paper presents a survey of technologies for personal data self-management interfacing with administrative and territorial public service providers.It classifies a selection of scientific technologies into four ca...This paper presents a survey of technologies for personal data self-management interfacing with administrative and territorial public service providers.It classifies a selection of scientific technologies into four categories of solutions:Personal Data Store(PDS),Identity Manager(IdM),Anonymous Certificate System and Access Control Delegation Architecture.Each category,along with its technological approach,is analyzed thanks to 18 identified functional criteria that encompass architectural and communication aspects,as well as user data lifecycle considerations.The originality of the survey is multifold.First,as far as we know,there is no such thorough survey covering such a panel of a dozen of existing solutions.Second,it is the first survey addressing Personally Identifiable Information(PII)management for both administrative and private service providers.Third,this paper achieves a functional comparison of solutions of very different technical natures.The outcome of this paper is the clear identification of functional gaps of each solution.As a result,this paper establishes the research directions to follow in order to fill these functional gaps.展开更多
基金the“Application of the Dynamic System Theory in the Determination of Infringement Liability for Immaterial Personality Rights in the Civil Code”(Project Approval Number 2022MFXH006)a project of the young scholar research program of the Civil Law Society of CLS in 2022。
文摘The advent of the big data era has presented unprecedented challenges to remedies for personal information infringement in areas such as damage assessment,proof of causation,determination of illegality,fault assessment,and liability.Traditional tort law is unable to provide a robust response for these challenges,which severely hinders human rights protection in the digital society.The dynamic system theory represents a third path between fixed constitutive elements and general clauses.It both overcomes the rigidity of the“allor-nothing”legal effect evaluation mechanism of the“element-effect”model and avoids the uncertainty of the general clause model.It can effectively enhance the flexibility of the legal system in responding to social changes.In light of this,it is necessary to construct a dynamic foundational evaluation framework for personal information infringement under the guidance of the dynamic system theory.By relying on the dynamic interplay effect of various foundational evaluation elements,this framework can achieve a flexible evaluation of the constitutive elements of liability and the legal effects of liability for personal information infringement.Through this approach,the crisis of personal information infringement in the era of big data can be mitigated,and the realization of personal information rights as digital human rights can be promoted.
文摘Protection of personal information is a significant issue in the construction of legal systems in various countries in the information age.Introducing a balanced approach for protecting personal information is an important goal of basic human rights protection and data legislation.Personal information protection involves comprehensive considerations among various values,and the balanced structure between personal information rights and other rights systems has become the key to legislation on personal information protection.The“news exception”is a prominent example representing the balanced structure of personal information protection.As a societal instrument,news not only pursues commercial value but also advocates freedom of expression and public value.There exists a natural tension between news and personal information protection.The“news exception”of the balanced structure has become a fundamental requirement and important connotation for constructing a system for protecting personal information.The balanced structure of the“news exception”requires a reasonable definition of the concept and purpose of news,and both the self-discipline within the news industry and the judicial intervention are necessary factors.China has preliminarily completed the top-level legislative design of personal information protection through laws such as the Civil Code of the People’s Republic of China(PRC)and the Personal Information Protection Law of the People’s Republic of China.However,the balanced mechanism of the“news exception”has not yet been fully established in China.A“news exception”based on the ideas of balance and the improvement of the institutional system is the fundamental principle for the development of China’s personal information protection system.
基金supported by the National Key Research and Development Program of China(No.2020YFA0210800)the National Natural Science Foundation of China(No.21522501)+1 种基金the Science and Technology Innovation Program of Hunan Province(No.2020RC4017)the Science and Technology Development Fund,Macao(No.196/2017/A3).
文摘As Interface mediated self-assembly of nanocrystals provide excellent strategy for sensing,catalysis or photonics,the construction of innovative interfaces and development of versatile strategies for nanocrystal synthesis are urgently needed.Herein,latent fingerprints(LFPs),the most common markers for human identity,are used as naturally accessible interface for organization of graphene isolated nanocrystals(GINs).Excitingly,the selective adsorption of GINs on lipidic ridge provides a universal approach for the in-situ construction of the plasmonic arrays.Such system with intrinsic chrominance and Raman signal enables the high resolution colorimetric and surfaced-enhanced Raman spectroscopy(SERS)dual-mode imaging,which can detail the structures of the LFPs from 1st to 3rd level even the LFPs are shielded.Furthermore,the interface can be constructed on diverse materials by a simple finger-pressing process and the densely packed arrays can serve as superior SERS substrate for label-free,non-invasive acquisition of molecule information especially residues in LFPs.The combination of chemical composition with detailed structures efficiently recognizes the human identity and could help link it to a crime scene.Overall,the LFPs can act as natural platform for interface mediated localized assembly and personalized information acquisition for forensic science or precise medicine.
文摘It is necessary to confirm the personal data factors and the rules of verification before conducting personal data detection. So that the detection method can be written in the subsequent implementation of the automatic detection tool. This paper will conduct experiments on common personal data factor rules, including domestic personal identity numbers and credit card numbers with checksums. We use ChatGPT to test the accuracy of identifying personal information like ID card identification numbers or credit card numbers. And then use personal data correlation to reduce the time for personal data identification. Although the number of personal information factors found has decreased, it has had a better effect on the actual manual personal data identification. The result shows that it saves about 45% of the calculation time, and the execution efficiency of the accuracy is also improved with the original method by about 22%, which is about 2.2 times higher than the general method. Therefore, the method proposed in this paper can accurately and effectively find out the leftover personal information in the enterprise. .
文摘Protecting personal credit information through constitutional rights is not only essemtial for individuals to defend against infringements on their personal credit information rights and interests by public power in the social credit system,but also a requirement for unified legislation on social credit to explore the basis for constitutional norms.In the era of the credit economy,personal credit information has become a vital resource for realizing personal autonomy.Along with the increase in the state’s supervision and control of personal credit,the realization of the autonomous value in the interests related to personal credit information has also set more obligations for the state.Therefore,interests related to personal credit information should be regarded as a constitutional right.Because of its significant economic interest and value,the right to personal credit information should be classified as a constitutional property right.As a constitutional property right,the right to personal credit information can not only help protect people’s economic interests,but also achieve the goal of safeguarding their personality interests.
文摘The model for protection of personal information dis-closed according to the law has changed from indirect protection to direct protection.The indirect protection model for traditional repu-tation rights and privacy rights was not enough to meet the practical needs of governance.However;due to the ambiguity in the application of the“reasonable”processing requirements,the direct protection model centered on Article 27 of the Personal Information Protection Law also is not enough to effectively respond to practical disputes.The essence of the problem is to resolve the tension between informa-tion circulation and risk control and reshape the legal order for the protection of personal information disclosed according to the law.The determination of“reasonable”should be centered on the scenario theory and holism interpretation and carried out by using the interpre-tation technique of the dynamic system under Article 998 of the Civil Code.With the support of scenario-based discussions and comparative propositions,the crawling and tag extraction of personal information.disclosed according to the law should be considered as reasonable processing;profiling and automated decision-making should not be covered in the scope of reasonable processing,in principle;for behav-iors such as correlation analysis,elements like information subject,identifiability and sensitivity should be comprehensively considered to draw open and inclusive conclusions in individual cases.
文摘The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.
文摘Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, rendering many existing defences ineffective. This study performs a large-scale measurement of online tracking mechanisms across a large pool of websites using the OpenWPM (Open Web Privacy Measurement) platform. It systematically evaluates the effectiveness of several ad blockers and underlying Privacy Enhancing Technologies (PET) that are primarily used to mitigate different tracking techniques. By quantifying the strengths and limitations of these tools against modern tracking methods, the findings highlight gaps in existing privacy protections. Actionable recommendations are provided to enhance user privacy defences, guide tool developers and inform policymakers on addressing invasive online tracking practices.
文摘Big data is playing an important role in preventing,control and monitoring COVID-19,but during the process,the legality of the use of personal information shall be paid attention to.Personal information should be divided into general information and sensitive information,and the use of sensitive information should take"Consent"as its legality basis.In the process of personal information collection,the subject qualification of the collection organization or personnel should be clearly defined,and the starting conditions and process specifications of the collection work should be determined.The use of personal information should be in accordance with legal provisions or agreed ways and purposes and should not violate individual privacy rights and other personality rights,and should not improperly display the"digital image"of individuals.
文摘The protection of personal information plays an extremely important role in the construction of digital government.The duty to inform is a prerequisite core obligation that the government should fulfill in processing personal information,a concrete expression of the right to self-determination of personal information,and a prerequisite for the right to protection of personal information that works as a fundamental right to defense the intrusion from the government,as well as a procedural regulatory tool to restrain the government’s information power and prevent the risk of infringement.As the rules on the processing of personal information and the duty to inform have both the nature of public law,the government’s processing of personal information is also public law in nature,especially because of the constitutional value and power control function of the duty to inform,the construction of a system for the duty to inform cannot be copied from the rules applicable to private subjects,but should be tailored to the public law characteristics of the government’s processing of personal information,overcoming the shortcomings of the current rough and fragmented legislation,and set up a systematic regulation based on the public law in term of the legal subject,procedure,content,consequences of obligation violations and legal protection.
