数据隐私涉及保护用户的个人数据并尊重他们的权利,通常由法规(GDPR、CCPA等)管辖。理解隐私原则和合规要求很重要,因为个人数据处理不当会带来法律、财务和信任方面的后果。
数据隐私为什么重要
text
→ Personal data (PII) must be protected and handled responsibly:
✓ LEGAL — regulations (GDPR, CCPA, HIPAA, etc.) MANDATE privacy protections; violations
→ large FINES and legal liability
✓ TRUST — users expect their data to be protected; mishandling damages trust/reputation
✓ ETHICAL — respecting users' privacy and control over their data
关键隐私原则
text
✓ DATA MINIMIZATION → collect only the data you NEED (less data = less risk/liability)
✓ PURPOSE LIMITATION → use data only for the stated purpose (with consent)
✓ CONSENT → get clear consent for collecting/using personal data
✓ USER RIGHTS → access, correct, DELETE their data, data portability (GDPR rights)
✓ SECURITY → protect personal data (encryption, access control) — privacy needs security
✓ TRANSPARENCY → clear privacy policies; tell users what you collect and why
✓ RETENTION → don't keep data longer than needed; delete when no longer required