Another achievement of Shenzhen’s pilot comprehensive reforms has been implemented-the “Shenzhen Special Economic Zone Data Regulations” was announced on the website of the Standing Committee of the Shenzhen Municipal People’s Congress on July 6, and will be formally implemented on January 1, 2022. This is also the first in the domestic data field. Basic and comprehensive legislation.
The “Regulations” insists on the protection of personal information and the promotion of the development of the digital economy, and will hate everyone’s mobile Internet applications (Apps) that are “not used without full authorization”, “big data is mastered”, personal information collection willful, and mandatory personality Say “no” to issues such as chemical advertisement recommendation, and impose heavy penalties.
Personal data processing rules
On the premise of “inform-agree”
The “Regulations” establish personal data processing rules based on “information-consent”, that is, the processing of personal information shall obtain personal consent under the premise of full notification in advance, and the data processor shall provide a way to withdraw consent, and shall not refuse to withdraw consent. Reasonably restrict or attach unreasonable conditions.
For this reason, the “Regulations” specifically stipulates that data processors shall not refuse to provide relevant core functions or services to natural persons on the grounds that they do not agree to the processing of their personal data. However, the personal data shall be excluded for the provision of related core functions or services.
Users have the right to refuse to be portrayed and recommended
The “Regulations” stipulate that when data processors use user portraits of natural persons for the purpose of improving the quality of products or services, they shall clearly indicate the specific uses and main rules of user portraits. Natural persons have the right to refuse to recommend personalized products or services for their user portraits or basic user portraits, and the data processor shall provide them with an effective way of refusal in an easily accessible way.
The “Regulations” treat the personal data of minors under the age of 14 as sensitive personal data, which is clearly stated in domestic legislation for the first time, except for the purpose of safeguarding the legitimate rights and interests of minors under the age of 14 and obtaining the explicit consent of their guardians , May not make personalized recommendations to them.
Users have the right to refuse to be portrayed and recommended
Biometric technologies such as “face recognition”, “fingerprint verification”, “voice unlocking”, and “iris recognition” are widely used in public security, finance, medical care, transportation, school, payment and other scenarios, profoundly changing people’s production and lifestyles. However, because biometric data is unique, life-long, and unchangeable, once it is leaked or misused, it will cause more serious damage than general personal data.
In order to expand the application of biometric technology while avoiding the misuse of biometric data, the “Regulations” make stricter regulations on the processing of biometric data-except that the biometric data is necessary for the purpose of processing personal data and cannot be replaced. At the same time, it provides an alternative to processing other non-biometric data.
Public data should be free and open to the maximum
The “Regulations” design a top-level framework for public data governance, requiring the government to establish a city big data center to achieve unified and intensive management of the city’s public data resources. It is clear that public data is based on the principle of sharing, and non-sharing is the exception, and a public data sharing demand docking mechanism based on the public data resource catalog system is established.
The “Regulations” clearly include organizations that provide public services such as education, health, social welfare, water supply, power supply, environmental protection, and public transportation into the scope of public management and service agencies. The data generated and processed in the process of providing services are all public data. Public data should be opened to the maximum extent permitted by laws and regulations, and no fees should be charged.
Provisions on chaos such as “big data”
The product you mentioned casually will appear on the homepage of the shopping app in the next second; check in in the album, turn your head and you will see a bunch of the same items on the grass app…what you said, the photos you took, you may Long forgotten, but the Internet will always help you remember. In the era of the Internet of Everything, in the face of countless coincidences, users have suffered “data hijacking” for a long time.
On the basis of strengthening the protection of personal data, the “Regulations” explored the cultivation of the data element market, filling the gaps in the current laws and regulations related to data transactions, and establishing a data fair competition system for the first time in domestic legislation to “free ride” in the data element market. Special regulations have been made for competition chaos such as “for nothing,” and “big data”.
The “Regulations” clearly stipulate that market entities must not use illegal means to obtain data from other market entities, and must not illegally collect data from other market entities to provide alternative products or services, and must not use data analysis to impose differential treatment on counterparties with the same trading conditions without justification. . Those who refuse to make corrections in violation of the above regulations shall be fined between RMB 50,000 and RMB 500,000. If the circumstances are serious, a fine of less than 5% of the previous year’s turnover shall be imposed, up to a maximum of RMB 50 million.
With decades of development, the Internet has long passed the reckless era of reaping demographic dividends, but the logic of traffic supremacy is still there. From grabbing heads to grabbing data, from increasing increments to developing stocks, the established Internet industry has followed a similar path to expand its territory. Those who get traffic get the world, and the platform’s desire for data is increasing day by day. It is not only the need to cultivate user stickiness, but also the law of survival under fierce competition.
As a result, the restless hands stretched longer and longer, and more and more wanted to know. Avatars, nicknames, calls, friends, photo albums, search records, and memos. The moment the user clicks “Agree”, the platform obtains the key to decryption. After pulling the cocoon, it outlines a person who has never met before but is in control. . In this regard, the user unknowingly fell into the “gentle township” tailored to the platform.
The platform gets information and traffic, users gain insight and convenience, and transactions seem fair, but there are always some secrets that are overlooked at a glance. What kind of information will be collected, what is the use of open permissions, and the risk of leakage. No one can carefully analyze long-form and complicated agreements.
Informing does not mean agreeing, but no one can refuse. After all, if you disagree, you may lose your ticket to surf the Internet. From shopping to takeaway, from renting a house to taxi, from ordering food to ordering songs, food, clothing, housing, transportation, eating, drinking and having fun, all of them are struggling. Even the channels of communication with others are cut off.
An island independent of the online world is the price for users to refuse to hand over information. The personal privacy that flows to the black property, the identity background that has been hawked, and the account passwords that are stored by default, the abyss stares at you, unobstructed, and you know nothing.
Whether it is needed for development or the temptation of interest, the desire of the platform is expanding, and the user’s right to speak is compressed. The Internet makes the transaction information symmetrical, but it conceals the transparency of data transactions. The sentence “the right to interpret belongs to the platform” is enough. Can minimize the cost of doing evil.
Before Shenzhen’s heavy blow, the “Civil Code” clarified the protection of data and information rights, and the Ministry of Industry and Information Technology also issued a series of documents emphasizing the strengthening of network data and user personal information security protection; in addition, data legislation in Tianjin, Guizhou, Anhui and other places is being implemented. , Or it’s already on the agenda. As a carrier of data, mobile phone manufacturers have frequently made moves, and privacy protection-related functions have been launched.
Requests for information without a bottom line should be discovered, guarded, and rejected. When technology slides to the other extreme, when people are alienated into individuals with data pieces, privacy is exposed day by day, and no one wants to look out from the window of the Internet.