政府資料開放中個人資訊保護的範式轉變

Paradigm Shift of Personal Information Protection in Open Government Data

"政府資料開放並非靜態的單一行為,而是動態的系統過程。借助資料生命周期理論,可以將政府資料開放解構為資料收集、轉換、存儲、公開和使用五個階段。根據《個人資訊保護法》和《資料安全法》確立的最新規則,個人資訊保護風險可能同時存在於政府資料開放生命週期的各個階段。然而,政府資料開放中現有的個人資訊保護範式主要採取“基於結果的方法”,重點關注政府資料在公開時的狀態,依靠技術性匿名化手段,難以有效應對政府資料開放中的個人資訊保護風險。與此相對應,“基於過程的方法”與政府資料生命週期、個人資訊保護的程式化和資料安全全流程管理相契合,可以彌補“基於結果的方法”的不足。通過將風險預防原則和程式、技術、經濟、教育和法律等手段分散放置在政府資料開放生命週期的每個階段,能夠最大限度減少個人資訊保護風險,在個人資訊保護與政府資料開放之間實現動態平衡。"

"Open government data ( OGD) is not a static single behavior, but a dynamic system process. With the help of data life cycle theory, open government data can be deconstructed into five stages of data collection, transformation, storage, release, and use. According to the latest rules established by the Personal Information Protection Law and the Data Security Law, personal information protection risks may exist at all stages of the OGD life cycle. However, the existing personal information protection paradigm in OGD mainly adopts an 'outcome-based approach', focusing on the state of government data at the time of release, and relying on technical anonymization methods, it is difficult to effectively deal with personal information risks in OGD life cycle. Correspondingly, the ' process-based approach' is compatible with the OGD life cycle, the proceduralization of personal information protection, and the fullprocess management of data security, and can make up for the shortcomings of the ' outcome-based approach'. By decentralizing risk precautionary principles and procedural, technical, economic, educational, and legal tools at each stage of the OGD life cycle, the risk of personal information protection can be minimized, and a dynamic balance can be achieved between personal information protection and open government data."