开放科学背景下数据馆员处理个人信息的挑战、规范与安全管理体系研究
收稿日期: 2024-10-31
录用日期: 2025-06-19
网络出版日期: 2025-09-28
基金资助
国家社会科学基金项目“开放科学环境中数据馆员服务模式研究(Data Librarian Service Models in open science environment)”(21BTQ005)
Processing Personal Information by Data Librarians under Open Science: Challenges, Guidelines, and Security Management Systems
Received date: 2024-10-31
Accepted date: 2025-06-19
Online published: 2025-09-28
在开放科学深化科研数据管理实践的背景下,数据馆员处理个人信息需应对法律、伦理与实践挑战以平衡开放与保护,本研究旨在提供相应规范与策略。本研究首先系统梳理了个人信息保护相关的法律法规体系及相关核心概念,探讨了科研活动中独特的伦理考量与实践特殊性。随后,深入分析了数据馆员在个人信息获取、组织、共享与发布等关键环节中应遵循的操作规范、面临的主要风险与实践挑战。在此基础上,参照相关法律要求与标准,提出了一个涵盖组织、人员、物理和技术四个维度的、面向数据馆员的个人信息综合安全管理体系框架。研究发现,数据馆员在实践中面临多重困境:将法律原则应用于复杂科研场景时的操作难点;满足高于法律底线的伦理要求;调和开放科学与个人信息保护之间的内在矛盾。研究强调个人信息风险贯穿数据全生命周期,并呈现显著的学科差异性,凸显了构建系统化、多维度综合安全管理体系的必要性与紧迫性。本研究为数据馆员处理个人信息提供了清晰的法律边界、伦理指引和风险识别框架。提出的综合安全管理体系可作为实践参考,有助于提升数据馆员及所在机构的个人信息保护能力与合规水平,从而在保障数据主体权益的基础上,推动负责任、可持续的开放科学发展。
顾立平 , 张广寅 , 万益嘉 . 开放科学背景下数据馆员处理个人信息的挑战、规范与安全管理体系研究[J]. 农业大数据学报, 2025 , 7(3) : 357 -370 . DOI: 10.19788/j.issn.2096-6369.000077
In the context of open science deepening research data management practices, data librarians processing personal information need to address legal, ethical, and practical challenges to balance openness and protection. This study aims to provide corresponding guidelines and strategies. This study first systematically reviews the legal and regulatory framework related to personal information protection, as well as relevant core concepts, and explores the unique ethical considerations and practical particularities in research activities. Subsequently, the study conducts an in-depth analysis of the operational norms that data librarians should follow, the major risks they face, and the practical challenges encountered in key processes such as the collection, organization, sharing, and release of personal information. On this basis, and with reference to relevant legal requirements and standards, the study proposes a comprehensive personal information security management framework for data librarians, covering four dimensions: organizational, personnel, physical, and technical. The study finds that data librarians face multiple dilemmas in practice: operational difficulties in applying legal principles to complex research scenarios; meeting ethical requirements that often exceed legal minimums; and reconciling the inherent conflicts between open science and personal information protection. The research highlights that personal information risks permeate the entire data lifecycle and exhibit significant disciplinary differences, underscoring the necessity and urgency of establishing a systematic, multi-dimensional, comprehensive security management system. This study provides data librarians with clear legal boundaries, ethical guidance, and a risk identification framework for processing personal information. The proposed comprehensive security management system can serve as a practical reference, helping to enhance the personal information protection capabilities and compliance levels of both data librarians and their institutions. Thereby, on the basis of safeguarding the rights and interests of data subjects, it promotes the development of responsible and sustainable open science.
