[目的/意义] 分析主流中文移动健康应用程序的隐私政策现状,提出完善我国移动健康应用隐私保护机制的建议。[方法/过程] 通过3轮筛选选取104款移动健康应用程序的隐私政策文本作为研究对象,基于内容分析法分析文本内容,再构建综合评价指标体系对隐私政策的内容进行系统评价。[结果/结论] 移动健康应用程序的隐私政策整体评价得分不高,平均得分为44.58分(100分满分),隐私政策在规范性和完备性上均需完善,部分应用程序存在过度收集和滥用用户隐私数据的情况。从优化隐私政策设计,规范评价和监管机制,完善用户健康隐私信息保护的法律环境3个方面提出政策建议。
[Purpose/significance] To analyze the safety situation of privacy policy based on popular mobile health applications and propose to improve the privacy protection mechanism. [Method/process] 104 privacy policy texts of mobile health applications were selected as research objects through three rounds of screening. The content of the text was analyzed based on the content analysis method, and evaluated by a comprehensive evaluation system. [Result/conclusion] The overall evaluation score of mobile health apps’ privacy policy is relative low, with the average score of 44.58 (100 full marks). Privacy policy needs to be improved in terms of content normatively and completeness. Some apps have the situation of excessive information collection and personal health privacy data abuse. The suggestions are proposed from 3 aspects, including optimizing the privacy policy design of apps, standardizing the privacy policy evaluation and supervision mechanism, and improving the legal environment for protecting users’ health privacy information.
[1] 马晓伟.加快互联网医疗创新融合发展助力健康中国建设再上新台阶[J].时事报告(党委中心组学习),2018(5):43-55.
[2] 张秀兰.网络隐私权保护研究[M].北京:北京图书馆出版社, 2006:113-128.
[3] 王晰巍,相甍甍,张长亮,等.新媒体环境下信息隐私国内外研究动态及发展趋势[J].图书情报工作,2017,61(15):6-14.
[4] 何培育,马雅鑫,涂萌.Web浏览器用户隐私安全政策问题与对策研究[J].图书馆,2019(2):19-26.
[5] 中国消费者协会.100款App个人信息收集与隐私政策测评报告[EB/OL].[2019-06-28]. http://www.cca.org.cn/jmxf/detail/28310.html.
[6] 何岚.个人健康信息开发与保护的价值冲突及其治理[J].电子政务,2018(1):92-99.
[7] SUNYAEV A, DEHLING T, TAYLOR P L, et al. Availability and quality of mobile health app privacy policies[J]. Journal of the American Medical Informatics Association, 2014,22(1):e28-33.
[8] ZAPATA B C, NINIROLA A H, FERNANDEZ-ALEMAN J L, et al. Assessing the privacy policies in mobile personal health records[C]//IEEE.2014 36th annual international conference of the IEEE engineering in medicine and biology society. Chicago:IL, 2014:4956-4959.
[9] MARIAM B, ALI I, FERNANDEZ-ALEMAN J L, et al. Evaluating the privacy policies of mobile personal health records for pregnancy monitoring[J]. Journal of medical systems, 2018, 42(8):1-14.
[10] SUNYAEV A, DEHLING T, TAYLOR P L, et al. Availability and quality of mobile health app privacy policies[J].Journal of the American Medical Informatics Association, 2015, 22(4):28-33.
[11] 冯嘉诚,郜独秀,陈洪淼. 基于用户隐私泄露预防的运动健康类App发展对策研究[J].吉林体育学院学报,2016,32(6):63-69.
[12] 罗维娜,李澍,王晨希,等.移动医疗网络安全监管策略研究[J].中国医疗设备,2017,32(6):20-22,31.
[13] CROLL P R. Determining the privacy policy deficiencies of health ICT applications through semi-formal modelling[J]. International journal of medical informatics, 2011, 80(2):e32-38.
[14] ROWAN M, DEHINGER J.A Privacy policy comparison of health and fitness related mobile applications[J].Procedia computer science,2014,37(9):348-355.
[15] 朱颖. 我国移动APP隐私保护政策研究——基于96个移动应用APP的分析[J]. 暨南学报(哲学社会科学版), 2017,39(12):107-114.
[16] 刘娇, 白净. 中外移动APP用户隐私保护文本比较研究[J]. 汕头大学学报(人文社会科学版),2017,33(3):82-87.
[17] POWELL A C, SINGH P, TOROUS J. The complexity of mental health app privacy policies:a potential barrier to privacy[J].JMIR mHealth and uHealth. 2018,6(7):e158.
[18] PARKER L,HALTER V,KARLIYCHUK T, et al. How private is your mental health app data? an empirical study of mental health app privacy policies and practices[J].International journal of law and psychiatry,2019,64(3):198-204
[19] ROSENFELD L, TOROUS J, VAHIA I V. Data security and privacy in apps for dementia:an analysis of existing privacy policies[J]. The American journal of geriatric psychiatry, 2017,25(8):873-877.
[20] ROBILLARD J M, FENG T L, SPORN A B, et al. Availability, readability, and content of privacy policies and terms of agreements of mental health apps[J]. Internet interventions, 2019,17(9):1-8.
[21] KANTAR:智能手机操作系统市场份额[EB/OL].[2019-10-07]. https://www.kantarworldpanel.com/cn/smartphone-os-market-share/.
[22] 马文峰.试析内容分析法在社科情报学中的应用[J].情报科学,2000(4):346-349.
[23] SUSANNAH F. The social life of health information[EB/OL].[2019-07-15].http://www.pewresearch.org/fact-tank/2014/01/15/the-social-life-of-health-information/.
[24] 姜雯.国外个人健康信息基本要素介评及其启示[J]. 中国全科医学, 2016, 19(30):3652-3656.
[25] 李卓卓,马越,李明珍.数据生命周期视角中的个人隐私信息保护——对移动APP服务协议的内容分析[J].情报理论与实践,2016,39(12):63-68.
[26] Babylon privacy policy[EB/OL].[2019-10-07]. https://www.babylonhealth.com/terms/privacy.
[27] Carbon health privacy policy[EB/OL].[2019-10-07].https://carbonhealth.com/privacy-policy.
