請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/6651
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 湯德宗(Dennis T. C. Tang) | |
dc.contributor.author | Charles Ping-Chi Tsai | en |
dc.contributor.author | 蔡秉錡 | zh_TW |
dc.date.accessioned | 2021-05-17T09:15:46Z | - |
dc.date.available | 2012-08-10 | |
dc.date.available | 2021-05-17T09:15:46Z | - |
dc.date.copyright | 2012-08-10 | |
dc.date.issued | 2012 | |
dc.date.submitted | 2012-08-08 | |
dc.identifier.citation | 一、 中文文獻(依照姓名筆畫)
(一) 專書 吳庚,《行政法之理論與實用》,2005年增訂九版,台北:自版。 財團法人資訊工業策進會科技法律研究所,《給科技研發與創新服務提供者的—個資運用藍圖》,2011年初版,台北:商周。 葉俊榮、雷文枚、楊秀儀、牛惠之、張文貞合著,《天平上的基因—民為貴、Gene為輕》,2006年初版,台北:元照。 (二) 專書論文 林素鳳,〈日本個人資訊保護之法制化〉,《黃宗樂教授六秩祝賀—公法學篇(一)》,頁107-135(2002年5月),台北:新學林。 湯德宗,〈行政程序法之適用〉,《行政程序法論》,頁133(2003年),台北:元照。 湯德宗,〈知情同意與基因資料庫〉,《四分溪論學集:慶祝李遠哲先生七十壽辰》,頁985-1087(2006年),台北:允晨文化。 葉百修,〈國家賠償法〉,翁岳生主編,《行政法二○○○》,頁1357-1365(2000年修訂二版),台北:翰蘆。 (三) 期刊 王郁琦、陳炳全,〈濫發網際網路廣告信相關法律問題之研究〉,《月旦法學》,81期,頁152-166(2002年2月)。 余啟民,〈由肺結核病患名單資料外洩談公務機關就醫資訊管控與監督〉,《月旦民商法》,24期,頁8-9(2009月6月)。 呂丁旺,〈淺析修正「個人資料保護法」〉,《月旦法學》,183期,頁131-146(2010年8月)。 李建良,〈「捺指紋規定釋憲案」鑑定意見書〉,《台灣本土法學》,73期,頁41-44(2005年8月)。 李惠宗,〈判決書上網公開與個人資訊自決權的衝突〉,《月旦法學》,154期,頁21-34(2008年3月) 李震山、黃昭元、蔡宗珍、顏厥安,〈釋字第603號(全民指紋建檔案)評釋〉,《台灣本土法學》,75期,頁115-116(2005年10月)。 周慧蓮,〈資訊隱私保護爭議之國際化〉,《月旦法學》,104期,頁125-126(2004年1月)。 周慧蓮,〈論行動化生活之資訊隱私侵害〉,《月旦法學》,99期,頁152-165(2003年8月)。 林秀蓮,〈個人資料保護法初探〉,《萬國法律》,頁1(2011年4月) 邱文聰,〈從資訊自決與資訊隱私的概念區分析「電腦處理個人資料保護法修正草案」的結構性問題〉,《月旦法學》,168期,頁172-189(2009年5月)。 張冠群,〈二○○九年一月金融控股公司法關於共同行銷及關係人交易與風險集中揭露之修正條文評析〉,《月旦法學》,168期。頁190-215(2009年5月)。 陳榮傳,〈再論資料跨國流通〉,《月旦法學》,78期,頁165-177(2001年11月)。 楊秀儀,〈告知後同意之倫理法律再思考:縮小理論與實務的落差〉,《月旦法學》,162期,頁5-16(2008年11月)。 廖元豪,〈高深莫測,抑或亂中有序?—論現任大法官在基本權利案件中的「審查基準」〉,《中研院法學期刊》,2期,頁243-244(2008年3月)。 劉靜怡,〈DNA採樣、犯罪預防和人權保障〉,《台灣法學》,124期,頁122(2009年3月)。 劉靜怡,〈不算進步的立法:「個人資料保護法」初步評析〉,《月旦法學》,183期,頁153(2010年8月)。 劉靜怡,〈資訊隱私權保護的國際化爭議—從個人資料保護體制的規範協調到國際貿易規範的適用〉,《月旦法學》,86期,頁195-205(2002年7月)。 顏上詠,〈台灣人體生物資料庫管理條例草案評析〉,《月旦法學》,168期,頁155-171(2009年5月)。 (四)學位論文 林宛怡,《以犯罪偵查為目的之DNA資料保存-以歐洲人權公約第八條為中心》,國立政治大學法律學研究所碩士論文(2009年12月)。 曾珮瑩,《全民指紋建檔爭議之研究-以94年換證為例》,銘傳大學公共事務學系碩士論文(2008年)。 熊愛卿,《網際網路個人資料保護之研究》,國立台灣大學法律研究所博士論文,(1999年)。 (五)會議論文 湯德宗,〈電腦處理個人資料保護法2008修正草案評釋〉,發表於台灣法學會2008年年度法學會議(2008年12月20日) (六) 政府公報 立法院公報,99卷26期,頁67(2010年4月)。 立法院公報,99卷29期,頁376(2010年5月)。 監察院公報,2196卷,頁301-306(1999年2月10日) 監察院公報,2232卷,頁2299-2307(1999年10月20日) 監察院公報,2310卷,頁76-77(2001年04月18日) 監察院公報,2312卷,頁1-6(2001年05月02日) 監察院公報,2316卷,頁54-55(2001年05月30日) 監察院公報,2317卷,頁11-19(2001年06月06日) 二、 外文文獻 (一) 專書 Allen, Anita L. & Richard C. Turkington (2002), Privacy Law: Cases and Materials, MN: West Group. Australian Law Reform Commission (2008), For Your Information: Australian Privacy Law and Practice, Vol. 1-3, available at http://www.alrc.gov.au/publications/report-108 Bainbridge, David (1996), EC Data Protection Directive, London: Butterworths. Carey Peter (2004), Data Protection: A Practical Guide to UK and EU Law, N.Y.: Oxford Univ. Press. Coppel, Philip (2007), Information Rights, London: Sweet & Maxwell. Hill, David G. (2009), Data Protection: Governance, Risk Management, and Compliance, MA: CRC Press. Jay, Rosemary & Angus Hamilton(2003), Data Protection: Law And Practice Kuner, Christopher (2007), European Data Protection Law: Corporate Compliance and Regulation, N.Y.: Oxford Univ. Press. Macdonald QC, John & Clive H. Jones eds. (2003), The Law of Freedom of Information, N.Y.: Oxford Univ. Press. Mills, Jon L. (2008), Privacy: The Lost Right, N.Y.: Oxford Univ. Press. Morgan, Richard & Ruth Boardman (2003), Data Protection Strategy: Implementing Data Protection Compliance, London: Sweet & Maxwell. Singleton, Susan & Lynda A. C. Macdonald & Norman Green (2004), Data Protection: A Guide to Legal Compliance for HR And Payroll, UK: Tottel Publishing. (二) 專書論文 Beckman, Christel (2011), Regulating Privacy: Vocabularies of Motive in Legislating Right of Access to Criminal Records in Sweden, in Serge Gutwirth, Yves Poullet, Paul De Hert, Ronald Leenes eds., Computers, Privacy and Data Protection: an Element of Choice 111-37. Beyleveld, Deryck & Andrew Grubb et al. (2004), The UK Implementation of Directive 95/46/EC, in Deryck Beyleveld et al. eds., Implementation of the Data Protection Directive in Relation to Medical Research in Europe. Beyleveld, Deryck (2004), The Duty to Provide Information to the Data Subject: Articles 10 and 11 of directive 95/46/EC, in Deryck Beyleveld et al. eds., The Data Protection Directive and Medical Research Across Europe 69-87. Brownsword, Roger (2009), Consent in Data Protection Law: Privacy, Fair Processing and Confidentiality, in Serge Gutwirth, Yves Poullet, Paul De Hert, C′ecile de Terwangne & Sjaak Nouwt eds., Reinventing Data Protection? 83-109. Bygrave, Lee A. (2002), Core Principles of Data Protection Laws, in Data Protection Law: Approaching Its Rationale, Logic and Limits 344. Casabona, Carlos María Romeo (2004), Anonymization and Pseudonymization: The Legal Framework at a European Level, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright eds., The Data Protection Directive and Medical Research Across Europe 33-49. Deryck Beyleveld & Andrew Grubb et al. (2004), The UK Implementation of Directive 95/46/EC, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright eds., Implementation of the Data Protection Directive in Relation to Medical Research in Europe 417. Dhillon, Gurpreet & Ella Kolkowska (2010), Can a Cloud Be Really Secure? A Socratic Dialogue, in Serge Gutwirth, Yves Poullet, Paul De Hert & Ronald Leenes eds., Computers, Privacy and Data Protection: an Element of Choice 348. Lehtonen, Lasse A. (2004), Genetic Information and the Data Protection Directive of the European Union, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright et al. eds., The Data Protection Directive and Medical Research Across Europe 103-112. Nys, Herman (2004), The Scope of Exemptions for Medical Research, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright et al. eds., The Data Protection Directive and Medical Research Across Europe 53. Ofner, Helmut (2004), Data Protection in Austria, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright et al. eds., Implementation of the Data Protection Directive in Relation to Medical Research in Europe 13. Prudil, Lukáš & Josef Kuře (2005), Research Ethics Committees in the Czech Republic, in Deryck Beyleveld, David Townend & Jessica Wright et al. eds., Research Ethics Committees, Data Protection and Medical Research in European Countries 31-39. Purtova, Nadezhda (2011), Property in Personal Data: Second Life of an Old Idea in the Age of Cloud Computing, Chain Informatisation, and Ambient Intelligence, in Serge Gutwirth, Yves Poullet, Paul De Hert & Ronald Leenes eds., Computers, Privacy and Data Protection: an Element of Choice 39-64. Rosenzweig, Mary & Lisbeth Kundsen (2005), Research Ethics Committees in Denmark, in Deryck Beyleveld, David Townend & Jessica Wright et al. eds., Research Ethics Committees, Data Protection and Medical Research in European Countries 37. Rouillé-Mirza Ségolène & Jessica Wright (2004), Comparative Study on the Implementation and Effect of Directive 95/46/EC on Data Protection in Europe: Medical Research, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright et al. eds., The Data Protection Directive and Medical Research Across Europe 189-230. Rouillé-Mirza, Ségolène & Jessica Wright (2004), Comparative Study on the Implementation and Effect of Directive 95/46/EC on Data Protection in Europe: General Standards, in Deryck Beyleveld, David Townend, Ségolène Rouillé-Mirza & Jessica Wright eds., The Data Protection Directive and Medical Research Across Europe 125-87. Rouvroy, Antoinette & Yves Poullet (2009), The Right to Informational Self-Determination and the Value of Self-Development: Reassessing the Importance of Privacy for Democracy, in Serge Gutwirth, Yves Poullet, Paul De Hert, C′ecile de Terwangne & Sjaak Nouwt eds., Reinventing Data Protection? 68. Townend, David (2004), Overriding Data Subjects’ Rights in the Public Interest, in Deryck Beyleveld et al. eds., The Data Protection Directive and Medical Research Across Europe 97. (三) 期刊 Adams, Carlisle (2006), A Classification for Privacy Techniques, 3(1) U. Ottawa L. & Tech. J. 35. Burke Michael E. (2005), Demetrios Eleftheriou, Marco Berliri & Giulio Coraggio, Infonnation Services, Technology, and Data Protection, 39 Int’l Law. 403, 408-409. Bygrave, Lee A. (1998), Data Protection Reform in Scandinavia, 5 Privacy L. & Pol’y Rep. 9-12. Bygrave, Lee A. (2001), The Place of Privacy In Data Protection Law, 24 U.N.S.W.L.J. 277, 280. Callens, Stefaan (1995), The Privacy Directive and Use of Medical Data for Research Purposes, 2 Euro. J. Health L. 309. Evans, A. C. (1981), European Data Protection Law, 29 Am. J. Comp. L. 571. Farnsworth, David P. (1983), Data Privacy or Data Protection and Transborder or Transnational Data Flow, an American's View of European Legislation, 11(4) Int’L Bus. Law. 114. Greenleaf, Graham (2005), APEC’s Privacy Framework: A new low standard, 11(5) Privacy L. & Pol’Y Rep. 121-125. Greenleaf, Graham (2009), Five years of the APEC Privacy Framework: Failure or promise?, 25 Computer L. & Security Rev. 28. Greenleaf, Graham (2012), Global Data Privacy Laws: 89 Countries, and Accelerating, 115 Privacy L. & Bus. Int’l Rep. 1. Hondius, Frits W. (1980).Data Law in Europe, 16 Stan. J. Int'l L. 87. McCullagh, Karen (2007), Data Sensitivity: Proposals for Resolving the Conundrum, 2 J. Int’L Com. L. & Tech. 190. Mei, Peter (1993), The EC Proposed Data Protection Law, 25 L. & Pol’Y Int’L Bus. 305. Miller, Maeve Z. (2007), Note, Why Europe Is Safe from Choicepoint: Preventing Commercialized Identity Theft through Strong Data Protection and Privacy Laws, 39 Geo. Wash. Int’L L. Rev. 395-421. Oliveira, Julia de (2011), EU Directive and CoE Convention are being revised in parallel, 109 Privacy L. & Bus. Int’L Rep. 23. Rosenbaum, Joseph I. (1992-1993), The European Commission’s Draft Directive on Data Protection, 33 Jurimetrics J. 