英文摘要 |
Data security certification that conforms to the reform concept of 'decentralization, management and service' will surely occupy an increasingly important position in the entire regulatory legal system in the digital age. Data security certification through the reputation evaluation mechanism can guide and encourage Internet companies to operate in compliance with laws and regulations, can enhance users' trust in small, medium and micro Internet companies and emerging digital industries, can avoid 'one size fits all' government regulations, and can meet the diverse needs of the public data security requirements. Data security certification agencies should have a high degree of independence and professionalism to prevent them from being 'captured' by internet companies or becoming 'vassals' of the government. It is advisable to implement a data security certification model with voluntary certification as the primary and compulsory certification as the supplement. The certification process should emphasize fairness and transparency, and certification standards should focus on the establishment of a system for evaluating corporate data compliance. According to the principle of fault liability, the data security certification body shall be set up 'corresponding compensation liability' or 'joint and several liability'. It is necessary to increase public law accountability for data security certification violations. The establishment of a legalized data security certification system is not only a need to ensure data security, but also an urgent need to make up for the deficiencies of government regulations in the age. |