Back to list

Personal data protection coordination office established: NDC

2018/07/04 20:18:37

Chen Mei-ling (陳美伶) / CNA file photo

Taipei, July 4 (CNA) A new office responsible for coordinating personal data protection related issues between government agencies in Taiwan, was established under the National Development Council (NDC) Wednesday, according to a press release from the council.

The office will be in charge of personal data protection and plans to seek an "adequacy decision" from the European Union (EU) based on the EU's General Data Protection Regulation (GDPR), the release said.

The GDPR, released in May 2018, outlines the EU's strict personal data protection legal framework. It "regulates the processing by an individual, a company or an organization of personal data relating to individuals in the EU," according to the European Commission website.

For EU personal data to be processed in a non-EU country, the country in question must obtain an "adequacy decision" from the EU, which determines that the country's "domestic law, or the international commitments it has entered into" have "an adequate level" of protection in terms of personal data, another European Commission website said.

A number of countries have begun discussions on adequacy decisions with the EU, including Japan and South Korea, said NDC head, Chen Mei-ling (陳美伶) on Wednesday.

Chen visited the EU with NDC members at the end of May to discuss the country's willingness to seek an adequacy decision, a NDC press release said in June.

To assist in the transnational transfer of personal data between enterprises in Taiwan and those in the EU, the NDC has introduced a series of measures required to achieve an adequacy decision, said the NDC release.

The office, established by an order from Premier Lai Ching-te (賴清德), will continue to make the necessary preparations to negotiate for an adequacy decision not yet completed by the government, for example, inter-ministry coordination, Chen said.

The office will also hold dialogue with the EU after its report on the assessment of Taiwan's request for an adequacy decision is completed, Chen revealed on Wednesday.

In addition to the adequacy decision under the GDPR, the office will also seek to coordinate and communicate with other government agencies on the provisions of the Personal Data Protection Act.

Previously, no single body was responsible for the management of personal data protection in Taiwan, which resulted in several problems, particularly in terms of inter-ministry coordination, the NDC said. The council reiterated that moving forward the office will be responsible for reviewing personal data protection related regulations and inter-ministry coordination, the objective being to enhance enforcement.

(By Pan Tzu-yu and Hsu Hsiao-ling)
Enditem/AW