從告知後同意之困境論資訊受託義務與資料中介服務

謝昕宸; Hsin-Chen Hsieh

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/83179

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	林明昕	zh_TW
dc.contributor.advisor	Ming-Hsin Lin	en
dc.contributor.author	謝昕宸	zh_TW
dc.contributor.author	Hsin-Chen Hsieh	en
dc.date.accessioned	2023-01-10T17:10:03Z	-
dc.date.available	2023-11-09	-
dc.date.copyright	2023-01-07	-
dc.date.issued	2022	-
dc.date.submitted	2023-01-03	-
dc.identifier.citation	中文部分期刊論文李惠宗（2013），〈個人資料保護法上的帝王條款：目的拘束原則〉，《法令月刊》，第 64 卷第1期，頁54。林昕璇（2020），〈大規模政府監控之資訊隱私保障：評析美國聯邦法院相關裁判〉，《臺灣民主季刊》，第17卷2期，頁69-71。邱文聰（2009），〈從資訊自決與資訊隱私的概念區分：評「電腦處理個人資料保護法修正草案」的結構性問題〉，《月旦法學雜誌》，第168 期，182 頁。洪家殷（2019），〈公務機關資料之蒐集與個人資料之保護〉，《東吳法律學報》，第30卷4期，頁45-47。范姜真媺（2013），〈個人資料自主權之保護與個人資料之合理利用〉，《法學叢刊》，第57卷1期，頁71-73。范姜真媺（2018），〈檢視行政機關蒐集利用個資之問題及展望〉，《法學叢刊》，第63卷2期，頁32-33 翁逸泓（2022），〈資料治理法制：歐盟模式之啟發〉，《東海大學法學研究》，第64期，頁63-69。張陳弘（2018），〈新興科技下的資訊隱私保護：「告知後同意原則」之侷限性與修正方法之提出〉，《臺大法學論叢》，47卷1期，頁277。張陳弘（2018），〈隱私之合理期待標準於我國司法實務之操作：我的期待？你的合理？誰的隱私？〉，《法令月刊》，第69卷2期，頁92-96。陳子平（1999），〈醫療上「充分說明與同意」（Informed Consent）之法理〉，《東吳法律學報》，第12卷第1期，頁50-51。楊秀儀（2005），〈美國「告知後同意」法則之考察分析〉，《月旦法學雜誌》，第121期，頁146-147。楊岳平（2021），〈重省我國法下資料的基本法律議題：以資料的法律定性為中心〉，《歐亞研究》，第17期，頁31-39。劉定基（2009），〈欺罔與不公平資訊行為之規範：以美國聯邦交易委員會的管制案例為中心〉，《公平交易季刊》，第17卷第4期，頁58-59。劉定基（2013），〈析論個人資料保護法上「當事人同意」的概念〉，《月旦法學雜誌》，第218期，頁154-156。劉定基（2017），〈大數據與物聯網時代的個人資料自主權〉，《憲政時代》，第 42 卷第 3 期，頁 288-292。劉靜怡（2010），〈不算進步的立法：「個人資料保護法」初步評析〉，《月旦法學雜誌》，第183期，頁151-152 劉靜怡（2012），〈社群網路時代的隱私困境：以Facebook為討論對象〉，《臺大法學論叢》，第41卷第1期，頁8-16。蘇慧婕（2021），〈歐盟被遺忘權的內國保障：德國聯邦憲法法院第一、二次被遺忘權判決評析〉，《臺大法學論叢》，第51卷1期，頁15-16。書之篇章李震山（1997），〈論資訊自決權〉，收於：《李鴻禧教授六秩華誕祝賀論文集：現代國家與憲法》，初版，頁 722-724，台北：月旦。林子儀（2015），〈公共隱私權〉，收於：國立臺灣大學法律學院、財團法人馬氏思上文教基金會，《第五屆馬漢寶講座論文彚編》，頁7-62，台北：財團法人馬氏思上文教基金會。林子儀（2016），〈監控法制的新議題：監控與隱私自我管理〉，收於：國立臺灣大學法律學院、財團法人馬氏思上文教基金會，《第五屆馬漢寶講座論文彚編》，頁65-115，台北：財團法人馬氏思上文教基金會。劉靜怡（2021），〈科技正當法律程序的憲法意涵：美國判決與學說發展的檢視〉，收於：氏著，《網路時代的隱私保護困境》，頁377-379：台北：元照。劉定基（2022），〈走出合理隱私期待的「死胡同」：社會學研究的借鏡？〉，收於：《法學的想像（第四卷）：社科法學：蘇永欽教授七秩華誕祝壽論文集》，頁632-637：台北：元照。學位論文陳裕涵（2013），〈網路空間中之隱私權保障：以社群網站為中心〉，國立臺灣大學法律學研究所碩士論文，頁133-142。楊承燁（2015），〈論國家之基本權保護義務：以德國憲法法學之發展為中心〉，國立臺灣大學法律研究所碩士論文，頁323-324。吳韋靜（2022），〈論線上數位遺產的現在與未來─兼論數位時代的隱私內涵〉，國立政治大學法律系碩士論文，頁78-83。網路資料台灣人權促進會，〈健保資料庫案憲法解釋聲請書〉，頁23-24，網址：https://www.tahr.org.tw/news/2136 （最後瀏覽日期：2022/08/20）。英文資料專書 BAUMAN, Z. & LYON, D. (2013). LIQUID SURVEILLANCE. POLITY PRESS. BEAUCHAMP, T. L. & CHILDRESS, J. F. (2012). PRINCIPLES OF BIOMEDICAL ETHICS. PRINCIPLES OF BIOMEDICAL ETHICS. BETKIER, M. (2018). PRIVACY ONLINE, LAW AND THE EFFECTIVE REGULATION OF ONLINE SERVICES. INTERSENTIA. FADEN, R. R. & BEAUCHAMP, T. L. (1986). A HISTORY AND THEORY OF INFORMED CONSENT. OXFORD UNIVERSITY PRESS. FUSTER, G. G. (2014). THE EMERGENCE OF PERSONAL DATA PROTECTION AS A FUNDAMENTAL RIGHT OF THE