• <abbr id="ck0wi"><source id="ck0wi"></source></abbr>
    <li id="ck0wi"></li>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li><button id="ck0wi"><input id="ck0wi"></input></button>
  • <abbr id="ck0wi"></abbr>
  • <li id="ck0wi"><dl id="ck0wi"></dl></li>
  • Home >

    Nearly 1.2 Billion E-Commerce Users' Information Has Been Leaked: What Is The Responsibility Of The Platform For Data Crawling?

    2021/6/24 13:38:00 0

    E-CommerceUsersInformationDataPlatform

    Recently, Taobao's nearly 1.2 billion users' information was leaked, causing concern.

    According to a case announced by Suiyang District People's Court of Shangqiu City, Henan Province, criminals crawled nearly 1.2 billion pieces of Taobao customers' digital ID, Taobao nickname, mobile phone number and other information through their own development software, which was used to engage in Taobao customer promotion business, with a total profit of more than 340000 yuan, and was finally sentenced to the crime of infringing citizens' personal information.

    In recent years, data leakage cases occur frequently. Some experts pointed out that although enterprises are also one of the victims, from the perspective of personal information protection, as long as users suffer losses due to information leakage, the platform should shoulder certain responsibilities.

    With the implementation of national and local legislation, the burden of enterprise data security in China is increasing, and those who fail to fulfill relevant obligations will face fines. On the other hand, the application of web technology such as crawler also needs legal regulation, and the use boundary of these technologies needs to be further standardized.

    Nearly 1.2 billion users' information of Taobao has been leaked

    According to the judgment document, in August 2020, Taobao (China) Software Co., Ltd. reported that from July 6 to 13, some illegal products bypassed the platform risk control through the MTop order evaluation interface to crawl encrypted data in batches. During this period, the number of crawling fields is huge, with an average daily crawling amount of 5 million. Crawling content includes sensitive fields such as buyer's user nickname, user evaluation content, nickname, etc.

    After Taobao investigation, it was found that he was suspected of committing a major crime. He was a technician in Liuyang Taichuang Network Technology Co., Ltd. (hereinafter referred to as "Liuyang Taichuang") which was established by Li.

    The main business of Liuyang Taichuang is Taobao customers, that is to promote Taobao products in wechat group, so as to obtain Taobao Commission and merchant service fee.

    Since November 2019, he has developed a crawler software "taoappraisal" at home, crawling customer information through Taobao web interface, and providing Li with the mobile phone number.

    Where is crawling information used? Li imported these information data into a software called "wechat plus people" to add wechat friends. According to the company's employees, the company has created several wechat groups, up to 1100, with the number of people in each group ranging from 90 to 200. These employees are responsible for sending advertising links in the group. Once Taobao users buy goods in the advertising group, the company can get a commission.

    As of July 2020, the company has made a total profit of 340187.68 yuan by using crawling information. After judicial identification, a total of 1180738048 pieces of Taobao customer information such as Taobao customer's digital ID, Taobao nickname, mobile phone number and other Taobao customer information were crawled through the software developed by him, and a total of 1972611 items were sent to the defendant Li in the form of wechat file.

    Is the crawled information used elsewhere? In addition to the mobile phone number provided to Li, the customer ID and Taobao nickname were stored in their own computer hard disk, and there was no leakage. Li argued that the indictment alleges that more than 3.95 million yuan is the total business volume of the company, and the profit amount should be 370000 yuan, without using the information for illegal purposes. The above information was adopted by the court.

    In the end, the court held that both of them had violated the state regulations and illegally obtained citizens' personal information, and the circumstances were particularly serious, which constituted the crime of infringing on citizens' personal information. Considering the criminal circumstances and social harmfulness, the court sentenced Li to three years and six months' imprisonment and a fine of 350000; He was sentenced to three years and three months in prison and fined 100000 yuan.

    "Generally speaking, platforms are also victims in similar incidents. As long as the platform takes necessary technical protection measures and has no fault in the data leakage incident, it can timely inform users and regulatory authorities of the relevant situation after the incident, and take remedial measures to actively recover the losses. Generally speaking, the platform will not be subject to administrative punishment." Xia Hailong, a lawyer from Shanghai Shenlun law firm, analyzes that, from the perspective of personal information protection, as long as users suffer losses due to information leakage, the platform needs to first compensate users for the losses.

