中国应用软件中数据可携带权的实证分析  

作　　者：刘春 奉其其 祝嘉悦 Liu Chun;Feng Qiqi;Zhu Jiayue

机构地区：[1]电子科技大学公共管理学院,四川成都611731

出　　处：《天府新论》2025年第2期41-52,156,共13页New Horizons from Tianfu

基　　金：四川省哲学社会科学基金“中国式现代化引领四川高质量发展研究”重大专项课题(编号:SCJJ24ZD27)。

摘　　要：欧盟《通用数据保护条例》第20条引入了数据可携带权,规定数据主体有权以结构化、常用且机器可读的格式获取其提供给数据控制者的个人数据,并可以不受阻碍地将这些数据传输给其他数据控制者。我国《个人信息保护法》也引入了个人数据的可携带权。为探讨数据可携带权在中国的实施情况,本研究检视了中国市场上405款应用软件的隐私政策,向其中95款提及数据可携带权的应用软件发起了数据转移请求,并对数据处理流程及返回数据的质量进行评估。研究结果表明,企业的数据请求回复率总体较低,处理流程复杂,部门职能划分不明。本研究共收集到40份数据副本,这些数据主要以txt、HTML/pdf和xls/xlsx等格式呈现,未完全满足“结构化、常用且机器可读”的格式要求。在数据转移方面,企业成功完成转移数据的比例仅为4.2%。本研究从流程优化与规范、数据安全与隐私保护以及数据转移成效与技术互操作性三个方面为各利益相关者提出了改进数据可携带权实践的建议。Article 20 of the European Union′s General Data Protection Regulation(GDPR)establishes the right to data portability,granting data subjects the right to obtain their personal data in a structured,com⁃monly used,and machine-readable format,as well as to transfer this data to other controllers without undue hindrance.Similarly,the Personal Information Protection Law of the People′s Republic of China recognizes this right.In order to assess the implementation of the right to data portability in China,this paper analyzes the privacy policies of 405 pieces of application software in the Chinese market.A total of 95 pieces of application software that mention the right to data portability are selected for data transfer requests,and their data process⁃ing procedures and the quality of the returned data are evaluated.The results indicate that the overall response rate of enterprise data requests is low,the processing process is complex,and the division of department func⁃tions is unclear.A total of 40 data sets are collected,primarily in txt,HTML/pdf,and xls/xlsx formats,which do not fully meet the requirements of“structured,commonly used,and machine-readable”formats.In terms of data transfer,only 42%of enterprises have successfully completed the data transfer process.Based on these findings,this study puts forward recommendations for stakeholders to improve data portability prac⁃tices from three aspects:process optimization and standardization,data security and privacy protection,and the effectiveness of data transfer and technological interoperability.

关 键 词：数据可携带权 个人信息保护 数据隐私 数据转移 

分 类 号：D99[政治法律—国际法学] D922.16[政治法律—法学]