Keywords:
Right to data portability; Practical dilemma; Realization way
可携带权;实践困境;实现路径
Abstract:
With the promulgation of the Personal Information Protection Law, the multiple protection ofpersonal information rights and interests has become the focus of research. Article 45, paragraph 3, ofthe Personal Information Protection Law clearly stipulates that individuals enjoy the right to portabilityof data, but does not specify the specific scope and conditions of application, but authorizes the nationalnetwork information department to specify the specific content. Article 24 of the Network Data SecurityManagement Regulations (Draft for Comments) drafted by the National Cyberspace Administration andrelevant departments stipulates the applicable conditions and scope of the right to portability of data.However, there are still no clear guidelines on the practice of personal information portability. This papertries to explore the realization path of personal information portability from three aspects. In the aspectof personal information subject, establish the exercise mode dominated by personal information subject;In terms of information processors, the rights and obligations of information processors should be furtherclarified to assist personal information subjects in exercising their right to portability. In terms of policy,the National Cyberspace Administration formulates rules uniformly, and the competent departments ofvarious industries specify requirements, so as to achieve a dynamic system regulatory structure.
随着《个人信息保护法》的出台,个人信息权益的多重保护成为研究的重点。《个人信息保护法》第四十五条第三款明确规定了个人享有数据可携带权,但是没有规定具体适用范围和条件,而是授权国家网信部门规定具体内容。国家网信办与相关部门起草《网络数据安全管理条例(征求意见稿)》第二十四条规定了数据可携带权的适用条件、适用范围。但是仍然没有对个人信息可携带权的实践提供明确的指引。本文试图从三个方面探寻个人信息可携带权的实现路径。在个人信息主体方面,建立以个人信息主体为主导的行权模式;在信息处理者方面,进一步明确信息处理者的权利与义务,为个人信息主体行使可携带权起到辅助作用。在政策上,国家网信办统一制定规则,各行业主管部门具体细化要求,进而实现动态化的体系规制结构。