Rethinking the Concept of Personal Information: Focusing on “Identification” Elements#br#

Abstract

Abstract: Target advertising technology has become popular, causing fierce debate over whether IP addresses, s, and IMEI numbers are personal information. The source of the dispute lies in the vagueness of the “identification” of personal information. Identification can be divided into “physical identification” and “virtual identification”. Virtual identification is the necessary meaning of “identification”. Secondly, identification has two interpretation approaches in Chinese: “recognizing someone” and “single out someone”. Adopting the interpretation approach of “single out someone” is conducive to providing clear applicable standards, unifying with the concept of “reidentification” in the anonymization concept, and solving the dilemma of “direct identification”. Finally, personal information can be divided into “real identity information” and “digital identity information” based on whether it can identify a specific natural person in the physical world, more stringent protection measures for real identity information will be taken.

Key words: personal information, identification, identity, targeted advertising, indirect identification, identifier

摘要： 定向广告技术大行其道，引发了对IP地址、和IMEI号等标识符是否是个人信息的争议.产生争议的根源在于个人信息“识别”要件的模糊.识别可以分为“物理识别”和“虚拟识别”2类.虚拟识别是“识别”要件的应有之义.其次，识别有“识别身份”与“唯一标识”2种解释路径.采取唯一标识的解释路径有利于提供清晰的适用标准，与匿名化制度中“重识别”的概念相统一并解决了“直接识别”存疑的困境.最后，个人信息可依据是否能够识别到物理世界中的特定自然人，划分为“现实身份信息”与“数字身份信息”，并对现实身份信息采取更严格的保护措施.

关键词: 个人信息, 识别, 身份, 定向广告, 间接识别, 标识符

李黎. 个人信息概念的反思：以“识别”要件为中心[J]. 信息安全研究, 2021, 7(8): 754-762.

References

［1］邓辉. 个人信息保护行政监管的经验与启示［J］. 信息安全研究, 2020, 6(1): 7984

［2］Schwartz P M, Solove D J. The PII problem: Privacy and a new concept of personally identifiable information ［J］. New York University Law Review, 2011, 86(6): 18151894

［3］周汉华. 中华人民共和国个人信息保护法(专家建议稿)及立法研究报告［M］. 北京: 法律出版社, 2009

［4］Article 29 Data Protection Working Party. Opinion 42007 on the concept of personal data［EBOL］. (20070620) ［20210121］. https:www.clinicalstudydatarequest.comDocumentsPrivacyEuropeanguidance.pdf

［5］郭明龙. 个人信息权利的侵权法保护［M］. 北京: 中国法制出版社, 2012

［6］全国信息安全标准化技术委员会. GBT 37964—2019信息安全技术个人信息去标识化指南［S］. 北京: 中国标准出版社, 2019［7］Miller A R. The Assault on Privacy: Computer, Data Banks and Dossiers［M］. Kolhata: Signet Press, 1972

［8］Federal Trade Commission. Ehavioral advertising, tracking, targeting, and technology［EBOL］. (20071102) ［20210122］. https:www.ftc.govsitesdefaultfilesdocumentspublic_eventsehavioraladvertisingtrackingtargetingandtechnology71102wor.pdf

［9］中国广告协会互动网络分会. 中国互联网定向广告用户信息保护行业框架标准［EBOL］. (20140315) ［20210122］. https:www.pkulaw.comchl4a1b88f235a423f9bdfb.html

［10］韩旭至. 个人信息列举式规范之审视［J］. 河南财经政法大学学报, 2018, 33(4): 5059

［11］Office of the Attorney General. Text of Modified Regulations to the California Consumer Privacy Act (CCPA)［EBOL］. (20200814) ［20210123］. https:oag.ca.govsitesallfilesagwebpdfsprivacyccpatextofmodredline020720.pdf

［12］Hong Kong Home Affairs Bureau. IP addresses as personal data ［EBOL］. (20060503) ［20210123］. http:www.info.gov.hkgiageneral20060503P200605030211.htm

［13］Article 29 Data Protection Working Party. Opinion 12008 on data protection issues related to search engines ［EBOL］. (20080404) ［20210123］. https:ec.europa.eujusticearticle29documentationopinionrecommendationfiles2008wp148_en.pdf

［14］Personal Data Protection Commission. Proposed Advisory Guidelines on the Application of the Personal Data Protection Act to Scenarios Faced in the Telecommunication Sector ［EBOL］. (20140123) ［20210126］. https:www.pdpc.gov.sgmediaFilesPDPCPDFFilesLegislationandGuidelinesproposedadvisoryguidelinesnbspontelecommunicationsector.pdf?la=en

