Current location - Loan Platform Complete Network - Bank loan - How does data crawler behavior comply with regulations?
How does data crawler behavior comply with regulations?

Foreword

Due to the characteristics of efficient retrieval, batch copying and low cost, network data crawling has become a way for many enterprises to obtain data resources. Because of this, companies will face many legal risks once the crawled data harms the rights of others. This article will discuss the compliance points of data crawling behavior from an overview of data crawling behavior, relevant legislative provisions of data crawling behavior, and recent typical cases of data crawling behavior.

1. Overview of data crawling behavior

Data crawling behavior refers to the use of web crawlers or similar methods to automatically capture data based on set keywords, sampling objects and other rules. A program or script that fetches information from the World Wide Web and copies the fetch results on a large scale.

In the process of using crawlers to crawl data, whether the legal boundary can be grasped is a matter of life and death for the enterprise. In recent years, the widespread use of big data and artificial intelligence, as well as the rigid demand for various data, have caused the data industry to wander on the "grey edge." Faced with the "strong supervision" trend of network data security, it is urgent to do a good job in data compliance and data risk control. Currently, there are no relevant laws and regulations in my country that specifically regulate the behavior of data crawling. Instead, the Copyright Law of the People's Republic of China (hereinafter referred to as the "Copyright Law") is mainly adopted based on the different "quality" of the crawled data. , the "Anti-Unfair Competition Law of the People's Republic of China" (hereinafter referred to as the "Anti-Unfair Competition Law"), the "Criminal Law of the People's Republic of China" (hereinafter referred to as the "Criminal Law") and other current There are laws and regulations to regulate

2. Overview of legal responsibilities related to data crawling

(1) Bearing criminal liability

1. Crime of illegal intrusion into computer information systems.

Paragraph 1 of Article 285 of the "Criminal Law" stipulates the crime of "illegal intrusion into computer information systems". Anyone who violates national regulations and intrudes into computer information systems in the fields of national affairs, national defense construction, and cutting-edge science and technology shall be sentenced to three years in prison.

Typical case: Li and others for illegally intruding into computer information systems (2018) Sichuan 3424 Xingchu No. 169

In this case, the defendant Li used The "crawler" software crawls a large number of license plate and number allocation information announced by the Traffic Police Detachment of the Liangshan Prefecture Public Security Bureau and the Vehicle Management Office, and then uses the software to use multi-thread submission, batch brushing, automatic identification of verification codes, etc. to break through system security protection Measures include submitting the crawled license plate numbers to the vehicle scrapping query system of the "Traffic Safety Service Management Platform" for comparison, and automatically recording unregistered license plate numbers based on the feedback, and then establishing a national unregistered license plate number database and then writing client query software. , Li sold database access rights by province and city for 300-3,000 yuan per month through QQ, Taobao, WeChat, etc.

The court believed that the defendant Li Wenmou was seeking personal gain. Violating state regulations and intruding into computer information systems in the field of national affairs, the defendant's actions have constituted the crime of illegal intrusion into computer information systems.

2. The crime of illegally obtaining data from computer information systems.

Paragraph 2 of Article 285 of the Criminal Law stipulates as follows: Violating state regulations, intruding into a computer information system other than those specified in the preceding paragraph or using other technical means to obtain data stored, processed or transmitted in the computer information system, or to access the computer information Those who systematically implement illegal control, if the circumstances are serious, shall be sentenced to fixed-term imprisonment of not more than three years or criminal detention, and concurrently or solely with a fine; if the circumstances are particularly serious, they shall be sentenced to fixed-term imprisonment of not less than three years but not more than seven years, and shall also be fined.