1. Schwartz, Paul M. (1994-1995), European Data Protection Law and Restrictions on International Data Flows, 80 Iowa L. Rev. 471. Shaffer, Gregory (2000), Globalization and Social Protection: The Impact of EU and International Rules in the Ratcheting Up of U.S. Privacy Standards, 25 Yale J. Int'l L. 1, 30. Stadlen, Godfrey (1976), Survey of National Data Protection Legislation, 3(3) Computer Networks 174-186. Tapper, Colin (1992), New European Direction in Data Protection, 3(1) J.L. & Info. Sci. 9. Turn, Rein (1976), Classif ication of Personal Information for Privacy, National Computer Conference and Exposition 303-304. Wong, Rebecca (2007), Date Protection Online: Alternative Approaches to Sensitive Data, 2(1) J. Int’L Com. L. & Tech. 9. (四) 研究報告 California Office of Information Security and Privacy Protection , Recommended Practices for Protecting the Confidentiality of Social Security Numbers, available at http://www.privacy.ca.gov/res/docs/pdf/ssnrecommendations.pdf Canadian Institutes of Health Research, Questions And Answers For Health Researchers, available at http://publications.gc.ca/collections/Collection/MR21-25-2001E.pdf Comparative Study of European Commission Directorate-General Justice (2010), Freedom And Security on Different Approaches to New Privacy Challenges, In Particular in the Light of Technological Developments- B.1 – United States Of America, May. 2010, available at http://ec.europa.eu/justice/policies/privacy/docs/studies/new_privacy_challenges/final_report_country_report_B1_usa.pdf Comparative Study of European Commission Directorate-General Justice, Freedom And Security on Different Approaches to New Privacy Challenges, In Particular in the Light of Technological Developments- B.2 –Australian, at 18 (May. 2010) available at http://ec.europa.eu/justice/policies/privacy/docs/studies/new_privacy_challenges/final_report_country_report_B2_australia.pdf Council of Europe, Committee of Ministers, Recommendation No. R (97) 5 on the Protection of Medical Data para.1, available at https://wcd.coe.int/com.instranet.InstraServlet?command=com.instranet.CmdBlobGet&InstranetImage=564487&SecMode=1&DocId=560582&Usage=2 Council of Europe, Committee of Ministers, Recommendation No. R (97) 5 on the Protection of Medical Data Principle Financial Services Agency, Guidelines for Personal Information Protection in the Financial Field Art. 6, available at http://www.fsa.go.jp/frtc/kenkyu/event/20070424_02.pdf Gassmann, Hans Peter (2010), Former Head of the ICCP Division Directorate for Science, Technology and Industrtry, OECD 30 Years After: The Impact of The OECD Privacy Guidelines, Address at Joint Roundtable of the Committee for Information, Computer and Communications Policy (ICCP), and its Working Party on Information Security and Privacy (WPISP) (Mar. 10, 2010), http://www.oecd.org/document/39/0,3746,en_2649_34255_44946983_1_1_1_1,00.html Graux,Neil Robinson Hans, Maarten Botterman & Lorenzo Valeri (2009), Technical Report, Review of the European Data Protection Directive, UK: ICO, available at http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/review_of_eu_dp_directive.pdf Korff, Douwe (2002), EC Study on Implementation of Data Protection Directive: Comparative Summary of National Laws 14 (Sep. 2002), available at http://www.garanteprivacy.it/garante/document?ID=455584 