Li Yanhong once said that "China people prefer to exchange privacy for convenience", which triggered a large-scale online public opinion against criticism. Talking about rights directly is very sensitive to everyone, but it may not be clear on the Internet.
As for why, I think there are several reasons:
First, most people are unfamiliar with Internet technology, even some Internet practitioners. They don't know the basics of new technology. Marketing often lets you open the address book, mobile phone number and ID number in the name of high-tech convenience. The loss may not be visible, but the convenience is just around the corner.
Second, the privacy agreements of various usage agreements contain "overlord clauses". After you ask for your mobile phone number, you have to use your ID number to complete real-name authentication (except for mandatory requirements for games and financial services). If you agree to register, you can push various advertisements, and you can only "voluntarily accept" various format terms, otherwise the software will refuse to provide services. When everyone is the same, the voice of doubt will become smaller and smaller for a long time, and even think it is appropriate.
Third, it is not enough to talk about the dangerous society where Internet data is leaked and abused.
A friend of mine who is doing risk control in the bank told me that there are too many data leaks now, not to mention reading all kinds of information such as address book, ID card and address. You can infer a person's portrait from a simple location, such as which primary school, which middle school, which university you go to, which company you work in and which circle you are in. You can infer from the positioning of your classmates, friends and colleagues. If the positioning data is obtained by fraudsters, it is easy to impersonate acquaintances for fraud.
In the pre-Internet era, the industry developed rapidly, from a sub-category of IT technology industry in the computer industry to a frontier industry with about 654.38 billion netizens accounting for the bulk of the national economy. Growth is amazing, but it is also accompanied by barbaric growth. When data is connected to the Internet, you are streaking. Although this statement is somewhat exaggerated, it also shows that the data leakage is serious.
2065438+March 2007, JD.COM and Tencent security team jointly assisted the Ministry of Public Security in cracking a case of stealing and selling citizens' personal information. The main suspect is an employee of JD.COM who stole 5 billion pieces of personal information and sold it on the Internet black market in various ways.
A criminal judgment published by the People's Court of Suiyang District of Shangqiu City on the Judgment Document Network shows that Zou Mou, a college student who lives in Shangqiu City, Henan Province, has been crawling on Taobao for 8 months since 20 19 1 1, stealing a lot of user data. Before Alibaba noticed this problem, more than11800,000 pieces of user information had been leaked.
Of course, data leakage is not only a giant, but also exists in all related industries of the Internet. According to the statistics of Yongan online data leakage monitoring platform, from June 65438+1 October1up to now, there have been * * data leakage incidents since June 2 1620, involving financial, Internet, e-commerce, education and other industries.
There is no intention to discuss which giant data are not leaked and which data are highly secure. It is meaningless to discuss whose "kung fu" is better on the whole internet. What is important is the establishment of safety ecology and rules.
On June 20 17, China promulgated the Cyber Security Law of the People's Republic of China, and in March 20021,the People's Republic of China (PRC) Personal Information Protection Law (Draft) was submitted to the National People's Congress Standing Committee (NPCSC) for deliberation. In June, 20021,the full text of People's Republic of China (PRC) Data Security Law was released. It can be said that the basic legal framework in the Internet field is already in place. At the same time, there are also local explorations. On June 7th this year, Shenzhen Data Regulations was officially announced to the public, and will be officially implemented in June 65438+ 10/next year, which is the first basic comprehensive legislation in the local area.
In terms of importance, we may not lose any country. In April 2020, data was recognized by the state as the "fifth factor of production" after land, labor, capital and technology, which played an important role in the digital transformation of enterprises. So the importance of data cannot be overemphasized.
Some people may worry that it is good to make regulations, but can they be put in place? The Data Security Law also fully considers this issue. In order to avoid becoming a mere formality, the data security law has made various subdivisions of policies, and at the same time has a certain guiding role in the implementation of technological differentiation.
The data security law points out that by 20021,more than 20 data security industry standards will be formulated, and a data security standard system for telecommunications and internet industries will be initially established, so as to effectively implement data security management requirements, basically meet the data security protection needs of the industry, and promote the application of standards in key areas.
By 2023, we will formulate more than 50 data security industry standards and improve the data security standard system in the telecommunications and Internet industries. The technical level, application effect and internationalization of the standard will be significantly improved, which will strongly support the improvement of the industry's data security protection capability.
Even if it is not cooked, then data leakage may be common in daily life. At present, all kinds of apps, web pages, applets, etc. Different information such as the user's personal location, identity and mobile phone number will be required. All platforms are saying that they will be desensitized to data, but when you receive the courier and receive a customer service call, your real information is often completely exposed to others. If personal data is not handled safely, the Internet will not develop healthily.
