信息资源管理学报 ›› 2021, Vol. 11 ›› Issue (3): 40-49.doi: 10.13365/j.jirm.2021.03.040

• 专题-数据治理制度建设 • 上一篇    下一篇

澳大利亚数据泄露通知制度及其启示

刘妍 肖冬梅   

  1. 湘潭大学知识产权学院,湘潭,411105
  • 出版日期:2021-05-26 发布日期:2021-06-22
  • 作者简介:刘妍,硕士生,研究方向为知识产权、数据法学,Email:820642547@qq.com;肖冬梅,院长,管理学博士、法学博士后,研究方向为知识产权、数据法学,Email:86650210@qq.com。
  • 基金资助:
    本文系湖南省社科基金重点项目“数据要素为湖南省经济发展注入新动能”(20ZWB07)阶段性成果。

The Data Breach Notification Obligation in Australia and its Enlightenment in China

Liu Yan Xiao Dongmei   

  1. School of Intellectually Property, Xiangtan University, Xiangtan, 411105
  • Online:2021-05-26 Published:2021-06-22

摘要: 与大数据的广泛运用如影相随的是数据泄露事件频现,而数据泄露通知制度的重要价值在于其能有效止损,故近年来该制度备受各主要国家的关注。采用文献调研法、文本分析法考察澳大利亚数据泄露通知制度发现,澳大利亚的数据泄露通知制度综合考虑了通知义务人、通知对象、通知时间、触发条件、通知内容、通知方式及通知例外等因素,其信息专员办公室另制定配套指南,使其数据泄露通知制度得以有效实施。我国可汲取澳大利亚的立法经验,在《数据安全法》中明确数据泄露通知制度,合理界定数据泄露通知范围,规范泄露通知的触发流程。

关键词: 数据泄露, 数据泄露通知义务, 澳大利亚, 数据安全法

Abstract: The widespread use of big data is accompanied by frequent data breaches. The important value of the data breach notification system is that it can effectively stop losses. Therefore, the system has attracted attention from major countries in recent years. Using literature research and text analysis methods to investigate the Australian data breach notification system, it is found that Australia’s data breach notification system takes into account factors such as notification obligations, notification objects, notification time, trigger conditions, notification content, notification methods, and notification exceptions. The Information Commissioner’s Office has also formulated supporting guidelines to enable its data breach notification system to be effectively implemented. China can learn from Australia's legislative experience to clarify the data breach notification system in the "Data Security Law", reasonably define the scope of data breach notification, and standardize the triggering process for breach notification.

Key words: Data breach, Data breach notification obligations, Australia, Data Security Law

中图分类号: