CCTV 3? The 15th Evening Party exposed an information black hole that crazily steals personal privacy, and it is said that the acquiring companies that steal personal information process billions of data every day. Some media subsequently added data from Qichacha: there are currently 7.4538 million software development related enterprises in China, and 282800 related enterprises have been registered so far this year. Without having to watch the original report video, the above summary can already outline the situation roughly: firstly, the illegal acquisition of personal privacy data has been scaled up, industrialized, and rapidly growing; Secondly, there is still no complete toolbox for the governance of this black industry, and even the governance goals are vague. Ordinary people dislike but default to receiving sales of maternal and child products as soon as pregnancy is detected, and receiving intermediary information push notifications as soon as housing is discussed. Regulatory authorities assume that the public will not take action and officials will not rectify the situation. Even though privacy is a right and data is property, people have not shouted out: this is robbery. Isn't that so? Traditional robbery involves physical violence to steal property, while personal privacy theft relies on technological means to illegally obtain data, both of which meet the characteristics of "illegal possession+forced acquisition". The damage caused by robbery is usually limited to property losses in a specific time and space, and a stolen ID card information may be resold multiple times to fraud, money laundering, advertising and marketing, forming a cross regional and cross domain chain reaction. From this perspective, the individualized harm of the former is certainly greater than that of the latter, but the systemic risk of the latter outweighs the former. It is unreasonable to achieve equal legal regulation for both, as the punishment for personal privacy access has always been weak. China has already criminalized the crime of infringing on citizens' personal information, but the criteria for determining "serious circumstances" have long been vague. In judicial practice, the number of pieces of information is often used as the main sentencing basis, ignoring key factors such as data sensitivity and usage scenarios. In 2022, a certain e-commerce platform was fined only 500000 yuan for leaking 230 million user data, which is disproportionate to its annual revenue scale. The differences in law enforcement effectiveness are also worth paying attention to. Traditional robbery cases rely on mature technological means, and the national current case solving rate will reach 97.2% in 2023. However, personal information crimes involve technical difficulties such as electronic evidence collection and cross-border data tracking, and grassroots law enforcement generally lacks professional capabilities. The institutional shortcomings such as unclear definition of data ownership and vague identification of platform responsibilities have further exacerbated the enforcement dilemma. In today's Chinese cities, it is actually difficult for people to hear news of where a robbery occurred, and if we ask who has never had their information stolen? Probably not a single adult answered 'me'. Don't forget the premise of our discussion on information privacy today: the basic human rights in the digital age have very different connotations. Starting from this premise, some non physical violations also need to be promoted with the determination to regulate violent crimes. For example, can a graded punishment mechanism be established based on information types, usage scenarios, and harmful consequences? Should the act of illegally obtaining biometric data such as facial features and voiceprints be treated in accordance with the aggravating circumstances in robbery? Should we establish a dynamic monitoring platform for data flow, similar to fund flow, and have departments such as cyberspace, public security, and industry and information technology promote collaborative governance mechanisms? These may not necessarily be rigorously proven solutions, but rather some inspiring directions. But thinking about these, it's better than watching ordinary people struggle to "preserve evidence" and "prove it themselves" one by one - what's the difference between this and catching robbers on their own. (New Society)