隐私政策对个人信息的保护研究

龚淋; 付翠英

doi:10.19979/j.cnki.issn10082689.2022060035

隐私政策对个人信息的保护研究

doi: 10.19979/j.cnki.issn10082689.2022060035

龚淋,
付翠英

北京航空航天大学法学院，北京 100083

基金项目: 北京市法学会2022年市级法学研究青年课题“破产法视域下互联网企业个人信息保护的践行模式与机制创新”（编号：BLS(2022)C010）。

详细信息

作者简介:
龚淋（1992—），女，重庆垫江人，北京航空航天大学法学院博士研究生

付翠英（1965—），女，内蒙古赤峰人，北京航空航天大学法学院教授，博士生导师

中图分类号: D922.16
计量
- 文章访问数: 748
- HTML全文浏览量: 250
- PDF下载量: 52
- 被引次数: 0
出版历程
- 收稿日期: 2022-06-09
- 网络出版日期: 2022-12-23
- 刊出日期: 2023-01-05

Research on the Protection of Personal Information by Privacy Policy

School of Law, Beijing University of Aeronautics and Astronautics, Beijing 100083, China

摘要

摘要: 理论上，隐私政策为用户提供了一个网站信息实践的通知，基于该通知，用户可以根据其个人隐私偏好，选择是否使用网站或在线服务，在极大赋予个人信息自主决策权的同时，有效地维护个人信息。然而在我国实践中，隐私政策作为一种公平的信息实践，并没有被认真对待。其本身因为存在诸多桎梏，导致用户的个人信息并没有得到预期的保护，例如隐私政策语言描述含糊不清、可执行性存在争议以及因为版本前后的不一致而导致的效力问题等等。隐私政策对个人信息的保护应当以满足用户的合理隐私期待为目标，并结合我国相关规定构建起本土化的具体实现路径，从而推动和加强我国互联网的安全治理。
- 隐私政策 /
- 互联网企业 /
- 信息隐私 /
- 合理隐私期待
Abstract: Theoretically, privacy policy provides users with a notice of website information practice. Based on this notice, users can choose whether to use websites or online services according to their personal privacy preferences, which greatly endows them with autonomous decision-making power and effectively maintains their personal information. However, in our practice, privacy policy as a fair information practice is not set great store. Because of the existence of numerous shackles, the user’s personal information is not expected to be protected. For example, the language description of privacy policy is unclear, the enforceability is controversial, and the effect problem is caused by the inconsistency between versions. Privacy policy protection of personal information should take the aim of meeting the users’ reasonable privacy expectation, and according to relevant regulations of our country, we are constructing concrete realizing the localization, so as to promote and strengthen the security governance of the internet in our country.
- privacy policy /
- internet enterprises /
- information privacy /
- reasonable expectation of privacy
注释:

1) 例如《民法典》第1035条第1款、《个人信息保护法》第17条第3款以及《网络安全法》第41条之相关规定。

2) 详见美团隐私政策：https://rules-center.meituan.com/rules-detail/2。

3) 详见淘宝网隐私权政策：https://terms.alicdn.com/legal-agreement/terms/suit_bu1_taobao/suit_bu1_taobao201703241622_61002.html。

4) 详见知乎隐私政策：https://www.zhihu.com/term/old-privacy。

5) In re Quirky, Inc., No. 15-12596 (Bankr. S. D. N. Y Oct. 27, 2015)。

6) Federal Trade Commission Act, 15 U.S.C. §45 (2012)。

7) 使用P3P，用户通过回答P3P程序创建的几个多项选择题，向浏览器中输入特定的隐私首选项。在请求特定的网站时，用户的浏览器会以电子方式将这些首选项转换为机器可读的格式，并将这些首选项传达给网站。当浏览器遇到具有不符合访问者隐私标准的隐私策略的网站时，浏览器会通知访问者，然后访问者可能会选择是否继续并开始浏览该网站。

HTML全文

参考文献(30)

