Legal protection

The legal protection of the personal information

Qi Aimin Chongqing University School of law Professor

Abstract: Professor Qi Aimin is the Chongqing city law discipline leaders, as one of the pioneers of China's network and e-commerce law, jurisprudence, the legal protection of personal information has a more profound study and comprehensive. In the forum, Professor Qi mainly has carried on the detailed elaboration on the nature of personal information, content, legal protection, legislative mode, bring their own unique insights and latest research achievements. Prof. Qi first inherited from the QQ case start, introduces what is personal information, personal information such as why terrible problem, pointed out that in the modern network life people all the life information is almost secret collection, business establishments in the individual before become "transparent". Under such social background, Professor Qi from the angle of history, ethics, why the protection of personal information. Personal information protection is originated from Germany, initially mainly in response to political persecution and military massacres, development so far, which is directly related to the personal life of employment, social insurance and other important information security. Then, Prof. Qi are introduced and analyzed the nature of personal information from the perspective of comparative law, and combining with the 8 basic principles established by the OECD pointer, for information protection legislation of our country future put forward 7 suggestions: Legislative Principle of direct collection principle, objective principle, open principle, policy information quality principles, restrictions on the use of principles, safety principles and preservation principle. In addition, Prof. Qi also put forward their own insights on hot issues in real life. For example, information whether subjects including corporate and family, the dead fetus and the protection of personal information. Finally, the rule of Law Professor Qi open platform for user information sharing and utilization problems, from the development of the Internet, open platform type, user information classification, information risk aversion, access services to user information requirement, open platform providers and access to business information between rules, individual rights and transnational information the flow of legal regulation in eight aspects such as teaching his latest research results. in Professor Qi Aimin's wonderful speech after the end of the wonderful Ishi Yoshitomo associate professor, researcher, Meng Qiang, Tu Yong ago were teachers from different sides of the speech characteristic. Shi Jiayou teacher mainly from the right of personal information, personal information right to define the nature and legal protection of personal information legislation mode from three aspects, the problems of personal information protection of open platform mode put forward their views. Professor Tu Yongqian from the public sector as a personal information control perspective, expounds the unique perspective of administrative law enforcement to strengthen personal information disclosure legal consciousness, civil remedy and administrative law enforcement agencies, legal liability issues. Meng Qiang teachers on the nature of the personal information right, protection and network property qualitative problems presented his own unique insight, that the civil law of personal information protection is not perfect, the administrative law protection but privacy issues, and network real name system and the teacher was widely discussed. Finally, Professor Qi respectively on three teachers review the response, and answered the students more interested in the question of. The professor by Qi Aimin brought to the legal protection of the "personal information" as the theme of the lectures, speeches, guest comments, after the main discussion, students to ask questions in the process of perfection, in the warm applause. (editor of Berlin Liu Wei
   Speaker: Qi Aimin Professor of Chongqing University Law School
   Discussant: Shi Jiayou Associate professor of Renmin University of China Law School
             Tu Yongqian Postdoctoral fellow at the Renmin University of China School of law
             MengStrong Lecturer of Law School of Beijing Institute of Technology, doctor of law
   Moderator: ZhangYao Research doctorate civil law students in Renmin University of China School of law
   When the: 18:30 February 28, 2012
   MorePlace: Renmin University of China Mingde law building 725 room
    
    Host.We are very honored to have invited Professor Qi Aimin of Chongqing University law school, as the "civil law forum" and "Huarun snow forum" to "personal information protection law" as the theme of the seminar, please everyone with warm applause to welcome all the teacher lecture!
    