EU. SPRINGER. HARTZOG, W. (2018). PRIVACY’S BLUEPRINT: THE BATTLE TO CONTROL THE DESIGN OF NEW TECHNOLOGIES. HARVARD UNIVERSITY PRESS. KOSTA, E. (2013). CONSENT IN EUROPEAN DATA PROTECTION LAW. MARTINUS NIJHOFF. KUNER, C. ET AL. (2018). THE EU GENERAL DATA PROTECTION REGULATION: A COMMENTARY. OXFORD UNIVERSITY PRESS. MANSON, N. & O'NEILL, O. (2007). RETHINKING INFORMED CONSENT IN BIOETHICS. CAMBRIDGE UNIVERSITY PRESS. NISSENBAUM, H. (2010). PRIVACY IN CONTEXT. STANFORD LAW BOOKS. PASQUALE, F. (2015). THE BLACK BOX SOCIETY: THE SECRET ALGORITHMS THAT CONTROL MONEY AND INFORMATION. HARVARD UNIVERSITY PRESS. SOLOVE, D. J. (2006). THE DIGITAL PERSON. NEW YORK UNIVERSITY PRESS. SOLOVE, D. J. (2008). UNDERSTANDING PRIVACY. HARVARD UNIVERSITY PRESS. WALDMAN, A. E. (2018). PRIVACY AS TRUST: INFORMATION PRIVACY FOR AN INFORMATION AGE. CAMBRIDGE UNIVERSITY PRESS. 期刊論文 Allen, A. L. (2016). Protecting One’s Privacy in a Big Data Economy. HARVARD LAW REVIEW FORUM, 130, 71-78. Asay, C. D. (2013). Consumer Information Privacy and the Problem(s) of Third-Party Disclosures. NORTHWESTERN JOURNAL OF TECHNOLOGY AND INTELLECTUAL PROPERTY, 11(5), 321-357. Balkin, J. M. (2016). Information Fiduciaries and the First Amendment, UNIVERSITY OF CALIFORNIA DAVIS LAW REVIEW, 49(4), 1183-1234. Balkin, J. M. (2020). The Fiduciary Model of Privacy, HARVARD LAW REVIEW FORUM (YALE LAW & ECONOMICS RESEARCH PAPER FORTHCOMING), 134(1), 11-33. Barrett, L. (2019). Confiding in Con Men: U.S. Privacy Law, the GDPR, and Information Fiduciaries, SEATTLE UNIVERSITY LAW REVIEW, 42(3), 1057-1113. Ben-Shahar, O. & Schneider, C. E. (2011). The Failure of Mandated Disclosure, UNIVERSITY OF PENNSYLVANIA LAW REVIEW, 159, 647-749. Calo, R. M. (2012). Against Notice Skepticism in Privacy (and Elsewhere), NOTRE DAME LAW REVIEW, 87(3), 1027-1072. Cate, F. H. & Cate, B. E. (2012). The Supreme Court and Information Privacy, INTERNATIONAL DATA PRIVACY LAW, 2(4), 255-267. Citron, D. K. & Solove, D. J. (2022). Privacy Harms, BOSTON UNIVERSITY LAW REVIEW, 102, 793-863. Cohen, J. E. (2013). What Privacy Is For, HARVARD LAW REVIEW, 126, 1904-1933. Delacroix, S. & Lawrence, N. D. (2019). Bottom-up data trusts: disturbing the ‘one size fits all’ approach to data governance, INTERNATIONAL DATA PRIVACY LAW, 9(4), 236-252. Diaz, C. et al. (2013). Hero or Villain: The Data Controller in Privacy Law and Technologies, OHIO STATE LAW JOURNAL,74, 923-944. Edwards, L. (2004). The Problem with Privacy: A Modest Proposal, INTERNATIONAL REVIEW OF LAW COMPUTERS & TECHNOLOGY, 18(3), 309-340. Efroni, Z. et al. (2019). Privacy Icons: A Risk-Based Approach to Visualisation of Data Processing, EUROPEAN DATA PROTECTION LAW REVIEW, 5(3), 352-366. Hartzog, W. & Richards, N. M. (2022). Legislating