网络“原始数据”反复交换聚合为价值丰富的“大数据”。我国《数据安全法》虽明确规定数据处理包括数据的收集、存储、使用、加工、传输、提供、公开等各个环节,但刑法多聚焦于数据的获取与提供,对收集、存储、使用、传输、公开等其他流动环节仍欠缺有力规制。数据犯罪所侵害的法益非常容易与侵犯公民个人信息罪、侵犯商业秘密罪、虚拟财产等犯罪所侵害的法益产生重叠或者混淆。刑法对数据的保护并不是以数据背后的代码逻辑为依据,而是以数据的具体法益为基础。数据作为载体本身与其反映的信息内容明显不同。数据安全所包含的确保数据完整性、保密性、可用性成为数据犯罪保护的法益。建议增设“侵犯数据安全罪”,充分涵盖数据从产生至销毁的全生命周期,以覆盖动态流动全流程,如将非法收集、处理、传输、使用、销毁数据的行为作为“侵犯数据安全罪”的构成要件,从而最大化地对数据安全法益进行保护。建构数据动态流动的公益与私益双重保护,明确数据出罪情形以兼顾数据创新。强化数据跨境流动的刑事治理,以完善数据动态流动的刑事治理体系。

In the digital age, the economic value and security value of data are becoming more and more prominent, and the traditional society of real transactions between people has gradually evolved into a network society centered on the information and data of the Internet. While the dynamic flow of Data realizes its value, the security risks in each link also increase exponentially. Although China's Data Security Law clearly stipulates that data processing includes data collection, storage, use, processing, transmission, provision, disclosure and other links, the Criminal Law mostly focuses on the acquisition and provision of data, and still lacks strong regulations on other mobile links such as collection, storage, use, transmission, and disclosure. At the same time, although China's criminal legislation continues to regulate by expanding charges, it remains to be seen whether this “fragmented” protection can respond to the country's requirements for data rights protection. Therefore, it is urgent to research and construct a criminal governance system to protect data security. While fully leveraging the value attributes of the existing legal system, the targeted legislation should be made to reshape the blank areas of criminal law regulation, in order to efficiently, normatively, and comprehensively address the risks and hidden dangers of dynamic data flow in the digital age. However, existing literature has limited research on this issue.
This paper focuses on the problems in the dynamic flow of data and explores the criminal governance path throughout the entire process of data dynamic flow. Based on the determination of legal interests in data crimes, this study aims to reshape the criminal governance system of data dynamic flow in response to the logic of data dynamic flow risks. The repeated exchange and aggregation of “raw data” into valuable “Big Data” has led to deficiencies in the existing criminal legal system in terms of conceptual boundaries, behavioral regulation, object scope, and legal interest protection due to the novelty, complexity, and variability of data. The protection of data in the Criminal Law is not based on the code logic behind the data, but on the specific legal interests of the data. The legal interests infringed upon by data crimes are easily overlapped or confused with those infringed upon by crimes, such as infringing on personal information of citizens, infringing on trade secrets, and virtual property. The data itself as a carrier is significantly different from the information content it reflects. The guarantee of data integrity, confidentiality, and availability, which is included in data security, has become a legal interest in data crime protection. The unique non consumption, diversity, magnanimity, and value of data form exclusive legal interests independent of traditional criminal offenses.
Regarding the improvement path of the criminal governance system for dynamic data flow in the digital age, this article suggests adding the crime of “infringing on data security”, which fully covers the entire lifecycle of data from generation to destruction, to cover the entire process of dynamic flow. For example, the illegal collection, processing, transmission, use, and destruction of Data are considered as constituent elements of the crime of “infringing on Data security”, in order to maximize the protection of data security interests, Simultaneously constructing a dual protection system for public and private interests in the dynamic flow of data, clarifying the circumstances of data crimes to balance data innovation, and strengthening criminal governance for cross-border data flow.