    Professor Qi Aimin:First I introduce what is personal information, is very simple, about the name, gender, birthday, height, weight, ethnic, parties and so on information associated with individual, called personal information. So much content classification to identify in law, the name is direct recognition. If in this room are called Zhang Yao, so also with the ID number, gender recognition. Therefore, direct recognition, personal information of the indirect recognition also can convert. In general, the name especially ID number is a direct identification information.
   The second problem, now personal information in Chinese why so hot? Why must the legislation? This is closely related with the Internet chat sites, such as the server can retain all the chat record. In a case happened in China recently, has attracted a lot of attention. When her husband died, the wife found "Tencent" want to inherit her husband's No. QQ. "Tencent" think, QQ is belong to the husband's privacy, the wife cannot inherit. His wife so angry and Sue, now the case is no result. So, what QQ can inherit? At least one point, QQ chat records is not inherited, belong to the husband's personality benefit object, not property, and therefore can not be included in the category of succession. There is a reason, when the "Tencent" ask my opinion said, don't want to because of his inheritance of the QQ, and that between wife and husband died, after the death of a family conflict. Therefore, "Tencent" adhere to the QQ is not inherited, I personally think that at least QQ chat records cannot be inherited.
   Electronic commerce website records all the shopping habits, in addition to the daily commodity purchase, more special is that a lot of people to buy a special commodity, a feature on sb. These will be judged.
   In the Cookie problem, a Cookie is a technique used to improve the speed, but Internet users browse, download, upload, stay and other information will be collected. Browse through the Webpage Cookie record, we can identify the person is what kind of browser privacy person.
   Now the very hot FaceBook records all the friends, if friends which most of them have a common point, such as six friends in five cat abuse. So, it will be judged from the friend relationship, exposed to personal privacy.
   There is one we love to hate, is anti-virus software, as long as we get the Internet must be used. However, every antivirus software is the scanning disk. So, don't listen to "360". In the "3Q war", I say a few opinion the objective of "Tencent" is advantageous. "360" think "Tencent" scanning disk, but "360" do not scan? In fact, the "360" in a desktop application, as long as the installation will be on the computer hard disk scan, because do not scan how classified?
   So, overall network life let our actions, ideas, activities, as long as the record will be commercial organizations collect recorded, even if it is wrong to browse will be recorded. Business institutions through data mining, to send you targeted advertising, determines the production location and the direction of their. However, for the drugs would label us, namely individual transparency. This is China's Taiwan scholars often mentioned "transparent" concept.
   Why the protection of personal information? The first computer several claims, the first argument is computer generated in 1931 to 1947. The first large-scale use, Hitler with the household registration information Jewish computer analysis of IBM, the holocaust. The Japanese invasion of China, they did not Chinese information, do not know who is good who are non citizen. However, the German film Holocaust fragment, all have no voice, quiet German police go directly to the jews. Because the computer technology is used to analyze the Hitler Jewish household, so he knows what a, who, even a door live is Jewish, which is a few people. So this is why the origin of "personal information protection law" in Europe, originated in Germany, the direct cause. On the far point, which is why in the protection of personal information on the biggest difference between Europe and America. The European human rights point of view of personal information, American thinks I don't abuse OK, as long as not abusing is legitimate.
   The second aspect is the personal information is not only related to the personality of peace, privacy leaks, also relates to employment, promotion, accept relief. This case is the first case of hepatitis B discrimination, diagram of the boy gained favour. In fact employment should not detection of hepatitis B, which belongs to the personal health information. Although this case won his way, but still very difficult. So, we study the "personal information protection law" will be for what information can be collected, what information prohibited from collecting the answer.
   Third questions to you on this personal information is what? The first theory that personal information privacy, this is USA claims; second is the German civil law advocates personality; third propositions are property, this is our professor Liu Deliang special claims. At the meeting, Professor Liu said: I and people are good friends, but I strongly disagree. What is the personal information? Especially the personality right law in the hot, including Mr. Wang Liming, have invested enormous attention. I say a small joke, when I was in the "personal information protection law", find the German legislation. But, I only know English found English template. I let my postgraduate translation finished, I'll check. The students get the second day after the German model told me not to personality right to privacy to protect personal privacy. I see is privacy, then think this is English version, English translated. There is a problem I found on the web site, is that in the eyes of the British or Americans, privacy is civil law personality, so they will put Germany's personality as American privacy. Later, I also made some investigations, including consulted the professor Zhang Lian Trier university graduate, he thinks this word interpretation, Germany has no privacy, is the personal information as a field protection. Personality, this concept is not USA method. American law privacy includes personality, is protected with a personality for the protection of people. Therefore, controversy or confusion, many scholars in our country only know how to English, so the word confusion.
   I think, for American privacy, but does not apply to Germany, but not suitable for China. Personality, suitable for Germany and Chinese. I cite a simple example to prove my point of view, such as open and in our view of things is not privacy, then in the marriage of information online login is the privacy. If a man writing height 1 meters 83, but there is a spoof wrote 1 meters 38. So, not only you don't find a wife also want to tell him. And you tell him what? Is 1 meters 1 meters between 83 and 38 have the personality down? May not exist, if changed 1 meters 68 will not exist. So, it is not only personal information privacy, but also including the part information disclosure. Property is I strongly disagree, I later also specifically.
    
   At present, the international community to protect the people of society, from the first principles of cut. We review the basic protection principles established by OECD in 1980.
   First, the principle of limited collection. Restriction is necessary, do not exceed this range collected.
   Second, the information content complete, correct, Shi Xin principle. The new is said to be timely, up to date, don't let it out.
   Third, information using the objective principle.
   Fourth, the principle of using. Limit network is limited purpose, and the purpose is the purpose and scope.
   Fifth, security protection principle. The requirement of personal information (of) physical, technical, safety protection system, preventing it from being leaked, tampering, loss. For example, computer room cannot be burned to the fire, etc..
   Sixth, the principle of openness. The controversial, namely open, it is the principle of public policy. Is that how to collect the use of personal information, objective, method, will use two times, two times using and transmitted to the who, will the multinational, these measures require public.
   Seventh, the principle of individual rights. The individual is entitled to personal information, what rights not expressly listed.
   Eighth, the principle of liability. The misuse of the collection, processing, information, need to take responsibility, compensation.
   Clear from the legislation of the traditional civil law, personal rights and liability system is not only the basic principle, two basic system.
    