At the same time, Article 1 of the "Interpretations of the Supreme People's Court and the Supreme People's Procuratorate on Several Issues Concerning the Application of Law in Criminal Cases that Endanger the Security of Computer Information Systems" provides specific provisions for "serious circumstances": "Illegal acquisition of computer information system data or illegally controls computer information systems, and any of the following circumstances shall be deemed as a "serious circumstance" as stipulated in Paragraph 2 of Article 285 of the Criminal Law: (1) Obtaining payment and settlement, securities trading, futures trading and other online financial services More than ten sets of identity authentication information for services; (2) Obtaining more than 500 sets of identity authentication information other than item (1); (3) Illegal control of more than 20 computer information systems; (4) Illegal gains of five More than 1,000 yuan or causing economic losses of more than 10,000 yuan; (5) Other serious circumstances"

Typical cases: Li, Wang, etc. illegally obtained computer information system data and illegally controlled the computer system. Case (2021) Shanghai 0104 Xingchu No. 148

In this case, without the authorization of Taobao (China) Software Co., Ltd., Yicai Company, with the instruction of Li, the head of the department of Yicai Company The defendants Wang, Gao and others worked together to break through and bypass Taobao's "anti-crawler" protection mechanism by using IP proxies, "X-sign" signature algorithms and other means, and then illegally captured a large number of data through data capture programs. Taobao Company stores the broadcast address, sales volume, viewing PV, UV and other data of each anchor during Taobao live broadcast. As of the incident, Yicai Company integrated the illegally obtained data and sold it for profit, with illegal gains totaling more than RMB 220,000. The court held that defendants Li, Wang, Gao and others constituted the crime of illegally obtaining computer information system data, and were sentenced to prison terms ranging from two years and six months to one year and three months respectively, as well as fines.

The court held that the defendant Li Wenmou violated state regulations and intruded into computer information systems in the field of national affairs for personal gain. The defendant's actions constituted the crime of illegal intrusion into computer information systems.

3. The crime of providing programs and tools for intrusion and illegal control of computer information systems

Paragraph 3 of Article 285 of the "Criminal Law" stipulates the crime as follows. Providing programs and tools specifically used to intrude and illegally control computer information systems. Control programs and tools of computer information systems, or provide programs and tools to others knowing that they are committing illegal and criminal acts of intruding or illegally controlling computer information systems. If the circumstances are serious, they shall be punished in accordance with the provisions of the preceding paragraph. The "Interpretations of the Supreme People's Court and the Supreme People's Procuratorate on Several Issues Concerning the Application of Laws in Criminal Cases in Handling Criminal Cases Endangering the Security of Computer Information Systems" also lists "having the ability to circumvent or break through computer information system security protection measures without authorization or exceeding authorization." "Programs and tools that have the function of obtaining computer information system data."

Typical case: Chen Hui provided the crime of providing intrusion and illegal control of computer information system programs and tools (2021) Guangdong 0115 Xingchu No. 5

In this case, the defendant Chen Hui made illegal gains For profit, he wrote crawler software in this area to grab tickets on Damai.com platform, a subsidiary of Zhejiang Taobao Network Co., Ltd., and sold the software to others at prices ranging from RMB 1,888 to RMB 6,888, making an illegal profit of more than RMB 120,000. Yuan. On July 11, 2019, the defendant Chen Hui was captured by the public security organs. After identification, the above-mentioned crawler software has the function of constructing and sending network requests in an unconventional way, simulating users to manually place orders and purchase goods on the Damai.com platform; it has the function of simulating user identification and input of graphic verification codes by unconventional means. The function can bypass the human-machine identification verification mechanism of the Damai.com platform and access the resources of the Damai.com platform in an unconventional way.

This court believes that the defendant Chen Hui provided programs and tools specifically used to invade and illegally control computer information systems. The circumstances are particularly serious and should be punished in accordance with the law.

4. The crime of infringing on citizens’ personal information

This crime is stipulated in Article 253 of the "Criminal Law". Violating relevant national regulations, selling or providing citizens' personal information to others, if the circumstances are serious , shall be sentenced to fixed-term imprisonment of not more than three years or criminal detention, and shall also or solely be fined; if the circumstances are particularly serious, shall be sentenced to fixed-term imprisonment of not less than three years and not more than seven years, and shall also be fined. Anyone who violates relevant national regulations by selling or providing citizens’ personal information obtained in the course of performing duties or providing services to others shall be severely punished in accordance with the provisions of the preceding paragraph. Anyone who steals or illegally obtains citizens’ personal information through other methods shall be punished in accordance with the provisions of paragraph 1.

Typical case: Hangzhou Magic Scorpion Data Technology Co., Ltd., Zhou Jiangxiang, and Yuan Dong crime of infringement of citizens’ personal information (2020) Zhejiang 0106 Xingchu No. 437

In this case, the defendant Zhou Jiangxiang was The legal representative and general manager of Moxiao Company is responsible for the overall operation of the company. The defendant Yuan Dong is the technical director and technical person in charge of Moxiao Company and is responsible for relevant program design. Moxion Company mainly cooperates with various online loan companies and small banks to provide online loan companies and banks with personal information and multi-dimensional credit data of users who need loans. The method is that Moxion Company embeds the front-end plug-ins developed by it into the above-mentioned online loans. In Platform A**, when online lending platform users use the online lending platform’s APP to borrow money, loan users need to enter their communication operators, social security, provident fund, Taobao, JD.com, and Xuexin.com on the front-end plug-in provided by Moxion Company. , credit information center and other websites, after being authorized by the loan user, the crawler program of Moxion Company logs in to the above-mentioned website on behalf of the loan user, enters his or her personal account, and uses various crawler technologies to crawl (copy) the above-mentioned enterprises and institutions. Call records, social security, provident fund and other data in the personal account of the loan user on the unit website.

The court held that the defendant Hangzhou Magic Scorpion Data Technology Co., Ltd. illegally obtained citizens’ personal information through other methods, and the circumstances were particularly serious, and its behavior constituted the crime of infringement of citizens’ personal information. Defendants Zhou Jiangxiang and Yuan Dong are respectively the person in charge and other directly responsible personnel who were directly responsible for the infringement of citizens’ personal information by the defendant unit Mo Scorpion. Their actions have constituted the crime of infringement of citizens’ personal information.

5. Crime of copyright infringement

According to Article 217 of the "Criminal Law", for the purpose of making profits, if one of the following circumstances infringes on copyright or copyright-related rights, illegal gains If the amount is relatively large or there are other serious circumstances, the person shall be sentenced to fixed-term imprisonment of not more than three years and concurrently or solely with a fine; if the amount of illegal income is huge or there are other particularly serious circumstances, the person shall be sentenced to fixed-term imprisonment of not less than three years but not more than 10 years and shall also be fined: (1) Reproduction, distribution, and dissemination to the public through information networks of his written works, music, art, audio-visual works, computer software, and other works stipulated in laws and administrative regulations without the permission of the copyright owner; (2) Publishing other people's proprietary works Publishing copyrighted books; (3) Copying, distributing, and disseminating to the public through information networks the audio and video recordings without the permission of the producers of the audio and video recordings; (4) Copying and distributing the recordings of their performances without the permission of the performers Video recordings, or disseminating performances to the public through information networks; (5) Producing and selling works of art that counterfeit the signatures of others; (6) Deliberately avoiding or destroying rights without the permission of the copyright owner or copyright-related rights holder Technical measures taken by people to protect copyright or copyright-related rights for their works, audio and video products, etc.

Typical case: Crime of copyright infringement by Tan Moumou and others (2020) Beijing 0108 Xingchu No. 237

In this case, the defendant Dingyue Company began in 2018, and Tan Moumou and others The 12 defendants were responsible for the management or participated in the operation. Without the permission of Zhangyue Technology Co., Ltd., Beijing Fantasy Zongheng Network Technology Co., Ltd. and other rights companies, they used web crawler technology to crawl genuine e-books, and then used the "Hongyan" website promoted and operated by them. It is displayed in more than 10 apps such as "Jiu Shu" and "TXT Free Novel" for others to access, download and read, and make profits through advertising revenue, paid reading, etc. Based on the information and data of the infringing works involved in the case, account transaction details, appraisal conclusions, advertising and promotion agreements and other evidence collected by the public security organs in accordance with the law and subject to inspection, inspection and appraisal, the court found that the works involved in the case infringed on Zhangyue Technology Co., Ltd., Beijing Fantasy Zongheng Network Technology Co., Ltd. has an exclusive right to disseminate information on the Internet for a total of 4,603 literary works, and there are a total of 469 literary works that infringe upon the exclusive right of information network dissemination of Chinese Online Digital Publishing Group Co., Ltd.

The court held that the 12 defendants, including Dingyue Company and the directly responsible person in charge, Qin Moumou, copied and distributed other people’s copyrighted literary works without the permission of the copyright owner for the purpose of profit, and the circumstances were particularly serious. , whose actions constitute the crime of copyright infringement and should be punished.

(2) Constitutes unfair competition

Article 12 of my country’s Anti-Unfair Competition Law stipulates: “Operators who use the Internet to engage in production and business activities shall abide by all provisions of this law. Operators shall not use technical means to influence user choices or other means to carry out the following actions that hinder or disrupt the normal operation of network products or services lawfully provided by other operators: (1) Without the consent of other operators, Insert links and force target jumps into legally provided network products or services; (2) Mislead, deceive, or force users to modify, close, or uninstall network products or services legally provided by other operators; (3) Maliciously target other operators (4) Other behaviors that hinder or disrupt the normal operation of network products or services legally provided by other operators.

Typical case: Shenzhen Tencent Computer Systems Co., Ltd. Company, Tencent Technology (Shenzhen) Co., Ltd. and the defendant, a new media company, in an unfair competition dispute case

In this case, the two plaintiffs are the operators and managers of the WeChat public platform, and the defendant, a new media company, is a The website operator uses crawler technology to capture information content data such as articles on the WeChat public platform, and provides data services such as public account information search, navigation and ranking through the website. The plaintiff claimed that the defendant used the allegedly infringing products to break through the WeChat public platform. The defendant argued that the behavior of crawling and providing public account data services did not constitute unfair competition, and the articles it crawled did not constitute unfair competition. The data of Tencent was the user data of the WeChat official account, and its website made less profit.

The court held that the defendant violated the principle of good faith and used the plaintiff’s consent without authorization and collected it in accordance with the law. Data of commercial value, which is sufficient to substantially replace some of the products or services provided by other operators, harms the market order of fair competition, and is an obstruction or violation of the provisions of Article 12, Paragraph 2, Item 4 of the Anti-Unfair Competition Law. Behavior that disrupts the normal operation of network products or services legally provided by other operators constitutes unfair competition.

(3) Administrative liability

my country’s current administrative liability for crawler behavior is mainly stipulated in the "Cybersecurity Law", among which those suspected of violating Article 27: " No individual or organization may engage in activities that endanger network security, such as illegally intruding into other people's networks, interfering with normal functions of other people's networks, stealing network data, etc.; shall not provide services specifically designed to intrude into other people's networks, interfere with normal network functions and protective measures, steal network data, or other activities that endanger network security. Programs and tools for security activities; those who knowingly know that others are engaged in activities that endanger network security are not allowed to provide them with technical support, advertising promotion, payment and settlement, etc., and they need to bear certain administrative responsibilities. Article 63 of the Law also stipulates specific administrative penalties for violations of Article 27, including "confiscation of illegal gains", "detention", and "fines" and other penalties. At the same time, restrictions on employment have also been imposed on relevant personnel who have been punished for violating Article 27.

In addition, Article 16 of the "Data Security Management Measures (Draft for Comments)" stipulates current restrictions on the application of crawlers: "Network operators use automated means to access and collect website data and shall not hinder the normal operation of the website; Such behavior seriously affects the operation of the website. If the automated access collection traffic exceeds one-third of the website's average daily traffic, and the website requests to stop automated access collection, it should stop. "At the same time, Article 37 also stipulates the corresponding administrative responsibilities: network operations. Anyone who violates relevant regulations will be punished by the relevant departments such as public exposure, confiscation of illegal income, suspension of relevant business, suspension of business for rectification, closure of website, revocation of relevant business license or revocation of business license.

