生成式人工智能数据训练中个人信息保护的责任规则

摘要
图/表
参考文献
相关文章 (15)

全文: PDF (1472 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要个人信息保护以基于自愿交易的知情同意规则为主,但因大语言模型技术运行、数据集权利聚合、产业发展需求等原因,生成式人工智能数据训练中知情同意规则流于形式。依卡梅框架分析,大语言模型大规模、反复地处理个人信息时已经强制转移法益,却未进行补偿,需要引入责任规则进行规范。基于个人信息的私人性,即使获得初始同意也须考虑后续处理个人信息行为是否具有违法性,应确立人工智能服务商个人信息保护义务。基于个人信息的社会性,《个人信息保护法》引入法定的个人信息权益转移情形。应进一步明确处理数据具有合理性的例外规则,扩展责任规则。人工智能服务商应对违法处理个人信息的实质性风险支付对价,作为客观补偿。国家应衡平个人信息保护与人工智能产业发展的需求,采用动态调整的风险矩阵确定风险支付标准。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	童星海

关键词 ：生成式人工智能, 知情同意规则, 责任规则, 个人信息, 卡梅框架

Abstract：The protection of personal information relies primarily on the rule of informed consent in voluntary transactions.But this rule is becoming merely superficial in generative artificial intelligence data training due to large language model operations,data set right aggregation,and industrial development needs.Under the Calabresi-Melamed framework,when large language models process personal information at scale and repeatedly,they have already forcibly transferred legal interests without compensation.Therefore,it is necessary to introduce liability rules for regulation.Considering the privacy of personal information,though initial personal consent has been got,the subsequent processing of personal information must be considered for its legality.The obligation of AI service providers to protect personal information should be defined.Based on the social nature of personal information,the Personal Information Protection Law introduces statutory scenarios for the transfer of personal information rights.We should further clarify the exception rules for the rationality of data processing and expand the liability rules.AI service providers should pay compensation for substantive risks of illegal processing.The state should balance personal information protection with AI industry development,adopting a dynamically adjusted risk matrix to determine risk-compensation standards.

Key words： Generative artificial intelligence Informed consent rule Liability rule Personal information Calabresi-Melamed framework

收稿日期: 2025-09-22

PACS:	TP18
	D913

基金资助:国家社会科学基金项目“科技伦理规制的行政法治建构研究”(22CFX055)。

作者简介: 童星海(1999—),男,安徽桐城人,博士研究生,研究方向为数据法、法经济学。

引用本文:

童星海. 生成式人工智能数据训练中个人信息保护的责任规则[J]. 中国科技论坛, 2026(3): 22-31.
Tong Xinghai. The Liability Rules for Personal Information Protection in Generative Artificial Intelligence Data Training. , 2026(3): 22-31.

链接本文:

http://www.zgkjlt.org.cn/CN/Y2026/I3/22

[1]张新宝.生成式人工智能训练语料的个人信息保护研究[J].中国法学,2024(6):86-107.
[2]朱晓峰,袁子烨.论生成式人工智能学习端的个人信息分级同意规则[J].西北工业大学学报(社会科学版),2025(2):136-143.
[3]CALABRESI G,MELAMED A D.Property rules,liability rules,and inalienability:One view of the cathedral[J].Harvard Law Review,1972,85(6):1089-1128.
[4]安俊秀,叶剑,陈宏松,等.人工智能原理、技术及应用[M].北京:机械工业出版社,2022.
[5]朱荣荣.生成式人工智能应用中间接识别个人信息的法律保护[J].科技与法律(中英文),2024(4):104-114.
[6]张涛.生成式人工智能训练数据集的法律风险与包容审慎规制[J].比较法研究,2024(4):86-103.
[7]张涛.生成式人工智能中个人信息保护风险的类型化与合作规制[J].行政法学研究,2024(6):47-59.
[8]毕文轩.生成式人工智能的风险规制困境及其化解:以ChatGPT的规制为视角[J].比较法研究,2023(3):155-172.
[9]林雨佳.生成式人工智能对信息治理的挑战与应对[J].苏州大学学报(哲学社会科学版),2025,46(2):104-115.
[10]丁晓强.个人数据保护中同意规则的“扬”与“抑”:卡梅框架视域下的规则配置研究[J].法学评论,2020,38(4):130-143.
[11]FENNELL L A.Revealing options[J].Harvard Law Review,2005,118(5):1399-1488.
[12]RICHARDS N,HARTZOG W.The pathologies of digital consent[J].Washington University Law Review,2019,96(6):1461-1503.
[13]LONGPRE S,MAHARI R,LEE A,et al.Consent in crisis:The rapid decline of the ai data commons[J].Advances in Neural Information Processing Systems,2024,37:108042-108087.
[14]威廉·M·兰德斯,理查德·A·波斯纳.侵权法的经济结构[M].王强,杨媛,译.北京:北京大学出版社,2005.
[15]刘晓春.已公开个人信息保护和利用的规则建构[J].环球法律评论,2022,44(2):52-68.
[16]凌斌.规则选择的效率比较:以环保制度为例[J].法学研究,2013,35(3):17-36.
[17]CHANG Y.Optional law in property:Theoretical critiques and a new view of the cathedral[J].New York University Journal of Law & Liberty,2015(9):459-512.
[18]LEMLEY M A.Contracting around liability rules[J].California Law Review,2012,100:463-486.
[19]杨显滨.我国私密信息保护模式的再造[J].中外法学,2024,36(2):307-325.
[20]曹博.论个人信息保护中责任规则与财产规则的竞争及协调[J].环球法律评论,2018,40(5):86-102.
[21]北京某科技公司等与深圳某计算机公司不正当竞争纠纷二审判决书[Z].(2021)京73民终3409号.
[22]隐木(上海)科技有限公司与数据堂(北京)科技股份有限公司不正当竞争纠纷二审判决书[Z].(2024)京73民终546号.
[23]Justia.Kelo v.City of New London:545 U.S.469[EB/OL].(2005-06-23)[2025-12-21].https://supreme.justia.com/cases/federal/us/545/469/.
[24]Illinois Appellate Court.Dwyer v.American express Co.:273 Ill.App.3d 742,652 N.E.2d 1351[R/OL].(1995-06-30)[2025-12-21].https://archive.epic.org/privacy/junk_mail/dwyer.txt.
[25]于飞.侵权法中权利与利益的区分方法[J].法学研究,2011,33(4):104-119.
[26]王某、深圳市腾讯计算机系统有限公司个人信息保护纠纷二审民事判决书[Z].(2021)粤03民终9583号.
[27]胡巧莉.人工智能服务提供者侵权责任要件的类型构造:以风险区分为视角[J].比较法研究,2024(6):57-71.
[28]WEE R,HENAGHAN M,WINSHIP I.Dynamic consent in the digital age of biology:Online initiatives and regulatory considerations[J].Journal of Primary Health Care,2013,5(4):341-347.
[29]SOLOVE D J.Data is what data does:Regulating based on harm and risk instead of sensitive data[J].Northwestern University Law Review,2023,118:1081-1138.
[30]范为.大数据时代个人信息保护的路径重构[J].环球法律评论,2016,38(5):92-115.
[31]SCHUMAN E.European authorities say AI can use personal data without consent for training[EB/OL].(2024-12-18)[2025-12-21].https://www.csoonline.com/article/3628060/in-potential-reversal-european-authorities-say-ai-can-indeed-use-personal-data-without-consent-for-training.html.
[32]王利明.生成式人工智能侵权的法律应对[J].中国应用法学,2023(5):27-38.
[33]狄乐达.人工智能法律实务指南[M].金小力,陈心云,译.北京:法律出版社,2024.
[34]谢尧雯.生成式人工智能价值链行政监管与侵权责任的匹配[J].政法论坛,2025,43(2):36-46.
[35]丁晓东.从网络、个人信息到人工智能:数字时代的侵权法转型[J].法学家,2025(1):40-54,191-192.
[36]BELL A.Private takings[J].The University of Chicago Law Review,2009,76(2):517-586.
[37]LEVMORE S.Unifying remedies:Property rules,liability rules,and startling rules[J].Yale Law Journal,1997,106:2149-2174.
[38]彭诚信,许素敏.个人信息权益侵权损害赔偿应然范围探讨:基于数字社会的场景[J].社会科学,2023(7):166-177.
[39]王道发.个人信息处理者过错推定责任研究[J].中国法学,2022(5):103-121.
[40]杭州市萧山区人民检察院诉虞某某个人信息保护民事公益诉讼案一审民事裁判书[Z].(2023)浙0192民初4563号.
[41]KAPLOW L,SHAVELL S.Property rules versus liability rules:An economic analysis[J].Harvard Law Review,1996,109(4):713-790.
[42]刘雅琦,张梦丹.国内外个人信息价值评估研究述评[J].情报科学,2020,38(9):157-165,173.
[43]Financial Times.How much is your personal data worth[EB/OL].(2013-06-12)[2025-12-21].https://ig.ft.com/how-much-is-your-personal-data-worth/?ft_site=falcon#axzz4dMtRPoZd.
[44]陈旭琳.个人信息协同保护的法经济学研究[M].北京:中国社会科学出版社,2024.