Subject the Protection of Individual Information Privacy to Its Limits

Abstract

This paper discusses the conflicts between the requirements of big data development for data development and those of the current individual information privacy protection system. It analyzes the over emphasis on self-determination regarding data development, which causes practical problems, and argues that such emphasis should respect the scope where data subjects could make subjective determination. It further argues that the existence of public sphere during data processing and the scope of self-determination are prerequisites to find information privacy interest, and thus the protection shall be subject to such limits. Accordingly, it proposes a three-step protective framework. Step One, when either of the two prerequisites is missing, no privacy exists and big data development shall be regulated through a multi-party participating mechanism which considers privacy risk as one of many factors. Data subjects shall have the right to data resource. Such arrangement provides the legitimacy for the development of big data. Step Two, when both exist, privacy exists and data development shall be regulated through a balance test which may reinterpret traditional privacy corners. Step Three, when privacy prevails in the balance test, data development shall respect the self determination of data subjects, which includes strengthened consent or even customer expectations requirements. The article concludes with implications of the framework for current information privacy protection system.