When a memorandum of exchanges and cooperation on digital technologies in transportation was signed at the Taipei-Shanghai forum, Taipei EasyCard Corp stressed that it would discuss regulation amendments with the Financial Supervisory Commission so that the EasyCard would be accepted in China within six months.
The memorandum and commission Chairman William Tseng’s (曾銘宗) ambiguous remark that it was pending approval by the Mainland Affairs Council and other agencies carry tremendous risks to consumer sovereignty and information privacy.
If the deal is implemented, EasyCard and all its affiliated card organizations and the authorities that issue identity cards would be required to disclose and review the terms of service in full, be they single-use MRT cards, multiple-use co-branded cards or cards that mandate that the user’s name be showed. Moreover, these entities and authorities should also explain how they plan to address the threat of a “Chinese-style” data monopoly once cooperation between EasyCard and the Shanghai Public Transport Card begins.
EasyCard has had a monopoly advantage ever since its inception, as it is headed by the government but operates as a business. Through continuous expansion of its applications and partnerships, its cards can be used to make small payments, pay transportation fares and parking fees, or be combined with credit cards, student cards, identification cards or library cards. They can even manage access control for admittance to private residential buildings. It has moved far beyond being just a travel card, which it was designed to be.
Some cards allow people to decide if they want to use specific functions, while some co-branded cards never give owners such options. This leaves card holders who do not want certain functions with only the choice to not activate the EasyCard function, provided they can resist the many benefits attached to it. Student cards and ID cards that bear the card owner’s name fall into this category.
Many of the co-branding schemes entail the gravest risks to data security, as consumers have no way of controlling where their personal information might end up.
The Taipei City Government is deliberating the launch of a new EasyCard that would integrate city services, authenticate identity and possibly even incorporate a voting function, the most fundamental element of a democracy. Should this be done, the public’s voting preferences might be monitored.
Regardless of how many substantial advantages the twin-city cooperation is set to bring, the complicated co-branding arrangement and functions would leave card owners clueless as to the default terms of service, technological structure and use of personal data of smart cards. The situation would only worsen if Taipei begins co-branding with Shanghai.
If EasyCard and its affiliates cannot meet the legal requirements to promptly obtain users’ approval when their personal data are used outside of the nation or beyond their intended purpose, the organizations will inevitably be criticized for selling private information about consumer behavior and financial data in the name of business opportunity and convenience.
As EasyCards that bear the user’s name can authenticate the bearer’s identity and pay administrative fees, medical registration fees and medical bills, and be used to borrow library books among other functions, should not Article 21 of the Personal Information Protection Act (個人資料保護法) — which says: “If … the following has occurred when the non-government agency transmits personal information internationally, the government authority in charge of subject industry may limit its action ... where the country receiving personal information lacks of proper regulations towards the protection of personal information and it might harm the rights and interests of the party” — restrict what such cooperation can do?
Or, perhaps the Taipei City Government would deliberately interpret the law as inapplicable since Taipei Mayor Ko Wen-je (柯文哲) claimed that both sides of the Taiwan Strait are “one family”?
In addition to the commission, whose responsibility is it to safeguard consumer privacy? Should not the agencies in charge of various co-branded cards and licenses ensure data security as the law stipulates? For instance, how would authorities ensure that issuers of co-branded student EasyCards will fulfill their duty to protect information security? How could EasyCard be held accountable to card holders? Furthermore, how would cardholders hold the Shanghai administration responsible?
It is only common sense to think that China’s personal information protection is worrying. A cooperative venture such as this is going to be an international laughing stock if it actually happens. For average card users, the way to protect themselves would be to exercise their information sovereignty and minimize the EasyCard’s functions.
The ruling and opposition parties held their tongues when China decided to replace paper Taiwanese travel permits with data-enabled cards; are they going to remain silent when the public’s interests are compromised as a result of the political and commercial integration of travel cards of both cities?
Will the Democratic Progressive Party, which is very likely to return to power next year, be pleased to see the public’s personal data leaked to China because the two sides of the Taiwan Strait are “one family” and because of the “Chinese dream”? Will this be a nightmare of authoritarian control in which privacy is invaded?
Liu Ching-yi is a professor in the College of Social Sciences at National Taiwan University.
Translated by Ethan Zhan
The gutting of Voice of America (VOA) and Radio Free Asia (RFA) by US President Donald Trump’s administration poses a serious threat to the global voice of freedom, particularly for those living under authoritarian regimes such as China. The US — hailed as the model of liberal democracy — has the moral responsibility to uphold the values it champions. In undermining these institutions, the US risks diminishing its “soft power,” a pivotal pillar of its global influence. VOA Tibetan and RFA Tibetan played an enormous role in promoting the strong image of the US in and outside Tibet. On VOA Tibetan,
Sung Chien-liang (宋建樑), the leader of the Chinese Nationalist Party’s (KMT) efforts to recall Democratic Progressive Party (DPP) Legislator Lee Kun-cheng (李坤城), caused a national outrage and drew diplomatic condemnation on Tuesday after he arrived at the New Taipei City District Prosecutors’ Office dressed in a Nazi uniform. Sung performed a Nazi salute and carried a copy of Adolf Hitler’s Mein Kampf as he arrived to be questioned over allegations of signature forgery in the recall petition. The KMT’s response to the incident has shown a striking lack of contrition and decency. Rather than apologizing and distancing itself from Sung’s actions,
US President Trump weighed into the state of America’s semiconductor manufacturing when he declared, “They [Taiwan] stole it from us. They took it from us, and I don’t blame them. I give them credit.” At a prior White House event President Trump hosted TSMC chairman C.C. Wei (魏哲家), head of the world’s largest and most advanced chip manufacturer, to announce a commitment to invest US$100 billion in America. The president then shifted his previously critical rhetoric on Taiwan and put off tariffs on its chips. Now we learn that the Trump Administration is conducting a “trade investigation” on semiconductors which
By now, most of Taiwan has heard Taipei Mayor Chiang Wan-an’s (蔣萬安) threats to initiate a vote of no confidence against the Cabinet. His rationale is that the Democratic Progressive Party (DPP)-led government’s investigation into alleged signature forgery in the Chinese Nationalist Party’s (KMT) recall campaign constitutes “political persecution.” I sincerely hope he goes through with it. The opposition currently holds a majority in the Legislative Yuan, so the initiation of a no-confidence motion and its passage should be entirely within reach. If Chiang truly believes that the government is overreaching, abusing its power and targeting political opponents — then
RSS