| As a computing technology based on Internet,Cloud computing is often used by operators to process and manage user's personal information.Cloud computing is widely applied in all kinds of network services to improve the efficiency of personal information management.Its basic functions can be summarized as distributed storage of massive information,efficient parallel information processing and direct sharing of information data.In the process of commercialization of personal information,it is necessary to process personal information through cloud computing,so as to complete the storage,collection and combing of a large number of non-deterministic personal information data provided from different users.Operators use cloud computing to realize the deep excavation of personal information value.With the increasing application of cloud computing in the commercialization of personal information,the legal risks faced by personal information are changing gradually.The application of cloud computing aggravates the operator's infringement on the user's right to know.The operator uses this to obtain the effective control of the user's personal information.The user's lack of understanding of the service agreement and the operating principle of cloud computing has expanded the scope of the passive authorization,causing the problem of excessive authorization.Excessive authorization means that more personal information is obtained by the operator.The range of the2 individual information obtained by the operator exceeds the required scope of the service.When personal information is transferred to the operator's cloud computing system in the form of data,abuse problem appears.Operators' use of personal information often exceeds the agreed scope or necessary limits.Meanwhile,operators should bear the responsibility of ensuring personal information security within the system,including preventing personal information from the risk of loss,leakage,damage,pollution and so on.This requires operators to establish a perfect internal control mechanism.The protection of personal information in the past is limited to the protection of personal privacy by using the right of privacy.As a matter of fact,privacy protects secret personal information that people don't want others to know.While the right of personal information protects identifiable personal information which can be related a specific person.The scope of them is overlapping but not exactly the same,identifiable information is not that sensitive than secret information.The different scope of objects also determines different focuses of protection.The right of privacy pays more attention to the dignity behind the secret information,so it is more inclined to regulate the acquisition and disclosure of privacy.In the protection of personal information,the right of personal information pays more attention to the control and subsequent use of personal information,and the focus of the protection is to regulate the action of acquisition and utilization.According to the trend of commercialization of personal information,the difference between the value attribute of personal information right and privacy appears.Personal information can be divided into personal information and personal business information according to whether it is processed by cloud computing.The transformation of initial personal information to personal information for business use is actually the process of commercialization,from which network operators can gain more tangible or intangible benefits.Operators should first acquire personal raw information when providing services.Then they can analyze these information by technical means(especially cloud computing technology)to obtain personal business information.In other words,in the process of collecting,processing and utilizing3 personal information,the enterprise has paid a considerable amount of cost.When measuring the legal protection of personal information,we should admit that personal information has personality attribute and property attribute first.Then,from a fair point of view,the interest of the enterprise is a problem that shouldn't be ignored,the balance between the value of circulation and the value of security should be maintained.In the end,the public interest should also be taken into account.According to the current legal norms of our country,the regulation of civil law has gradually clarified the right of personal information.The two amendments of criminal law clearly defined the crime of infringement of personal information and provide the protection of personal information from the angle of criminal law.Newly enacted “Network Security Law” and “Law of Electronic Commerce(Draft)” actually list the obligations that operators should obey in the process of collecting and managing the original information of individual,as well as the second use of personal commercial information.As far as the whole legal system is concerned,there are still some problems in the legislation of personal information protection at the present stage in our country.The legislative experience of the foreign legal system is what we should learn.As the forerunner of personal information protection legislation,the European Union adopted the information control mode to attach importance to the personal dignity and interests.As a world leading country in information technology and network economy,the United States has adopted a pragmatism model,attaches importance to the self-control of market,encouraging enterprises to regulate their own behavior.At the same time,in the areas of highly sensitive personal information,the United States has made some specific protection measures by enacting federal bills.Compared with the European Union and the United States,Japanese legislation draws the experience of the former two,and adjusts its adaptation to its own conditions.Based on the existing legislation in China and the status of personal information protection in China,it is necessary to draw the advanced experience of foreign countries,standardize the operators' collection of personal information and the second use of personal commercial information.On the basis of ensuring the security ofpersonal information,operators should be allowed to use the personal business information processed through cloud computing legally.First,on the basis of standardizing the qualifications of the operators,it is necessary to settle the standard of the operator's obligations,and require operators taking necessary technical means to catch the user's attention and consciousness.Second,the restrictions on the use of individual business information should be established.In addition,operators should improve the internal control and safety net construction.Third,from the perspective of post relief,fault liability mechanism should be adopted.Operator should be required to compensate the infringed individual for the corresponding degree of damage. |
PDF Full Text Request