摘要
契合"放管服"改革理念的数据安全认证,在数字时代整个规制法体系中必将占据日益重要的地位。数据安全认证通过声誉评价机制,可以引导、激励互联网企业守法合规经营,可以增强用户对中小微互联网企业和新兴数字产业的信任感,可以避免"一刀切"的政府规制,可以满足社会公众多元的数据安全需求。数据安全认证机构应具有高度的独立性与专业性,防止其被互联网企业"俘获"或成为政府的"附庸"。宜实行自愿为主、强制为辅的数据安全认证模式。认证程序应强调公正透明性,认证标准应注重评价企业数据合规的制度建设。根据过错责任原则,分别设置数据安全认证机构"相应的赔偿责任"或"连带责任",并加大对数据安全认证违法行为的公法责任追究。科学构建法治化的数据安全认证体制机制,不仅是保障数据安全的现实需要,而且是弥补数字时代政府规制缺陷的迫切需求。
Data security certification that conforms to the reform concept of"decentralization,management and service"will surely occupy an increasingly important position in the entire regulatory legal system in the digital age.Data security certification through the reputation evaluation mechanism can guide and encourage Internet companies to operate in compliance with laws and regulations,can enhance users’trust in small,medium and micro Internet companies and emerging digital industries,can avoid"one size fits all"government regulations,and can meet the diverse needs of the public data security requirements.Data security certification agencies should have a high degree of independence and professionalism to prevent them from being"captured"by internet companies or becoming"vassals"of the government.It is advisable to implement a data security certification model with voluntary certification as the primary and compulsory certification as the supplement.The certification process should emphasize fairness and transparency,and certification standards should focus on the establishment of a system for evaluating corporate data compliance.According to the principle of fault liability,the data security certification body shall be set up"corresponding compensation liability"or"joint and several liability".It is necessary to increase public law accountability for data security certification violations.The establishment of a legalized data security certification system is not only a practical need to ensure data security,but also an urgent need to make up for the deficiencies of government regulations in the digital age.
出处
《法学评论》
CSSCI
北大核心
2022年第1期118-130,共13页
Law Review
基金
北京市社会科学基金青年项目“数字经济营商环境优化的法治保障研究”(项目编号:21FXC015)的阶段性成果
“中央财经大学科研创新团队支持计划”资助。
关键词
数据安全认证
个人信息保护
第三方规制
“放管服”改革
Data Security Certification
Personal Information Protection
Third-Party Regulation
"Decentralization,Regulation and Service"Reform
