摘要
数据跨境传输是数据安全风险的重要成因之一,跨境数据取证作为网络信息时代打击犯罪的新常态,其中蕴含的数据跨境安全风险不容忽视。《数据安全法》第36条尽管关注到了这一特殊领域,但其一方面将司法协助与数据安全的批准机制混同,未明确境内单位和个人协助境外机构取证时数据跨境的具体安全审查情形及相应机制;另一方面该审查仅涉及跨境数据取证多种措施中应用范围最窄的一种,对于网上远程勘验、向网络信息业者调取等新出现的跨境取证措施关注不足。对于跨境数据取证中的安全审查和保障机制,其制度设计应当回归到资源性数据保护这一逻辑起点,基于跨境数据取证的双边性特征,在兼顾和平衡数据安全保障与有效打击犯罪的双重需求的前提下,根据不同跨境数据取证场景分析和化解其数据安全风险,并辅之以契合跨境数据取证需求的数据安全评估机制和安全风险跨境预警机制。
Cross-border data flow is one of the main sources of data security risks. As the crossborder digital investigation has become the common phenomenon in criminal proceedings,the security risk involved should not be neglected. Albeit Article 36 of the newly adopted Data Security Law pays attention to this issue,it causes confusion between the data security assessment mechanism and the traditional mutual legal assistance system on the one hand and overlooks other new crossborder investigative measures-that is,particularly,remote network inspection,and collect data from internet service providers,on the other hand. Given the complex legal regime regarding crossborder investigation,the data security mechanism in this context should build itself on the concept of resource-based security and take the bilateral nature of such investigative measures into consideration.Data security risks should be analyzed and mitigated correspondingly in accordance with the specific scenarios of cross-border investigation,and key auxiliary mechanisms such as security assessment and cross-border risk alert should be established.
作者
裴炜
Pei Wei(the Law School of Beihang University)
出处
《国家检察官学院学报》
CSSCI
北大核心
2021年第6期37-54,共18页
Journal of National Prosecutors College
基金
2019年国家社科基金青年项目“刑事跨境数据取证法律问题研究”(19CFX037)的阶段性成果。
关键词
数据安全
跨境数据取证
安全风险评估
跨境风险预警
Data Security
Cross-border Digital Investigation
Security Risk Assessment
Crossborder Risk Alert