How to protect personal privacy in the big data age

Yuayazhou

"In the large data age, personal privacy protection is the focus of users ' attention, to effectively prevent personal information leakage." "National People's Congress, Millet Technology, chairman of the Lei, in this year's two sessions on a" national strategy to speed up the implementation of large data, "the statement has aroused many netizens resonance.

"Personal privacy is zeroing in, you want to open it!" 1999, when the Sun company CEO McNealy sigh ringing. "said the Netizen. "We have fallen into the awkward position of the" Transparent man "in the big Data age. Another netizen is feeling.

1 Value of Privacy

Data that is scattered across systems is not at first glance valuable, but if they are integrated and mined, they can find information about the consumer's character, hobbies, and consumption habits that are valuable to the business. But for consumers, your quiet life is often broken.

In fact, we often use personal information to Exchange services: We use Baidu Map, exchange out the current position information, we use QQ, exchange out their personal relationship, we use the cat, exchange out contact information and even home address. These exchanges are difficult to measure by price and often do not make you feel distressed or upset because you are in order to get service.

The problem is that sometimes you get a service, but you don't know how much you pay for it. In 2011, Maxschrems, a German student, asked for all the information he had collected from a well-known American social networking site Face-book, and he received a CD-ROM with 1222 PDF files, all of which he had previously been in Face-book, including information that had been deleted.

In the Internet age, your static information, especially your online activities, and the information in your virtual space are being fully tapped by the merchant. One day, you may suddenly find that your microblog friends suddenly increased so much, and then carefully classify, you will find that most of them are businesses-you have been online browsing their products. If you are interested in how to become a beauty, one day you may be found in micro-blog, I do not know where to come out from many to you to promote breast, whitening products such as friends.

Just like walking can not erase their footprints, the big data age, you can not erase the "data footprints" also let your privacy exposure increased risk. In fact, not only the internet, a person's "data footprints" are also scattered in various information systems, including mobile phones, PCs, credit cards, traffic cards, video surveillance and other business systems, these scattered in the system of data at first glance is not very valuable, but if they are deeply integrated, mining, you can find the character of this consumer , hobbies, and consumption habits, which are valuable to businesses. But for consumers, your quiet life is often broken.

In the big data age, learning to protect your privacy is no longer an urgent task for consumers, because your privacy information is inadvertently stolen away.

2 Black industry chain

Virus creator, app developers and illegal advertising channel vendors have formed a very mature interest chain-app developers and virus producers to work together to decompile well-known software, insert malicious code, advertising code, and so on, and then repackage the software to the third party application market or forum, After the user clicks the advertisement, the backstage downloads the software to produce the illegal promotion benefit, the virus producer, the app developer and the illegal advertisement channel merchant divides the income to divide.

Last year on the eve of 3 15, Dcci Internet Data Center released the "2013 Mobile Application Privacy security Assessment Report" shows that more than half of mobile phone applications have "privacy deviant" behavior. With the ability to read the SMS recording function of mobile applications, 61.1% of short message records for Cross-border crawl, access to contact book contacts this privacy rate of 38%, access to the number of the deviant ratio of up to 60.5%.

A year ago, the mobile phone software "privacy deviant" phenomenon intensified. This year, the CCTV 3 15 party, Datang High-hung Data Network Technology Co., Ltd. and dealers pre-installed "Datang artifact" infringement of mobile phone users personal privacy was exposed.

Not only that, the mobile phone virus is also wanton infringement of personal privacy. Mobile Security Service Enterprise Network Qin released the "2013 NetQin Global Mobile phone security report" shows that in 2013, mobile phone virus outbreaks multiplied, especially with the most prominent Android platform.

A professor at Peking University's Institute of Information, who declined to be named, said helplessly to reporters: "Now the information security environment, as long as the internet, all equipment is unsafe, if your privacy has not been violated, perhaps just because you are not so important."

According to the NetQin, the software is now two times packaged by virus makers, and most appear in some well-known software or popular mobile games. Virus makers, app developers and illegal advertising channels have formed a very mature interest chain--under pressure from short-term revenue, many app developers are used to collaborating with virus producers to decompile well-known software, insert malicious code, advertise code, etc. before they find a better profit model. The software is then repackaged and put into a third party application market or forum, after users download, while using the software, privacy information is stolen and uploaded, or is induced to click Ads, or in the background silently download a variety of software. After the user clicks the advertisement, the backstage downloads the software to produce the illegal promotion benefit, the virus producer, the app developer and the illegal advertisement channel merchant divides the income to divide.

Not just online, offline businesses are another backdoor.

Last October, a data called "20 million Open rooms" was circulated on the Internet. Two white-collar workers working in Shanghai for information security are easily downloaded to the database, due to work, the two people often travel to the field, when they find their own information, found including name, ID number, gender, date of birth, mobile phone number and registered mailbox details of personal information are at a glance. The two men commissioned a lawyer to sue for their personal information leakage of Zhejiang Hui Tatsu Station Company and their own hotel hanting.

As a result of the comprehensive Network survey and expert analysis, the four main culprits of personal privacy crisis are: Mobile phone communication operators, networks, commercial service organizations such as real estate agents and banks. In fact, it is no secret that the "sharing" of customer information between agencies, such as some business services, without authorization or beyond the scope of the authorization, is even a matter of collecting and buying and selling public "names and sites".