文摘In criminal procedures,the right to personal information does not conform to the human rights characteristics of criminal procedures centered on due process right,in which the right to be forgotten and the right to access data possess no attributes of independent litigation right.The theory of the independent right to personal information lacks a legitimate basis and should not be used as the protection model for personal information in criminal proceedings.Given the particularity of interest measurement and the individuality and negativity of human rights in criminal procedures,the protection of personal information in the criminal procedure should be aimed at the risk of transformation from collective general information to private sensitive information.Specifically,it is the right of personal information not to be excessively collected.Accordingly,the personal information protection should be included in the scope of criminal procedures by the conceptual interpretation of the informational privacy,i.e.,the dependency protection model.In this regard,the criminal proceeding should appropriately introduce the basic principles of personal information protection and the limited general forensic to deal with the impact and challenge of emerging right claim on the criminal justice system.
文摘A new method to evaluate fuzzily user's relevance on the basis of cloud models has been proposed. All factors of personalized information retrieval system are taken into account in this method. So using this method for personalized information retrieval (PIR) system can efficiently judge multi-value relevance, such as quite relevant, comparatively relevant, commonly relevant, basically relevant and completely non-relevant, and realize a kind of transform of qualitative concepts and quantity and improve accuracy of relevance judgements in PIR system. Experimental data showed that the method is practical and valid. Evaluation results are more accurate and approach to the fact better.
基金supported by the project of Humanities and Social Science Programming Foundation of China’s Ministry of Education,"Information Resource Integrated Based E-Government Information Service Pattern Research" (No. 06JA630057)
文摘In this paper, we proposed the idea of personalized information service for enterprises and customers through government visual information service center (GVISC). It discusses an extensible, reusable, reconstructive and integrated framework of GVISC with new techniques, such as XML, agent, data mining and information portal. They include the design and analysis of the logical structure, the design of the data layer, and the description of the function application. We show an example of personalized information service for forest fire prevention in the government virtual information service center.
基金he National '863' High-Tech Programme of China (No. 863-306- ZT01- 03- 1 ) ,IBM China Research Lab and Huawei Enterprise Fundi
文摘Information filtering (IF) systems are important for personalized information service. However, most current IF systems suffer from low quality and long training time. In this paper, a refined evolving information filtering method is presented. This method describes user's information need from multi-aspects and improves filtering quality through a process like natural selection. Experimental result shows this method can shorten training time, improve filtering quality, and reduce the relevance between filtering results and training sequence.
基金supported in part by the Ministry of Science and Technology of Taiwan,China under Grant No.MOST 102-2221-E-017-003-MY3
文摘There are a lot of personal information stored in our smartphones, for instance, contacts, messages, photos, banking credentials and social network access. Therefore, ensuring personal data safety is a critical research and practical issue. The objective of this paper is to evaluate the influence of personal data sect,rity and decrease the privacy risks in the Android system. We apply the concept of privacy impact assessment (PIA) to design a system, which identifies permission requirements of apps, detects the potential activities from the logger and analyses the configuration settings. The system provides a user-friendly interface for users to get in-depth knowledge of the impact of privacy risk, and it could run on Android devices without USB teleport and network connection to avoid other problems. Our research finds that many apps announce numerous unnecessary permissions, and the application installing confirmation dialog does not show all requirement permissions when apps are installed first time.
基金phased result of the project “study on the legislation of genome editing in human embryos”(Project No. 19SFB2035)National Rule of Law and Legal Theory Research Program by the Ministry of Justice in 2019。
文摘Introducing the human rights perspective into the multi-dimensional governance of human genome editing activities would help define boundaries for the behaviors of stakeholders such as the state, researchers, ethics committee members, and the public, and clarify specific practices of these subjects or entities to meet the requirements of human rights obligations. Based on the human dignity principle, humans must never be used as a means to an end in scientific research. The right to physical and mental health requires the implementation of the principles of informed consent, the primacy of life, and risk control in genome editing, as well as the proper treatment of embryos. The right to privacy corresponds to the confidentiality obligations and non-intervention obligations of relevant parties, and the protection of sensitive personal information points to the special compliance requirements regarding information processing. Differential treatment of genome-edited humans requires objective and reasonable justification, and should also meet the requirements of the proportionality principle.
