| The individual’s information connects the individual and the society,and this relationship can ensure the normalization of social relations and promote the orderly operation of society.After the emergence of computers,network information techno logy has flourished,the use of personal information has become more extensive,and paper-based information and archives have been formed into electronic versions,and people’s work and life have increasingly shown a paperless trend.The advent of the era of big data intelligence,personal information is used very frequently,the installation and use of any APP requires the use of personal information,some need fingerprints,some need face recognition,in this context,security protection and the distribut ion and use of personal information is like the two ends of the balance,we must strive to find the right degree between the two and maintain a balance.As an important tool for maintaining the above "balance",the anonymization of personal information is more valuable in today’s era,in order to ensure that people can use network information normally and enjoy the convenience of the network,they can also make their private information not leaked,but anonymization is not a one-time,anonymization of the risk of re-identification is a functional "obstacle" of the anonymization system.The protection of an individual’s information is in conflict with the need to use personal information for convenience in the office,and this conflict is reflected in the contradiction between the effectiveness and applicability of the nameless resolution in the namelessness.The practicality of anonymous information and the de-identification processing will contain some indirect identifiers,which is prone to the risk of seco ndary identification.After the de-identification process,it is easy to occur the risk of secondary identification,and this existing risk may affect the anonymization of personal information,and also have a certain impact on the circulation of information after de-identification processing.Up to now,C hina has formulated relevant laws and regulations,and some information managers have solved the risk of anonymization and re-identification according to existing regulations.Under China’s current legal s ystem,normative content,including anonymity and re-identification of risks,is only listed in the "Targeted Advertising Industry Framework Standard".The Personal Information Security Specification includes an emphasis on the existence of re-identification risks,the corresponding means of re-identification risks,restrictions on the transmission of anonymous information,and periodic assessments of the risks of secondary identification.The formulation of anonymity rules by information managers in C hina is mainly reflected in two aspects,which refer to the privacy policies or trading rules they publish.From a legal point of view,the author aims to analyze the measures taken by information managers to anonymize and prevent re-identification risks,and selects JD.com’s Privacy Policy,Tencent’s Privacy Policy,and Shanghai Data Exchange’s trading rules for analysis and comparison.It is found that at this stage,the risk of anonymization and re-identification of personal information in China is not facing up to the risk of anonymization and re-identification,the laws and regulations on the anonymization of personal information are not sound,the corresponding standards are very vague,there is no need to bear corresponding legal responsibilities when using personal information for secondary identification,and there is no provision for the information controller’s obligation to prevent the risk of re-identification.The Protection of Information in the European Union,the United K ingdom and the United States and other countries started early,and the relevant legal provisions on the risk of anonymization and re-identification of personal information have been relatively perfect,which can be used as a reference compared with the situation that China has just started.Combined with the actual situation of the country,the relevant protection mechanisms adapted to C hina’s national conditions are summarized by drawing on relevant foreign legislative research.C hina should pay certain attention to the risks when using personal information;Construct relevant standards for anonymized information processing from two dimensions,implement them into corresponding laws and regulations,form standard documents,and indeed have evidence to rely on;C learly point out the legal liabilities that need to be borne when personal information is used for the second time;C larify the information processor’s obligation to prevent re-identification risks. |