   Here I will try to make some sort of basic principle of our future "personal information protection law". I think that China's "personal information protection law" should take the following seven basic principles:
   First, the principle of direct collection. The principle of direct collection refers to the personal information should be collected directly to me. Only the personnel have the right to decide whether to provide their personal information. There are at least three exceptions: 1, impossible (missing); 2, disproportionately expensive; 3, may endanger the public departments perform their tasks or to fulfill its task difficulty, such as the investigation organ arrested suspects, if asked to be collected in advance will act rashly and alert the enemy.
   Second, clear objective principle. Objective to define principle refers to the personal information must have a specific purpose at the time of collection, and should be the objective of public. Prohibit the collection, processing and use of personal information beyond the scope of.
   "Special purpose" of the state organs is according to perform their duties, exercise the functions and powers need processing and use of personal information to the. Commercial institutions is the specific objective identified before personal information is collected by the relevant departments, need to agree. The personal data protection law of area of our country Taiwan, I remember is inside computer processed personal data protection law enforcement rules 1995 listed 110 specific purposes, such as the specific purpose of school to collect personal information is the student status management. Objective to determine the specific must notice in the Webpage on ifeng.com, such as web sites have a personal information collection policy, and now many large sites are listed.
   Third, the principle of public policy. As noted above, the principle of public policy refers to the personal information collection, processing and utilization of policy, should be kept open, collection and utilization situation I have the right to know personal information. It is emphasized that the public does not refer to disclose personal information, content, but the personal information collection, processing and utilization of the public policy, information content is to be kept confidential.
   Fourth, the principle of information quality. Specifically refers to the personal information should comply with the specific purpose, integrity must be correct and timely, in particular purpose range. This must be collected in the objective scope, if crossed the purpose is tort, objective (range) is complete, correct enough.
   When it is difficult to do, the Ministry in the guide of personal information, many enterprises are opposed; but the new global rule, must guarantee. "The provisions of article e fifth America privacy law": "the administrative organ in the decision of any person, the use of records, shall be correct, current and complete, in order to allow it to make decisions, to ensure the fairness of the has considerable personal."
   Fifth, the principle of using. This is also related to the objective, refers to the personal information should be strictly limited in the collection of the objective scope in use, not for the purpose of collecting used outside. But the principle of exception, exception in many cases have legal confirmation and lists, not by the enterprises themselves, for example for personal material interests. China's Taiwan "Personal Data Protection Act" provisions of article fifth: "the use of personal data collection or, should the parties to respect the rights, in accordance with honest and credit as necessary, shall not exceed a specific purpose."
   Sixth, security protection principle, refers to the protection of personal information should be in a safe, avoiding the leakage of personal information, and improper use of accident loss. This point, "the German Federal Personal Data Protection Act" provisions in great detail: A, entrance control, B, C, export control, input control, D, user control, E, access control, F, relay control, G, investment control, H, I, commissioned by the regulation, regulation, transport, J organizational control. Keep personal information theft, tampering, destruction, loss, sell or leakage. This whole thing is, there is some system technology, some information ethics.
    
   Range next to you body said information, this point is disputed. Basically I think information is a natural person subject to produce personal information, in other words is the person that these information to. Why to define the subject of personal information? Because of the personal information in the legal relationship of subject, information and information control (who is in control of our personal information), we are confronting with the information controller. The reality may be more complicated, because the information control is often the information is subcontracted to information processing.
   The first argument is a legal entity is subject to personal information? The legislative cases in Austria, Norway, Luxemburg and other countries will be subject to the provisions of legal person of personal information. Their "personal information protection law" is called a data protection method, not only the protection of personal data, including corporate information, this is their homogeneity.
   But I still favor the protection of personal information subject to the natural person. The reason is, first of all natural information protection originated from the personality of natural person and legal protection theory, there is still some controversy. I don't think the legal existence and natural man the same personality right; second, corporate information, function and value and natural person is different, some corporate information, should by the civil law (regulations on trade secrets, technical know-how,) and anti unfair competition law protection, is that people are included in the law on the protection of confidential information intellectual property, open those (such as the case of Guilin, there is a supermarket to hire personnel to go to another supermarket prices copied) so you need to use the law to protect; finally, legal person to obtain data protection law to protect its data, it must agree to corporate information (including trade secrets) declare to the competent authority. Not only do not protect corporate data, but easily lead to leakage of corporate business secrets.
   The second argument is related to the personal information. Comparison on the exclusion of the legislation, the British in 1984 "data protection law" stipulates: "the personal data is composed of a living person information"; 1995 Taiwan China "computer processed personal data protection law" also stipulates the enforcement rules, an information refers to the natural person life information, not including the already dead. Of course there are contrary to legislation, such as the Council of Europe on 1992 "Council data protection regulations" of the revised draft stipulates: "the personal data refers to any information relating to an identifiable natural persons, not limited to the processing of the form of information, including any kind and any form of information, as long as this information is relevant person, whether alive or dead; and as long as this person or persons can be identified."
   In this regard, I think that although the deceased has no qualification, but a lot of personal information was left with the objective existence. This personal information is not only related to the dead, and relating to the dead person, but also relates to the normal social order and good customs, these basic interests not legislation ignored. Therefore, the legislation does not need to stick to a theoretical distribution and give up the reality of the need to protect the interests of the deceased left, should be included in the scope of protection of personal information.
   The third point is about the fetus personal information. Fetal Is it right? People this is controversial, some people think seventh weeks pregnant pain is the human, some thought to be more long, our country related to the family planning policy, not seventh weeks. In my opinion, the natural person begins with birth, the fetus before birth diagnosis information and personal information, should be regarded as the mother to protect personal information. If a mother is the star to write his memoirs, written in the womb is the son how, causing the child very depressed, the child can prosecute? Here I add a point: the family's personal information can be cross, fetal information is he from the parent adult personal information, is also the mother of personal information, cross. Between husband some information must be cross. There is a debate, the family should be as the subject into the "personal information protection law", which we do not agree with. American privacy law also made clear provisions on the subject of personal information, "'personal' refers to American citizens or permanent residency in American legal recognition of foreigners.".
   The fourth point is whether foreigners as "personal information protection law"? I think the problem is a multinational is complicated. For example, the tangible property is not divided the national, such is not the fact: catch a pig to Arabia will certainly become nightmare, there is not the property of swine. Therefore, the protection of personal information to foreigners I think is mainly based on the equal protection, personal data protection law on foreigners the same protection does not think foreigners domestic subject. "Personal information protection law" is the implementation of equal protection for foreigners to personal information through foreign terms.
    