Data Loyalty, NOTRE DAME LAW REVIEW REFLECTION, 97, 356-384. Hartzog, W. & Richards, N. M. (2022). The Surprising Virtues of Data Loyalty Virtue of Data Loyalty, EMORY LAW JOURNAL, 71(5), 985-1033. Hirsch, D. D. (2014). The Glass House Effect: Big Data, The New Oil, and the Power of Analogy, MAINE LAW REVIEW, 66, 373-395. Hirsch, D. D. (2020). From Individual Control to Social Protection: New Paradigms for Privacy Law in the Age of Predictive Analytics, MARYLAND LAW REVIEW,79, 439-505. Huq, A. Z. (2022). The Public Trust in Data. THE GEORGETOWN LAW JOURNAL, 110, 333-402. Indla, V. & Radhika, M. S. (2019). Hippocratic oath: Losing relevance in today's world?, INDIAN JOURNAL OF PSYCHIATRY, 61(4), 773-775. Jarovsky, L. (2018). Improving Consent in Information Privacy through Autonomy-Preserving Protective Measures (APPMs), EUROPEAN DATA PROTECTION LAW REView, 4(4), 447-458. Kane, B. & Delange, B. T. (2009). A Tale of Two Internets: Web 2.0 Slices, Dices, and Is Privacy Resistant. IDAHO LAW REVIEW, 45, 317-347. Kelly, P. G. et al. (2010). Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach in PROCEEDINGS OF THE SIGCHI CONFERENCE ON HUMAN FACTORS IN COMPUTING SYSTEMS 1573-1582. Khan, L. M. (2019). The Separation of Platforms and Commerce, 119 COLUMBIA LAW REVIEW, 119(4), 973-1098. Khan, L. M. & Pozen, D. E., (2019). A Skeptical View of Information Fiduciaries, HARVARD LAW REVIEW, 133, 497-541. Lessig, L. (1999). The Law of the Horse: What Cyber Law Might Teach, HARVARD LAW REView, 113(2), 501-549. Mittelstadt, B. D. & Floridi, L. (2016). The Ethics of Big Data: Current and Foreseeable Issues in Biomedical Contexts. SCIENCE & ENGINEERING ETHICS, 22(2), 303-341. Nissenbaum, H. (2011). A Contextual Approach to Privacy Online, DÆDALUS, THE JOURNAL OF THE AMERICAN ACADEMY OF ARTS & SCIENCES, 140(4), 32-48. Nissenbuam H. (2004). Privacy as Contextual Integrity, WASHINGTON LAW REVIEW,79(1) 119-158. Pellegrino E. (1997). The Nazi Doctors and Nuremberg: Some Moral Lessons Revisited, ANNALS OF INTERNAL MEDICINE, 127, 307. Rachel J. (1975). Why Privacy Is Important, PHILOSOPHY & PUBLIC AFFAIRS, 4(4), 323-333. Riccardi, J. L. (1983). The German Federal Data Protection Act of 1977: Protecting the Right to Privacy, BOSTON COLLEGE INTERNATIONAL & COMPUTER LAW REVIEW, 6(1), 243-271. Richards, N. M. (2008). Intellectual Privacy, TEXAS LAW REVIEW, 87, 387-445. Richards, N. M. (2013). The Dangers of Surveillance, HARVARD LAW REVIEW, 126, 1934-1965. Richards, N. M. & Hartzog, W. (2016). Taking Trust Seriously in Privacy Law, STANFORD TECHNOLOGY LAW REVIEW, 19, 431-472. Richards, N. M. & Hartzog, W. (2017). Trusting Big Data Research, DEPAUL LAW REVIEW, 66, 579-590. Richards, N. M. & Hartzog, W. (2019). The Pathologies of