Apr 03, 2018 01:13 PM

Editorial: For Personal Data, Business Interests Shouldn't Trump Security

The era of big data has swept in and provided innumerous possibilities for business innovation and social governance. However, the security of data use often does not draw enough attention until major incidents occur and sound an alarm.

The latest case that triggered worldwide discussion involved Cambridge Analytica, a technology firm that secretly collected Facebook users’ information and used the large volume of data to affect the U.S. presidential election. Robin Li, Baidu Inc.’s CEO, also provoked heated debate online by saying that Chinese users are not sensitive to privacy and would trade some online privacy for convenience provided by internet services.

Most individual internet users have no idea when their personal information is grabbed by someone. They don’t know where the information goes nor what it will be used for until trouble emerges from out of nowhere. In the era of big data, individuals are often helpless in terms of their own information. It is also often a dark corner neglected by government regulations.

Personal information is not only about privacy rights, but also property rights, which are protected by law. It is the bottom line for the development of the big data industry. Unfortunately, the concept of personal information protection is still very weak in China today. The abuse of personal information is prevalent — many still take it for granted. Data breaches have been reported frequently. If this trend is not checked, how can the public feel safe? If the age of big data is based on the violation of personal information, this is no better than building towers on sand. People who abuse personal information should be punished, and regulators must take on related responsibilities. Deeper understanding of the protection of personal information must be established, and a comprehensive set of regulations should be drawn up as soon as possible.

The infringement of personal information is not limited to the rudimentary means of sheer theft and profiteering. Internet users are exposed to great risks with their daily use of familiar websites and apps. When users install an app, they are often forced to or unconsciously agree to the terms of the service provider that collects personal information, or they will not be able to install the app. In fact, most personal information has nothing to do with the app’s functions. These are just a few of the hidden dangers that the public can intuitively perceive, but there are more risks that users are unaware of. The spying tentacles extend to every nook and cranny of their lives, eventually weaving a web from which no one can escape.

It’s not without noise. A popular argument is that the development of the big data industry is a priority, and that personal information protection should at least be temporarily compromised. This is nonsense. No one can stop the coming of the big data era. But nothing should be developed at the expense of personal information rights. Far from being an obstacle to the growth of the big data industry, the protection of personal data is often marginalized or trashed under the halo of big data industry development.

Protecting personal information doesn’t mean shutting off all information. It will not hinder the development of the data industry. The theory of “temporary compromise” actually equates the development of big data with the free collection and processing of personal information, which is absurd. It is worth considering what the purpose of this argument is.

Personal information protection has repeatedly been breached; internet and mobile platforms should take responsibility. The law has made clear that internet operators who collect and use personal information should justify the use of data and do it lawfully and openly. They should not collect personal information that is not related to the services they provide, let alone leak, tamper with, or destroy personal information. They should not provide the information to a third party without the consent of the user.

At present, protection of personal information is weak. Many internet platforms don’t have a sound system to keep the information they collect from being abused.

The abuse of personal information is becoming increasingly serious. But the construction of the government supervision system and its enforcement are not up to public expectations. The supervision system needs to be improved as soon as possible. Laws such as the constitution, Criminal Law, Civil Law and administrative laws all include the protection of personal information, but they fail to form a clear and unified way of governance, let alone a mature governance framework. Although the punishment stipulated in criminal law seems severe, the effect is very limited because of the difficulty of law enforcement.

In some cases, members of the public are aware of the breach of their personal information, but they don’t know where to file a complaint. It is a common phenomenon for victims to be deterred by the difficulty to find evidence or find the right authority whose jurisdiction includes the alleged violators.

Authorities need to clear up channels and reduce the cost for people to seek legal means to protect their rights. Local governments should not let the companies overexploit and overuse personal data in order to nurture big businesses. Regulators should not be reluctant to regulate internet giants that have been successful in their respective businesses. Further indulgence will only make regulation in the future even more difficult. The time has come to accelerate the development of a uniformed personal-information protection law, as the absence of effective regulation has been creating problems.

The government is not only a regulator, but also a collector and user of information. At present, more than 80% of China’s information and data resources are in the hands of government agencies at all levels. It is a huge waste to hold the data instead of open it up for public use. The opening of government-obtained data is therefore a matter of concern and needs to move forward. This kind of information should be effectively used and well-protected. People still remember the tragedy of Xu Yuyu, a high school student in Shandong province who collapsed and died in 2016 after being swindled of nearly 10,000 yuan (about $1,500 at the time) by criminals who illegally obtained her personal information. The tragedy exposed the local educational authorities’ problem in personal information protection, and this is not an isolated case, and the lesson is profound. As information collectors and users, governments at all levels should follow the law. The collection and use of personal information by the government is not unlimited, unconditional, or naturally lawful.

How to protect personal information is a new topic, and each country is still feeling its way. The issue of big data protection concerns the monopoly of the internet platforms, and has become a global challenge. In developing countries, where the respect of citizens’ rights are weak and citizens often lack the awareness to protect their own rights, personal data protection is a “centennial puzzle.” We look forward to a “China solution” and “China wisdom” in this area.

You've accessed an article available only to subscribers
Share this article
Open WeChat and scan the QR code