Compensation Liability of Risk Damage Caused by Personal Information Breach
Article 69 of the Personal Information Protection Law establishes the basis of the claim for damages for infringement of personal information rights and interests,but does not specify the types of damage that should be remedied.When the personal information breach does not actually cause secondary damage,its infringement consequences are intangible,uncertain and risk-oriented,which is difficult to be fully covered by the unified damage concept.It is necessary to reconstruct the concept of primary damage and its compensation liability.The object of compensation for the primary damage caused by the personal information breach is not the difference in calculation or the diminution of the market value of personal information,but the future-oriented substantial risks.Risk damage should adopt a flexible system evaluation method,which is implemented in the elements of the third party's motivation,information sensitivity,security technology measures,and evidence of abuse.The conclusion depends on the comprehensive balance after the coordination of the elements.The scope of compensation for risk damage includes risk prevention costs,loss of use benefits,inner anxiety damage,and reasonable expenses for safeguarding rights,and discretionary factors and intervals for quantifying their amounts should be established.
personal informationdata breachrisk damageflexible systemdiscretionary
NETL
NSTL
万方数据
维普
