ISSN 1008-2204
CN 11-3979/C

中国数据安全立法形势、困境与对策——兼评《数据安全法(草案)》

Situation, Dilemma and Countermeasures of China's Data Security Legislation: Comment on the Data Security Law of the People's Republic of China (Draft)

  • 摘要: 数据安全利益直接关系到数据安全立法应当保护的客体,关涉个人安全、公共安全和国家安全三个层面。中国数据安全立法存在基础问题尚未厘清,治理共识仍待推进;核心制度供给不足,关键环节监管不力;国际博弈应对乏力,立法技术有待提升等诸多困境。未来中国数据安全立法,除了要继续加强数据基础理论研究,在立法思维方面也需要根据中国当前数据安全现实问题有所调整。立法定位方面,建议立足安全保障功能,避免数据安全利益的泛化,同时处理好《数据安全法》《个人信息保护法》《网络安全法》等数据安全法律体系内部协调问题以及与《出口管制法》《外商投资法》《民法典》等安全类立法体系之外相关立法协调问题;制度建设方面,建议统筹内向安全与外向安全,强化核心制度建设;规范重心方面,建议从数据收集转向数据处理,强化核心环节规范;规范方式方面,建议兼采主体规制与行为规制,关注特殊主体;立法技术方面,建议重视立法影响评估。

     

    Abstract: The interests of data security, directly related to the objects that should be protected by data security legislation, involvs three levels: personal security, public security and national security.There are many difficulties in China's data security legislation, such as the basic problems which have not been clarified, the governance consensus which still needs to be promoted, the core system supply which is insufficient, the key link supervision which is not strong, the international game response is weak, and the legislative technology needs to be improved. In the future, China's data security legislation should not only continue to strengthen the research on the basic theory of data, but also adjust the legislative thinking according to the current practical problems of data security. In terms of legislative orientation, it is suggested to be based on the function of security guarantee, avoid the generalization of data security interests, deal with the internal coordination problems of the data security law, the personal information protection law, and the cybersecurity law, deal with the problems of legislation coordination outside the security legislation system such as export control law, foreign investment law and civil code; in terms of system construction, it is suggested to coordinate the inward security and outward security, and strengthen the construction of core system; in terms of standardization focus, it is suggested to shift from data collection to data processing, and strengthen the standardization of core links; in terms of normative methods, it is suggested to adopt both main body regulation and behavior regulation, and pay attention to special subjects; in terms of legislative technology, it is suggested to pay attention to the special subjects that depends on the impact of legislation.

     

/

返回文章
返回