3 Embarrassing privacy

Consumers themselves have no way of knowing where their private information is going, and when a liar calls, or even cheated, you know that your message is flowing to him, but it's not clear how it flows to him. But because the infringement object is vague, the right to defend the difficulty is also very big, encounters this kind of infringement the consumer's safeguard right cost is also very high.

Nanjing, Ms. Zhu often use IE browser through Baidu search engine query more interested in the topic, she found that she used "weight loss" "breast" "abortion" and other keywords search and browse the relevant content, in her follow-up to some sites on the site will be corresponding to lose weight, breast, abortion and other ads. This let Ms. Zhu feel fear, think personal privacy was violated, then will Baidu sued the court, demand Baidu to bear stop infringement, apology, compensation loss and other tort liability, and compensation for spiritual damage comfort gold 10,000 yuan.

According to analysis, this is the Baidu company to use network technology, through cookies (note: Some sites in order to identify users, tracking and stored in the user's local terminal data) information, recorded and tracked Ms. Zhu's search of keywords, her hobbies, Life learning work characteristics such as personal privacy information revealed on the relevant websites, and use the key words of the record to her when browsing the Web site for specific advertising.

Cookies quickly became the focus of netizens ' attention as the CCTV 3 15 party exposed the possibility that cookies might threaten user privacy events this year. Cookies can be a convenience for Web services, but if the cookie is improperly handled, it can become a black hole that consumes privacy and security.

In addition, the so-called information sharing of different businesses also allows your information to be integrated to dig deeper into the danger. These personal privacy data are scattered in the intermediary, banks, insurance (assured), airlines and other institutions, the danger may not be small, but if the information is shared, but also by the system integration, mutual proof, the consumer's personal basic information, and even personality, hobbies and life track information will be at the glance of others, Many ordinary people will become transparent before them.

After that, the widespread use of data mining technology in the field of counter-terrorism has also allowed more ordinary people to worry that their privacy is being wantonly violated, and the Snowden incident undoubtedly confirms that such fears are not superfluous at all. "In the big Data age, internet companies are greedy to collect customer personal information and data mining, which is worth more." This also means that the collection of personal information of the group of behavior, more efficient. At the same time, consumers themselves can not know where their privacy information to go, and so the cheater called fraud phone, and even cheated, you know, your message to him, but how to flow to him is not known. But because the infringement object is vague, the right to defend the difficulty is also very big, encounters this kind of infringement the consumer's safeguard right cost is also very high. Liu Junhai, director of the Institute of Business Law of Renmin University of China, said to reporters.

4 How borders are delineated

Although the new Consumer Rights Protection Act, the protection of consumer privacy has been clearly stipulated, but the relevant people pointed out that the existing relevant provisions of the law is too principle, still need to develop corresponding implementation details. Moreover, the definition of personal privacy of consumers in the big data age is still a problem.

Chen Guanghui, a judge of Beijing's second Chinese academy, told reporters that the existing laws and regulations are too principle and operability is not strong. Not only that, China Unicom Institute of Zhao Jiucheng to reporters, the big data age consumer privacy definition is still a problem.

The protection of individual privacy rights in the United States has gone through 3 stages, from residential-centric privacy protection to human-centred privacy protection to data center privacy. But our country regarding individual privacy protection, has not been keeping up with the big data technology development pace.

Chen Guanghui, a judge of Beijing's second Chinese academy, told reporters that the issue of personal privacy protection for consumers and even ordinary residents was a complex issue in the big data age, and even involved national security, which was not something that the court could solve. "You know, the root servers are all abroad, and even our court's many trial data will be first known by foreign media." ”

So, how do you draw the most crucial personal privacy red line?

In fact, the new "Consumer Protection Law" has been implemented, the protection of consumer privacy has been clearly defined. If the operator collects and uses consumer personal information, it shall follow the principles of legality, propriety and necessity, and express the purpose, manner and scope of collecting and using the information, with the consent of the consumer.

But the Chen Guanghui of Beijing Second Chinese Academy of Justice thinks, these legal provisions are too principle, still need to make corresponding implementation rules. For example, how to delimit the boundaries of personal privacy in the big Data age is a very important and very sensitive issue.

When we are in public, sharing geographic information is not a problem, and when we get home in one hours, it becomes extremely sensitive. The blurring of personal information and privacy boundaries is a real headache. At this point, if users put all personal information on the "sacrosanct" label, many of the Internet models may have to go, such as O2O. Therefore, the delimitation of privacy boundaries has become a major proposition.

In this respect, Hu Xiaoming, vice President of China Information Association, told reporters that large data technology should be used to discover the law improvement work, and should not be used to excavate personal privacy, this is a basic business ethics, any enterprise should abide by.

He analyzed, large data technology information integration is too strong, it can search a variety of online data sources, to find a person's behavior clues, revealing the behavior of the law, people very embarrassing. Institutions with large data technologies are highly asymmetric in their information capabilities compared with ordinary people. If it is allowed to carry out "human flesh search" will greatly harm personal privacy, so expressly prohibit such acts is necessary, that is, not allow the publication of "human Flesh search" results. In addition to national security departments, public security departments, anti-corruption departments in order to counter terrorism, the maintenance of social security, such as the needs of the work (harmful to society's behavior is not personal privacy) can use large data technology to solve cases, other agencies should not be large data technology to collect personal privacy information.