   The following fifth problems, this paper introduces a new type of civil rights -- the right to personal information for everyone.
   The three theories: the "ownership", "privacy", "personality right", of course we agreed on "personality right". First look at the "ownership" impression Shanghai, some scholars claim this view, the most powerful advocate is Professor Liu Deliang. I do not agree with this view, I cite a simple example: 1000 the individual's personal information, sold 1000 yuan. Excuse me, if the property, you should get much compensation? If that property rights, will only make you get a piece of money compensation. Then what happened? Personal information Is it right? Property? Until now there has been much controversy, I offer two clues, for your criticism. Article 1: personal information is the object of personality right, the right to the name of the personal information right, belonging to the right of personality; second, to control personal information managers, they collected information from a personal information database, the database on the right is the property right of intellectual property rights, this right is controlled by information controller. So, a lot of personal information rights as property rights scholar, is to confuse the information control personal information right and the right opposition.
   Second kinds of "privacy", as we have said "privacy" is suitable for American culture and American legal system, but not for Chinese. Here to give you an example: in the process Chinese abortion is privacy, but decide whether abortion is not privacy. In USA whether the process or decide whether abortion, it is privacy. So, it is very different in civil law and USA notions of privacy.
   Third kinds of "personality right", we believe that personal information is the embodiment of the general personality interests, protection mode of personal information protection should take the right of personality. This view is mainly absorbed the German claims, but Germany is that general personality right, based on the development of a constitutional case formed the "right to self-determination", so in Germany is a constitutional and civil rights based on common.
    
   Personal information rights as a new personality right, including the following:
   First, information decision -- I can directly control and dominate their personal information, and determine their personal information is being collected, processing and use and in what ways, purpose, scope of collecting, processing and utilization of rights. This right, also is the German Constitutional Court precedent established by "the right to self-determination".
   Second, the right to confidentiality of information -- I can request information control to keep personal information privacy rights. In this regard, you may have a problem: violation of confidentiality is the information out or letting others know about the content of the information? Here America one case, American a mother-in-law to see the future son-in-law, she went to a community survey, the mother-in-law check community information to his son-in-law, son-in-law had a criminal record found. What did she see? The staff also refused to start recording with her, said I will not give you see personal information, or in violation of the "law of privacy" I was laid off. The old lady is very persistent, said that if he had a criminal record you blink, I will go. Staff winked. Because a blink of an eye, then suit, his work is lost. Because, to divulge individual information content constitutes the leakage of personal information, requirement is more stringent.
   Third, information inquiry right -- I can query their personal information and related processing, and demanded the right to reply. This is the basis of the right of personal information, even if the person has what information do not know, can not exercise the right of personal information. Once the query to the personal information, if it is found that the error will have the following information right of correction.
   Fourth, information correction right -- I can request information controller subject to incorrect, incomplete, not to the personal information right to correct and supplement. Corrections and supplements are two aspects for the wrong and missed, so in some countries and the personal information right of correction is divided into two. We can in one.
   Fifth, the information blockade right. When we think of personal information is wrong and information control that is not wrong, is controversial, there is controversy to personal information to be locked up, who can't use. The so-called blockade is to limit the further processing and use of personal data for the purpose of personal data with specific "symbol", after adding symbols are no longer in use.
   Sixth, information delete right -- is that the statutory or contractual reasons, I can request information control delete personal information rights. For example, the agreed contract is appeared, information can be deleted.
   On the right of personal information, a conclusion is given, the right of personal information is a kind of personality, but it is different with the traditional right of personality in the aspects of object, content, exercise (such as the right to privacy, Xiao Xiangquan), plays an irreplaceable role in these rights, is "a new personal information protection law" should be confirmed by independent rights. One difference is the largest: the traditional personal right is a negative right, and the right of personal information is a positive right, may request the query, corrections, blockade, delete, so this is the biggest difference.
   Because of the time, the special field of the legal protection of the personal information we will not discuss.
    
