网络平台安全保障义务制度旨在强化平台责任，解决网络平台不作为侵权场景下的过错判断和责任承担问题，从而充分发挥网络平台在网络空间治理中的重要作用，有效地保障用户的合法权益。网络平台已经得到充分的发展，宽松的立法政策忽视了用户权利的保障，已经明显不符合当前的时代背景，应当纠正过去存在的错误观念，正确认识网络平台的特殊地位，强化网络平台的责任。美国、欧盟等域外立法的实践已经表现出了强化平台责任的发展趋势，此经验值得我们思考和借鉴。我国《民法典》第1198条列举的义务人都处在物理空间，但是网络平台同样承担着经营者、管理者、组织者的角色，因此“等”字应当作等外解释，网络平台同样适用该条款。网络平台的地位非常特殊，用户的人身和财产安全极大地依赖网络平台，作为网络空间的活动枢纽，网络平台具备相应的技术和经济实力来履行安全保障义务，同时符合危险控制理论、报偿理论。此外，发挥网络平台的重要“节点”作用，可以有效地预防侵权行为的发生，降低治理侵权行为的社会总成本。综合来看，要求网络平台承担安全保障义务具有充分的合理性。根据现行的避风港规则，网络平台“知道”或者“应当知道”的情况下应当承担间接侵权责任，但是两者都是诉诸主观的判断，目前法院往往借助“注意义务”来判断网络平台是否属于“应当知道”，但是注意义务内容不明确，导致判断过程中存在较大的主观性，难以统一裁判的标准，网络平台的安全保障义务可以具体化注意义务的内容，实现过错判断的客观化。安全的网络平台更容易获得用户的支持，长远来看，履行安全保障义务的网络平台能够吸引更多的用户，间接获得丰厚利润，如此可以形成用户和平台共赢的局面。安全保障义务范围的判断具有最低和最高标准，一方面，应当符合法定标准、行业标准、理性人标准；另一方面，义务范围应当和网络平台的综合实力相适应，不能施加过于严格的责任，应当在一般注意义务和高度注意义务之间合理确定。具体而言，安全保障义务包括了事先审查义务、个人信息保护义务、严格的身份审核义务、协助确认侵权人的义务、维护网络安全的义务等，同时网络平台和用户之间可以基于自愿原则约定义务的内容，但是应当更加有利于用户权益的保障。侵权责任方面，网络平台违反安全保障义务是一种过失侵权，应当承担“相应的责任”，能够推定网络平台“应当知道”则应当承担连带责任；如果不能向被害人提供侵权人的真实身份信息，网络平台应当承担代付责任。

The security obligation of Internet platforms aims to strengthen the platforms’ responsibility, and solve the problems of fault judgment and liability undertaking in the case of non-act infringement of Internet platforms. This kind of obligation can make full use of Internet platforms in the governance of cyberspace, and effectively protect the rights and interests of users. The Internet platforms have been fully developed, but “loose legislative” policies ignore the protection of users’ rights. Obviously, it is no longer in line with the current background of the times. So we should correct the wrong viewpoints, and correctly recognize the special status and strengthen the responsibility of Internet platforms. The practice of extraterritorial legislation such as the United States and the European Union have shown the trend of strengthening the responsibility of Internet platforms, their experience is worthy of our reflection and reference. The subjects of security obligation listed in Article 1198 of China’s Civil Code are all subjects in physical space. However, Internet platforms also play the roles of operators, managers and organizers of mass activities. Therefore, this clause can also applies to the Internet platforms. The status of Internet platforms are special, because the personal and property safety of users greatly depends on Internet platforms. As the pivot of activities in cyberspace, Internet platforms have the corresponding technical and economic capability to fulfill the security obligation, and it accords with risk control theory and reward theory. In addition, making full use of the Internet platforms as an important “node” can effectively prevent the occurrence of infringements, and reduce the total social cost of regulating infringements. In general, it is reasonable to require Internet platforms to undertake security obligation. According to the current safe harbor rule, Internet platforms should be liable for indirect infringement if they “know” or “should know”, but both of them need subjective judgments. At present, courts often use “duty of care” to judge whether Internet platforms “should know”. But the content of “duty of care” is not clear enough, which leads to subjectivity in the judgment processes, and it is difficult to unify the standard of judgment. The security obligation of Internet platforms can specify the content of “duty of care” to realize the objectification of fault judgment. Secure Internet platforms are more likely to gain users’ support, in the long run, Internet platforms that fulfill security obligation can attract more users and gain large profits indirectly, so as to form a win-win situation between users and the platforms. The judgments of the scope of security obligation has the lowest and highest standards. On the one hand, it should comply with legal standards, industry standards and rational person standards. On the other hand, the scope of obligation should be in line with the comprehensive capability of the Internet platforms and should not impose too strict liability to them. It should be reasonably determined between the general duty of care and the high duty of care. Specifically, security obligation including the obligation of prior review, the obligation of personal information protection, the obligation of strict identity verification, the obligation to assist in identifying the tortfeasors, and the obligation to maintain network security, etc. At the same time, Internet platforms and users can agree on the content of obligations based on voluntary principle, but the content should be more beneficial to the protection of users’ rights. In terms of tort liability, the Internet platforms’ violation of security obligation is a kind of negligence tort and should assume “corresponding liability”. If it can be presumed that the Internet platforms “should know”, they shall be liable jointly and severally. If the Internet platforms fail to provide the victims with the true identity information of the tortfeasors, the victims can require compensation from Internet platforms.