雷恩一大 會員中心 TAG標簽
網站地圖 RSS
英國coursework代寫
雷恩一大

雷恩加尔可爱图片:法學coursewor:Advise FriendChina.cn of its privacy obligation

時間:2019-08-15 10:58來源:未知 作者:anne 點擊:
EBU6008 Information and Privacy Law Coursework FriendChina.cn是一個社交網站,為世界各地對中國文化感興趣的中國學生和學生提供一系列服務。該網站可以從中國和國外訪問。該網站大多為英文版,并提供
EBU6008 Information and Privacy Law Coursework
FriendChina.cn是一個社交網站,為世界各地對中國文化感興趣的中國學生和學生提供一系列服務。該網站可以從中國和國外訪問。該網站大多為英文版,并提供英文視頻和其他有關中國歷史,體育,文學和其他傳統的信息。有英語和普通話聊天室,以及公告板討論這些和其他更一般的聊天。用戶也可以發送私信給對方。
任何想加入FriendChina.cn的人都可以注冊一個免費賬戶。為了開立賬戶,個人必須提供他們的第一個(給定)姓名,性別,出生日期以及他們居住的城市的名稱。他們還被要求通過在包括音樂,電影等風格的列表中勾選選定的項目來表示他們的興趣。 FriendChina.cn收集這些個人信息,并將其存儲在其公司網絡上的可通過其網站訪問的計算機上。除了公司網絡之外,它還運行一個不連接到企業網絡的獨立計算機網絡。
FriendChina.cn由廣告贊助。所有出現在個人屏幕上的廣告都是以年齡,性別,個人興趣以及他們所處的世界的哪個地區為目標。系統還使用cookie,不僅保持用戶登錄FriendChina.cn,而且還跟蹤用戶訪問的所有網站。此外,FriendChina.cn系統會自動搜索所有私人信息,查找用于為個人定制廣告的關鍵字。通過這些廣告鏈接的一些第三方網站通過個人收集更多的個人信息,通常使用游戲或提供免費屏保和其他下載來鼓勵個人輸入他們的信息。
在FriendChina.cn主頁的頂部,出現了一個“隱私政策”,其中規定:
“FriendChina.cn不會收集或保留任何個人身份信息,也不會隨時將此類信息傳遞給第三方。”
盡管有此承諾,FriendChina.cn系統還收集所有與FriendChina.cn鏈接的第三方廣告的網頁表單信息。這意味著該系統可能收集了一些個人身份信息,與其主頁上的隱私政策相反。
“隱私政策”還對從客戶那里收集到的敏感信息的保密性作出如下聲明:
“FriendChina.cn采取一切措施?;び沒У男畔?。當用戶通過網站提交敏感信息時,您的信息在線和離線?;?。我們使用業內最好的加密軟件 - SSL。 FriendChina.cn致力于?;つ峁└頤塹氖蒞踩?,并會采取合理的預防措施來?;つ男畔⒚饈芏?,誤用或篡改。“
從2017年1月開始,持續到2017年5月,黑客利用FriendChina.cn網站上的SQL注入攻擊在其公司網絡上安裝常見黑客程序。黑客程序用于查找存儲在企業網絡上的敏感個人信息,并通過互聯網將信息傳輸到網絡外的計算機。結果,黑客獲得了未經授權的訪問數以千計的用戶隨后用于身份盜用的信息。一些用戶偽造了銀行賬戶,并以他們的名義提取了貸款。
 
1.建議FriendChina.cn在歐盟GDPR(假設適用)下的隱私義務(如果有的話)[50分]
2.根據中國網絡安全法[50分]向FriendChina.cn通知其信息安全義務(如有)
 
