Deliberation of the Amendment to Computer-Processed Personal Date Protection

The Judiciary Committee and Organic Laws and Statutes Committee of the Legislative Yuan completed examination of the amendment to “Computer-Processed Personal Date Protection Law” on May 19, 2008 and renamed it as “Personal Data Protection Law” (個人資料保護法) thereafter.  This amendment provides a strengthened and wider coverage of protection which is no longer limited to the personal information processed and held by PCs; the broader application of the Law covers governmental agencies, any natural persons, juristic persons, or other organizations engaged in collecting, processing, or using personal data, except personal data collected or used for personal or family use.

As stated in the amendment, marketing business operators should provide a medium through which consumers may raise their objection against marketing practices and request to remove their personal data from the target list of marketing.  Such medium can be, for example, toll-free phone numbers, self-addressed stamped envelope, etc.  As long as consumers expressly refuse to receive unsolicited marketing practices, the marketing business operators should stop using their personal data.  

Besides, the current Computer-Processed Personal Date Protection Law obligates only governmental agencies to maintain personal data with accuracy.  The amendment goes further to provide that non-governmental institutions should also be obligated to make timely corrections or supplements and give notification with respect to the personal data they hold in hand, and shall remove and stop collecting personal data when engaged in illegal practices of collecting, processing or use it.  For the act of illegitimate collection of personal data, “intent to profit” will serve as a standard for seeking and imposing severe punishment.  The Judicial Yuan intends to increase the compensation for personal data leaks to a maximum amount of TWD1 billion to contain and prevent data leaks.

Since the enactment and promulgation of the Computer-Processed Personal Date Protection Law in August 1995, the Law has been applicable simply to schools, hospitals, and financial, telecommunication, insurance, credit investigation, real estate brokerage businesses, and department stores and hypermarket industry, etc., but not to the repeated occurrences of data leakage through TV shopping channels and online shopping websites, which has formed a legal loophole and resulted in inestimable loss. 

Most provisions of this amendment have been discussed and examined, while some disagreements still lie on the issues with respect to criminal liabilities, compensation amount, simplified procedure of people’s burden of proof, and liability exemption of legislators, etc..  Therefore, this amendment should go into further negotiation and deliberation.  (2008.05)

/CCS