Fortunately, the Law on the Protection of Personal Information was just passed on August 20th, and it was clearly implemented on June 1 65438+1October1day. The Law on the Protection of Personal Information stipulates in detail the principles of personal information processing, such as legal basis, principles of personal information processing, storage period of personal information, scope of personal sensitive information, requirements for handling personal sensitive information, etc.
Specifically, some points are still very targeted and practical. For example, personal information should not be collected by fraud, inducement, etc., and the function of collecting personal information of products or services should not be concealed. Automatic collection of personal information should be the lowest frequency to realize the functional business of products or services. In this way, you can have a general understanding of the collection, and you can also cancel the deletion in a targeted manner.
In the past, registering an APP was the first time to check the "notification notice" and authorize it for life, which means that we can't revoke the willful authorization in the barbaric period before, and it is legal by default, which is a huge violation of the rights of users.
The Law on the Protection of Personal Information puts forward new requirements on this issue, and the consent should be made voluntarily and clearly by individuals on the premise of full knowledge, and can be easily withdrawn. Do not refuse to provide products or services on the grounds of personal disagreement or withdrawal of consent.
The Personal Information Protection Law has special laws and regulations on sensitive personal information, such as biological information, medical and health information and financial account information. For enterprises, it is necessary to distinguish the sensitive types of personal information, formulate internal classification standards, and take corresponding higher-level technical measures to protect them.
However, there is no way. If it is difficult to coordinate at the institutional level, technical means should be considered. In 20 19, the regulatory framework such as the China Banking Regulatory Commission and the special rectification of Internet financial risks, together with the public security organs to clean up the data source of "cash loans", was hailed as the most stringent investigation in the history of big data risk control industry. The relevant departments are aware of the harmfulness and seriousness of the disclosure of "plaintext data". Therefore, privacy computing is almost the only technical solution for data interconnection. Privacy computing is a full-cycle protection technology for privacy information. By encrypting plaintext data, the data can be "available and invisible".
Then, will the use of privacy computing slow down the speed of data processing and affect the efficiency of enterprises? According to industry insiders, the slowest time for privacy computing to process data is 3-5 times that of pure text, and the fastest time is hundreds of times. In the next year or so, the industry can be optimized and improved by 5- 10 times. There should be no worries about safety and efficiency, but the economic applicability remains to be explored.
In the real environment, different companies have different data dispersion, different data interaction standards, different business process standardization, and different vendors' underlying architectures and components, all of which require multi-party cooperation, and security development standards should be put in the first place as much as possible.
Liu Bo, chief scientist of Anheng Information, pointed out that on the one hand, on a global scale, data security is far from reaching the mature stage of technology, and even about 80% of data security-related technologies are in the primary stage; For China, there are still many problems to be solved in data security technology.
Therefore, the Internet industry may still have problems such as data abuse, data leakage and data trafficking for some time. Of course, we can't completely blame the problem on technology, but also make up for the shortcomings from the aspects of economics, sociology, social ethics and social data security awareness education. At the level of data governance, it can be said that everyone is for me and everyone is for me.
Affected by the epidemic, China's economy has been under great pressure, but fortunately, the "three new" economy still maintains a bright growth performance. The following is an explanation of what the "three new economies" are. "Three new economies" is a collection of economic activities with new industries, new formats and new business models as the core content.
It is embodied in a series of business activities based on emerging technologies and Internet information technology.
According to the data released by the National Bureau of Statistics on July 6th, 2020, China's "three new" economic added value 16.9 trillion yuan, an increase of 4.5% over the previous year, which is 1.5 percentage points higher than the current GDP growth rate in the same period. The proportion equivalent to GDP was 17.08%, an increase of 0.7 percentage points over the previous year.
The "three new economies" cannot be separated from the Internet. Without data security, everything will be a castle in the air. It can be said that the more frequent economic activities, the higher the data risk. 20021July 14, at the 20th China Internet Conference Data Security Forum, Wei Wei, director of the Information Security Department of the Security Research Institute of China Information and Communication Research Institute, said that according to the statistics of research institutions, the number of global data leaks in 2020 exceeded the sum of the past 15 years. These data security risks have gradually spread from individuals and enterprises to industries and even countries, and the hidden dangers of data security risks are very prominent.
Data security is a new problem and a new opportunity in the new era. Data interconnection is the general direction. If the potential between production factors is handled well, the efficiency will be greatly improved. Both big data and cloud computing are based on data security. For us personally, protecting personal data security means protecting our own wealth and ensuring personal safety.
References: