GB/T 41817-2022 英文版/外文版 信息安全技术 个人信息安全工程指
GB/T 41817-2022 英文版/外文版(bzfyw.com) 信息安全技术 个人信息安全工程指南 GBT 41817-2022 英文版/外文版 GB 41817-2022 英文版/外文版 前言
本文件按照 GB/T 1.1—2020《标准化工作导则 第1部分:标准化文件的结构和起草规则》的规定起草。
请注意本文件的某些内容可能涉及专利。本文件的发布机构不承担识别专利的责任。
本文件由全国信息安全标准化技术委员会(SAC/TC 260)提出并归口。
引言
为规范网络产品和服务个人信息处理活动,最大程度保障用户个人信息权益,业界陆续提出个人信 息安全措施与产品和服务同步规划、同步建设、同步使用的理念。例如,欧盟《通用数据保护条例》规定 在产品设计阶段要考虑个人信息保护要求,同时产品默认设置也要最大程度保护用户个人信息。这不仅有助于主动防御个人信息安全风险,也便于预防侵害用户个人信息权益事件发生。
本文件根据个人信息保护法律法规和政策标准要求,结合国内外在隐私工程方面的实践经验,给出 了具有处理个人信息功能的网络产品和服务在规划和建设阶段的个人信息安全工程实施指南,为帮助网络产品和服务提升个人信息保护能力提供工程化指引。
信息安全技术 个人信息安全工程指南
1 范围
本文件提出了个人信息安全工程的原则、目标、阶段和准备,提供了网络产品和服务在需求、设计、开发、测试、发布阶段落实个人信息安全要求的工程化指南。
本文件适用于涉及个人信息处理的网络产品和服务(含信息系统),为其同步规划、同步建设个人信息安全措施提供指导,也适用于组织在软件开发生存周期开展隐私工程时参考。
注:在不引起混淆的情况下,本文件中的“网络产品和服务”简称为“产品服务”。
2 规范性引用文件
下列文件中的内容通过文中的规范性引用而构成本文件必不可少的条款。其中,注日期的引用文件,仅该日期对应的版本适用于本文件;不注日期的引用文件,其最新版本(包括所有的修改单)适用于本文件。
GB/T 25069-2022 信息安全技术 术语GB/T 35273-2020 信息安全技术 个人信息安全规范GB/T 39335-2020 信息安全技术 个人信息安全影响评估指南GB/T 41391-2022 信息安全技术 移动互联网应用程序(App) 收集个人信息基本要求
3 术语和定义
GB/T 25069—2022界定的以及下列术语和定义适用于本文件。
3.1
个人信息安全工程 personal information security engineering
将个人信息安全原则和要求融入到产品服务规划、建设的每个阶段,使个人信息安全要求在产品服务中有效落实的工程化过程。
注:也称“隐私工程”。
3.2
个人信息保护影响评估 personal information protection impact assessment
针对个人信息处理活动,检验个人信息处理目的、处理方式是否合法、正当、必要,判断其对个人合法权益的影响及安全风险,以及评估所采取的个人信息保护措施有效性的过程。
注:也称“个人信息安全影响评估”。
3.3
个人信息处理活动 personal information processing
对个人信息的收集、存储、使用、加工、传输、提供、公开、删除等行为。
3.4
自动化决策 automated decision-making
通过计算机程序自动分析、评估个人的行为习惯、兴趣爱好或者经济、健康、信用状况等,并进行决策的活动。
注:包括个性化推荐、个性化展示、精准营销等情形。
3.5
第三方应用 third-party components
由产品服务提供者之外的其他组织或个人,提供的软件开发工具包、代码、插件、程序等应用。
注1:包括商业应用和开源应用。
注2: 既包括嵌入产品服务的SDK、代码、插件等(称为“第三方组件”),也包括接入产品服务的移动互联网应用程序(简称“移动应用”)、小程序、应用系统等(称为“第三方产品或服务”)。
4 缩略语
下列缩略语适用于本文件。
API: 应用程序编程接口(application programming interface)
ICT: 信息通信技术(information communication technology)
SDK: 软件开发工具包(software development kit)
SDL: 安全开发生存周期
Foreword
This document is developed in accordance with the rules given in GB/T 1.1-2020
Directives for standardization - Part 1: Rules for the structure and drafting of standardizing documents
.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This document was proposed by and is under the jurisdiction of SAC/TC 260 National Information Security Standardization Technical Committee.
Introduction
The industry has successively put forward the concept of synchronizing the planning, construction and use of personal information security measures with products and services with a view to standardizing the personal information processing of network products and services and protecting users' personal information rights and interests to the greatest extent. For example, the European Union's
General Data Protection Regulation
stipulates that personal information protection requirements should be taken into account in the product design stage, and that the default settings of products should also protect users' personal information to the greatest extent. This not only helps to proactively prevent personal information security risks, but also facilitates the prevention of infringement upon users' personal information rights and interests.
According to the requirements of personal information protection laws, regulations, policies and standards, and combined with the practical experience in privacy engineering at home and abroad, this document gives guidelines for the implementation of personal information security engineering in the planning and construction stages of network products and services with the function of processing personal information, and provides engineering guidelines to help network products and services improve their personal information protection capabilities.
Information security technology - Guidelines for personal information security engineering
1 Scope
This document sets forth the principles, objectives, stages and preparations of personal information security engineering, and provides engineering guidelines for implementing personal information security requirements in the requirements, design, development, testing and release stages of network products and services.
This document is applicable to network products and services (including information systems) that involve the processing of personal information, providing guidelines for their synchronous planning and construction of personal information security measures, and may also be referenced to by organizations when carrying out privacy engineering in the software development lifecycle.
Note: In case of no confusion, the term "network products and services" is referred to as "products and services" herein.
2 Normative references
The following documents contain requirements which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 25069-2022
Information security techniques - Terminology
GB/T 35273-2020
Information security technology - Personal information security specification
GB/T 39335-2020
Information security technology - Guidance for personal information security impact assessment
GB/T 41391-2022
Information security technology - Basic requirements for collecting personal information in mobile internet applications
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 25069-2022 and the following apply.
3.1
personal information security engineering
an engineering process of integrating personal information security principles and requirements into each stage of product and service planning and construction, so that personal information security requirements can be effectively implemented in products and services
Note: It is also known as "privacy engineering".
3.2
personal information protection impact assessment
process of, for the personal information processing, inspecting whether the purpose and method of personal information processing are legal, legitimate and necessary, judging the impact on the legitimate rights and interests of individuals and the security risks, and assessing the effectiveness of personal information protection measures taken
Note: It is also known as "personal information security impact assessment".
3.3
personal information processing
collection, storage, use, processing, transmission, provision, disclosure, deletion and other acts of personal information
3.4
automated decision-making
activity of automatically analyzing and assessing an individual's behavioral habits, interests, or economic, health, or credit status through a computer program, and thus making decisions
Note: It includes personalized recommendation, personalized display and precision marketing.
3.5
third-party components
applications such as software development kits, codes, plug-ins and programs provided by organizations or individuals other than product and service providers
Note 1: They include commercial applications and open source applications.
Note 2: They include SDKs, codes and plug-ins (referred to as "third-party components") embedded in products and services, as well as mobile Internet applications (referred to as "mobile applications"), applets and application systems (referred to as "third-party products or services") accessing products and services.
4 Abbreviations
For the purposes of this document, the following abbreviations apply.
API: application programming interface
ICT: information communication technology
SDK: software development kit
SDL: security development lifecycle
