Personal Data Protection Law Passed Preliminary Review
ˇ@ˇ@A revision of the ˇ§Computer-Processed Personal Data Protection Law,ˇ¨ which has been renamed as the ˇ§Personal Data Protection Law,ˇ¨ passed preliminary review in the Legislative Yuan on April 18. The draft revision expands the definition of personal information and the scope of protection, adding medical care, genetic, physical examination, criminal record information and sexual behavior, and no longer limits protection to computerized information.
ˇ@ˇ@The draft bill stipulates that unless legal conditions are met, individuals and groups are not allowed to collect, process, or utilize the personal information of other people. Non-government organizations engaged in the marketing of products must, at the time of the first marketing activity, provide the concerned parties with a means of rejection. Personal information may not be used without written permission, and blanket permission is not permissible.
ˇ@ˇ@The draft also provides that when cases of the illegal use of personal data occur, government agencies are authorized to send personnel, with the approval of the central government authority for the target industry or of the head of the city or county government concerned, to carry out on-site inspection of the offending non-government organization.
ˇ@ˇ@Another provision of the draft revision raises the maximum fine for the illegal use of personal data for profit from the current NT$50,000 to NT$5 million, and the maximum term of imprisonment from the current three years to five.