[ad_1]
Yuantong leaked 400,000 pieces of personal information, big data should not be a violation
The new privacy protection law wants to erect a regulatory barrier
The “age of big data” should obviously not become the “age of infringement.” Recently, YTO has leaked 400,000 pieces of private personal information, and the issue surrounding personal information security has once again become a hot topic in public opinion. The reporter learned yesterday that laws and regulations strengthening the crackdown on personal privacy leakage have revealed “sharp teeth,” and that basic regulations for the collection of personal information by apps will be released in order to year as soon as possible, and define the minimum necessary information that can be collected; “Protection of the personal information of the People’s Republic of China”. The (Draft) Law may impose a penalty of up to 50 million yuan for serious violations of the law, and the protection of personal privacy is about to usher in a new era of cleanup.
400,000 urgent information leaks cause problems
Recently, the news broke of “400,000 pieces of personal information leaked by ghosts in Yuantong”. YTO Express responded to this, saying that the investigation found that two affiliated point-of-sale accounts in Hebei province had abnormal inquiries about the point-of-sale waybill information. Individual employees of affiliated outlets are suspected of conspiring with outside criminals and using employee accounts and illegal third-party tools to steal The information contained in the waybill resulted in the information being leaked and the suspect was arrested in September.
However, in response to this response, many netizens said they did not “buy” it: it is clearly the bad consequences of inadequate internal oversight of the company, so YTO’s response gave people a kind of “have been discovered in time, reported the case in time and cooperated in the investigation and handling throughout the process. “A sense of self-praise?” After the incident is handled, has YTO carried out a specific rectification and an optimization of the security of related information systems? For a while, YTO’s “superficial” apology even generated a storm greater than the information leak of 400,000 users. As of press time at 23:00 yesterday, YTO has yet to respond to this.
According to Xu Yong, Vice President of Express Branch of the China Transportation Association, citizen information leakage is not only a phenomenon unique to the express delivery industry, but a risk faced by all walks of life in the age of big data. Personal information is leaked frequently. Is there a solution?
Self-discipline “blacklist” has been improved
“When it comes to the scale of China’s large-scale express delivery business, the crime rate of China’s express delivery industry is at a relatively low level internationally.” According to Xu Yong, in recent years, the express industry has spontaneously established the integrity alliance “blacklist” system. It has played a role in the self-regulation of the industry.
The journalist learned that since 2016, 70 large national express logistics companies have jointly established the express logistics “black list” consultation system, which includes 12 types of infractions such as theft of express mail, information leakage. customer and resale of customer information. Companies that participate in the express logistics company “black list” system promise not to use the “black list” courier services within 5 years.
The National Statistics Office recently released data showing that the number of employees in the national express delivery industry has exceeded 3 million, and the number of employees covered by the companies participating in the aforementioned system has reached more than 2 million. . According to Xu Yong, a total of 27,000 express delivery professionals have been blacklisted in the five years since the system was established; In the last two years, violations of regulations and laws by express logistics companies have been reduced by more than 95%.
But relying on industry self-discipline is not enough. “In addition to relying on standardized management of companies and platforms, the most important thing for industry regulations is to increase the cost of violations and to use legal means to sanction violators. We must not only increase penalties for corporate employees who They filter citizen information, but also impose the participation and illegal implementation of information. The entire chain of transactions in the industry is severely repressed. ” In Xu Yong’s opinion, improving the corresponding laws and regulations is the most fundamental weapon to solve the problem of information leakage.
Legal rules are on the way
In fact, personal privacy leaks from the public have widely existed in many fields, such as express delivery, online shopping, real estate, and job hunting. Consumers have faced the risk of information “flowing” in almost every field. “The important prerequisite for technology to make people’s lives easier is security. Only stricter laws, regulations and compliance can be an advantage in protecting the security of personal information,” said Zhu Jinyuan, director of the Beijing law firm. Guandao.
Fortunately, the government’s problem of personal privacy leak making people scratch their heads is about to usher in a tipping point. The journalist learned that the “Basic Regulation for the collection of personal information through mobile Internet applications (App) of information security technology” (draft for approval) compiled by the Technical Committee for Standardization of National Information Security has undergone revision.
“This specification is expected to be officially introduced later this year or early next. It will make clear provisions for applications in important areas such as home rentals and sales, transportation and ticketing, job recruitment, online shopping, express logistics. , catering and delivery network communities, and instant messaging. What is the minimum necessary information that can be collected to facilitate collection? ”A staff member of the China Applications Special Governance Task Force told reporters that this will further regulate the collection of information by various applications.
In addition, the “Personal Information Protection Law of the People’s Republic of China (Draft)” seeks comments and plans to substantially increase the cost of personal breaches. The draft proposes that companies that violate the law can impose a fine of less than 50 million yuan or less than 5% of the previous year’s turnover, and at the same time impose a fine of 100,000 yuan to 1 million yuan on the person directly responsible.
(Editor-in-charge: Wang Wanying)