A series of recent developments highlight the increasingly important role of online platforms in impacting data privacy in today's digital economy. Revelations and parliamentary hearings about privacy violations in Facebook's app and service partner ecosystem, EU Court of Justice judgments on joint responsibility of platforms and platform users, and the rise of smartphone app ecosystems where app behaviour is governed by app distribution platforms and operating systems, all show that platform policies can make or break the enjoyment of privacy by users. In this article, we examine these developments and explore the question of what can and should be the role of platforms in protecting data privacy of their users.

The article first distinguishes the different roles that platforms can have in ensuring respect for data privacy in relevant ecosystems. These roles include governing access to data, design of relevant interfaces and privacy mechanisms, setting of legal and technical standards, policing behaviour of the platform's (business) users, coordinating responsibility for privacy issues between platform users and the platform, and direct and indirect enforcement of a platform's data privacy standards on relevant players. At a higher level, platforms can also perform a role by translating different international regulatory requirements into platform policies, thereby facilitating compliance of apps in different regulatory environments. And in all of this, platforms are striking a balance between ensuring the respect for data privacy in data-driven environments on the one hand and optimization of the value and business opportunities connected to the platform and underlying data for users of the platform on the other hand.

After this analysis of platforms’ roles in protecting privacy, the article turns to the question of what should this role be and how to better integrate platforms in the current legal frameworks for data privacy in Europe and the US. The article will argue for a compromise between direct regulation of platforms and mere self-regulation, in arguing that platforms should be required to make official disclosures about their privacy-related policies and practices for their respective ecosystems. These disclosures should include statements about relevant conditions for access to data and the platform, the platform's standards with respect to privacy and the way in which these standards ensure or facilitate compliance with existing legal frameworks by platform users, and statements with respect to the risks of abuse of different data sources and platform tools and actions taken to prevent or police such abuses. We argue that such integration of platforms in current regulatory frameworks is both feasible and desirable. It would make the role that platforms already have in practice more explicit. This would help to highlight best practices, create more accountability and could save significant regulatory and compliance resources in bringing relevant information together in one place. In addition, it could provide clarity for business users of platforms, who are now sometimes confronted with restrictive decisions by platforms in ways that lack transparency and oversight.

最近的一系列发展突显了在线平台在影响当今数字经济中的数据隐私方面的日益重要的作用。关于 Facebook 应用和服务合作伙伴生态系统隐私侵犯的揭露和议会听证会、欧盟法院关于平台和平台用户共同责任的判决，以及应用行为受应用分发平台和操作系统控制的智能手机应用生态系统的兴起，所有这些表明平台政策可以决定用户对隐私的享受。在本文中，我们研究了这些发展，并探讨了平台在保护用户数据隐私方面可以和应该扮演什么角色的问题。

本文首先区分了平台在确保尊重相关生态系统中的数据隐私方面可以扮演的不同角色。这些角色包括管理数据访问、相关接口和隐私机制的设计、法律和技术标准的制定、平台（业务）用户的行为监管、平台用户与平台之间隐私问题的协调责任以及直接和间接执行平台对相关玩家的数据隐私标准。在更高的层面上，平台还可以通过将不同的国际监管要求转化为平台政策来发挥作用，从而促进应用在不同监管环境中的合规性。而在这一切中，

在分析了平台在保护隐私方面的作用之后，文章转向了这个角色应该是什么以及如何更好地将平台整合到欧洲和美国当前的数据隐私法律框架中的问题。本文将主张在对平台的直接监管和单纯的自我监管之间做出妥协，认为应该要求平台就其各自生态系统的隐私相关政策和做法进行官方披露。这些披露应包括关于访问数据和平台的相关条件、平台关于隐私的标准以及这些标准确保或促进平台用户遵守现有法律框架的方式的声明，关于滥用不同数据源和平台工具的风险以及为防止或监管此类滥用行为而采取的行动的声明。我们认为，将平台整合到当前的监管框架中既可行又可取。这将使平台在实践中已经扮演的角色更加明确。这将有助于突出最佳实践，建立更多的问责制，并可以节省大量的监管和合规资源，将相关信息集中在一个地方。此外，它可以为平台的商业用户提供清晰的信息，他们现在有时会面临平台以缺乏透明度和监督的方式做出的限制性决定。我们认为，将平台整合到当前的监管框架中既可行又可取。这将使平台在实践中已经扮演的角色更加明确。这将有助于突出最佳实践，建立更多的问责制，并可以节省大量的监管和合规资源，将相关信息集中在一个地方。此外，它可以为平台的商业用户提供清晰的信息，他们现在有时会面临平台以缺乏透明度和监督的方式做出的限制性决定。我们认为，将平台整合到当前的监管框架中既可行又可取。这将使平台在实践中已经扮演的角色更加明确。这将有助于突出最佳实践，建立更多的问责制，并可以节省大量的监管和合规资源，将相关信息集中在一个地方。此外，它可以为平台的商业用户提供清晰的信息，他们现在有时会面临平台以缺乏透明度和监督的方式做出的限制性决定。建立更多的问责制，并可以节省大量的监管和合规资源，将相关信息集中在一处。此外，它可以为平台的商业用户提供清晰的信息，他们现在有时会面临平台以缺乏透明度和监督的方式做出的限制性决定。建立更多的问责制，并可以节省大量的监管和合规资源，将相关信息集中在一处。此外，它可以为平台的商业用户提供清晰的信息，他们现在有时会面临平台以缺乏透明度和监督的方式做出的限制性决定。