3. Compliance Guidelines for Data Crawling Behavior

(1) Strictly regulate data crawling behavior

1. If the target website has an anti-crawling agreement , should strictly abide by the Robots protocol set by the website. The full name of Robots protocol (also known as crawler protocol, robot protocol, etc.) is "web crawler exclusion standard". The website uses Robots protocol to tell search engines which pages can be crawled and which pages cannot be crawled. This agreement respects the wishes of information providers and maintains their privacy rights; it protects the personal information and privacy of its users from being infringed. The Robots protocol represents a contractual spirit. Only by complying with this rule can Internet companies ensure that the privacy data of websites and users are not infringed. It can be said that whether from the perspective of protecting the privacy of netizens or respecting copyrighted content, complying with the robots agreement should be a silent action of regular Internet companies, and any violation of the robots agreement should pay a price.

2. Reasonably limit the captured content. When setting the crawling strategy, attention should be paid to coding to prohibit crawling of clear copyrighted work data such as videos and music that may constitute works, or batch crawling of user-generated content for certain specific websites; When collecting information, you should review the captured content. If you find personal information, privacy or other people’s business secrets belonging to the user, you should stop and delete them promptly. Intrusion into internal system data is strictly prohibited.

3. Crawling behavior should not hinder the normal operation of the website. Enterprises should reasonably control the frequency of crawling and try to avoid crawling data too frequently, especially if it exceeds the "Data Security Management Measures (Draft for Comments)" clearly stipulated in the "Automated access collection traffic exceeds the website's average daily traffic by three thirds" "One" requirement, you should strictly abide by the website's requirements and stop data scraping in a timely manner.

(2) Abide by the principles of legality, legitimacy and necessity when crawling personal information

In our country, the principles of legality, legitimacy and necessity are scattered in the "Consumer Rights Protection Law", "Internet "Security Law", "Decision of the Standing Committee of the National People's Congress on Strengthening Network Information Protection", "Personal Information Security Standards" and other laws and regulations. If network operators intend to crawl users' personal information, they should strictly abide by the above-mentioned laws and regulations, obtain the prior consent of individual users as the principle, and avoid crawling information beyond the scope of the user's authorization.

Similarly, the data recipient should also review the legality of other people's information obtained through crawlers to understand whether the personal information subject agrees to the sharing of personal information.

(3) Be careful to avoid unfair competition when crawling commercial data

In the field of digital content, data is the core competitive resource of the content industry. The content platform collects and analyzes the data. It often has extremely high economic value, so illegal crawling behavior will be deemed to constitute unfair competition in some specific application scenarios. Especially if the business models of both parties are the same or similar, and obtaining the other party's information will cause direct harm to the other party, companies should focus on preventing it. If this is the case, crawling should be used with caution to obtain data from the crawled website.

4. Conclusion

With the advent of the big data era and the vigorous development of digital technology, the value of data has become increasingly prominent. Some companies use data crawling technology to more efficiently obtain and in-depth information. Make full use of relevant data to make up for the current situation of insufficient data of the enterprise itself and support the commercial development of the enterprise. For these enterprises, "How can web crawlers crawl information and data legally?" "How can they achieve compliance when crawling data?" is a major problem that needs to be solved urgently. As legal practitioners, we should provide enterprises with strong compliance guidance from a legal professional perspective, and make due contributions to promoting the development of high-tech enterprises and thereby comprehensively improving the country's scientific and technological innovation capabilities.

Related articles
  • The car was mortgaged. Do you need money?
  • Can someone else borrow money with a copy of their ID card?
  • Is it wrong to have no money to buy a car? How can I get a loan without money?
  • How to make accounting entries for mortgage loans
  • 35 years old 1 10,000 mortgage too much?
  • Three house loan interest rates
  • How do foreigners borrow money to buy a car?
  • How much does it cost to land the VI of Link 05? Link 05 quotation
  • What are the ways of ID card loan?
  • Does Jiaxing support off-site provident fund loans?

    • copyright 2024 Loan Platform Complete Network All rights reserved