   I want to give you open legal rules platform user information sharing and utilization of the latest research report, has eight aspects: from the beginning of the Internet development stage, to the legal regulation of transnational flow of information.
   First, the Internet development stage. We briefly review, 1995 USA Internet began to open, the military into civilian, this stage is the access is king. Until about 1998 that content is king, "Sina", "Sohu" produced. Around 2004 King application, content gradually diversified. Since 2010 the service for the king, they are to meet the needs of users as the core. But there is a world of difference: the king application is to make the whole, there are a variety of services for the king; is to build an Internet platform, open platform, all businesses can buy the thing, also is the Internet from the store into the store, there are more businesses to meet everyone. For example: "Tencent" open platform, can access, video games, electronic business affairs can. The forefront of open platform is the question of the beginning of Facebook, not open to the users, but for businesses to open. "Tencent" user amount is large, then the game will be on the "Tencent", "Tencent" after the money will be divided into, "Tencent" is not the development of risk.
   Back to our topic classification, there are three types of open platform. A single application of release of the open platform, 360 belong to this; one is the application of publishing and information interaction of open platform, "Sina micro-blog" belongs to this one; there is a sharing of traffic and users of open platform, "Tencent" is this a. These are only theoretical model, but they are actually interacting together, is to see it as to which one.
   The user information we are divided into two categories, one is the personal information, there is a category of information service, this is red all the software industry, information industry. As for our computer or inside the cloud, I expect that after five years of computer memory, hard disk does not need, we need a keyboard can be. As all things are "cloud", namely the provider's servers. Now the cloud technology, a lot of people do not feel safe, which is similar with the farmers feel that put the money in the pot than putting safety in the bank. Then to what the cloud? If all the Chinese have their own data to Microsoft, will affect the national security. Why focus on personal information? Because it relates to national security.
   What is called open platform? Such as "Tencent" account, at the same time can board the renren. This shows that Tencent and Renren is open platform, there are many other. Information risk, how to avoid?
   From the perspective of the enterprise: first, there must be a contract. This implements the principle of informed consent, there are three options on the picture (access to your personal information, friend relationship, sharing of content to your micro-blog, get your comment), but the Internet has Da Shanggou, only "authorized". But this is the format of the contract, must through the courts, which is one of the most unsafe.
   Second, the red line rule, eliminating the use of a collection of software to collect user information in a computer without the user's consent. Including personal information and other information, such as user computer academic data, business data, the paper, design etc.. But now in China, this point also not to. Chinese now is "information heaven" of the country, as long as the happens online, as long as the QQ session is recorded. If you open the roaming function, which is agree with you chat records stored on his server, or how it would be roaming function? If it is stored in the hard disk, there is no roaming function.
   There is a little more important to the enterprise, and use of personal information anonymization. Anonymous processing, such as analysis of the first grade university male students like to use Head and Shoulders can direct marketing, then a boy will receive the purchase Head and Shoulders mail.
    
   In an open platform, important is access to business problems. What information platform providers can or should give platform access providers? For example, released in the one-way application open platform, only need to provide the number of downloads and ranking non personal information: for example, "interactive personal information does not require 360" open platform application. "Application release + information interaction" open platform, such as QQ account can board the "Sina micro-blog", that is to say QQ has already put the password to the "Sina micro-blog". Sharing traffic and users of open platform, you need to share the user registration information, information and social information, for example: "Tencent", "Renren", "Baidu" etc..
   On this issue the friends of information, I think that will be the case. Friendship is certainly not to display, or people's privacy is not guaranteed. Network real name and attention to business, it must be implemented as soon as possible, promote. Because the network space is not space, social space, but the rule of space. The Is it right? Said even the food we buy all need the real name system? The real name system just for background is easy to manage, if made after the public security organs can be found by the real name system, but in the Internet trading, exchanges are not real, can use many accounts of their own, can change. Our country in this aspect has also done a lot of efforts.
   Another question, between providers and access business platform information rules: including specific rules, objective minimum proportion principle, the principle of informed consent principle, information quality, safety protection principle, principle of public policy, around the information rules ahead of us are mentioned. The smallest proportion principle is said to be platform providers provide access provider is most necessary personal information, at least.
   How the personal information right mechanism? One is the choice of exit opt-out, one is the choice of entering opt-in (unless I agree to collect). So, choose the exit mechanism is possible for the information industry, more relaxed. We generally that the application of opt-out mechanism.
   The last question: the rule of law in international information flow. We know that in the information society, the free flow of information is inevitable, but after all, and the National Information Sovereignty serious collision. When information occurs in transnational flow, we believe there are at least three conditions, first, based on the contract or similar contract purpose: for example, in the stage, negotiated contract fulfillment service stage, after the stage of confidentiality, can transfer. Second, the legitimate interests of the transfer unit based on interests and damage, lack of information subject. Third, based on the information subject to subject themselves to, information can be delivered.
   The flow of information between national sovereignty, so even if meet the licensing conditions in the following conditions, also banned the transfer.
   The first, involving significant national interests: such as online raise a Babel of criticism of the dragon fish, dragon fish that is genetically modified soybean. About genetically modified products, Shanxi grew a lot of genetically modified corn, three years where the mouse disappeared. There is a message to say: Americans, white people think yellow brings great pressure to the earth, so they put GM into asia. Why? Because GM of white without too much damage, but the Asian genes may not stand, I hope this is just rumor. The genetic information we will certainly involves the vital interests of the state, can not be transferred to foreign. Many hospitals abroad to China that can free blood to see if there is no disease, actually this is access to genetic information, so there are many projects have been Chinese government success.
   Second, the international treaty or agreement has special provisions.
   Third, to accept the country to protect personal information not perfect laws and regulations, may damage the interests of the subject of information. For example Chinese, why are there and Chinese trade? Because we are the importer exporter of information, information products, we rarely get America, Britain, Japan and other countries of the personal information, we are the output of their personal information to buy family information products.
   Fourth, to weave method to the third country (region) to avoid legal rules the transfer of personal information. For example, our information cannot be transferred to Zimbabwe, the French came to Zimbabwe. The evasion of law also prohibited.
    