| [1] | 杨卫, 黄金霞. 开放科学的趋势与影响:三道阳光、三个转变、四重挑战. 科学通报, 2025, 70(10):1434-1439. |
| YANG W, HUANG J. The trend and impact of Open Science: three sunshines, three transformations, and four challenges. Chinese Science Bulletin, 2025, 70(10):1434-1439. | |
| [2] | 杨舒. 中国与巴西、南非、非盟共同发起开放科学国际合作倡议[N]. 光明日报,2024-11-22(004).DOI:10.28273/n.cnki.ngmrb.2024.007226. |
| [3] | 肖可以, 陈盈盈. 数据生命周期视角下的科研数据管理研究——以美国24所高校机构知识库为例. 农业图书情报学报, 2024, 36(7):88-99. |
| XIAO K, CHEN Y. Scientific data management based on a data life cycle perspective: using the institutional repositories base of 24 universities in the United States as an example. Journal of Library and Information Science in Agriculture, 2024, 36(7):88-99. | |
| [4] | 王珏, 任娇菡, 杨恒, 等. 开放科学环境下我国科技论文发表中的信息安全问题与管控. 中国科技期刊研究, 2022, 33(12):1599-1608. |
| WANG J, REN J, YANG H, et al. Information security problems in scientific paper publishing and the control in the background of open science. Chinese Journal of Scientific and Technical Periodicals, 2022, 33(12):1599-1608. | |
| [5] | 王健, 周国民, 廖方宇, 等. 基于规则的科学数据安全治理框架:理解数据"保护-利用"失衡及挑战的新工具. 农业大数据学报, 2024, 6(3):295-306. DOI:10.19788/j.issn.2096-6369.000068. |
| WANG J, ZHOU G M, LIAO F Y, et al. Rule-based framework for scientific data security governance: A new tool for understanding the imbalance and challenges of data protection and utilization. Journal of Agricultural Big Data, 2024, 6(3):295-306. DOI:10.19788/j.issn.2096-6369.000068. | |
| [6] | ALL EUROPEAN ACADEMIES, EUROPEAN ACADEMIES SCIENCE ADVISORY COUNCIL, FEDERATION OF EUROPEAN ACADEMIES OF MEDICINE. International Sharing of Personal Health Data for Research[M/OL]. 2021. DOI: https://doi.org/10.26356/IHDT. |
| [7] | 中华人民共和国网络安全法[EB/OL].[2022-12-20]. http://www.npc.gov.cn/zgrdw/npc/xinwen/2016-11/07/content_2001605.html. |
| [8] | 中华人民共和国民法典[EB/OL].[2022-12-20]. http://www.npc.gov.cn/npc/c30834/202006/75ba6483b8344591abd07917e1d25cc8.shtml. |
| [9] | 中华人民共和国数据安全法[EB/OL].[2022-12-20]. www.npc.gov.cn/npc/c30834/202106/7c9af12f51334a73b56d7938f99a788a.shtml. |
| [10] | 中华人民共和国个人信息保护法[EB/OL].[2022-12-20]. http://www.npc.gov.cn/npc/c30834/202108/a8c4e3672c74491a80b53a172bb753fe.shtml. |
| [11] | 陈劲, 阳镇. 数字化时代下的开放科学:伦理难题与推进路径. 吉林大学社会科学学报, 2021, 61(3):116-128+236. |
| CHEN J, YANG Z. Open science in digital era: Concept connotation, ethical difficulties and promotion path. Jilin University Journal Social Sciences Edition, 2021, 61(3):116-128+236. | |
| [12] | 廖方宇, 李婧, 龙春, 等. 开放科学背景下科学数据开放共享安全挑战及我国对策思考. 农业大数据学报, 2024, 6(2):146-155.DOI:10.19788/j.issn.2096-6369.000027. |
| LIAO F Y, LI J, LONG C, et al. Security challenges and countermeasures on open sharing of scientific data in the context of open science. Journal of Agricultural Big Data, 2024, 6(2):146-155. DOI:10.19788/j.issn.2096-6369.000027. | |
| [13] | 盛小平, 唐筠杰. 开放科学环境下的数据隐私治理研究. 图书情报知识, 2024, 41(4):57-66.DOI:10.13366/j.dik.2024.04.057. |
| SHENG X, TANG J. Data privacy governance in open science environment. Documentation,Information & Knowledge, 2024, 41(4):57-66.DOI:10.13366/j.dik.2024.04.057. | |
| [14] | 卞保田. 个人信息保护内涵演变、规范目的与实践路径——从《民法典》和《个人信息保护法》双重视角. 法制博览, 2025(5):39-41. |
| BIAN B. The evolution of the connotation of personal information protection, the purpose of standardization and the practical path of personal information protection: from the dual perspectives of the Civil Code and the Personal Information Protection Law. Legality Vision, 2025(5):39-41. | |
| [15] | 文禹衡, 于琳. 我国个人信息法律保护现状、主要问题及完善路径——基于《中华人民共和国个人信息保护法》的词频统计与分析. 图书馆理论与实践, 2022(4):12-21+28. |
| WEN Y, YU L. The status quo, main problem and perfect path of legal protection of personal information in China: Statistics and analysis of word frequency based on the Personal Information Protection Law of the People’s Republic of China. Library Theory and Practice, 2022(4):12-21+28. | |
| [16] | 新华社. 中共中央国务院关于构建数据基础制度更好发挥数据要素作用的意见[EB/OL].[2022-12-20]. http://www.gov.cn/zhengce/2022-12/19/content_5732695.html. |
| [17] | 赵雪芹, 蔡铨, 王英. 我国个人信息保护政策的文本分析——基于政策工具、社会系统论、政策效力的三维分析框架. 现代情报, 2021, 41(4):17-25. |
