Q: Hello, Comrade Editor! With the popularization of the Internet, selling personal information has formed an industrial chain, personal information leakage has become a common problem. Please tell us what are the main measures and practices to protect personal information in foreign countries. Tianjin readers: Liu Xiao Liu Xiao comrade: Hello! Countries around the world have attached great importance to the protection of personal information, and have taken many measures to avoid the leakage of personal privacy and the abuse of information, mainly including: 1. Foundational legislation. The U.S. Privacy Act, Canada's Privacy Act on administrative agencies, Japan's Personal Information Protection Act, Canada's Personal Information Protection and Electronic Documents Act on enterprises and institutions on the collection of personal information, the use of personal information, disclosure and confidentiality of the issue of detailed provisions, such as: the individual has the right to know the use of information; without the person's permission, may not be used for purposes other than the collection of information. The U.S. Freedom of Information Act regulates third-party access to government records containing personal information. 2. Industry-specific legislation. The U.S. Electronic Communications Privacy Act (ECPA) covers all forms of digital communications, such as voice, text, and digital image transmissions, and prohibits all individuals, businesses, and unauthorized government agencies from eavesdropping on the content of communications, and prohibits unauthorized access to communications information stored on computer systems and unauthorized interception of information in transit. The European Union has the Directive on the Processing of Personal Data and the Protection of Privacy in the Field of Electronic Communications, and the Ministry of International Trade and Industry of Japan has the Guidelines for the Protection of Personal Information Involved in Computer Processing in the Private Sector. In the financial sector, the Financial Services Modernization Act of the United States regulates the manner in which financial institutions may handle private personal information, and the Financial Privacy Act restricts the disclosure of financial records by bank employees and the manner in which the federal legislature may obtain personal financial records. In the consumer sector, the U.S. Fair Credit Reporting Act - Title VI of the Consumer Credit Protection Act regulates the production and dissemination of reports by investigative reporting agencies, the handling of default records, and other matters, and specifies the manner in which consumer credit bureaus may operate. In the field of communications, the U.S. Cable Communications Privacy Act prohibits closed-circuit television operators from utilizing the cable system to collect personal information of subscribers without obtaining their prior consent, and the Telecommunications Act imposes an obligation on telecommunications operators to maintain the secrecy of customer property information. In addition, the U.S. Personal Privacy and Security Act of 2009 establishes standards for risk assessment, vulnerability detection, and control and auditing of access to sensitive information, and the Data Breach Notification Act requires federal government agencies and businesses with operations that cross state lines to notify all parties whose information is likely to be, or has been, accessed, or acquired, in the event of a data breach. 3. Administrative Measures. The European Union has a system of data protection supervisory commissioners to strictly regulate agencies and organizations that collect, record and store, re-transmit, send or make accessible to other persons, delete or destroy data. Canada has an Office of the Privacy Commissioner, which receives and investigates complaints of infringement of personal information and submits annual and special reports on personal information protection to Parliament. 4. Industry self-regulation. The United States has adopted industry self-regulation as a supplement to the protection of online privacy outside of legislation, including: industry coalitions engaged in online business to issue guidelines for online privacy protection in their industries; online privacy certification applicable to cross-industry coalitions, authorizing websites that meet the privacy rules they propose to post their privacy certification logos for easy identification by users; and the provision of basic technological support for the encouragement or even mandatory implementation of privacy protection. 5. International Collaboration. The Council of the Organization for Economic Cooperation and Development issued Guidelines on the Protection of Privacy and the International Flows of Personal Data, APEC established a regional privacy protection standard, and the EU has a Directive on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of Such Data.