   At present I want to give your summary:
   First, personal information is a matter of human rights, fundamental rights (employment, medical and other personal interests). For example, the electronic medical record possible, is on the left side of the kidney has a problem, but hackers a black into the kidney problem. A good kidney open surgery. This shows that involves personal material interests.
   Second, attributed to the legislation, is not possible to say that the establishment of human rights law to protect personal information, then it is the civil law and administrative law. Specifically, civil law first confirm the personal information of the civil rights -- the right of personal information status.
   Third, the right of personal information is not only a personal problem, but also relates to national sovereignty; the protection of the rights and interests is not only a phenomenon, but also to the development of information industry of the whole. For example American personal information protection should be relaxed, so the credit industry far more than europe. I now began to prepare credit measures, no serious credit industry. From the personnel needs, need more a person with breadth of vision to pay attention to. Chinese government and enterprises need special talent in this area.
   Today I will speak so many, say wrong place please correct me criticism.
    
    Host.Teacher Xie Xieqi wonderful speech. Next, please Shi Jiayou teacher first review.
    
    Shi Jiayou.The legal protection of the personal information is very important. Now for the protection of personal information is not just as one wishes, misuse of information happen every day: such as the car insurance, one month before the expiration of the insurance, may receive hundreds of advertisement telephone. Of course, many are the same insurance company, this information must be a leak from the 4S store. Information illegal collection and transfer happens every day, this kind of behavior of commercial institutions must be standardized. Said in front of the legal purpose, the principle of proportionality (appropriate means, safeguards), these is the premise of personal information collected. In this regard, our research is lagging behind, in the formulation of laws should think of these first.
   Listen to the teachers report I was inspired, especially the problem of information protection open platform mode, I said three points: first, how to define the nature of rights. At least I don't agree with property right, right of personality may be relatively close, but the property can be excluded. From the view of comparative law, many foreign case, the collection of personal information are not for the purpose of property. For example, DNA gene information. 09 years of European human rights case: police in Manchester arrested two suspects, blood samples of DNA and database records than the previous, the two person was acquitted after the destruction of DNA information for police, but the police refused to say there is no such precedent, not required the destruction of information. The two will be the British police to the court of human rights according to the Convention on the rights of the eighth, that his private life received infringement. Court of human rights that British police save innocent people DNA is illegal. Other information, such as Europe and the USA passenger flight information such as name of PNR, but not the right of property. So, certainly not a property.
   If in accordance with the civil law two property and personality, and personality right close, but whether it is the right of privacy, I do not think a good. I agree with the teacher's point of view, we may treat personal information can not be like America treat privacy like. The concept of European Private life may cover the majority of personal information. So, in most cases you can invoke the eighth privacy protection in Europe, may be more in line with the concept of private life, not in the narrow sense of privacy. The difference lies in the concept and sense of privacy, rights, interests and the relief way is different, the protection of privacy and the infringement of personal information is not the same, so the protection measures are not the same as. So, our country in the formulation of legislation of personality in the civil code, how personal information embedded in it is worth considering, protected with traditional privacy may be defective.
   A problem still exists, all scholars all know the importance of protecting personal information, but how to define the personal information? There is debate on the definition, this is not surprising, in foreign countries, it is also hard to. In the Internet age, whether browsing habits, Cookie, positioning system is personal information? In France for the IP address is the personal information have arguments: the judgment of the court of appeals that the IP address is not personal information, and information and Freedom Committee (individual agency in charge of information protection) that IP address is a personal information. Therefore, judicial institutions that is not personal information in a sentence, and another administrative organ that is; the legislation Congress has not a draft legislation, tend to view the IP address is a personal information. In our country it is difficult to define the personal information, including the Liu Deliang teachers believe that the IP address is not protected, not considered personal information. Therefore, in legislation in addition to define the nature of personal information, must take into account the practice is good judgment.
   The third legislative models, my personal view is to take the protection of civil law and administrative law protection mode, in many cases to make infringement institution shall bear the responsibilities in the public law of the state, individuals to take civil action ability to infringement is very weak. Europe is generally taken to administrative protection mode, so it must take the civil law protection mode +. Second, in view of the legislation, even though the civil code can make provisions, but the special law, law make separate legislation is necessary, should be like the other countries or area of our country Taiwan to make "personal information protection law" is very necessary, because others "personal information protection method" are the seventy or eighty hundreds, can not put all the content on the civil code. So, it is the special law and basic mode.
   I said so much, thank you!
    
    Host.Thank you for stone Jiayou teacher comments! Please Tu Yongqian researcher for review.
    
    Tu Yong qian:I have been listening to, feel very rewarding. In this field, I may be common law information more, from the front, Mr Qi, stone lectures, comments, I pay particular attention to relief for infringement of personal information. Last July, a large number of stolen personal information was sentenced case in Fengtai District, not long ago in Shenzhen also have a large number of recorded personal information CD ROMs sold captured, has been like this, because the collection of personal information is very convenient. Relying solely on civil law can only be made based on the definition of personal information, how to remedy is a big problem. Now, I think the mass violations of personal information is the public sector and commercial institutions, is Mr Qi said information controller. They aren't very good for information control, resulting in leakage of information, this is we must strengthen the strict management areas. Jiangsu, Shenzhen has been devoted to the development of the personal information protection regulations related, at the national level has not, so we need to develop a national level of the "personal information protection law", to restrain public institutions, businesses illegal use of personal information behavior.
   The protection of some personal information is to be able to do things, such as mobile phone spam shielding. So if the technology can do, why not do it? Future in the development of "personal information protection law" or similar administrative regulations, to focus on the regulation of the public sector, the business sector collect personal information, the personal information of a series of procedures transparent, clear legal responsibility, strengthen legal consciousness.
   In the civil relief, relief after I have to think a lot of people's information disclosure? But information is disclosed only, did not cause actual harm how to remedy? Public interest litigation? So, I have been considering how to protect the rights of victims, to seek the legal relief way where? I think the question I want to further reflection, I talked about here today, thank you!
    