Digital Consent, WASHINGTON UNIVERSITY LAW REVIEW, 96(6), 1461-1503. Richards, N. M. & Hartzog, W. (2020). A Relational Turn for Data Protection?, EUROPEAN DATA PROTECTION LAW REVIEW, 4, 492-497. Richards, N. M. & Hartzog, W. (2021). A Duty of Loyalty for Privacy Law, WASHINGTON UNIVERSITY LAW REView, 99, 961-1021. Richards, N. M. & Solove, D. J. (2008). Privacy’s Other Path: Recovering the Law of Confidentiality, GEORGE WASHINGTON LAW JOURNAL, 96,123-182. Schuck, P. H. (1994). Rethinking Informed Consent, YALE LAW JOURNAL, 103, 899-959. Solove, D. J. (2013). Introduction: Privacy Self-Management and the Consent Dilemma, HARVARD LAW REVIEW, 126, 1880-1903. Solove, D. J. (2021). The Myth of the Privacy Paradox, GEORGE WASHINGTON LAW REVIEW, 89(1), 1-51. Solove, D. J., (2010). Fourth Amendment Pragmatism, BOSTON COLLEGE LAW REVIEW, 51,1511-1538. Strahilevitz, L. J. (2005). A Social Network Theory of Privacy, UNIVERSITY OF CHICAGO LAW REVIEW, 72, 919-988. Tene, O. & Polonetsky, J. (2013). Big Data for All: Privacy and User Control in the Age of Analytics, NORTHWESTERN JOURNAL TECHNOLOGY & INTELLECTUAL PROPERTY, 11(5), 239-273. Tuch, A. F. (2021). A General Defense of Information Fiduciaries. WASHINGTON UNIVERSITY LAW REVIEW, 98(6), 1897-1937. Tverdek E. (2008). What Makes Information “Public”?, PUBLIC AFFAIRS QUARTERLY, 22(1), 63-77. Viljoen, S. (2021). A Relational Theory of Data Governance, YALE LAW JOURNAL ,131(2), 573-654. Warner, R. & Sloan, R. (2014). Beyond Notice and Choice: Privacy, Norms, and Consent, JOURNAL OF HIGH TECHNOLOGY Law, 14(2), 370-414. Zottnick, K. L. (2015). Secondary Data: A Primary Concern, VANDERBILT JOURNAL ENTERTAINMENT & TECHNOLOGY LAW, 18(1), 193-223. 網路資料 Aapti Institute & ODI (2021, November). Enabling data sharing for social benefit through data trusts, https://gpai.ai/projects/data-governance/data-trusts/enabling-data-sharing-for-social-benefit-through-data-trusts.pdf Aapti Institute & ODI (2021). Enabling data sharing for social benefit through data trusts: An Interim Report for the 2021 GPAI Paris Summit, https://gpai.ai/projects/data-governance/data-trusts/enabling-data-sharing-for-social-benefit-data-trusts-interim-report.pdf Ada Lovelace Institute (2021, March). Exploring Legal Mechanisms for Data Stewardship, https://www.adalovelaceinstitute.org/wp-content/uploads/2021/03/Legal-mechanisms-for-data-stewardship_report_Ada_AI-Council-2.pdf Ada Lovelace Institute (2021, September 7). Participatory data stewardship: A framework for involving people in the use of data, https://www.adalovelaceinstitute.org/report/participatory-data-stewardship/ Blankertz, A. & Specht, L. (2021, July). What regulation for data trusts should look like, https://www.stiftung-nv.de/sites/default/files/regulation_for_data_trusts_0.pdf