TE||Copy that

1

导读

两分钟了解GDPR

2

音乐| 精读 | 翻译 | 词组

Copy that

取其精华

本文英文部分选自经济学人Leaders版块

America should borrow from Europe’s data-privacy law

美国应借鉴欧洲数据隐私法

The GDPR’s premise, that consumers should be in charge of their own personal data, is the right one

通用数据保护法规的前提是消费者应该掌管他们自己的个人数据，这是合适的选择。

AMERICA rarely looks to the bureaucrats of Brussels for guidance. Commercial freedom appeals more than dirigisme. But when it comes to data privacy, the case for copying the best bits of the European Union’s approach is compelling.

美国很少向欧盟官僚们寻求指导，认为商业自由比国家干预更有吸引力。但是，当涉及到数据隐私时，取欧盟方法之精华是有必要的。

The General Data Protection Regulation (GDPR) is due to come into force next month. It is rules-heavy and has its flaws, but its premise that consumers should be in charge of their personal data is the right one. The law lets users gain access to, and to correct, information that firms hold on them. It gives consumers the right to transfer their data to another organisation. It requires companies to define how they keep data secure. And it lets regulators levy big fines if firms break the rules.

通用数据保护条例（GDPR）将于下个月生效。它规则繁重，并不完美，但其前提是正确的，也就是消费者应该负责他们个人数据。该法规允许用户获取并更改公司保存的用户信息，赋予消费者将数据转移到另一组织的权利，要求公司明确规定如何保证数据安全，如果企业违规，监管机构可对其巨额处罚。

America has enacted privacy rules in areas such as health care. But it has never passed an overarching data-protection law. The latest attempt, the Consumer Privacy Bill of Rights, introduced in 2012 by the Obama administration, died a slow death in Congress. The GDPR should inspire another try.

美国已经在一些领域如医疗保健等颁布了保护隐私的法规。但是并没有通过一个完善的数据保护法律。在2012年由奥巴马政府提出的《消费者隐私权法案》，作为最近的一次举措，被议会执行了死缓。《通用数据保护条例》(GDPR)的颁布应该会激起再一次的尝试。

The failings of America’s self-regulatory approach are becoming clearer by the week. Large parts of the online economy are fuelled by data that consumers spray around without thought. Companies’ arcane privacy policies obfuscate what they do with their users’ information, which often amounts to pretty much anything they please. Facebook is embroiled in crisis after news that data on 87m users had been passed to a political-campaign firm. Identity-theft is widespread; the annual cost to American consumers exceeds $16bn, according to some estimates. On March 29th Under Armour, a clothing brand, said that hackers had gained access to information about 150m users of its MyFitnessPal app.

美国自我监管方法的缺陷在本周更加凸显。大部分的网络经济都是由消费者随意流露的数据信息推动的。这些公司神秘的隐私政策使人们无法了解他们对用户信息的处理方式，而这在一定程度上意味着他们可以为所欲为。在新闻曝光了将8700万用户信息给了政治选举公司后，Facebook陷入了危机。个人信息被盗用已经普遍存在；根据一些评估，美国消费者年度（因个人信息被盗用造成的）损失超过160亿美元。3月29日，服装品牌安德玛称，黑客们已经获取了大约1.5亿用户的应用程序MyFitnessPal上的信息。

These scandals are changing the calculus about the benefits of self-regulation. Opponents of privacy legislation have long argued that the imposition of rules would keep technology companies from innovating. Yet as trust leaches out of the system, innovation is likely to suffer. If consumers fret about what smartphone apps may do with their data, fewer new offerings will take off—especially in artificial intelligence. It emerged this week that Grindr, a dating app aimed at gay people, had been sharing details of users’ HIV status with other firms. Tim Cook, the chief executive of Apple (which, admittedly, has sold itself on the idea that its customers’ data should not be a source of profit), has called privacy a “human right”. Even Mark Zuckerberg, Facebook’s boss, has signalled an openness to regulation. It is striking that many of the firms preparing for the GDPR’s arrival in Europe enthuse that the law has forced them to put their data house in order (see article).

