• <abbr id="ck0wi"><source id="ck0wi"></source></abbr>
    <li id="ck0wi"></li>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li><button id="ck0wi"><input id="ck0wi"></input></button>
  • <abbr id="ck0wi"></abbr>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li>
  • Home >

    Nearly 1.2 Billion E-Commerce Users' Information Has Been Leaked: What Is The Responsibility Of The Platform For Data Crawling?

    2021/6/24 13:38:00 0

    E-CommerceUsersInformationDataPlatform

    Recently, Taobao's nearly 1.2 billion users' information was leaked, causing concern.

    According to a case announced by Suiyang District People's Court of Shangqiu City, Henan Province, criminals crawled nearly 1.2 billion pieces of Taobao customers' digital ID, Taobao nickname, mobile phone number and other information through their own development software, which was used to engage in Taobao customer promotion business, with a total profit of more than 340000 yuan, and was finally sentenced to the crime of infringing citizens' personal information.

    In recent years, data leakage cases occur frequently. Some experts pointed out that although enterprises are also one of the victims, from the perspective of personal information protection, as long as users suffer losses due to information leakage, the platform should shoulder certain responsibilities.

    With the implementation of national and local legislation, the burden of enterprise data security in China is increasing, and those who fail to fulfill relevant obligations will face fines. On the other hand, the application of web technology such as crawler also needs legal regulation, and the use boundary of these technologies needs to be further standardized.

    Nearly 1.2 billion users' information of Taobao has been leaked

    According to the judgment document, in August 2020, Taobao (China) Software Co., Ltd. reported that from July 6 to 13, some illegal products bypassed the platform risk control through the MTop order evaluation interface to crawl encrypted data in batches. During this period, the number of crawling fields is huge, with an average daily crawling amount of 5 million. Crawling content includes sensitive fields such as buyer's user nickname, user evaluation content, nickname, etc.

    After Taobao investigation, it was found that he was suspected of committing a major crime. He was a technician in Liuyang Taichuang Network Technology Co., Ltd. (hereinafter referred to as "Liuyang Taichuang") which was established by Li.

    The main business of Liuyang Taichuang is Taobao customers, that is to promote Taobao products in wechat group, so as to obtain Taobao Commission and merchant service fee.

    Since November 2019, he has developed a crawler software "taoappraisal" at home, crawling customer information through Taobao web interface, and providing Li with the mobile phone number.

    Where is crawling information used? Li imported these information data into a software called "wechat plus people" to add wechat friends. According to the company's employees, the company has created several wechat groups, up to 1100, with the number of people in each group ranging from 90 to 200. These employees are responsible for sending advertising links in the group. Once Taobao users buy goods in the advertising group, the company can get a commission.

    As of July 2020, the company has made a total profit of 340187.68 yuan by using crawling information. After judicial identification, a total of 1180738048 pieces of Taobao customer information such as Taobao customer's digital ID, Taobao nickname, mobile phone number and other Taobao customer information were crawled through the software developed by him, and a total of 1972611 items were sent to the defendant Li in the form of wechat file.

    Is the crawled information used elsewhere? In addition to the mobile phone number provided to Li, the customer ID and Taobao nickname were stored in their own computer hard disk, and there was no leakage. Li argued that the indictment alleges that more than 3.95 million yuan is the total business volume of the company, and the profit amount should be 370000 yuan, without using the information for illegal purposes. The above information was adopted by the court.

    In the end, the court held that both of them had violated the state regulations and illegally obtained citizens' personal information, and the circumstances were particularly serious, which constituted the crime of infringing on citizens' personal information. Considering the criminal circumstances and social harmfulness, the court sentenced Li to three years and six months' imprisonment and a fine of 350000; He was sentenced to three years and three months in prison and fined 100000 yuan.

    "Generally speaking, platforms are also victims in similar incidents. As long as the platform takes necessary technical protection measures and has no fault in the data leakage incident, it can timely inform users and regulatory authorities of the relevant situation after the incident, and take remedial measures to actively recover the losses. Generally speaking, the platform will not be subject to administrative punishment." Xia Hailong, a lawyer from Shanghai Shenlun law firm, analyzes that, from the perspective of personal information protection, as long as users suffer losses due to information leakage, the platform needs to first compensate users for the losses.

