Online platforms process personal data through privacy policies while pledging to protect users' personal information. Although derived from traditional privacy concepts, privacy policies differ significantly in nature-personal information protection carries stronger public law attributes, rendering privacy policies primarily compliance instruments that should integrate both self-regulation and government regulation approaches. With the rapid expansion of platforms' private power, privacy policies, despite their enhanced role, have exhibited alienating effects: failures in self-regulation, erosion of user rights, and circumvention of governmental oversight. To address these issues, a meta-regulatory approach is imperative, requiring tripartite collaboration among platforms, users, and regulatory authorities to refine privacy policy frameworks.
Xiaoyuan Zhao (Wed,) studied this question.