Following the signing of agreements with China about financial cooperation across the Taiwan Strait, Chinese financial concerns have been eagerly seeking ways to start up and develop business operations in Taiwan. The Financial Supervisory Commission (FSC) has so far given its approval for four major Chinese banks — the Bank of China, Bank of Communications, China Construction Bank and China Merchants Bank — to set up representative offices in Taiwan.
The Cross-Strait Economic Cooperation Framework Agreement includes a commitment to lift restrictions on cross-strait financial services. According to this commitment, representative offices established by Chinese banks in Taiwan may be upgraded to branch banks one year after they are set up. That means the four Chinese banks may, if they wish, commence banking operations in Taiwan in September. When they do that, they can then join the Joint Credit Information Center (JCIC) as member institutions.
The predecessor of today’s JCIC was set up by the Bankers’ Association of Taipei in 1975. Its original function was to serve as a center for collecting, processing and exchanging credit data among the member institutions of the bankers’ association. In 1992, the JCIC was transformed into a non-profit foundation. In March 1993, the Ministry of Finance assigned the JCIC the task of setting up a nationwide credit database, whereupon the center began to put on file the credit data of customers of financial institutions.
It was not until 1995 that Taiwan instituted the -Computer-Processed Personal Data Protection Act (電腦處理個人資料保護法), the purpose of which was to regulate the collection, processing and use of personal data by government and non--government agencies.
As fraud has become an increasingly serious problem in recent years, the government last year amended this act and changed its title to the Personal Information Protection Act (個人資料保護法). The amended law seeks to regulate a wider range of situations under which personal data could be unscrupulously collected and divulged by non-government agencies, and by means other than computers.
The problem is that the monster that had already come into being before these personal data protection laws were drawn up has never been brought into question. When applying for a credit card or loan, people probably don’t look very carefully at the fine print, one line of which asks applicants to give consent for the bank to obtain data about them from the JCIC.
Furthermore, data about people’s loans and credit will be registered with the JCIC and kept on file in its databank for reference by other banks. The basis on which the JCIC can collect people’s credit data is “personal consent,” but this “informed consent” is also indirect, unobvious and generalized.
Although the JCIC uses computers’ auditing function to prevent its staff from looking up personal credit data for illegitimate purposes, its mode of operation still largely relies on self-regulation by its member institutions. The fact is that the JCIC does not require financial institutions to ask their customers to sign a written consent form or agreement. All a financial institution has to do is go online and check the box that says “the person’s consent has been obtained.” Once they have done that, they can access and download the data.
It can be seen from past cases where the FSC imposed penalties that there have been numerous instances of banks making illegal inquiries about personal data or divulging it to others. Taiwanese banks and local branches of overseas banks alike have been caught breaking the rules, but the only penalty the JCIC can impose is to temporarily suspend the offending institution’s right to look up data, which is hardly enough to deter institutions from breaking the rules.
If Taiwanese banks have broken the rules so often, how can we trust Chinese banks to abide by the system of their own accord? Perhaps now is the time for us to reconsider this -monster, which was born before the laws on personal data protection came into existence.
If one considers the various laws in Taiwan, one will find that the Personal Information Protection Act is too general. It only provides the most basic standards for regulating ordinary situations. As to the Regulations Governing Authorization and Administration of Service Enterprises Engaged in Interbank Credit Information Processing and Exchange (銀行間徵信資料處理交換服務事業許可及管理辦法), the emphasis of this law is on setting standards for consent, but it says very little about how data is to be processed and used, and it has no penalty guidelines.
In the US, although there is no single centralized credit information center such as exists in Taiwan, there are still various laws, such as the Fair Credit Reporting Act and the Consumer Credit Protection Act, that regulate the conditions under which institutions may legally gain access to consumers’ credit data, and these laws place the burden of proof of not having transferred the data for other purposes on the institution. They also lay out the procedures to be followed when there is a dispute about data.
In Taiwan, a single non--governmental foundation has credit data on almost every person and company in the country in its hands, giving it a national monopoly on such information. Such an institution could not exist in other countries. Isn’t it about time we put a law in place to monitor and regulate it?
Lai Chung-chiang is deputy president of the Taiwan Association for Human Rights. Chiu E-ling is the director of media and publication for the association.
TRANSLATED BY JULIAN CLEGG
A gap appears to be emerging between Washington’s foreign policy elites and the broader American public on how the United States should respond to China’s rise. From my vantage working at a think tank in Washington, DC, and through regular travel around the United States, I increasingly experience two distinct discussions. This divergence — between America’s elite hawkishness and public caution — may become one of the least appreciated and most consequential external factors influencing Taiwan’s security environment in the years ahead. Within the American policy community, the dominant view of China has grown unmistakably tough. Many members of Congress, as
The Hong Kong government on Monday gazetted sweeping amendments to the implementation rules of Article 43 of its National Security Law. There was no legislative debate, no public consultation and no transition period. By the time the ink dried on the gazette, the new powers were already in force. This move effectively bypassed Hong Kong’s Legislative Council. The rules were enacted by the Hong Kong chief executive, in conjunction with the Committee for Safeguarding National Security — a body shielded from judicial review and accountable only to Beijing. What is presented as “procedural refinement” is, in substance, a shift away from
After declaring Iran’s military “gone,” US President Donald Trump appealed to the UK, France, Japan and South Korea — as well as China, Iran’s strategic partner — to send minesweepers and naval forces to reopen the Strait of Hormuz. When allies balked, the request turned into a warning: NATO would face “a very bad” future if it refused. The prevailing wisdom is that Trump faces a credibility problem: having spent years insulting allies, he finds they would not rally when he needs them. That is true, but superficial, as though a structural collapse could be caused by wounded feelings. Something
The shifting geopolitical tectonic plates of this year have placed Beijing in a profound strategic dilemma. As Chinese President Xi Jinping (習近平) prepares for a high-stakes summit with US President Donald Trump, the traditional power dynamics of the China-Japan-US triangle have been destabilized by the diplomatic success of Japanese Prime Minister Sanae Takaichi in Washington. For the Chinese leadership, the anxiety is two-fold: There is a visceral fear of being encircled by a hardened security alliance, and a secondary risk of being left in a vulnerable position by a transactional deal between Washington and Tokyo that might inadvertently empower Japan
RSS