《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 公安數(shù)據(jù)開放場(chǎng)景下個(gè)人信息匿名化處理法律標(biāo)準(zhǔn)探究
公安數(shù)據(jù)開放場(chǎng)景下個(gè)人信息匿名化處理法律標(biāo)準(zhǔn)探究
網(wǎng)絡(luò)安全與數(shù)據(jù)治理
張寒,張寧
中國(guó)人民公安大學(xué)公安管理學(xué)院
摘要: 在公安數(shù)據(jù)開放的背景下,個(gè)人信息匿名化處理逐漸成為平衡公安數(shù)據(jù)開放與個(gè)人信息保護(hù)的黃金分割點(diǎn)。通過(guò)國(guó)際橫向比較分析,揭示了我國(guó)現(xiàn)行“無(wú)法識(shí)別特定個(gè)人且不能復(fù)原”的匿名化處理法律標(biāo)準(zhǔn)在操作層面的局限性,并選取我國(guó)17省市公安數(shù)據(jù)開放平臺(tái)發(fā)布的《行政處罰決定書》為樣本,對(duì)數(shù)據(jù)開放的類、量、質(zhì)進(jìn)行系統(tǒng)性評(píng)估。研究發(fā)現(xiàn),公安數(shù)據(jù)匿名化開放尚處于初步階段,存在頂層設(shè)計(jì)缺乏剛性約束、數(shù)據(jù)過(guò)度保密、格式不規(guī)范和處理標(biāo)準(zhǔn)不統(tǒng)一等現(xiàn)象?;诖?,我國(guó)可以確立操作方法、風(fēng)險(xiǎn)檢驗(yàn)及效果評(píng)估三維協(xié)同的匿名化處理法律標(biāo)準(zhǔn):區(qū)分處理直接標(biāo)識(shí)符與準(zhǔn)標(biāo)識(shí)符的操作方法標(biāo)準(zhǔn),引入蓄意侵入者角色的再識(shí)別風(fēng)險(xiǎn)檢驗(yàn)標(biāo)準(zhǔn),以及去識(shí)別化效果評(píng)估標(biāo)準(zhǔn)。通過(guò)三重維度的協(xié)同作用,助推公安匿名數(shù)據(jù)最終實(shí)現(xiàn)“無(wú)法識(shí)別特定個(gè)人且不能復(fù)原”的法律效果。
中圖分類號(hào):D912文獻(xiàn)標(biāo)識(shí)碼:ADOI:10.19358/j.issn.2097-1788.2024.11.016引用格式:張寒,張寧.公安數(shù)據(jù)開放場(chǎng)景下個(gè)人信息匿名化處理法律標(biāo)準(zhǔn)探究[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2024,43(11):101-109.
Exploration of legal standards for anonymization of personal information in public security data openness scenarios
Zhang Han, Zhang Ning
Public Security Management College, People′s Public Security University of China
Abstract: Under the backdrop of public security data opening, the anonymization of personal information has gradually become the golden section point for balancing the opening of public security data and the protection of personal information. This study, through international comparative analysis, reveals the operational limitations of China′s current legal standard for anonymization processing, which is "unable to identify specific individuals and cannot be reverted". It selects the Administrative Penalty Decision published by the public security data opening platforms of 17 provinces and cities in China as samples to systematically evaluate the type, quantity, and quality of data opening. The study finds that due to the lack of rigid constraints in top-level design, excessive data secrecy, non-standard formats, and non-uniform processing standards, the opening of public security data anonymization is still in initial stage.China can establish a three-dimensional coordinated legal standard for anonymization processing:operational method standards for distinguishing direct identifiers from quasi-identifiers, re-identification risk inspection standards for introducing the role of motivated intruders, and de-identification effect evaluation standards. Through the synergistic effect of the three dimensions, it promotes the final realization of the legal effect of "unable to identify specific individuals and cannot be reverted" for public security anonymous data.
Key words : public security data disclosure; personal information; legal standards; anonymization; identifiers; re-identification risk assessment

