Page 26 - Proceedings of the 2017 ITU Kaleidoscope
P. 26
2017 ITU Kaleidoscope Academic Conference
personal information protection, cross-border data Secondly, big data makes the border between personal and
flows and other related issues, need to be enacted and non-personal information more ambiguous. Prior to the age
refined; see the detailed discussion below. of big data, a great amount of data could remain anonymous,
2. Data ownership is not yet defined. Without a consensus while in the present digital economy, the types of data are
on ownership, it is impossible to decide which law is expanding, the development of software algorithms and
applicable to data, ownership law, property law or analytics makes it easier for mass data to be associated and
intellectual property law? Data rights as a subject has aggregated and serves to greatly strengthen the businesses’
also not yet been decided. capacity of turning non-personal information into personal
3. Criteria for data exchange are absent. On the one hand, information.
there are a variety of patterns of data exchange Thirdly, in a big data environment, personal information
platforms, and each of them formulates its own rules, protection is under the full impact arising from the uneven
and is confined by limited data standardization, hidden distribution of the power of data control and the conflict of
blind areas and misconceptions, with few valuable interest of data use by individual persons, public and private
applications available. At the same time, data exchange organizations.
lacks a sound registration and clearing system, and At the end of 2012, the Standing Committee of NPC passed
resources of respective platforms cannot be integrated the “Decision of Reinforce Protection of Internet
in any effective manner. On the other hand, the value of Information”. This is the first time in China that the
a data asset is hard to be assessed. The market lacks a protection of information security of citizens and
standard pricing approach, with prices being decided in corporations has been regulated at the law level. It also
accordance with property rights, intellectual property includes regulations about online identity, rights and
rights or revenues. responsibilities of different parties. At the end of 2016, the
Data exchange is an important means for an enterprise to turn Cybersecurity Law was passed. The definition and scope of
data resources into corporate assets and to enhance personal information, the principles of collecting personal
competitiveness. In particular, in the digital economy, data information, and the responsibilities of relevant subjects
has become an important means of production; therefore, have been regulated in Cybersecurity Law. But in practice, it
without solving the exchange and circulation problems, is not rare to see the trading of personal data for commercial
businesses will be hindered from further development, and benefit. Consequently, relevant departments should
the process of digitalization for the entire society will be reinforce enforcement to protect people’s personal
affected as well. information security.
Overall, personal information protection has become a core
2.3. Personal data protection issue for the digital society, and how to balance personal
information protection and socioeconomic development will
be critical for the development of the future data-driven
At present, new technologies and businesses, rapidly society.
growing and data-based, have totally transformed the
applicable environment for personal information protection.
The advance of big data technology enables the wide 2.4. Cross-border data flows
application of collection, processing and analysis of mass
personal data, with governments and businesses becoming Following the rapid development of global digital commerce
increasingly reliant on intensive data analysis (economic and and economy and ongoing trade liberalization, regulations
social statistical analysis by the government, and business on cross-border data flows are becoming a focal issue for all
marketing by enterprises). Such activities, based on big data stakeholders. In the report on Data protection regulations
analysis, make the traditional society more transparent, and international data flows: Implications for trade and
imposing an unprecedented impact upon personal development, UNCTAD has pointed out that “International
information protection and threatening personal rights. data flows are increasingly important for trade, innovation,
Firstly, due to data mining and analyzing technologies, now competition and data mobility for consumers. However,
it is more likely for data to be used, with an increased around there is also a general consensus that the movement of data
risk when data is to be collected and applied, and when data cannot be completely unrestricted if legitimate concerns are
becomes a strategic resource, businesses are highly to be addressed. To promote compatibility, it is important to
motivated to collect information. Driven by commercial avoid duplication and fragmentation in the regional and
3
interests, the basic principles of limitation and necessity, as international approaches to data protection.”
set forth in the law on personal information protection, have However, with different appeal and focus, countries have
been repeatedly breached in practice, and too often mobile two contrasting attitudes toward cross-border data flows:
APPs have collected user information beyond the purpose On the one hand, some countries, typically the United States,
and scope of business. have been calling for cross-border data mobility to promote
a global digital economy. In 2012, the United States and the
3 See UNCTAD: Data protection regulations and international data flows: df , last visit in April 27, 2017.
Implications for trade and
development.http://unctad.org/en/PublicationsLibrary/dtlstict2016d1_en.p
– 10 –
