浙江大学学报(人文社会科学版)
 
   2025年5月28日 星期三   首页 |  期刊介绍 |  编委会 |  投稿指南 |  信息服务 |  期刊订阅 |  联系我们 |  预印本过刊 |  浙江省高校学报研究会栏目 |  留言板 |  English Version
浙江大学学报(人文社会科学版)  2024, Vol. 54 Issue (6): 58-72    DOI: 10.3785/j.issn.1008-942X.CN33-6000/C.2023.12.191
□ 法学研究 最新目录| 下期目录| 过刊浏览| 高级检索 |
论数据平台组织结构作为个人信息保护合规的工具
张冬阳
中国政法大学 法学院,北京 102249
Data Platform Organizational Structure as an Instrument to Personal Information Protection Compliance
Zhang Dongyang
Law School, China University of Political Science and Law, Beijing 102249, China

全文: PDF (785 KB)   RICH HTML
输出: BibTeX | EndNote (RIS)      
摘要 面对数据平台的认知优势,立法者通过重塑其组织结构,推动个人信息保护合规的内生化建构。外部行为规范给企业造成的负担是点状的,内部组织规范则是对企业理性的结构性重塑,意味着国家能够对企业产生持久深远的影响,现有理论欠缺足够的解释力。经典的比例原则建立在经验性预测基础之上,组织调控的复杂性和不稳定性导致比例原则的限制功能降低,应当利用一致性要求弥补被削弱的内容审查。立法者在风险进路基础之上对数据平台提出的组织结构要求不仅需要维护企业自身理性,还必须确保个人信息保护合规的有效性。与直接规制数据平台外部行为相比,通过规制其组织结构实现个人信息保护对立法者提出了更高要求。
服务
把本文推荐给朋友
加入我的书架
加入引用管理器
E-mail Alert
RSS
作者相关文章
张冬阳
关键词 企业组织个人信息保护比例原则一致性要求    
Abstract:The processor of personal information is the primary party responsible for personal information protection. In order to contribute to the implementation of this primary responsibility, the Personal Information Protection Law stipulates that data platforms shall appoint personal information protection officers, establish personal information protection compliance systems according to state regulations, and establish an independent body composed mainly of outside members to supervise personal information protection circumstances. The intervention of the state in the organizational structure of data platforms promotes the formation of a new regulatory model for personal information protection compliance, which has important research value in analyzing the theoretical basis and intervention limits of this regulatory model. The research first adopts normative analysis methods to categorize the reshaping of the organizational structure of data platform by the state, and then explores in an innovative manner the limits and logic of the organizational obligations by using the principles of proportionality and consistency derived from the empirical research results.Due to the fact that external behavioral norms cannot guarantee the utilisation, on the part of data platforms, of their cognitive advantages to achieve risk management in personal information protection, the state puts into practice the organizational norms to develop the internalization of corporate compliance with personal information protection. In the process of continuous intervention in the autonomy of data platform operations, private intervention obligations lack explanatory capacity as a consequence of the focus on the relationship of responsibility. This is mainly influenced by the fact that traditional state intervention is substantial and specific, while the reshaping of corporate rational structures by legislators is realised by impacting the decision-making process of enterprises in order to change their future decision-making logics. The classical principle of proportionality is developed on empirical predictions. By examining the shaping of the organizational structure of data platforms by legislators with the assistance of this traditional fundamental rights protection mechanism, it can be observed that it lacks the delicate regulatory power that once existed when state intervention was direct. In terms of legitimate purposes, the goals listed by legislators are very abstract. Since it is not yet clear how organizational norms work and to what extent they truly deliver public interest, it is difficult to measure in an accurate way the utility of intervention measures in promoting legitimate purposes. In order to better examine the obstructive effects caused by the state’s reshaping of corporate rational structures, content examination should start from the objective dimension of fundamental rights and strengthen it with the requirement of consistency. This means that the organizational structure requirements proposed by the state for data platforms on the basis of risk pathways must not only undermine the cognitive potential of enterprises, thereby hindering their own logic, but also ensure that the actions of enterprise organizations are guided by personal information protection. According to the requirement of consistency, it is advisable that lawmakers make supplementary provisions on the organizational obligations that data platforms should undertake in the Personal Information Protection Law. The transformation of the risk regulatory model presents challenges to the review tools of traditional administrative law, and contemporary administrative law should conduct more in-depth and all-inclusive research on the institutional arrangements for coordinating different participants with different behavioral logics. After all, compared with directly regulating external behaviors of enterprises, realizing the public interest by regulating their internal organizational structures places higher demands on legislators.
Key wordscorporate organization    personal information protection    principle of proportionality    requirement of consistency   
收稿日期: 2023-12-19     
基金资助:国家社会科学基金项目(22BFX036)
作者简介: 张冬阳(https://orcid.org/0009-0007-5449-8560),男,中国政法大学法学院讲师,硕士生导师,法学博士,主要从事行政法研究;
引用本文:   
张冬阳. 论数据平台组织结构作为个人信息保护合规的工具[J]. 浙江大学学报(人文社会科学版), 2024, 54(6): 58-72. Zhang Dongyang. Data Platform Organizational Structure as an Instrument to Personal Information Protection Compliance. JOURNAL OF ZHEJIANG UNIVERSITY, 2024, 54(6): 58-72.
链接本文:  
https://www.zjujournals.com/soc/CN/10.3785/j.issn.1008-942X.CN33-6000/C.2023.12.191     或     https://www.zjujournals.com/soc/CN/Y2024/V54/I6/58
发表一流的成果,传播一流的发现,提供一流的新知

浙ICP备14002560号-5
版权所有 © 2009 浙江大学学报(人文社会科学版)    浙ICP备05074421号
地址:杭州市天目山路148号 邮编:310028 电话:0571-88273210 88925616 E-mail:zdxb_w@zju.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发  技术支持:support@magtech.com.cn