关键词:  , 个人信息保护；网络平台；权力话语；社会责任；合规体系

Abstract: Abstract： Social responsibility for personal information protection helps to urge personal information processors represented by online platforms to maintain the security of user’s information through self-regulation. According to the relevant provisions of the Civil Code and the Company Law, compliance with the law and the maintenance of transaction security are the core contents of the clauses of corporate social responsibility. Under the regulatory system of the Personal Information Protection Law, compliance with the law and ethics provides not only an important basis for testing the effective compliance of personal information processors, but also interpretation space for the establishment of a differentiated compliance system. Maintaining the security of transactions can be included in the security principles of the Personal Information Protection Law, the normative significance of which is limited to compliance with the ethical bottom line. When implementing mandatory reporting on social responsibility for personal information protection, we should separate the disclosure indicators by the method of compliance or interpretation. The establishment of a sound compliance system is an important way to implement social responsibility for personal information protection. Compliance obligations should be sunk simultaneously by the board of directors and the supervisory board. A personal information protection supervisory committee composed of external professionals should also be embedded in and accountable to the company’s supervisory board. In addition, social responsibility provisions as general norms may also enter into judicial decisions.

Key words: personal information protection, online platforms, power discourse, social responsibility, compliance systems