The government should impose higher fines on government agencies and businesses involved in personal data leaks, a Democratic Progressive Party (DPP) lawmaker said.
The Executive Yuan is considering an amendment to the Personal Data Protection Act (個人資料保護法) to raise the fines for personal data leaks, after data breaches were reported at China Airlines, Car-Plus Auto Leasing Corp and vehicle-sharing platform iRent.
Democratic Progressive Party Legislator Hung Sun-han (洪申翰) said he plans to propose his own version of the amendment.
Photo: Chen Cheng-yu, Taipei Times
“The cost of running quality cybersecurity maintenance for a large database can exceed NT$1 million (US$33,071). However, the maximum fine for a data leak is only NT$200,000 — a small price to pay for businesses,” he said.
“The act cannot protect people, because victims of data breaches must collect evidence themselves, making it difficult for them to file lawsuits against businesses,” he added.
The act stipulates that people illegally collecting, processing, using or altering personal information to the detriment of others can be sentenced to a maximum of two years in prison, or fined up to NT$200,000.
Those engaging in data breaches with the intention of making a profit can face a sentence of up to five years in jail and/or a fine of no more than NT$1 million, the act says.
Government officials who abuse the power, opportunity or means available to them to commit data breaches face a more severe punishment of up to 50 percent more than the prescribed fines, the act says.
“Many businesses would rather pay a small fine, which is nothing more than a slap on the wrist,” than pay for cybersecurity systems, Hung said, adding that these costs should be accounted for in fines for data breaches.
Data breaches in the government sector should be closely scrutinized as they could be due to human error, or caused by hackers or a hostile regime, he said.
“Every government agency needs to allocate funding to build a Zero Trust cybersecurity system. It cannot just ask IT personnel in the agency to take classes,” Hung said.
The EU’s General Data Protection Regulation stipulates that a maximum administrative penalty of 10 million euros (US$10.7 million) can be imposed should data controllers and processors, or data verification and supervision agencies fail to fulfill their obligations with regards to data protection, he said.
Corporations can be fined up to 1 percent of their global annual turnover for the previous fiscal year in the event of data breaches, he said.
Costa Rica sent a group of intelligence officials to Taiwan for a short-term training program, the first time the Central American country has done so since the countries ended official diplomatic relations in 2007, a Costa Rican media outlet reported last week. Five officials from the Costa Rican Directorate of Intelligence and Security last month spent 23 days in Taipei undergoing a series of training sessions focused on national security, La Nacion reported on Friday, quoting unnamed sources. The Costa Rican government has not confirmed the report. The Chinese embassy in Costa Rica protested the news, saying in a statement issued the same
Taiwan’s Liu Ming-i, right, who also goes by the name Ray Liu, poses with a Chinese Taipei flag after winning the gold medal in the men’s physique 170cm competition at the International Fitness and Bodybuilding Federation Asian Championship in Ajman, United Arab Emirates, yesterday.
A year-long renovation of Taipei’s Bangka Park (艋舺公園) began yesterday, as city workers fenced off the site and cleared out belongings left by homeless residents who had been living there. Despite protests from displaced residents, a city official defended the government’s relocation efforts, saying transitional housing has been offered. The renovation of the park in Taipei’s Wanhua District (萬華), near Longshan Temple (龍山寺), began at 9am yesterday, as about 20 homeless people packed their belongings and left after being asked to move by city personnel. Among them was a 90-year-old woman surnamed Wang (王), who last week said that she had no plans
TO BE APPEALED: The environment ministry said coal reduction goals had to be reached within two months, which was against the principle of legitimate expectation The Taipei High Administrative Court on Thursday ruled in favor of the Taichung Environmental Protection Bureau in its administrative litigation against the Ministry of Environment for the rescission of a NT$18 million fine (US$609,570) imposed by the bureau on the Taichung Power Plant in 2019 for alleged excess coal power generation. The bureau in November 2019 revised what it said was a “slip of the pen” in the text of the operating permit granted to the plant — which is run by Taiwan Power Co (Taipower) — in October 2017. The permit originally read: “reduce coal use by 40 percent from Jan.
RSS