Kruse, Andreas, Camino Mortera-Martinez, Véronique Corduant & Sebastian Lange (2008), Final Report, The Regulatory Framework for RFID, at 13 (Aug. 2008), available at www.rfid-in-action.eu/public/results/legal-aspects/framework.pdf Ministry of Economy, Trade and Industry, Guidelines Targeting Economic and Industrial Sectors Pertaining to the Act on the Protection of Personal Information 36 (2009), available at http://www.meti.go.jp/policy/it_policy/privacy/0910english.pdf Rodrigues et al., Roberto J. (2001), The Regulation of Privacy and Data Protection in The Use of Electronic Health Information 76. Simitis, Spiros (1999), Revisiting Sensitive Data, 1 Review of the answers to the Questionnaire of the Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, available at http://www.coe.int/t/dghl/standardsetting/dataprotection/Reports/Report_Simitis_1999.pdf Study Report of the European Commission against Racism and Intolerance on“Ethnic” statistics and data protection in the Council of Europe countries, at 24 (Oct. 10, 2007), available at http://www.coe.int/t/dghl/monitoring/ecri/activities/themes/Ethnic_statistics_and_data_protection.pdf UK ICO, The Guide to Data Protection, available at http://www.ico.gov.uk/for_organisations/data_protection/~/media/documents/library/Data_Protection/Practical_application/THE_GUIDE_TO_DATA_PROTECTION.ashx UK Information Commissioner, DPA: Legal Guidance, available at http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/data_protection_act_legal_guidance.pdf (五)案例 M.S v. Sweden [1997] 28 EHRR 313, para 34-35 Nat'l Sec. News Serv. v. U.S. Dep't of Navy, 584 F. Supp. 2d 94, 96 (D.D.C. 2008) Stone v. South East Coast Strategic Health Authority [2006] EWHC 1668 (Admin) [2007] (Eng.) | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/6651 | - |
dc.description.abstract | 2011年,我國通過新修正之個人資料保護法,第六條第一項規定,有關醫療、基因、健康檢查、性生活與犯罪前科之個人資料,為敏感性個人資料,或謂特種資料。
個人資料是否屬於敏感性個人資料,應考量資料之性質,並以法律列舉之方式定義。個人資料保護法目前列舉之類別,有四類與健康相關,且遺漏病歷資料,類別有待重整。指紋雖屬生物辨識資訊,具敏感性個人資料之特質,惟目前各國立法仍缺乏共識,暫時無須列為敏感性個人資料。 敏感性個人資料因性質特殊,不當蒐集、處理或利用容易侵害個人資訊隱私,故各國原則上率皆禁止蒐集、處理或利用之,例外始得蒐集、處理或利用。個人資料保護法規定四種得蒐集、處理或利用敏感性個人資料之例外情形,現行各款規定有欠明確,且四種情形與各國立法例相較為少,將來可新增「當事人書面知情同意」、「基於醫療行為」或「重大公益所必要」之例外條款。 個人資料保護法對敏感性個人資料之保護,尚有不足,尤其關於公務機關或非公務機關是否須履行通知義務,以及特定目的外利用之情形,適用上仍有疑義,應修正補強。 | zh_TW |
dc.description.abstract | Sensitive Data or Sensitive Information is a sub-set of personal information and is given a higher level of protection under Personal Information Protection Act(PIPA) Art.6(1). The definition of Sensitive Data(special categories of data) in the PIPA refers to information about an individual’s: medical treatment, genetic information, sexual life, health examination and criminal record.
Any Information can be considered to be sensitive, depending on the nature. The better approach to define sensitive data is specifically enumerating special categories of sensitive data by Law. Almost all Sensitive data enumerated in current PIPA is about medical information and lacks medical record, therefore the list should be consolidated and amended. Fingerprint is biometric information which can be considered sensitive, but there is no legislation in other country, so it may not be added to the list temporarily. PIPA prohibits Government agency or Non-government agency from collecting, processing and using