    Host.Thank you tu researcher comments, please teacher Meng Qiang review!
    
    Meng Strong:Today to listen to teachers lecture, harvest a lot of logic, Qi teacher very clear, short and strong, PPT language do well worth learning. I'm talking about some of the views: firstly, about the "personal information protection law" and the right of personal information. "Personal information protection law" from the name of view, much like the "law on the protection of minors" and "women's rights and interests protection law", is to say this is absolutely not the pure civil law, administrative law protection but privacy, he said these laws is absolutely necessary, public authorities from the point of view of management is necessary, but can finally return to basic civil rights protection. The nature of the personal information right, certainly not ownership, discussing this need and brother Liu Deliang. Because the civil law for the definition of the ownership, is built on the material basis, personal information is certainly not the object. So, the right of personal information and intellectual property rights, certainly not with property to understand. Qi teachers personal information right as common interests of personality, personality interest if the general personality right of general personality right is corresponding, general provisions, in general terms, is the specific right of personality is not, then the general personality right. But I think, protect the right to personal information can be incorporated into the right of privacy. In our country, foreign legislation following is very open attitude, while the absorption on the frame is a frame of the continental law system, but in the construction of the specific system of the Anglo American law system is not conservative, independent director system such as the company law in Anglo American law. The right of privacy is the same, in USA privacy is the most developed, it remains untouched right from the right, personal alone, up to now has been developed to decide the right of personal affairs, range is very wide, our research is toward this aspect development. From this perspective, the personal information can be differentiated into privacy, of course including portraits and other. So, the right to personal information to be able to return to the right of privacy, the scope of protection of personal information back to the scope of protection of privacy.
   Qi teacher QQ inheritance case is also very interesting, to this case and similar cases together, qualitative problems about network property. Her husband died, his QQ number can inherit? Chat is dependent on QQ number, if you have a QQ number will naturally find records. A teacher in University of political science and law for the front time please people go abroad to Sina, because he opened the blog in Sina hair some articles, he no longer wrote, Sina administrator deleted some sensitive articles written in front of. He believes that although I had never written, but does not mean that I had put on the no, my permission to delete articles if violated my rights to the property without? I think, the case is the same, the qualitative depends on the network property. If allowed to use micro-blog, No. QQ, we define the absolute property right, then thought the QQ like property can be inherited; but if it is not property rights, but the contract creditor's rights, allowing the virtual space provided by our company in a certain period of time, after the expiration or certain conditions I withdraw, it would not property rights cannot inherit. QQ chat record actually and life before the letter, if that letter to inherit, then QQ chat records can also inherit. So this is not the unique problems of personal information, but relates to the network property qualitative problem.
   And all the teacher talked about family and other personal information, which is related to the right of privacy in common or joint privacy issues. There is a little Qi teachers agree with network real name to make, we are very concerned about this problem. Theoretically speaking, this is not a problem, network real name system is to have the network supervision and control of the third party to provide real, does not affect on the network anonymity, just a dispute can find you. But, I think in the China now under the network environment, not suitable for Internet real name system. Because if our law enforcement agencies not to a certain civilization, public power is a double-edged sword, sometimes take the initiative to find the man, so he as the athletes and judges the network environment is not suitable for network real name system.
   I will talk about these immature view of teachers, thank you!
    
    Professor Qi Aimin:I'll respond to that the teachers review, thank the teachers review.
   First of all, my first response stone teacher perceptions. Like stone teacher mentioned above, I also advocate "personal information protection law" should be separate legislation. However, the legislation of our country with limited resources, such as personality right law, the civil code is not vertical, "personal information protection law" involves all aspects of the attitude, so the "personal information protection law" has a long way to go. In order to make the collection of personal information by using the protection law, we should take the first step, first into the personality right law, after the formulation of the civil code and then into the civil code. This is the role played right. Future conditions are ripe, formulate personal information protection law "".
   The issue of compensation proposed by Prof. Tu Yongqian, the compensation mechanism in the "personal information protection law": if they can prove that the damage is much, can give compensation; if cannot prove or very little damage, the statutory compensation system, as long as the win will obtain the legal compensation. China has no legislation, so no, but Germany, China's Taiwan region are taking this approach, Taiwan seems to be twenty thousand new.
   Mr. Meng said, personal information contained in the category is not limited to privacy, privacy is too small, American privacy concept has not come into the civil law system in china. "General principles of civil law" has stipulated the privacy, the Supreme People's court also explains the scope of privacy, privacy in our country only so big, and then expand it to America law on privacy, then the two privacy will fight. Another problem is that the QQ case, inspired by Meng teacher I had a new idea. On the QQ may not be the property, because when we say it is if the property is very dangerous, the property only two types, one is a kind of real right, intellectual property. The world only these two kinds of property, this is absolutely right. There is a view that creditor's right is property right, but I don't agree with this view. On this question, Zheng Chengsi and Mr. Liang Huixing have also been controversial. QQ, as the intellectual property rights, is Tencent; while for the property, it is not the object, so it is difficult to put into the category of property. Letters for paper, so it can be classified as object, inheritance can at least help the body of information to property.
   Listen to the experts comments I really have the harvest, also found a lot of the need for further research to strengthen aspects, thanks!
    