    Enterprise data security responsibility increases

    In recent years, the frequent data leakage incidents in the world not only make the involved platforms bear high loss costs, but also may face huge fines for endangering the personal information security of a large number of users.

    In November 2020, Marriott, an American Hotel Group, received a huge fine of 18.4 million pounds issued by the British regulator (ICO) for the leakage of personal data of millions of customers due to cyber attacks. The ICO survey found that Marriott did not take appropriate technical or organizational measures to protect personal data on its systems in accordance with the general data protection regulations (gdpr).

    Facebook, a social giant, has been mired in data leaks on many occasions. In April, Facebook was accused of leaking 533 million user data, although it was later clarified that it was an old message two years ago and that the vulnerability had been fixed. However, it is reminiscent of the case that Cambridge analytics illegally obtained 87 million Facebook user data in 2018, which ended with Facebook agreeing to pay a fine of $5 billion.

    With the implementation of national and local legislation, the burden of data security on Chinese enterprises will gradually become heavier.

    According to the "data security law" passed on June 10, organizations and individuals carrying out data activities who fail to fulfill the obligations of data security protection (including taking necessary measures to ensure data security, strengthening risk monitoring, and carrying out risk assessment, etc.), the relevant competent authorities shall order them to make corrections, give them a warning, and may also impose a fine of not less than 50000 yuan but not more than 500000 yuan.

    The draft of personal information protection law, which is being reviewed in the second instance, also puts forward corresponding requirements for personal information processors, such as formulating internal management system and operating procedures, implementing classified management of personal information, adopting corresponding encryption, adopting corresponding encryption and de identification and other security technical measures, formulating and organizing the implementation of emergency plans for personal information security incidents.

    Data legislation in Shenzhen, Shanghai, Tianjin, Anhui and other places also attach great importance to data security.

    For example, the "Shenzhen Special Economic Zone data regulations (Draft)" issued on June 2 states that data processors should implement the responsibility of data security management, prevent data leakage, damage, loss, tampering and illegal use, implement monitoring and early warning measures, formulate data security emergency plans, and timely inform relevant right holders when risks occur, And report to the network information department and the relevant industry authorities.

    Improper use of crawlers involves multiple legal risks

    Internally, enterprises as data collectors and processors should establish a sound data protection system; In addition, the application of crawler and other network technologies also needs to be further standardized.

    Web crawler is a very common network information search technology in the Internet era. It was first used in the field of search engine. It collects information or data on the web page and brings it into the database.

    Improper use of web crawler technology may bring multiple legal risks. In addition to the above-mentioned crimes of illegally obtaining computer information system data, illegally controlling computer information system and infringing citizens' personal information, they may also touch the crimes of infringement of copyright and fraud, and constitute unfair competition.

    For example, in a case announced by the people's Court of Xuhui District, Shanghai, Duan opened a video website in 2013. Without the permission of the copyright owner, Duan used the crawler technology to set framed links to the film and television works of LETV, Tudou and other video websites, blocked the title ads, and instead published advertisements in his own web pages, making a profit of more than 740000 yuan. The court finally decided that Duan constituted a crime of copyright infringement.

    In another case announced by the people's Court of Baoshan District, Shanghai, crawler technology has become a tool for fraud. Ye hired others to obtain the information of Taobao's newly opened store by purchasing crawler software, and pretended to be Taobao customer service personnel to send false information such as shop deactivation and transaction closing to the store, so as to help the store solve the problem, so as to induce the victim to agree to remote assistance and provide Alipay account and password, After that, they use the victim Alipay to recharge the video account through remote computer operation. The court held that ye's behavior constituted the crime of fraud.

    The legal issues related to reptiles are more about monopoly and unfair competition. For example, "Baidu v. 360 case" in 2013, "Kumi guest suing car to settle the case" in 2017, and "micro blog lawsuit pulse illegally grabbing user information case" in 2016.

    On June 14, the U.S. Supreme Court asked lower courts to re-examine the case of HiQ labs, a competitor in the LinkedIn lawsuit, for grabbing users' public information. Previously, LinkedIn lost the lawsuit because the relevant laws did not prohibit companies from grabbing publicly accessible data on the Internet.

    Most of the disputes in these cases are about the ownership of data. Web crawlers can easily collect user data. In the future of data, that is, oil, it is a must for Internet operators to keep control of user data.