Question1
On April 14, 2016, the European Parliament voted to General Data Protection Regulation (GDPR), which will take effect on May 25, 2018. The adoption of the GDPR means that the EU has achieved unprecedented heights in the protection of personal information and its supervision, making it the most stringent data protection act in history. GDPR is of great significance to the compliance operations of companies in China whose business scope involves the territory of EU member states and their citizens, avoiding high penalties, as well as the legal research related to data in China. The GDPR stipulates that "personal data" refers to any information that points to a recognized or identifiable natural person ("data subject"). The identifiable natural person can be directly or indirectly identified, in particular by referring to such an identifier as a name, identity card number, location data, online identification, or by referring to one or more physical, physiological, Elements of genetic, psychological, economic, cultural or social identity. "Processing" refers to any one or a series of operations that target the collection of personal data or personal data, such as collecting, recording, organizing, constructing, storing, adapting or modifying, retrieving, consulting, using, disclosing, disseminating, whether or not this operation is automated.
In this case, Anyone who wants to join friendchina.cn can sign up for a free account. To open an account, individuals must provide their first (given) name, gender, date of birth, and the name of the city in which they live. They were also asked to express their interest by checking selected items from a list of styles including music and movies. These personal information conform to the definition of "personal data" in GDPR.
Friendchina.cn collects this personal information and stores it on computers accessible through its website on its corporate network. In addition to the corporate network, it runs a separate computer network that is not connected to the corporate network. Friendchina.cn is sponsored by advertising. All the ads that appear on individual screens are aimed at age, gender, personal interests and where in the world they live. The system also uses cookies, which not only keeps users on friendchina.cn, but also keeps track of all the websites they visit. In addition, friendchina.cn automatically searches all private information for keywords that are used to tailor advertisements for individuals. Some of the third-party websites linked to these ads collect more personal information through individuals. These collection, storage, and search behaviors of friendchina.cn belong to processing behaviors in GDPR.
GDPR imposes a set of obligations on data controllers: Personal data should be handled in a lawful, fair and transparent manner in relation to the data subject; it should be is collected for a specific, definite and lawful purpose  and it shall not be further disposed in any way if it does not conform to the above purposes; It should be sufficient, relevant and to the extent necessary for the purpose of personal data processing (" data minimization "); To ensure the safety of personal data moderate way, including the use of appropriate technology or organizational measures against unauthorized, unlawful processing, accidental loss, loss of or damage to the protective measures (integrity and confidentiality). In this case of Friendchina.cn,The company's "privacy policy" stipulates that "friendchina.cn will not collect or retain any personal identity information and will not transmit such information to any third party at any time." The system may have collected some personal identity information as opposed to the privacy policy on its home page. This violates the above obligation to keep the data transparent, and it does not inform users that the company may have collected some personal information. This violates the user's right to know. The company also further processed the data and collected more personal information through a series of processing methods, in violation of the "no further processing in a certain way" clause.
Controllers should implement appropriate technical and organizational measures, such as anonymity, in order to implement data protection principles, such as data minimization, in an effective manner, while identifying means of processing and processing.Controllers should implement necessary safeguards to meet legal requirements and protect the rights of data subjects.As a result, the hackers used SQL injection attacks on friendchina.cn to install common hacking programs on their corporate networks. Hackers are used to find sensitive personal information stored on corporate networks and transmit it over the Internet to computers outside the network. As a result, hackers gained unauthorized access to thousands of users' information, Forged bank accounts and took out loans in their name, which caused personal information to be stolen by hackers and caused huge losses to users. According to the obligations of the GDPR, the website did not implement appropriate technical measures, resulting in data theft. The web site should be held accountable.
Article 83, paragraph 5 of the GDPR provides for specific serious violations: first, violation of the basic principles and conditions of data processing.  Data processing should follow six principles, namely, legality, legitimacy and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality. Data processing shall conform to the corresponding legal conditions. In the second category, the rights of consent, access, correction, oblivion, data portability, rejection and relief are violated
Generally speaking, GDPR as a solution to data protection, although currently only effective in Europe, but its impact is global. Based on the model of the entire Internet industry driven by gathering personal information and privacy, the impact will be inevitable, because even if other countries do not copy the EU, the protection of personal privacy information has become a general trend.
The Privacy Directive stipulates that cookies stored on a user's terminal device must be changed from opt-out to opt-in. Member states shall ensure that only allows to store information in the user terminal device or obtain information already stored, but the condition is: the user has agreed to according to the instruction from the 95th article 46 / ec, and has been provides a clear and comprehensive information, especially about dealing with the purpose of processing. In this case, the system also uses cookie, not only to keep users logged in FriendChina.cn, but also to track all websites visited by users. The website has not provided comprehensive information and without the user's consent, which is in violation of the Privacy Directive obligations.


推薦內容
  • 英國作業
  • 新西蘭作業
  • 愛爾蘭作業
  • 美國作業
  • 加拿大作業
  • 代寫英國essay
  • 代寫澳洲essay
  • 代寫美國essay
  • 代寫加拿大essay
  • MBA Essay
  • Essay格式范文
  • 澳洲代寫assignment
  • 代寫英國assignment
  • 新西蘭代寫assignment
  • Assignment格式
  • 如何寫assignment
  • 代寫英國termpaper
  • 代寫澳洲termpaper
  • 英國coursework代寫
  • PEST分析法
  • literature review
  • Research Proposal
  • 參考文獻格式
  • case study
  • presentation
  • report格式
  • Summary范文
  • common application
  • Personal Statement
  • Motivation Letter
  • Application Letter
  • recommendation letter