基金supported by the National Social Science Foundation of China(Grant No.:10ATQ004)
文摘Purpose:This study was conducted to investigate the current situation of privacy disclosure(in the Chinese social networking sites.Design/methodology/approach:Data analysis was based on profiles of 240 college students on Renren.com,a popular college-oriented social networking site in China.Users’ privacy disclosure behaviors were studied and gender difference was analyzed particularly.Correlation analysis was conducted to examine the relationships among evaluation indicators involving user name,image,page visibility,message board visibility,completeness of education information and provision of personal information.Findings:A large amount of personal information was disclosed via social networking sites in China.Greater percentage of male users than female users disclosed their personal information.Furthermore,significantly positive relationships were found among page visibility,message board visibility,completeness of education information and provision of personal information.Research limitations:Subjects were collected from only one social networking website.Meanwhile,our survey involves subjective judgments of user name reliability,category of profile images and completeness of information.Practical implications:This study will be of benefit for college administrators,teachers and librarians to design courses for college students on how to use social networking sites safely.Originality /value:This empirical study is one of the first studies to reveal the current situation of privacy disclosure in the Chinese social networking sites and will help the research community gain a deeper understanding of privacy disclosure in the Chinese social networking sites.
基金This work was supported by National Natural Science Foundation of China(Nos.62172411,62172404,61972094)。
文摘Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Building a PII retrieval service over multi-cloud,which is a modern strategy to make services stable where multiple servers are deployed,seems to be a promising solution.However,three major technical challenges remain to be solved.The first is the privacy and access control of PII.In fact,each entry in PII can be shared to different users with different access rights.Hence,flexible and fine-grained access control is needed.Second,a reliable user revocation mechanism is required to ensure that users can be revoked efficiently,even if few cloud servers are compromised or collapse,to avoid data leakage.Third,verifying the correctness of received PII and locating a misbehaved server when wrong data are returned is crucial to guarantee user’s privacy,but challenging to realize.In this paper,we propose Rainbow,a secure and practical PII retrieval scheme to solve the above issues.In particular,we design an important cryptographic tool,called Reliable Outsourced Attribute Based Encryption(ROABE)which provides data privacy,flexible and fine-grained access control,reliable immediate user revocation and verification for multiple servers simultaneously,to support Rainbow.Moreover,we present how to build Rainbow with ROABE and several necessary cloud techniques in real world.To evaluate the performance,we deploy Rainbow on multiple mainstream clouds,namely,AWS,GCP and Microsoft Azure,and experiment in browsers on mobile phones and computers.Both theoretical analysis and experimental results indicate that Rainbow is secure and practical.
基金supported by the National Natural Science Foundation of China(Grant Nos.61672101,U1636119.6186603S,61962059)2018 College Students’Innovation and Entrepreneurship Training Program(D2018127)。
文摘It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide precise and recommending services.Meanwhile,Internet service providers(ISPs)or local network providers also have strong requirements to collect PIIs for finer-grained traffic control and security services.However,it is a challenge to locate PIIs accurately in the massive data of network traffic just like looking a needle in a haystack.In this paper,we address this challenge by presenting an efficient and light-weight approach,namely TPII,which can locate and track PIIs from the HTTP layer rebuilt from raw network traffics.This approach only collects three features from HTTP fields as users'behaviors and then establishes a tree-based decision model to dig PIIs efficiently and accurately.Without any priori knowledge,TPII can identify any types of PIIs from any mobile applications,which has a broad vision of applications.We evaluate the proposed approach on a real dataset collected from a campus network with more than 13k users.The experimental results show that the precision and recall of TPII are 91.72%and 94.51%respectively and a parallel implementation of TPII can achieve 213 million records digging and labelling within one hour,reaching near to support 1Gbps wirespeed inspection in practice.Our approach provides network service providers a practical way to collect PIIs for better services.
文摘This paper presents a survey of technologies for personal data self-management interfacing with administrative and territorial public service providers.It classifies a selection of scientific technologies into four categories of solutions:Personal Data Store(PDS),Identity Manager(IdM),Anonymous Certificate System and Access Control Delegation Architecture.Each category,along with its technological approach,is analyzed thanks to 18 identified functional criteria that encompass architectural and communication aspects,as well as user data lifecycle considerations.The originality of the survey is multifold.First,as far as we know,there is no such thorough survey covering such a panel of a dozen of existing solutions.Second,it is the first survey addressing Personally Identifiable Information(PII)management for both administrative and private service providers.Third,this paper achieves a functional comparison of solutions of very different technical natures.The outcome of this paper is the clear identification of functional gaps of each solution.As a result,this paper establishes the research directions to follow in order to fill these functional gaps.