    Host.The students have what problem can be the teacher and the Qi to communicate face to face!
    
    Science Students:My current personal information protection started relatively late, so in a lot of personal information has spread out of the case, the personal information protection legislation to curb? How to find my personal information tort person? How to carry out relief and protection? See European market share personal information infringement judgment may, in this way the Chinese feasible? There is a problem, establish the right to relief measures, legal compensation for what you just said to prevent and curb effect?
    
    Professor Qi Aimin:This is a very good question. Now we are in the "information in paradise", a lot of information that we are being mastered. The legislation would not say have destroyed, have our default is legal, so the key regulation have not illegal use, can only use, transmission in a limited range, not illegal transfer, sale, so that our personal life is not to be disturbed. So, to be controlled in the range of anti abuse has been collected. Another is I don't know the person who leaked the information, I tell? The judge may if according to the European market share personal information infringement judgment possible, there may be a bit difficult.
   For statutory damages, but actually there are still on the line, but only for a single case. If there are several hand phenomenon, can be separated from prosecution. Also, if beyond the highest limit of how to do? Using the "personal information protection law" could not protect the civil law ", this time with a protection of personality right law", civil law still has added to it. Protection of the right of personality in civil law, is the requirement of mental damage, but the protection of personal information only disclose facts do not request the spirit damage.
    
    Tu Yong qian:On the protection of personal information, and the inside of which also involves proof, must not the victim to the burden of proof.
    
Science Students:If we try to put the right of personal information on "personality right law" in the words, you have also mentioned that if the right of personal information is different from the traditional right of personality, the traditional concrete personal right is a negative right. I can understand the traditional concrete personality right is mainly passive defensive function, while the personal information right as positive rights is actively use the function. If this is true, whether with the right of personal information is at image right (and the accompanying personality interest commercialization) similar, if these into "personality right law", it will cause the unlimited expansion of their traditional concrete personality right trend of gradually shrinking?
 
    Professor Qi Aimin:This problem is also very good. In the discussion of the personal information right, also said that we encountered problems: some people think that if personal information has become a kind of right, it will not have the name, portrait contain? In fact, this is allowed. For example, the right of reputation, the right of portrait is infringed upon, will involve name infringement. So, originally in the right of personality in the field, division of specific personality rights, I think is relative. For example, your reputation, honor is infringed upon, I do not believe that neither infringe your name right no infringement of the right of your portrait, can let the right of reputation, honor is infringed upon, this there can be exceptions, but usually is also against the. So, in the cross area of personality right of the right itself exists, is permitted.
   Also, personal information is collected into a database, has become the information control of the property. But the merchandising right and you just said is not quite the same thing. The right of publicity or merchandising right, in America through cases admitted. But the principal of this right is limited to the celebrity. On this issue, I have been concerned about, including Europe, many European countries refused to this right, because if only one percent people to enjoy the right of publicity, why take this right? Can use the contract definition with name right, right of reputation, but it also involves the issue of compensation. In American that pay not enough, the right of publicity or merchandising right.
    
Science Students:Many countries will protect personal information out of the stage of investigation, the protection of personal information is for the investigation stage, what measures?
 
    Professor Qi Aimin:Thank you for your problem! Our country for this problem has not entered the legislative stage, but the German law of three agencies debate particularly large, including repair of Taiwan area of our country: the "computer" removed; news agency that they do not apply to the law, but eventually the news agencies in the "personal information protection law". The national security departments in Germany and the public security organs also raised this issue, but in the end all in "personal information protection law"; do not say first single on these subjects, are pulled into the "personal information protection law" will admit of no exception whatsoever. Secondly, the investigation is made an exception, it can collect indirectly, by the investigation technology etc.. In fact, all the evidence points to the people, if not to why people collect? So these are personal information, such as fingerprints, footprints, blood, clothes and so on. The personal information collected in this field should adopt what kind of rules, so since the investigation I think secret collection must be allowed, but secretly collected in accordance with the needs of specific criminal investigation procedures, approval procedures. The scope of investigation cannot be man of unlimited expansion, husband and wife in tracking, and tracking friends, but this range can not be unlimited expansion. There is nothing to do with the case in investigation information, can not be used any more, only to be able to collect and store the information related to the case.
    
    Shi Jiayou.I added a little, in the protection of personal information in many European countries, the principle is the same, except for some exceptions to the police department. But the purpose must be legitimate, national security, investigation and so on; also must follow the principle of proportionality. So, these are the basic principles to follow, many control principle of some programs. Confidentiality, disclosure of personal information is in need of special attention: for example, many places are specified using HD probe can not in front, not as the tail of the car, it is also considering the protection of privacy.
   There is a real problem, I also feel that may present the real name system is quite worrying, directly applicable consequences may be the freedom of opinion, expression.
    
    Science Students:GPS, intelligent mobile phone can be traced to individual location, like the whereabouts information if included personal information, limits of legal protection is very difficult to distinguish, so the problem how to grasp?
    
    Professor Qi Aimin:Personal information both international organizations or national legislation, are generally less enumerated type, finally will implement the direct or indirect identification recognition. As long as we can identify you, me, him, they must belong to the personal information, this is the difference between statistical data and.
    
    Host.Thank you very much all the teacher wonderful speech and answers, also very grateful to the active participation of all teachers and students! Today's lecture to the end.
    
   (finishing: Renmin University of China law school 2011 level of civil and commercial law of master Zhao Ge