    Take the case of "micro blog suing pulse for illegally grabbing user information", for example, when the social networking application was launched, it cooperated with sina Weibo at the beginning of its launch. Users can register and log in through microblog account and personal mobile phone number. However, Sina Weibo found that the pulse also grabs and uses a large number of sina Weibo users' Avatar, name, occupation, education and other information. The two sides terminated their cooperation and Sina Weibo filed a lawsuit.

    Both the first and second instance courts hold that the above-mentioned behaviors constitute unfair competition. The second instance judgment of the Court pointed out that in the case that data resources have become an important competitive advantage and commercial resources of Internet enterprises, the competitiveness of enterprises in the Internet industry is not only reflected in the technical equipment, but also in the data scale they own. Pulse violates the developer agreement. Without the consent of users and without authorization of sina Weibo, it obtains the relevant information of its users and displays it in the personal details of pulse application. It infringes on the commercial resources of sina Weibo and obtains the competitive advantage improperly. This kind of competitive behavior has gone beyond the legitimate competition behavior protected by law.

    At present, there are no supporting laws and regulations for web crawler technology in China. Under multiple disputes, the use boundary of web crawler is being regulated. In the "data security management measures (Draft)" released by the office in May 2019, the legal red line of web crawler is defined for the first time.

    Article 16 of Chapter 2 of the draft provides that network operators shall not hinder the normal operation of the website by using automatic means to access and collect website data; This kind of behavior seriously affects the operation of the website. If the automatic access collection flow exceeds one third of the daily average flow of the website, it should be stopped when the website requests to stop the automatic access collection.

    ?

    • Related reading

    "The 14Th Five Year Plan" Development Outline Of Textile Industry Was Officially Released

    Daily headlines
    |
    2021/6/21 18:27:00
    49

    From Building To Urban Beauty

    Daily headlines
    |
    2021/6/19 9:59:00
    1

    Safe: As Of The End Of May, The Scale Of Foreign Exchange Reserves Was 322.8 Billion US Dollars

    Daily headlines
    |
    2021/6/11 9:54:00
    2

    The General Administration Of Customs Reported The Unqualified Quality And Safety Of H & M And Other Brands

    Daily headlines
    |
    2021/6/4 4:14:00
    1

    Sinochem Vaccine Is Authorized By Who For Emergency Use, And National Medicine Will Supply Vaccine To Covax Soon

    Daily headlines
    |
    2021/6/3 8:51:00
    5
    Read the next article

    Xiaomi Comprehensively Launched Offline Channel Reform, Digital Standardization And Increased Turnover Rate

    After the reform, Xiaomi's offline channel has only three modes: first, Xiaomi's flagship store; The second is Xiaomi's exclusive store; Third, Xiaomi's authorized store.

    主站蜘蛛池模板: 久久精品无码专区免费东京热| 日韩不卡中文字幕| 中文字幕乳授乳奶水电影小说| 亚洲无圣光一区二区| 国产成人av大片大片在线播放| 国产成人无码综合亚洲日韩| 亚洲最大av网站在线观看| 欧美特黄特色aaa大片免费看| 杨幂一级做a爰片性色毛片| 国产在线无码视频一区| 久久精品7亚洲午夜a| 亚洲激情视频图片| 韩日一区二区三区| 风间由美性色一区二区三区| 日本久久中文字幕精品| 亚洲欧洲国产综合| 欧美videosex性欧美成人| 久久精品国产久精国产| 青青国产线免观看手机版精品| 久久99国产精品久久99果冻传媒| 亚洲av永久无码| 国产激情电影综合在线看| 免费人成视频在线观看视频| 女人洗澡一级特黄毛片| 国产精品福利尤物youwu| 妖神记1000多章哪里看| 国产精品美女久久久久av福利| 久久青青草视频| 再深点灬舒服灬太大| 毛片免费观看的视频在线| 晓青老师的丝袜系列| 国产交换俱乐部在线看| 黑人巨大精品大战白人美女| 国产h肉在线视频免费观看| 国产剧情jvid在线观看| 国产午夜鲁丝片AV无码| 一个人看的www高清直播在线观看| 日本免费福利视频| 久久无码人妻一区二区三区午夜| 一区二区三区观看| 丰满少妇人妻无码专区|