sensitive data unless at least one of the conditions(exemption) set out in Art.6(1) is fulfilled. However, the definition of the exemptions is vague and ambiguous. The types of the exemptions defined in PIPA are less than legislation in other country as well. Therefore this thesis suggests that PIPA should be amended and many other conditions, such as “data subject’s informed consent”, “for medical purposes” exemption, “for public interest” exemption and “in order to protect the vital interests of another person” exemption should be added. Although PIPA gives higher level of protection to sensitive data, it does not specifically state whether Government agency or Non-government agency should notice data subject before collecting sensitive data, or whether sensitive data can be used for secondary purpose. It should be amended immediately before the date for enforcement of the Act. | en |
dc.description.provenance | Made available in DSpace on 2021-05-17T09:15:46Z (GMT). No. of bitstreams: 1 ntu-101-R96341022-1.pdf: 2007251 bytes, checksum: 1265ac01a3508f93d38dad203d5cec11 (MD5) Previous issue date: 2012 | en |
dc.description.tableofcontents | 誌謝 I
中文摘要 III 英文摘要 V 目次 VII 圖次 X 表次 XI 縮語表 XII 第一章 緒論 1 壹、研究動機 1 貳、研究目的 4 一、何謂敏感性個人資料? 4 二、敏感性個資是否得以蒐集、處理及利用? 5 三、蒐集、處理或利用敏感性個資所應遵循之「個人資料保護原則」,與一般個人資料有無不同? 7 參、研究方法暨範圍 9 肆、研究架構 10 第二章 敏感性個人資料概念 11 第一節 相關概念 11 第二節 敏感性個人資料概念之發展 18 一、OECD個資綱領 19 二、歐盟「保護個人關於自動化處理個人資料公約」 21 三、聯合國「規範電腦化個人資料檔案指導綱要」 24 四、歐盟「個人資料保護指令」 25 五、APEC「隱私保護綱領」 31 第三節 各國立法例 33 一、歐盟國家 33 二、其他國家 37 第四節 敏感性個資之界定方法 51 一、法律列舉模式 51 二、綜合考量模式 55 三、本文見解 60 第五節 小結 64 第三章 敏感性個資之蒐集、處理及利用 66 第一節 禁止「蒐集、處理或利用」之原則 66 第二節 得「蒐集、處理或利用」之例外 70 一、法律明文規定者 70 二、公務機關執行法定職務或非公務機關履行法定義務所必要者 76 三、當事人自行公開或其他已合法公開者 84 四、公務機關或學術研究機構基於醫療、衛生或犯罪預防之目的,為統計或學術研究而有必要,且經一定程序者 86 五、其他 89 第三節 小結 101 第四章 敏感性個人資料與個人資料保護原則 104 第一節 個人資料保護原則 104 第二節 敏感性個資之「蒐集」相關原則 108 一、蒐集限制原則 108 二、個人參與原則 119 三、資料品質原則 122 四、目的特定原則 123 五、責任歸屬原則 125 第三節 敏感性個資之「處理」相關原則 126 一、個人參與原則 126 二、資料品質原則 127 三、目的特定原則 127 四、公開原則 128 五、安全保障原則 129 六、期間限制原則 132 七、責任歸屬原則 134 第四節 敏感性個資之「利用」相關原則 136 一、個人參與原則 136 二、資料品質原則 137 三、目的特定原則 137 四、利用限制原則 138 五、國際傳輸 142 六、責任歸屬原則 144 第五節 小結 145 第五章 結論與建議 153 一、「個資法」敏感性個資定義之商榷 153 (一)主要應考量資料之性質,並採取法律列舉方式 153 (二)列舉類別待重整 154 (三)「病歷」應併入健康相關資料 154 (四)「指紋」目前無須列為敏感性個資 155 二、「個資法」有關得蒐集、處理或利用敏感性個資情形之例外規定之商榷 156 (一)現行規定有欠明確 156 (二)應建議增列「當事人書面知情同意」及「重大公益」等例外事項 157 三、敏感性個資保護不足,應予補強 158 (一)蒐集敏感性個資須履行告知義務 158 (二)蒐集、處理或利用敏感性個資應有特定目的,須符合「個資法」第6條第1項但書規定 158 (三)敏感性個資之二次利用目的應予限縮 159 參考文獻 161 | |
dc.language.iso | zh-TW | |
dc.title | 敏感性個人資料保護之研究 | zh_TW |
dc.title | A Study of Sensitive Personal Data Protection | en |
dc.type | Thesis | |
dc.date.schoolyear | 100-2 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 林三欽(San-Chin Lin),劉靜怡(Ching-Yi Liu) | |
dc.subject.keyword | 敏感性個人資料,特種資料,個人資料保護法,歐盟個人資料保護指令,個人資料保護原則, | zh_TW |
dc.subject.keyword | sensitive data,sensitive information,special categories of data,personal data protection,data protection principle,Personal Information Protection Act, | en |
dc.relation.page | 172 | |
dc.rights.note | 同意授權(全球公開) | |
dc.date.accepted | 2012-08-08 | |
dc.contributor.author-college | 社會科學院 | zh_TW |
dc.contributor.author-dept | 國家發展研究所 | zh_TW |
顯示於系所單位: | 國家發展研究所 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-101-1.pdf | 1.96 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。