Cate, F. H. et al. (2013, December). Data Protection Principles for the 21st Century: Revisiting the 1980 OECD Guidelines, https://www.repository.law.indiana.edu/cgi/viewcontent.cgi?article=1022&context=facbooks Cohen, J. E. (2021, March). How (Not) To Write a Privacy Law: Disrupting surveillance-based business models requires government innovation, https://knightcolumbia.org/content/how-not-to-write-a-privacy-law Data Trusts Initiative (2021, January 21). Data trusts: International Perspectives on the Development of Data Institutions, https://static1.squarespace.com/static/5e3b09f0b754a35dcb4111ce/t/603ce3325e1da817afe6b193/1614603061204/WP+2+-+DTI+-+global+perspectives.pdf Dell’Elce, A. et al. (2020, November 7). Living with the Algorithm - Toward a New Social Contract in the Age of AI, https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3694846 EDPB (2020, May). Guidelines 05/2020 on consent under Regulation 2016/679, https://edpb.europa.eu/sites/default/files/files/file1/edpb_guidelines_202005_consent_en.pdf EDPB (2021, March 10). EDPB & EDPS adopt joint opinion on the Data Governance Act (DGA), https://edpb.europa.eu/news/news/2021/edpb-edps-adopt-joint-opinion-data-governance-act-dga_en EDPB & EDPS (2021, March). Joint Opinion 3/2021 for Data Governance Act, https://edpb.europa.eu/system/files/2021-03/edpb-edps_joint_opinion_dga_en.pdf EDPS (2016, September). Opinion 9/2016 on Personal Information Management Systems: towards more user empowerment in managing and processing personal data, https://edpb.europa.eu/our-work-tools/our-documents/edpbedps-joint-opinion/edpb-edps-joint-opinion-032021-proposal_en European Commission (2016, January). An emerging offer of “personal information management services” Current state of service offers and challenges, https://ec.europa.eu/newsroom/dae/document.cfm?doc_id=40118 European Commission (2020, February 19). Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: A European Strategy for Data, https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1593073685620&uri=CELEX%3A52020DC0066 Hartzog, W. (2019, February 27). Testimony of Hearing on “Policy Principles for a Federal Data Privacy Framework in The United States” Before The Committee On Commerce, Science, And Transportation U.S. Senate, https://www.commerce.senate.gov/services/files/8B9ADFCC-89E6-4DF3-9471-5FD287051B53 Laney, D. (2001). 3D Management: Controlling Data Volume, Velocity and Variety, https://blogs.gartner.com/doug-laney/files/2012/01/ad949-3D-Data-Management-Controlling- Data-Volume-Velocity-and-Variety.pdf Leslie, D. et al. (2021, June). Artificial Intelligence, Human Rights, Democracy, and the Rule of Law: a Primer, https://rm.coe.int/primer-en-new-cover-pages-coe-english-compressed-2754-7186-0228-v-1/1680a2fd4a Lizar, M. & Turner, D. (2019, December 30). Consent Receipt Specification, Version: 1.1.0, https://kantarainitiative.org/download/7902/ OECD (1980). Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, https://www.oecd.org/sti/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm OECD (2016, October 27). Big Data: Bringing Competition Policy to the Digital Era: https://one.oecd.org/document/DAF/COMP(2016)14/en/pdf Page, M. et al. (2016, May). The Internet Value Chain, https://www.gsma.com/publicpolicy/wp-content/uploads/2016/05/GSMA_The-internet-Value-Chain_WEB.pdf The GPAI Data Governance Working Group (2021, July 9). Understanding Data Trusts, https://ceimia.org/wp-content/uploads/2021/07/2021-07-09-GPAI-summary-understanding-data-trusts-updated.docx.pdf U.S. Dep't. of Health, Education and Welfare (1973). Secretary's Advisory Committee on Automated Personal Data Systems, Records, computers, and the Rights of Citizens, https://simson.net/ref/2004/csg357/handouts/01_fips.pdf Vogelezang, F. (2022, March 1). A Closer Look at Data Intermediaries and the Risk of Platformization, available at https://openfuture.eu/blog/a-closer-look-at-data-intermediaries-and-the-risk-of-platformization/ (last visited: 2022/08/19). WEF (2020, July). Redesigning Data Privacy: Reimaging Notice & Consent for human-technology interaction, https://www3.weforum.org/docs/WEF_Redesigning_Data_Privacy_Report_2020.pdf WEF (2021, April 30). Good Data: Sharing Data and Fostering Public Trust and Willingness, https://www.weforum.org/whitepapers/good-data-sharing-data-and-fostering-public-trust-and-willingness/ (last visited: 2022/09/05). WEF (2022, February). Advancing Towards Digital Agency: The Power of Data Intermediaries, https://www3.weforum.org/docs/WEF_Advancing_towards_Digital_Agency_2022.pdf WMA (2022, September 6). Declaration of Helsinki – Ethical Principles For Medical Research Involving Human Subjects, https://www.wma.net/policies-post/wma-declaration-of-helsinki-ethical-principles-for-medical-research-involving-human-subjects/ 判決 Boyd v United States, 116 U.S. 616 (1886). Dobbs v. Jackson Women's Health Org., 142 S. Ct. 2228 (2022). Griswold v Connecticut, 381 U.S. 479 (1965) . Katz v United States, 389 U.S. 347 (1967). Obergefell v. Hodges, 135 S. Ct. 2584, 2599 (2015). Olmstead v. United States, 277 U.S. 438, 464 (1928). Roe v. Wade, 410 U.S. 113 (1973). United States v Miller, 425 U.S. 435 (1976).	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/83179	-
