Decoding the Personal Data Protection Act – Taiwan Focus
January 16, 2014 | BY
clpstaff &clp articlesTaiwan's Personal Data Protection Act contains several strict provisions relating to written consent requirements that affect foreign companies, even if they are not registered in the jurisdiction
In Taiwan, the collection, processing, and use of personal data by certain regulated entities had, in the past, been subject to the Computer-processed Personal Data Protection Act (CPDPA) passed by the legislature and its Enforcement Rules promulgated by the Ministry of Justice (MOJ). On April 27 2010, the legislature passed a bill to amend and rename the CPDPA as the Personal Data Protection Act (PDPA). The PDPA and the MOJ's amended Enforcement Rules took effect on October 1 2012 and apply to any person (including any government agency, individual and/or legal entity) that collects, processes or uses personal data in Taiwan. The companies that are subject to the PDPA include those incorporated or registered in Taiwan (including any foreign company which has established a branch office in Taiwan). In addition, any foreign company that collects, processes, or uses an individual's personal data within Taiwan is subject to the PDPA, regardless of whether this foreign company is registered in Taiwan.
This premium content is reserved for
China Law & Practice Subscribers.
A Premium Subscription Provides:
- A database of over 3,000 essential documents including key PRC legislation translated into English
- A choice of newsletters to alert you to changes affecting your business including sector specific updates
- Premium access to the mobile optimized site for timely analysis that guides you through China's ever-changing business environment
Already a subscriber? Log In Now