    Enterprise data security responsibility increases

    In recent years, the frequent data leakage incidents in the world not only make the involved platforms bear high loss costs, but also may face huge fines for endangering the personal information security of a large number of users.

    In November 2020, Marriott, an American Hotel Group, received a huge fine of 18.4 million pounds issued by the British regulator (ICO) for the leakage of personal data of millions of customers due to cyber attacks. The ICO survey found that Marriott did not take appropriate technical or organizational measures to protect personal data on its systems in accordance with the general data protection regulations (gdpr).

    Facebook, a social giant, has been mired in data leaks on many occasions. In April, Facebook was accused of leaking 533 million user data, although it was later clarified that it was an old message two years ago and that the vulnerability had been fixed. However, it is reminiscent of the case that Cambridge analytics illegally obtained 87 million Facebook user data in 2018, which ended with Facebook agreeing to pay a fine of $5 billion.

    With the implementation of national and local legislation, the burden of data security on Chinese enterprises will gradually become heavier.

    According to the "data security law" passed on June 10, organizations and individuals carrying out data activities who fail to fulfill the obligations of data security protection (including taking necessary measures to ensure data security, strengthening risk monitoring, and carrying out risk assessment, etc.), the relevant competent authorities shall order them to make corrections, give them a warning, and may also impose a fine of not less than 50000 yuan but not more than 500000 yuan.

    The draft of personal information protection law, which is being reviewed in the second instance, also puts forward corresponding requirements for personal information processors, such as formulating internal management system and operating procedures, implementing classified management of personal information, adopting corresponding encryption, adopting corresponding encryption and de identification and other security technical measures, formulating and organizing the implementation of emergency plans for personal information security incidents.

    Data legislation in Shenzhen, Shanghai, Tianjin, Anhui and other places also attach great importance to data security.

    For example, the "Shenzhen Special Economic Zone data regulations (Draft)" issued on June 2 states that data processors should implement the responsibility of data security management, prevent data leakage, damage, loss, tampering and illegal use, implement monitoring and early warning measures, formulate data security emergency plans, and timely inform relevant right holders when risks occur, And report to the network information department and the relevant industry authorities.

    Improper use of crawlers involves multiple legal risks

    Internally, enterprises as data collectors and processors should establish a sound data protection system; In addition, the application of crawler and other network technologies also needs to be further standardized.

    Web crawler is a very common network information search technology in the Internet era. It was first used in the field of search engine. It collects information or data on the web page and brings it into the database.

    Improper use of web crawler technology may bring multiple legal risks. In addition to the above-mentioned crimes of illegally obtaining computer information system data, illegally controlling computer information system and infringing citizens' personal information, they may also touch the crimes of infringement of copyright and fraud, and constitute unfair competition.

    For example, in a case announced by the people's Court of Xuhui District, Shanghai, Duan opened a video website in 2013. Without the permission of the copyright owner, Duan used the crawler technology to set framed links to the film and television works of LETV, Tudou and other video websites, blocked the title ads, and instead published advertisements in his own web pages, making a profit of more than 740000 yuan. The court finally decided that Duan constituted a crime of copyright infringement.

    In another case announced by the people's Court of Baoshan District, Shanghai, crawler technology has become a tool for fraud. Ye hired others to obtain the information of Taobao's newly opened store by purchasing crawler software, and pretended to be Taobao customer service personnel to send false information such as shop deactivation and transaction closing to the store, so as to help the store solve the problem, so as to induce the victim to agree to remote assistance and provide Alipay account and password, After that, they use the victim Alipay to recharge the video account through remote computer operation. The court held that ye's behavior constituted the crime of fraud.

    The legal issues related to reptiles are more about monopoly and unfair competition. For example, "Baidu v. 360 case" in 2013, "Kumi guest suing car to settle the case" in 2017, and "micro blog lawsuit pulse illegally grabbing user information case" in 2016.

    On June 14, the U.S. Supreme Court asked lower courts to re-examine the case of HiQ labs, a competitor in the LinkedIn lawsuit, for grabbing users' public information. Previously, LinkedIn lost the lawsuit because the relevant laws did not prohibit companies from grabbing publicly accessible data on the Internet.

    Most of the disputes in these cases are about the ownership of data. Web crawlers can easily collect user data. In the future of data, that is, oil, it is a must for Internet operators to keep control of user data.