[1]	个人信息保护课题组著. 个人信息保护国际比较研究（第二版）[M]. 北京: 中国金融出版社, 2021.
[2]	GLADSTONE J. The U. S. privacy balance and the European privacy directive: reflections on the United States privacy policy [J]. Willamette Journal of International Law and Dispute Resolution, 2000, 21（7）: 10-32.
[3]	阳雪雅. 论企业违反网络隐私政策的违约责任适用[J]. 法学论坛,2021,36(5):130-141.
[4]	SHERMAN M. Advising clients on internet privacy policies [J]. Media & Entertainment Law Journal, 2012, 29(6):49-51.
[5]	BRUENING P J & MARY J C. Through a glass darkly:from privacy notices to effective transparency [J]. North Carolina Journal of Law & Technology, 2016, 17(4):515-580.
[6]	SORAGUE R & COREY C. Preserving identities:protecting personal identifying information through enhanced privacy policies and laws [J]. Albany Law Journal of Science & Technology, 2009, 19(1):91-142.
[7]	HYMAN D A & WILLIAM E K. Implementing privacy policy:who should do what [J]. Media & Entertainment Law Journal, 2019, 29(4):1117-1150.
[8]	NORTON T B. The non-contractual nature of privacy policies and a new critique of the notice and choice privacy protection model [J]. Media & Entertainment Law Journal, 2016, 27(1):181-[iv
[9]	高秦伟. 个人信息保护中的企业隐私政策及政府规制[J]. 法商研究,2021,36(2):16-27.
[10]	TIDD R R. Privacy practices and policies:protection and confidence in networked environment [J]. Taxes The Tax Magazine, 2002, 80(4):5-66.
[11]	万方. 隐私政策中的告知同意原则及其异化[J]. 法律科学,2019,37(2):61-68.
[12]	WALDMAN A E. Privacy,notice,and design [J]. Stanford Technology Law Review, 2018, 21(1):74-127.
[13]	谈咏梅,钱小平. 我国网站隐私保护政策完善之建议[J]. 现代情报,2006(1):215-217. doi: 10.3969/j.issn.1008-0821.2006.01.080
[14]	周汉华. 探索激励相容的个人数据治理之道−中国个人信息保护法的立法方向[J]. 法学研究,2018,40(2):3-23.
[15]	BWNNETT C J. Information policy and information privacy:international arenas of governance [J]. University of Illinois Journal of Law,Technology & Policy, 2002, 17(2):385-406.
[16]	NEHF J P. Recognizing the societal value in information privacy [J]. Washington Law Review, 2003, 78(1):68-92.
[17]	杜红原. 隐私权的判定−“合理隐私期待标准”的确立与适用[J]. 北方法学,2015,9(6):51-54. doi: 10.13893/j.cnki.bffx.2015.06.003
[18]	张民安. 隐私合理期待总论[M]. 广州: 中山大学出版社, 2015.
[19]	王利明. 数据共享与个人信息保护[J]. 现代法学,2019,41(1):45-57. doi: 10.3969/j.issn.1001-2397.2019.01.04
[20]	SHELTON A. A reasonable expectation of privacy online:do not track legislation [J]. University of Baltimore Law Forum, 2014, 45(1):35-56.
[21]	肖中华. 大数据时代“合理隐私期待”主客观标准的适用[J]. 江西社会科学,2016,36(11):183-188.
[22]	OUSSAYEF K Z. Selective privacy:facilitating market-based solutions to data breaches by standardizing internet privacy policies [J]. Boston University Journal of Science & Technology Law, 2008, 14(1):104-131.
[23]	REIDENBERG J R,BREAUX T,CRANOR L F,et al. Disagreeable privacy policies:mismatches between meaning and users’ understanding [J]. Berkeley Technology Law Journal, 2015, 30(1):39-68.
[24]	REIDENBERG J R,BHATIA J,BREAUX T D,et al. Ambiguity in privacy policies and the impact of regulation [J]. Journal of Legal Studies, 2016, 45(2):163-190.
[25]	MAROTTA W F. Self-regulation and competition in privacy policies [J]. Journal of Legal Studies, 2016, 45(2):13-40.
[26]	SHELIAZHENKO Y. Personal autonomy in the information technology law [J]. Law of Ukraine:Legal Journal (Ukrainian), 2018, 24(3):183-200.
[27]	GRANMIS A. You didn’t even notice:elements of effective online privacy policies [J]. Fordham Urban Law Journal, 2015, 42(5):1109-1170.
[28]	王叶刚. 论网络隐私政策的效力−以个人信息保护为中心[J]. 比较法研究,2020(1):120-134.
[29]	CIOCCHETTI C A. E-commerce and information privacy:privacy policies as personal informationprotectors [J]. American Business Law Journal, 2007, 44(1):55-126. doi: 10.1111/j.1744-1714.2007.00031.x
[30]	PALMIERI N F. Who should regulate data:an analysis of the California Consumer Privacy Act and its effects on Nationwide Data Protection Laws [J]. Hastings Science and Technology Law Journal, 2020, 11(1):37-60.