经济学人

本帖最后由lilywizardry 于2010-3-10 19:38 编辑

[attach]18476[/attach]

A special report on managing information

信息管理专题

New rules for big data

大数据的新规则

Regulators are having to rethink their brief

规则的制定者不得不重新考虑他

TWO centuries after Gutenberg invented movable type in the mid-1400s there were plenty of books around, but they were expensive and poorly made. In Britain a cartel had a lock on classic works such as Shakespeare’s and Milton’s. The first copyright law, enacted in the early 1700s in the Bard’s home countr y, was designed to free knowledge by putting books in the public domain after a short period of exclusivity, around 14 years. Laws protecting free speech did not emerge until the late 18th century. Before print became widespread the need was limited.

自15世纪中叶德国人古滕堡发明活字印刷术之后的两个世纪中，书籍大量涌现，但那时的书籍非常昂贵且做工粗糙。在英国有一个联合企业把诸如莎士比亚和米尔顿的经典著作很好地封存起来。第一个版权法于18世纪早期在吟游诗人的故乡颁布，其目的是在一个持续约14年的短暂排他期后使书籍不再受版权法或专利的限制，从而使知识能够自由传播。直到18世纪晚期法律才具备了对自由言论的保护作用。而在印刷术广泛传播前对法律这项作用的需求也并不是那么迫切。

Now the information flows in an era of abundant data are changing the relationship between technology and the role of the state once again. Many of today’s rules look increasingly archaic. Privacy laws were not designed for networks. Rules for document retention presume paper records. And since all the information is interconnected, it needs global rules.

如今信息再次在一个丰富的数据能够对技术和国家角色之间关系产生影响的时代中传播着。现今的很多规则看起来越来越赶不上时代了。有关隐私的法律并非针对网络环境而设计。文档的产权保持力规则仍停留于纸质文档。然而由于所有信息都是通过互相方式关联着的，因而我们需要的是一个全球通用的规则。

New principles for an age of big data sets will need to cover six broad areas: privacy, security, retention, processing, ownership and the integrity of information.

对于大数据集时代的新原则需涵盖以下六个广泛的领域：隐私、安全、产权保持力、处理、拥有和信息的完整性。

Privacy is one of the biggest worries. People are disclosing more personal information than ever. Social-networking sites and others actually depend on it. But as databases grow, information that on its own cannot be traced to a particular individual can often

be unlocked with just a bit of computer effort.

隐私是最大的问题。人们比以往暴露着越来越多的个人信息。社会网络站点和其他网站均需要具备很高的隐私等级。当数据库逐步增长时，信息本身虽不能自己去追踪到某一特定的个人，但只需要使用很少一点的计算机技巧便能够获取到那个特定个人的信息。

This tension between individuals’ interest in protecting their privacy and companies’ interest in exploiting personal information could be resolved by giving people more control. They could be given the right to see and correct the information about them that an organisation holds, and to be told how it was used and with whom it was shared.

这种存在于个人想要保护自身隐私的需求和商业公司想要获取个人信息的需求之间的对立可以通过赋予人们更多的控制手段而得到缓解。人们可以获得查看和更正单位或组织持有的个人信息的权利，而且人们还将被告知这些个人信息将被如何使用以及谁可以共享这些信息。

Today’s privacy rules aspire to this, but fall short because of technical difficulties which the industry likes to exaggerate. Better technology should eliminate such problems. Besides, firms are already spending a great deal on collecting, sharing and processing the data; they could divert a sliver of that money to provide greater individual control.

如今的隐私规则非常期望能够如此，但是在业界夸大其辞的技术困难面前这样的愿望却很难实现。技术的进一步发展应该能够解决这样的问题。此外，商业公司为获取、分享和处理数据花费了大量的资金；他们只需花费其中九牛一毛的资金便能够提供更好的个人控制。

The benefits of information security—protecting computer systems and networks—are inherently invisible: if threats have been averted, things work as normal. That means it often gets neglected. One way to deal with that is to disclose more information. A pioneering law in California in 2003 required companies to notify people if a security breach had compromised their personal information, which pushed companies to invest more in prevention. The model has been adopted in other states and could be used more widely.

信息安全的利益在于——保护计算机系统和网络——具有其余生俱来的的不可见属性：如果危险已经转移，则一切都会正常工作。那将意味着信息安全通常会被忽视。这样做的一种后果是暴露更多的信息。2003年加利福尼亚州初创的法律要求，当商业公司的信息安全漏洞危及人们的个人信息安全时则公司必须通知相关人员，这条法律迫使商业公司增加了对信息安全防范的投入。这一模式已被其他几个州采用，它还应被推广使用。

In addition, regulators could require large companies to undergo an annual information-security audit by an accredited third party, similar to financial audits for listed companies. Information about vulnerabilities would be kept confidential, but it could be used by firms to improve their practices and handed to regulators if problems