    Take the case of "micro blog suing pulse for illegally grabbing user information", for example, when the social networking application was launched, it cooperated with sina Weibo at the beginning of its launch. Users can register and log in through microblog account and personal mobile phone number. However, Sina Weibo found that the pulse also grabs and uses a large number of sina Weibo users' Avatar, name, occupation, education and other information. The two sides terminated their cooperation and Sina Weibo filed a lawsuit.

    Both the first and second instance courts hold that the above-mentioned behaviors constitute unfair competition. The second instance judgment of the Court pointed out that in the case that data resources have become an important competitive advantage and commercial resources of Internet enterprises, the competitiveness of enterprises in the Internet industry is not only reflected in the technical equipment, but also in the data scale they own. Pulse violates the developer agreement. Without the consent of users and without authorization of sina Weibo, it obtains the relevant information of its users and displays it in the personal details of pulse application. It infringes on the commercial resources of sina Weibo and obtains the competitive advantage improperly. This kind of competitive behavior has gone beyond the legitimate competition behavior protected by law.

    At present, there are no supporting laws and regulations for web crawler technology in China. Under multiple disputes, the use boundary of web crawler is being regulated. In the "data security management measures (Draft)" released by the office in May 2019, the legal red line of web crawler is defined for the first time.

    Article 16 of Chapter 2 of the draft provides that network operators shall not hinder the normal operation of the website by using automatic means to access and collect website data; This kind of behavior seriously affects the operation of the website. If the automatic access collection flow exceeds one third of the daily average flow of the website, it should be stopped when the website requests to stop the automatic access collection.

    ?

    • Related reading

    "The 14Th Five Year Plan" Development Outline Of Textile Industry Was Officially Released

    Daily headlines
    |
    2021/6/21 18:27:00
    49

    From Building To Urban Beauty

    Daily headlines
    |
    2021/6/19 9:59:00
    1

    Safe: As Of The End Of May, The Scale Of Foreign Exchange Reserves Was 322.8 Billion US Dollars

    Daily headlines
    |
    2021/6/11 9:54:00
    2

    The General Administration Of Customs Reported The Unqualified Quality And Safety Of H & M And Other Brands

    Daily headlines
    |
    2021/6/4 4:14:00
    1

    Sinochem Vaccine Is Authorized By Who For Emergency Use, And National Medicine Will Supply Vaccine To Covax Soon

    Daily headlines
    |
    2021/6/3 8:51:00
    5
    Read the next article

    Xiaomi Comprehensively Launched Offline Channel Reform, Digital Standardization And Increased Turnover Rate

    After the reform, Xiaomi's offline channel has only three modes: first, Xiaomi's flagship store; The second is Xiaomi's exclusive store; Third, Xiaomi's authorized store.

    主站蜘蛛池模板: 亚洲aⅴ男人的天堂在线观看| 欧美激情videos| 日本三级韩国三级三级a级按摩| 国产成在线观看免费视频| 亚洲人成影院午夜网站 | 麻豆麻豆必出精品入口| 精品毛片免费看| 成在线人AV免费无码高潮喷水| 国产va免费精品高清在线观看| 久久99国产精品尤物| 老子影院午夜伦不卡| 成人免费视频69| 免费大学生国产在线观看p| re99热久久这里只有精品| 特级aaaaaaaaa毛片免费视频| 大bbwbbwbbwvideos| 亚洲欧美综合在线天堂| 222www免费视频| 机机对机机120分免费无遮挡 | 性刺激久久久久久久久| 最美情侣中文字幕电影| 国产喷水女王在线播放| 久久久久久亚洲精品中文字幕| jjzz日本护士| 最新国产精品自在线观看| 国产又大又黑又粗免费视频 | 先锋影音男人资源| 晚上看b站直播软件| 国产亚洲欧美在线视频| 中文在线第一页| 狠狠躁日日躁夜夜躁2022麻豆| 国产网站麻豆精品视频| 亚洲一区二区三区在线网站 | 高清性色生活片97| 撕开奶罩揉吮奶头高潮av | 免费观看亚洲人成网站| 99re6在线播放| 欧洲熟妇色xxxx欧美老妇多毛网站 | 黑人巨茎大战白人美女| 抱着cao才爽| 亚洲视频综合网|