Recent cases of illegal growing IT company, read a lot of things since being arrested reptile, digital currency, Website outsourcing,
Rub hot spots, reminder to everyone, be careful not to break the law to work, to write the code behind is also legal risks.
First, 51 credit card collection and illegal use of user information
October 21 morning, the listed companies' credit card 51 "is located in the police spot check.
According to industry sources, there are more than a hundred police officers rushed into the credit card 51 in Hangzhou Xixi office building. The source praise: "20 Several police cars, ten buses, people should take at least half the company."
There are 51 credit card to a friend to take snapshots of staff said that he was not taken away, because "police car filled."
Some people have pointed out, 51 credit card accident probably because of data problems. Its disclosure screenshot shows, a suspected bank sent a letter 51 pointed out,
"Through my line monitoring technology found your company through crawlers to crawl my line user information, but the bank has not signed a written power of attorney associated with your company, your company consent or acquiescence from the process of handling business and our bank system obtaining personal information.
As stewards of your company credit card 51 APP's operator, all-round and get a huge number of users 'personal information, the alleged acts constitute the crime of infringement of citizens' personal information. "
Currently, 51 credit card CEO Sun Haitao has been through the microblogging apology,
"Yesterday the company cooperate with the investigation had aroused our attention, it also brings bad impact on public opinion, we are very self-blame. In all my 51 credit card management and to express my sincere apologies."
Second, the legal risks reptile behind
51 credit card crisis came to a close, but recent network security as well as reptiles and relevant case very much,
Programmers being held in prison 456 days, because gambling software outsourcing
Because wrote some reptiles, more than 200 companies caught
Everyone says not guilty technology, but it also depends on the scene said the country now to do personal credit evaluation, various user authorization are to account, and then crawling information.
First look at some of the laws and regulations in the use of personal information states:
"Network Security Act People's Republic of China."
November 7, 2016 release of "People's Republic of China Network Security Act" clear "personal information" means information can refer to various identification of natural persons alone or in combination with other personally identifiable information in electronic or otherwise recorded, including but not limited to name a natural person, date of birth, identification number, personal biometric information, address, telephone number, etc., to make the system follows the provisions on the protection of personal information in the network services:
1、保护个人信息:
网络产品、服务具有收集用户信息功能的,其提供者应当向用户明示并取得同意;涉及用户个人信息的,还应当遵守本法和有关法律、行政法规关于个人信息保护的规定。
2、合法收集使用个人信息:
网络运营者收集、使用个人信息,应当遵循合法、正当、必要的原则,公开收集、使用规则,明示收集、使用信息的目的、方式和范围,并经被收集者同意。不得收集与其提供的服务无关的个人信息,不得违反法律、行政法规的规定和双方的约定收集、使用个人信息,并应当依照法律、行政法规的规定和与用户的约定,处理其保存的个人信息。
3、不得向他人提供个人信息:
网络运营者不得泄露、篡改、毁损其收集的个人信息,未经被收集者同意,不得向他人提供个人信息,但经过处理无法识别特定个人且不能复原的除外。
《规范互联网信息服务市场秩序若干规定》
《规范互联网信息服务市场秩序若干规定》(工业和信息化部令第20号,以下简称“20号文”)就互联网信息服务提供者信息搜集规定如下方面:
1、搜集须经许可:未经用户同意,不得搜集与用户相关、能够单独或者与其他信息结合识别用户的信息(“用户个人信息”),但法律法规另有规定除外;
2、限定搜集范围和用途:经用户同意搜集用户个人信息的,应当明确告知搜集和处理用户个人信息的方式、内容和用途,不得收集其提供服务所必需以外的信息,不得将用户个人信息用于其提供服务之外的目的;
3、用户个人信息保障:互联网信息服务提供者应当加强系统安全防护,妥善保管用户个人信息,未经用户同意,不得向他人提供用户上载信息,但是法律法规另有规定的除外。
爬虫本质是一种工具,一种用机器人代替人手操作、搜集信息提高效率的工具。工具无罪,有罪的是如何使用。
对于涉及法律风险的数据爬取要求,程序员最好在采集前和老板深聊一下,明确法律风险,或者事先和公司签署一份免责协议。
三、网络爬虫怎么做比较好
如果通过窃取或者其他方法非法获取公民个人信息等个人信息、商业机密,情节严重(刑九以后 5000 元入罪)则构成侵犯公民个人信息罪,量刑分三年以下和三至七年两档,运气好的缓刑走起,当然民事责任依然是免不了的。
所以,面对领导危险的爬虫请求,程序员们该好好衡量下了。
我们都知道,互联网搜索引擎要遵守Robots 协议,如果遵守Robots 协议,没有任何越权的行为,获取的也是公开可以查询的非隐私级的信息,那么,违反法律的风险会比较小。
除了遵守“Robots 协议”,还有以下的几条:
1、如果你爬虫获取信息,是为了证明被爬公司的数据造假,其获取的数据也都是通过公开渠道可以查询的,那么,在获取信息后公布于众的行为并不违法,也不侵犯被爬公司的民事权益。但是,如果你爬取公开免费的信息,是用来进行违法操作,比如造假、诽谤等,就有隐患了。
2、如果你利用爬虫获取其他公司的公开信息数据,用于自身公司的经营。而被爬公司的信息是投入了大量人力、财力,经过常年积累获得的,并且被爬公司本身也采取了反爬措施。这种情况下,虽然信息是公开的,但信息本身具有较高的商业价值,能够给使用者带来商业利益,此时的爬虫也是违法的。
3、如果你未经平台授权,强行突破反爬措施,导致被爬网站的运行受到严重影响,这种行为明显是违法的,这里涉及的就是我们上一个技术篇讲到的破解犯罪了。
4、如果你是第三方应用,想要通过开放平台获取用户信息时,更要注意授权问题。从用户对平台的授权、平台对第三方的授权、再到用户对第三方的授权,三重关卡都要通过才合法。
四、总结一下
- 接外包项目要谨慎
- 互联网金融从业有风险
- 对于危险的爬虫任务,敢于说不