这些丑闻正在改变人们对企业自我监管的看法反对隐私立法的人们一直认为，强制实施相关规定将阻碍科技公司的创新。然而，随着信任从体系中流失，创新可能会受到影响。如果手机程序处理消费者数据的方式令人担忧，那么新的产品将会越来越少——特别是在人工智能领域。本周有消息称，针对同性恋者的交友软件Grindr一直在与其他公司分享用户艾滋病毒状况的详细信息。苹果( Apple )首席执行官蒂姆库克( Tim Cook )称隐私是一项“人权”（诚然，苹果推销自己的理念是，客户的数据不应成为利润来源）。就连Facebook的老板马克扎克伯格( Mark Zuckerberg )也表示愿意接受监管。令人吃惊的是，许多为《通用数据保护条例》(GDPR)进入欧洲做准备的公司都对法律迫使他们整理好自己的数据仓库充满热情（见文章）。

The need to minimise legal fragmentation only adds to the case for America to adopt bits of the GDPR. One reason behind the new rules in the EU was to harmonise data-protection laws so that firms can do business across Europe more easily. America is moving in the opposite direction. States that have detected a need for greater privacy are drafting their own laws. California, for instance, has pending legislation that would establish a data-protection authority to regulate how the state’s big tech firms use Californians’ personal data.

最大限度减少法律碎片的需求只会增加美国采纳部分《通用数据保护条例》(GDPR)的可能。欧盟新法规背后的一个原因，是为了协调（欧盟各国）数据保护法案以便企业在整个欧洲经营。美国却背道而驰。一些州洞察到更大的隐私需求，正在起草他们自己的法律。例如，加利福尼亚有一个待立法案，该法案会设立一个数据保护的权威机构，对州内大型科技公司如何使用加利佛尼亚人的个人数据进行规范。

Internationally, too, America is increasingly an outlier. Any American firm that serves European customers will soon have no choice but to comply with the GDPR; some firms plan to employ the rules worldwide. Other countries are adopting GDPR-style laws. A similar regime on both sides of the Atlantic would help keep data flowing across borders. The alternative, of a regulatory patchwork, would make it harder for the West to amass a shared stock of AI training data to rival China’s.

在国际上也是，美国越来越成为一个局外人。任何服务于欧洲的美国公司，其客户们除了遵守《通用数据保护条例》以外，很快将别无选择。；一些公司计划在全球使用该条例。其他国家也正在采用类似的法律。大西洋两岸的类似制度将有助于保持数据跨境流动。如果选择监管拼凑，而不是与欧盟同步，西方国家就更难积累共享的AI训练数据与中国竞争。

Putting the personal into data

将个人隐私变成数据

America need not adopt the GDPR wholesale. The legislation is far from perfect. At nearly 100 articles long, it is too complex and tries to achieve too many things. The compliance costs for smaller firms, in particular, look burdensome. In addition, parts of the GDPR are out of step with America’s constitutional guarantee of free speech: a “right to be forgotten” of the kind that the new law enshrines will not fly.

美国不需要照搬照抄《通用数据保护条例》(GDPR)。这个法律并不完善。多达近100项条款，太过复杂，目标太多。尤其是对小企业来说合规成本太高。另外，《通用数据保护条例》(GDPR)中的一些规定和美国宪法中有关保护公民自由言论的规定格格不入，规定中并没有提及确保新出台法律比较重视中的“被遗忘权”。

But these are arguments for using the GDPR as a template, not for ignoring the issue of data protection. If America continues on today’s path, it will fail to protect the privacy of its citizens and long-term health of its firms. America’s data economy has thrived so far with hardly any rules. That era is over.

这是套用《通用数据保护条例》(GDPR)存在的问题，而不是忽视数据保护的问题。如果美国继续执行今天的政策，将无法保护美国公民的个人隐私和企业的长期利益。到目前为止美国的数字经济在几乎没有法律约束的情况下繁荣了起来。但那个时代已经结束了。

翻译组：

Neil,  男，外贸民工，经济学人铁粉

Cece，女，消防工作者，CATTI三笔

Wesley, 男，自由职业，经济学人爱好者

Doris，女，法律学习者，经济学人爱好者

Xiaofeng, 女，好奇心重的医疗民工，经济学人爱好者

校核组：

Samantha，女，外企低管，邓伦未婚妻

Eva , 女，经贸翻译学生，经济学人爱好者