引言

伴隨大數(shù)據(jù)、人工智能、區(qū)塊鏈等前沿信息技術(shù)的迭代更新,人類社會(huì)正逐步向“數(shù)字時(shí)代”轉(zhuǎn)型,數(shù)據(jù)作為這一轉(zhuǎn)型過(guò)程的核心資產(chǎn),在社會(huì)治安治理、市場(chǎng)經(jīng)濟(jì)運(yùn)行以及科研教育等領(lǐng)域中的價(jià)值日益凸顯。為充分利用政府持有的海量數(shù)據(jù)資源,推進(jìn)社會(huì)對(duì)公開數(shù)據(jù)的深入挖掘和創(chuàng)新應(yīng)用,中共中央于2022年12月頒布的《中共中央 國(guó)務(wù)院關(guān)于構(gòu)建數(shù)據(jù)基礎(chǔ)制度更好發(fā)揮數(shù)據(jù)要素作用的意見(jiàn)》中指出,數(shù)據(jù)治理在數(shù)據(jù)要素功能發(fā)揮中的核心地位。政府?dāng)?shù)據(jù)作為一種公共資源,根據(jù)數(shù)據(jù)生命周期理論,數(shù)據(jù)開放是數(shù)據(jù)生命周期中的重要一環(huán)[1]。截至2023年8月,我國(guó)已有226個(gè)省市地方政府上線了數(shù)據(jù)開放平臺(tái)[2]。公安機(jī)關(guān)作為我國(guó)政府領(lǐng)導(dǎo)下的行政職能部門,同樣掌握著海量極具商業(yè)價(jià)值和社會(huì)價(jià)值的個(gè)人信息,鑒于公安數(shù)據(jù)存在涉密、隱私保護(hù)等緣故無(wú)法直接向社會(huì)公眾開放,致使資源得不到有效利用而只能躺在數(shù)據(jù)庫(kù)內(nèi)“休眠”。

為釋放數(shù)據(jù)多元潛力,北京、上海、重慶、山東等省市在地方數(shù)據(jù)條例中已規(guī)定相應(yīng)的數(shù)據(jù)開放規(guī)制思路,即個(gè)人信息經(jīng)過(guò)匿名化處理達(dá)至法律標(biāo)準(zhǔn)后,方可有條件或無(wú)條件開放。但值得商榷的是,公安數(shù)據(jù)開放過(guò)程中對(duì)個(gè)人信息的匿名化處理并非一勞永逸,其剩余再識(shí)別風(fēng)險(xiǎn)總是會(huì)如影隨形地伴隨著匿名化數(shù)據(jù)。當(dāng)社會(huì)公眾結(jié)合其他相關(guān)數(shù)據(jù)從匿名化數(shù)據(jù)中重新識(shí)別出特定數(shù)據(jù)主體時(shí),這些數(shù)據(jù)便重新具有個(gè)人屬性恢復(fù)為個(gè)人數(shù)據(jù),并且重新受到《個(gè)人信息保護(hù)法》的規(guī)范和制約。由此采用何種法律標(biāo)準(zhǔn)界定個(gè)人信息在經(jīng)過(guò)處理后是否達(dá)到匿名化狀態(tài),成為公安數(shù)據(jù)開放的重中之重。故此,本文在公安數(shù)據(jù)開放的宏觀背景下,依據(jù)《個(gè)人信息保護(hù)法》第七十三條第四款、《網(wǎng)絡(luò)安全法》第七十六條第五款所確立的法律基準(zhǔn),融會(huì)貫通本土情境和域外經(jīng)驗(yàn),對(duì)我國(guó)公安數(shù)據(jù)匿名化制度構(gòu)建進(jìn)行創(chuàng)造性探討,探尋公安數(shù)據(jù)匿名化的法律標(biāo)準(zhǔn)、實(shí)踐方法。


本文詳細(xì)內(nèi)容請(qǐng)下載:

http://ihrv.cn/resource/share/2000006236


作者信息:

張寒,張寧

(中國(guó)人民公安大學(xué)公安管理學(xué)院,北京100032)


Magazine.Subscription.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。