［15］Information Commissioner’s Office. Data protection good practice note: Collecting personal information using websites ［EBOL］. (20080628) ［20210125］. https:www.ico.gov.ukuploaddocumentslibrarydata_protectionpractical_ applicationcollecting_personal_information_from_websites_v1.0.pdf

［16］李媛. 大数据时代个人信息保护研究［M］. 武汉: 华中科技大学出版社, 2019

［17］杨楠. 个人信息“可识别性”扩张之反思与限缩［J］. 大连理工大学学报: 社会科学版, 2021, 42(2): 98107

［18］高富平. 个人信息保护:从个人控制到社会控制［J］. 法学研究, 2018, 40(3): 84101

［19］高富平. 论个人信息保护的目的——以个人信息保护法益区分为核心［J］. 法商研究, 2019, 36(1): 93104

［20］杨芳. 个人信息自决权理论及其检讨——兼论个人信息保护法之保护客体［J］. 比较法研究, 2015, 28(6): 2233

［21］US Department of Justice. Overview of The Privacy Act of 1974 ［EBOL］. (20210224) ［2021228］. https:www.justice.govopclpolicyobjectives

［22］Warren S, Brandeis L. The right to privacy［J］. Harvard Law Review, 1890, 4(5): 193220

［23］王利明. 隐私权概念的再界定［J］. 法学家, 2012, 1(1): 108120

［24］洪延青. 个人数据分类的比较研究(上) ［EBOL］. (20171230) ［20210129］. https:mp.weixin.qq.comsDaGHlqLnl2Ax0g1eSbibIg

［25］齐爱民. 论个人信息的法律保护［J］. 苏州大学学报: 哲学社会科学版, 2005 (2): 3035

［26］郭明龙. 个人信息权利的侵权法保护［M］. 北京: 中国法制出版社, 2012

［27］金耀. 个人信息去身份的法律基础与规范重塑［J］. 法学评论, 2017, 35(3): 120130

［28］International Organization for Standardization. ISOIEC 20889: 2018(en) Privacy Enhancing Data DeIdentification Terminology and Classification of Techniques［S］. Switzerland: IOS Press, 2018

［29］Schwartz P M, Solove D J. Reconciling personal information in the United States and European Union［J］. California Law Review, 2014, 102(4): 878916

［30］Leenes R E. Do they know me? Deconstructing identifiability［J］. University of Ottawa Law & Technology Journal, 2007 (4): 135161

[1]	. Research on Secure Governance of Digital Identity [J]. Journal of Information Security Reserach, 2021, 7(7): 598-605.
[2]	. Real-time automatic detection and recognition of Internet of Things equipment based on flow fingerprint [J]. Journal of Information Security Reserach, 2021, 7(6): 543-549.
[3]	. Kerberos Security Enhancements Based on Intel SGX [J]. Journal of Information Security Reserach, 2021, 7(4): 374-383.
[4]	. Design and Implementation of WebSocket Sub-protocol [J]. Journal of Information Security Research, 2021, 7(1): 64-68.
[5]	. Research on the Application of Digital Certificate System Based on Block Chain in E-Government Extranet [J]. Journal of Information Security Research, 2021, 7(1): 81-85.
[6]	. Application Practice of "Personal Health Information Code" Based on Cyber Trusted Identity [J]. Journal of Information Security Research, 2020, 6(9): 0-0.
[7]	. Criminal Risk of Misuse of Web Crawler Technology and Criminal Law Response [J]. Journal of Information Security Research, 2020, 6(9): 0-0.
[8]	. Studies of the Latest Progress of NSTIC [J]. Journal of Information Security Research, 2020, 6(7): 575-581.
[9]	. Research on the Development of Digital Identity in EU [J]. Journal of Information Security Research, 2020, 6(7): 582-588.
[10]	. Prospects for the Development of Cyberspace Identity Management System [J]. Journal of Information Security Research, 2020, 6(7): 602-607.
[11]	. "Voiceprint+" based unsupervised trusted identity authentication [J]. Journal of Information Security Research, 2020, 6(7): 615-621.
[12]	. Challenge of AI+　Biometric Identification Technology to Trusted Identity Authentication [J]. Journal of Information Security Research, 2020, 6(7): 645-651.
[13]	. Research on Password Protection Technology of Intelligent Internet of Things Device [J]. Journal of Information Security Research, 2020, 6(7): 652-656.
[14]	. Research on dynamic network asset monitoring based on traffic perception [J]. Journal of Information Security Research, 2020, 6(6): 0-0.
[15]	. Identity Authentication Method Based on Blockchain Technology in Telecommuting [J]. Journal of Information Security Research, 2020, 6(4): 317-326.

Rethinking the Concept of Personal Information: Focusing on “Identification” Elements#br#

个人信息概念的反思：以“识别”要件为中心

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics