IT Times reporter especially Xin Fei
February 1st, the long-awaited "information security technology and commercial public service information system of personal information protection guidelines" (hereinafter referred to as the "guide") started out time and again. As Chinese first personal information protection standard, it has established "the purpose, at least, to inform the public and individual consent, quality assurance, security, integrity, responsibility and fulfill the" eight principles of information service practitioners. However, the IT Times reporter survey found that in the introduction of the guidelines on the occasion, banks, electricity providers are still quiet, some companies do not know the national standard. The "guide" can still be questioned landing.
enterprise privacy protection performance varies
"guide" will be divided into general information and sensitive information, and put forward the concept of tacit consent and express consent. The processing of personal general information can be based on tacit consent, as long as the individual information body does not explicitly oppose, you can collect and use. For personal sensitive information, it is necessary to establish on the basis of explicit consent, in the collection and use, must first obtain the personal information subject clear". Personal sensitive information, including ID number, cell phone number, race, political views, religious beliefs, genes, fingerprints, etc..
"IT times" reporter survey found that enterprises in the acquisition of personal information when performance varies. Reporters in several banks to apply for a credit card, the user does not provide a list of authorized options in the form. A bank credit card sales Commissioner Mr Cheng told the IT Times reporter, some banks credit card handling using the principle of silence. The user can take the initiative in a copy of ID card or business forms in the statement "the identity information is limited to this business, not for other purposes, if such safety factors are higher; if you do not declare, salesman will remind.
operators are more positive attitude. A business manager of Shanghai telecom business department told reporters, regardless of whether the user is authorized to declare, in the process of business, business hall will be a copy of ID card on the user’s knock on "the information only for the business" chapter, ensure the safety of personal privacy.
Tmall, Jingdong, where customers and other e-commerce sites in the user registration agreement states that this website will not disclose user privacy, the user in the browse, order shopping and other activities, to the user real name, address, telephone number, e-mail and other private information, the station will be strictly confidential. Other terms, but not for users to fill in information, add a "personal information is authorized to use" option.
"guide" the weak binding of
although the "guide" the implementation shows that the government is trying to keep up with the pace of development of the times, especially in the containment of information crime, protecting the legitimate rights and interests of citizens, is a step forward, but the "guide" is just a standard, have much effect, the industry still caused controversy. Law of Shanghai