| ZHAO X, CAI Q, WANG Y. Textual analysis of China & Apos's personal information protection policy———Based on the three-dimensional analysis framework of policy tools,social system and policy effectiveness. Journal of Modern Information, 2021, 41(4):17-25. | |
| [18] | UNESCO Recommendation on Open Science | UNESCO[EB/OL]. [2022-12-20]. https://www.unesco.org/en/open-science/about?hub=686. |
| [19] | 中华人民共和国著作权法[EB/OL].[2025-05-01]. http://www.npc.gov.cn/npc/c30834/202011/848e73f58d4e4c5b82f69d25d46048c6.shtml. |
| [20] | 国务院办公厅关于印发科学数据管理办法的通知[EB/OL].[2022-12-20]. http://www.gov.cn/gongbao/content/2018/content_5283177.html. |
| [21] | 中华人民共和国人类遗传资源管理条例[EB/OL].[2022-12-20]. http://www.gov.cn/zhengce/content/2019-06/10/content_5398829.html. |
| [22] | World Medical Association. World Medical Association Declaration of Helsinki: ethical principles for medical research involving human subjects. Jama, 2013, 310(20):2191-2194. |
| [23] | BEAUCHAMP T L. The Belmont report. The Oxford Textbook of Clinical Research Ethics, 2008:149-155. |
| [24] | 《涉及人的生物医学研究伦理审查办法》[EB/OL].[2025-05-01]. https://www.gov.cn/gongbao/content/2017/content_5227817.html. |
| [25] | 《科技伦理审查办法(试行)》[EB/OL].[2025-05-01]. https://www.gov.cn/gongbao/2023/issue_10826/202311/content_6915814.html. |
| [26] | 刘静羽, 贾毓洁, 黄金霞, 等. 开放科学创新生态构建中的数据处理伦理准则框架研究. 农业图书情报学报, 2022, 34(9):29-43. |
| LIU J, JIA Y, HUANG J, et al. Ethics principle framework of data handling for open scientific innovation ecology. Journal of Library and Information Science in Agriculture, 2022, 34(9):29-43. | |
| [27] | Council for International Organizations of Medical Sciences (CIOMS). International Ethical Guidelines for Health-related Research Involving Humans. https://cioms.ch/publications/product/international-ethical-guidelines-for-health-related-research-involving-humans/. |
| [28] | 叶冠成, 江雯欣, 代逸丹, 等. “开放科学”发展中的伦理问题探究——基于医学开放科学领域的分析. 医学与哲学, 2019, 40(15):32-36. |
| YE G, JIANG W, DAI Y, et al. Exploring ethical problems in the development of “open science”: Based on the analysis of open science in medicine. Medicine & Philosophy, 2019, 40(15):32-36. | |
| [29] | General Data Protection Regulation: What Do the New EU Rules Mean for Libraries?[EB/OL].[2022-12-20]. https://www.ifla.org/events/general-data-protection-regulation-what-do-the-new-eu-rules-mean-for-libraries/. |
| [30] | Preliminary Opinion on data protection and scientific research[EB/OL].[2016-12-1]. https://www.edps.europa.eu/data-protection/our-work/publications/opinions/preliminary-opinion-data-protection-and-scientific_en. |
| [31] | Health Insurance Portability and Accountability Act of 1996 (HIPAA)[EB/OL].[2022-12-20]. https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html. |
| [32] | MAJEED A, LEE S. Anonymization techniques for privacy preserving data publishing: A comprehensive survey. IEEE Access, 2020, 9:8512-8545. |
| [33] | WILKINSON M D, DUMONTIER M, AALBERSBERG I J J, et al. The FAIR Guiding Principles for scientific data management and stewardship. Scientific Data, 2016, 3(1):1-9. |
| [34] | MA C, YUAN L, HAN L, et al. Data level privacy preserving: A stochastic perturbation approach based on differential privacy. IEEE Transactions on Knowledge and Data Engineering, 2021, 35(4):3619-3631. |
| [35] | 熊世强, 何道敬, 王振东, 等. 联邦学习及其安全与隐私保护研究综述. 计算机工程, 2024, 50(5):1-15.DOI:10.19678/j.issn.1000-3428.0067782. |
| XIONG S, HE D, WANG Z, et al. Review of federated learning and its security and privacy protection. Computer Engineering, 2024, 50(5):1-15.DOI:10.19678/j.issn.1000-3428.0067782. | |
| [36] | CHEN J, YAN H, LIU Z, et al. When federated learning meets privacy-preserving computation. ACM Computing Surveys, 2024, 56(12):1-36. |
| [37] | ISO/IEC 27001:2022-Information security management systems[EB/OL].[2025-05-01]. https://www.iso.org/standard/27001. |
| [38] | ISO/IEC 27701:2019 - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management[EB/OL]. [2025-05-01]. https://www.iso.org/standard/71670.html. |
/
| 〈 |
|
〉 |