dc.description.abstract	「告知後同意原則」（informed consent）作為我國個人資料保護法下的重要原則，是以憲法上資訊隱私權之「資訊自主控制」作為理論基礎，同時預設個人具有充分理性與知識作成對自己最有利之決定。然而，發源自類比時代的告知後同意原則在進入數位化的線上環境之後，面臨諸多挑戰：從個人資料之蒐集方式之多樣化、線上服務提供者對於取得同意介面之設計、複雜而難以理解的隱私權政策，都考驗著過去對個人理性能力的假設是否已被打破，再加上巨量資料處理技術的成熟，讓零碎資料能夠被重新組合而挖掘出敏感資訊，甚至用於預測分析個人偏好與行為，這也使得個人評估資訊隱私風險的難度更上層樓。對於數位時代以及巨量資料技術下沿用告知後同意原則的質疑，首先有維繫在既有資訊自主控制之理論基礎上，在具體的規範面催生了個人資料保護法立法論上的不同想法，例如為了將巨量資料技術的利益最大化，而主張揚棄目的拘束原則之限制，同時以事前利益衡量與風險評估措施，限縮告知後同意原則的適用情境。再者，也有回歸對隱私概念界定之理論檢討，提出有別於過往個人權利導向之隱私建構方式，改以社會關係建構隱私概念之理論，並在此之上建立迴異於程序性的告知後同意原則，而更關注個人資料之蒐集、處理、利用是否不利於資料主體的「資訊受託義務」，並且投射至既有的行政管制與私人責任之間。此外，更有論者提出在傳統的資料蒐集、利用關係外，引進對資料主體承擔受託義務，並受到國家監督的第三方「資料中介服務」，作為資料治理與個人資料保護兩股不同訴求的橋樑，一方面透過集體行使權利的方式，縮小與部分資料控制者間的地位不對等，一方面也試圖輔助資料主體進行資訊自主控制。本文將依序檢視介紹這些立基於隱私之社會理論的新興管制手段，並在最後與我國法的發展進行比較分析，為我國將來資訊隱私問題之管制架構提供參考。	zh_TW
dc.description.abstract	As the main regulatory tool under Personal Data Protection Law of Taiwan, informed consent has its basis on right to information privacy and “information self-control” under the constitution and assumes every individual is capable of making the best choice with sufficient information, rationality and knowledge. Nevertheless, the paradigm shift of information technology and environment, inclusive of Big Data and online service, suggests the re-examination of this assumption and its corresponding regulatory tool. First, this article elaborates on what changes in the information technology and environment and why these changes urge the re-examination of current legal framework and the theory of defining privacy. Second, the practice of informed consent under current personal data protection law and informed consent dilemma would be introduced and analyzed. With the cognitive and structural problem recognized, the upcoming improvements for information privacy law should be characterized as substantiality, or in attempt to disturb the one-size-fits-all regulation for personal data. In the third part, this article revisits the theory of privacy, which focuses on the individualistic, right-based approach, and proposes the social theory of privacy, especially the trust theory, to complement the limitation of right-based conceptualization of privacy. Lastly, the new legal framework based on trust theory is introduced, drawing the comparison between information fiduciaries and personal data protection law, and data intermediation service under the adoption of European Union’s Data Governance Regulation (DGA).	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2023-01-10T17:10:03Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2023-01-10T17:10:03Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	第一章緒論 1 第一節研究動機 1 第二節研究範圍 5 第三節本文架構 7 第二章個人資料保護法制之緣起與變遷 9 第一節告知後同意原則之緣起 9 壹、類比時代之告知後同意原則 10 一、 FIPPs與OECD原則之緣起 10 二、告知後同意原則之雛形 11 貳、數位時代之告知後同意原則 13 一、數位化與巨量資料技術之影響 13 （一）資料處理成本之降低 13 （二）資料需求之擴大 14 二、線上環境之影響 15 （一）資料蒐集方式之多元化 15 （二）地位不對等之加劇 16 三、個人資料保護模式之差異化 18 （一）歐盟法：全面適用之個資法及補充適用之特別法 18 （二）美國法：部門立法及線上隱私權政策之管制 