Lawmakers yesterday called for the creation of an independent agency to protect personal data in the wake of a series of large-scale data leaks.
National Development Council Deputy Minister Kao Shien-quey (高仙桂) vowed to submit a report on preparations related to the issue within a month.
The council has already drawn up a framework based on international examples, but it requires careful debate as it involves labor and budget considerations, she said.
Photo: Hsieh Chun-lin, Taipei Times
The call comes after the operator of vehicle-sharing service iRent last week announced that the data of about 140,000 customers had been jeopardized over three months.
It also follows reports in the past few months of a China Airlines data leak, as well as leaks of National Health Insurance, intelligence and household registration data.
Democratic Progressive Party legislators yesterday held another in a series of news conferences at the Legislative Yuan urging immediate action on the issue.
The greatest problem is the dispersal of responsibility under the Personal Data Protection Act (個人資料保護法), Legislator Lai Pin-yu (賴品妤) said.
With different agencies responsible for supervising different aspects of data security, they have ended up “passing the buck,” Lai said.
The government should create an independent unit responsible for protecting data security, rather than treating each case independently, she said.
Laws governing data security clearly need revision, she said, adding that the council should consult other countries’ laws and investigate the necessity of data collection by companies for research.
Legislator Liu Shih-fang (劉世芳) said data leaks were a “hotbed” for fraud.
From 2021 to last year, reports of fraud stemming from online bookstores rose four-fold from 940 to 3,773, Liu said, citing Criminal Investigation Bureau data.
Investment and installment payment fraud also rose 17.84 percent in the first 10 months of last year, she said.
As private companies are not included in the Cyber Security Management Act (資通安全管理法), most are handled using the personal data act, which designates authorities that are unable to effectively supervise cybersecurity or respond after a breach, Liu said.
The Constitutional Court last year ordered the government to improve data security within three years, saying it “might be unconstitutional” to lack an independent oversight mechanism, Legislator Hung Shen-han (洪申翰) said.
However, there have been no amendments or timelines proposed since the order was issued in August, he said.
No one has assumed responsibility, nor has anyone been notified by a government agency when their data has been leaked, he added.
Issuing fines after the fact is not enough, Legislator Chuang Ching-cheng (莊競程) said over a video call.
The personal data act instructs businesses to inform affected people directly in the event of a leak to minimize its effect, but most users have no way of knowing if their data has been compromised, he said.
SHIPS, TRAINS AND AUTOMOBILES: The ministry has announced changes to varied transportation industries taking effect soon, with a number of effects for passengers Beginning next month, the post office is canceling signature upon delivery and written inquiry services for international registered small packets in accordance with the new policy of the Universal Postal Union, the Ministry of Transportation and Communications said yesterday. The new policy does not apply to packets that are to be delivered to China, the ministry said. Senders of international registered small packets would receive a NT$10 rebate on postage if the packets are sent from Jan. 1 to March 31, it added. The ministry said that three other policies are also scheduled to take effect next month. International cruise ship operators
HORROR STORIES: One victim recounted not realizing they had been stabbed and seeing people bleeding, while another recalled breaking down in tears after fleeing A man on Friday died after he tried to fight the knife-wielding suspect who went on a stabbing spree near two of Taipei’s busiest metro stations, Taipei Mayor Chiang Wan-an (蔣萬安) said. The 57-year-old man, identified by his family name, Yu (余), encountered the suspect at Exit M7 of Taipei Main Station and immediately tried to stop him, but was fatally wounded and later died, Chiang said, calling the incident “heartbreaking.” Yu’s family would receive at least NT$5 million (US$158,584) in compensation through the Taipei Rapid Transit Corp’s (TRTC) insurance coverage, he said after convening an emergency security response meeting yesterday morning. National
The Forestry and Nature Conservation Agency yesterday launched a gift box to market honey “certified by a Formosan black bear” in appreciation of a beekeeper’s amicable interaction with a honey-thieving bear. Beekeeper Chih Ming-chen (池明鎮) in January inspected his bee farm in Hualien County’s Jhuosi Township (卓溪) and found that more than 20 beehives had been destroyed and many hives were eaten, with bear droppings and paw prints near the destroyed hives, the agency said. Chih returned to the farm to move the remaining beehives away that evening when he encountered a Formosan black bear only 20m away, the agency said. The bear
PLANNED: The suspect visited the crime scene before the killings, seeking information on how to access the roof, and had extensively researched a 2014 stabbing incident The suspect in a stabbing attack that killed three people and injured 11 in Taipei on Friday had planned the assault and set fires at other locations earlier in the day, law enforcement officials said yesterday. National Police Agency (NPA) Director-General Chang Jung-hsin (張榮興) said the suspect, a 27-year-old man named Chang Wen (張文), began the attacks at 3:40pm, first setting off smoke bombs on a road, damaging cars and motorbikes. Earlier, Chang Wen set fire to a rental room where he was staying on Gongyuan Road in Zhongzheng District (中正), Chang Jung-hsin said. The suspect later threw smoke grenades near two exits
RSS