[ad_1]
Original title: Yuantong leaked 400,000 pieces of personal information privacy protection new law wants to erect a regulatory barrier
Our reporter Zhao Peng, internal reporter Yang Tianyue
The “age of big data” should obviously not become the “age of infringement.” Recently, YTO has leaked 400,000 pieces of personal privacy information, and the issue surrounding personal information security has once again become a hot topic in public opinion. The reporter learned yesterday that laws and regulations strengthening the crackdown on personal privacy leakage have revealed “sharp teeth.” The basic regulations for the collection of personal information by the applications will be announced at the end of the year as soon as possible, and the minimum necessary information that can be collected is defined; “Protection of the personal information of the People’s Republic of China”. The (Draft) Law may impose a penalty of up to 50 million yuan for serious violations of the law, and the protection of personal privacy is about to usher in a new era of cleanup.
■ 400,000 urgent information leaks cause problems
Recently, news broke of “400,000 pieces of personal information leaked by ghosts in Yuantong”. YTO Express responded to this, saying that the investigation found that two affiliated point of sale accounts in Hebei province had abnormal inquiries about the point of sale waybill information. Individual employees of affiliated outlets are suspected of conspiring with outside criminals and using employee accounts and illegal third-party tools to steal The information contained in the waybill resulted in the leakage of information and the suspects were arrested in September.
However, in response to this response, many netizens said that they did not “buy” it: it is clearly the bad consequences of inadequate internal supervision of the company, so YTO’s response gave people a kind of “have been discovered in time, reported the case in time and cooperated in the investigation and handling throughout the process. “A sense of self-praise?” After the incident is handled, has YTO carried out a specific rectification and an optimization of the security of related information systems? For a while, YTO’s “superficial” apology even generated a storm greater than the information leak of 400,000 users. As of press time at 23:00 yesterday, YTO has yet to respond to this.
According to Xu Yong, Vice President of Express Branch of the China Transportation Association, citizen information leakage is not only a phenomenon unique to the express delivery industry, but a risk faced by all walks of life in the age of big data. Personal information is leaked frequently, is there a solution?
■ Improved self-discipline “blacklist”
“When it comes to the scale of China’s large-scale express delivery business, the crime rate of China’s express delivery industry is relatively low internationally.” According to Xu Yong, in recent years, the express industry has spontaneously established the integrity alliance “black list” system. It has played a role in the self-regulation of the industry.
The journalist learned that since 2016, 70 large national express logistics companies have jointly established the express logistics “black list” consultation system, which includes 12 types of infractions such as theft of express mail, information leakage customer and resale of customer information. The companies that participate in the “black list” system of express logistics companies promise not to use the courier personnel of the “black list” within 5 years.
The National Bureau of Statistics recently released data showing that the number of employees in the national express delivery industry has exceeded 3 million, and the number of employees covered by companies participating in the above system has reached more than 2 million. According to Xu Yong, a total of 27,000 express delivery professionals have been blacklisted in the five years since the system was established; In the last two years, violations of regulations and laws by express logistics companies have been reduced by more than 95%.
But relying on the self-discipline of the industry is far from enough. “In addition to relying on standardized management of companies and platforms, the most important thing for industry regulations is to increase the cost of violations and to use legal means to punish criminals. We must not only increase penalties for corporate employees who they filter citizen information, but also impose the participation and illegal implementation of information. The entire chain of transactions in the industry is severely repressed. ” In Xu Yong’s view, improving the relevant laws and regulations is the most fundamental weapon to solve the problem of information leakage.
■ Legal regulations are on the way
In fact, the disclosure of the public’s personal privacy has existed widely in many fields, such as express delivery, online shopping, real estate, and job hunting. Consumers have faced the risk of information “flowing” in almost every field. “The important prerequisite for technology to make people’s lives easier is security. Only stricter laws and regulations and their enforcement can be an advantage in protecting the security of personal information,” said Zhu Jinyuan, Director of Beijing Guandao Law Firm.
Fortunately, the government’s problem of personal privacy leak causing people to scratch their heads is about to usher in a tipping point. The journalist learned that the “Basic specifications for the collection of personal information through mobile Internet applications (App) for information security technology” (draft for approval) compiled by the Technical Committee for Standardization of National Information Security They are in the submission stage for review.
“This specification is expected to be officially introduced by the end of this year or early next. It will establish clear provisions for applications in important areas such as home rentals and sales, transportation and ticketing, job recruitment, online shopping, express logistics. , catering and delivery network communities, and instant messaging. What is the minimum necessary information that can be collected? ”A staff member of the China Special Applications Governance Task Force told reporters that this will further regulate the collection of information by various applications.
In addition, the “Personal Information Protection Law of the People’s Republic of China (Draft)” seeks comments and plans to substantially increase the cost of personal breaches. The draft proposes that companies can impose a fine of less than 50 million yuan or less than 5% of the previous year’s turnover for relevant violations, and at the same time impose a fine of 100,000 yuan to 1 million yuan on the person directly responsible.
【Edit: Ye Pan】