19 參、小結 21 第二節告知後同意原則在個人資料保護法之適用 21 壹、個人資料之初次蒐集 22 一、告知之法定事由 23 二、同意之合法要件 23 （一）自願 24 （二）特定 25 （三）經告知 26 （四）明示 26 貳、個人資料之目的外利用 27 第三節巨量資料對個人資料保護法制之影響 29 壹、目的拘束原則 29 貳、立法模式之抉擇 31 一、目的拘束原則之鬆綁 31 二、目的拘束原則之揚棄 31 三、本文見解 33 第四節小結 34 第三章告知後同意原則之困境與重省 36 第一節告知後同意原則之本質 36 壹、醫病關係間告知後同意原則之借鏡 37 貳、雙向溝通而非單向傳遞 41 第二節告知後同意原則之困境 43 壹、認知能力之問題 44 貳、資訊結構之問題 45 參、同意之實效性前提 47 一、資訊量不得過載 47 二、必須傷害顯見 48 三、必須具備迴避誘因 48 肆、小結 48 第三節告知後同意原則之重省 49 壹、從中性到實體性之義務要求 50 貳、高度脈絡化之隱私規範 51 參、從蒐集到利用階段之重心移轉 53 第四節小結 53 第四章隱私概念之變遷與資訊受託義務 55 第一節隱私內涵之界定 55 壹、以個人權利界定隱私之極限 56 一、合理隱私期待之困境 57 二、難以招架同意之資訊自主控制 60 三、小結 61 貳、以社會為基礎之隱私概念 62 一、隱私之社會理論 62 二、隱私之信任理論 68 參、小結：資訊隱私權之國家保護義務 71 第二節資訊受託義務 72 壹、資訊受託義務之提出 73 一、類比受託義務之正當性 74 二、資訊受託義務提出之背景 74 壹、資訊受託義務之內涵 77 一、以忠實義務為受託義務之中心 78 二、以審慎義務取代保密原則 82 三、以誠實義務取代透明化原則 83 四、以保護義務取代資料安全原則 84 貳、資訊受託義務之質疑 84 一、與公司法受託義務之衝突 84 二、對第三人與第三人所造成之影響 86 第三節小結 87 第五章資料中介服務之提出 92 第一節資料治理與個人資料保護之交會 92 壹、歐盟資料治理法制之概況 93 一、不完全的資料使用 94 二、市場力量不對等 95 三、資料互通性 96 四、資料治理與個人資料保護之關係 97 五、小結 97 貳、資料信託 98 一、資料信託之架構 99 二、資料信託之功能 101 三、資料信託之疑慮 102 （一）與非普通法之相容性 102 （二）資料信託之建置方式 103 參、個人資訊管理服務 104 一、個人資訊管理服務之架構 105 二、個人資訊管理服務之功能 105 （一）隱私偏好設定之標準化 106 （二）隱私偏好設定外之其他功能 108 三、個人資訊管理服務之疑慮 109 （一）自律之不足 109 （二）告知同意困境之重現 110 肆、小結 110 第二節歐盟資料治理規則之借鏡 112 壹、立法目的 113 貳、資料中介服務之要件與服務類型 114 一、資料中介服務之要件 114 二、資料中介服務之類型 116 （一）資料交換型 116 （二）權利管理型 117 （三）資料合作社 119 參、資料中介服務之義務 120 一、通知義務 121 二、受託義務 121 三、中立義務 122 四、互通義務 123 肆、資料中介服務之行政監督 124 伍、資料治理規則之評析 125 第三節小結 126 第六章結論 128 參考文獻 133	-
dc.language.iso	zh_TW	-
dc.subject	資料中介服務	zh_TW
dc.subject	個人資料保護法	zh_TW
dc.subject	資訊隱私權	zh_TW
dc.subject	資訊受託義務	zh_TW
dc.subject	告知後同意原則	zh_TW
dc.subject	Data Intermediation Service	en
dc.subject	Informed Consent	en
dc.subject	Personal Data Protection Law	en
dc.subject	Information Privacy	en
dc.subject	Information Fiduciary	en
dc.title	從告知後同意之困境論資訊受託義務與資料中介服務	zh_TW
dc.title	A Study on Information Fiduciaries and Data Intermediation Service Based on Informed Consent Dilemma	en
dc.title.alternative	A Study on Information Fiduciaries and Data Intermediation Service Based on Informed Consent Dilemma	-
dc.type	Thesis	-
dc.date.schoolyear	111-1	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	劉定基;蘇慧婕	zh_TW
dc.contributor.oralexamcommittee	Ting-Chi Liu;Hui-Chieh Su	en
dc.subject.keyword	告知後同意原則,個人資料保護法,資訊隱私權,資訊受託義務,資料中介服務,	zh_TW
dc.subject.keyword	Informed Consent,Personal Data Protection Law,Information Privacy,Information Fiduciary,Data Intermediation Service,	en
dc.relation.page	142	-
dc.identifier.doi	10.6342/NTU202300004	-
dc.rights.note	未授權	-
dc.date.accepted	2023-01-04	-
dc.contributor.author-college	法律學院	-
dc.contributor.author-dept	法律學系	-
顯示於系所單位：	法律學系

文件中的檔案：

檔案	大小	格式
U0001-1017230102221029.pdf 未授權公開取用	3.83 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。