“三同时”制度:个人数据跨境流动风险监管之创新  被引量：11

作　　者：徐瑛晗 纪孟汝 Xu Yinghan;Ji Mengru(Intellectual Property Research Center of Zhongnan University of Economics and Law, Wuhan 430073)

机构地区：[1]中南财经政法大学知识产权研究中心,武汉430073

出　　处：《情报杂志》2022年第7期84-90,共7页Journal of Intelligence

基　　金：国家社会科学基金重大项目“总体国家安全观下产业知识产权风险治理现代化研究”(编号:21&ZD203)研究成果之一。

摘　　要：[研究目的]如今个人数据跨境流动制度多聚焦于数据跨境风险预防,后续数据跨境同步追踪与监管规则不甚完善。为有效提升数据跨境透明度,避免制度决策无据或回应过甚,有必要探讨风险审查评估的有效路径。[研究方法]在分析个人数据跨境流动隐忧及风险监管困境的基础上,依据环境风险与数据危机在风险控制方面的共通性,参照环境保护“三同时”制度,将个人数据跨境流动过程切分为数据流通初始意向、数据流动规划与实施、数据后续提供与使用三环节,构建个人数据跨境流动“三同时”制度。[研究结论]个人数据跨境流动“三同时”制度根据数据流动过程的三个环节,分别完善不同场景合同中的动态风险防控机制、落实风险等级分类管理与审查多元架构和跨境风险审查委托与问责机制。该制度可将数据流动与安全审查双线紧密结合,是数据风险监管的有效策略。[Research purpose]Nowadays,the system of personal data cross-border flow mostly focuses on the prevention of data cross-border risks,while the follow-up synchronized tracking and regulation are not perfect.In order to effectively enhance the cross-border transparency of data flow and avoid the system′s unsupported decisions or over-responsiveness,it is necessary to explore the effective path of data risk review and assessment.[Research method]Based on the analysis of the hidden worries of the cross-border flow of personal data and the dilemma of risk supervision,according to the commonality of environmental risk and data crisis in risk control,and referring to the"Three Simultaneities"system of environment protection,the process of cross-border flow of personal data can be divided into three links:initial intention of data flow,planning and implementation of data flow,and subsequent provision and use of data,so as to construct the"Three Simultaneities"system of cross-border flow of personal data.[Research conclusion]According to the three links of data flow process,"Three Simultaneities"system of cross-border flow of personal data should improve the dynamic risk prevention and control mechanism in standardized contracts in different scenarios,implement the multi-structure of risk level classification management and risk review,and use cross-border risk review delegation and accountability mechanisms.The system can closely combine data flow and security review,and is an effective strategy for data risk supervision.

关 键 词：个人数据 数据跨境 数据跨境流动 数据风险 风险评估 “三同时”制度 环境库茨涅兹曲线 风险等级分类 

分 类 号：D923.49[政治法律—民商法学]