個人資料去識別化困境新解—「資料財產權」進路

嚴治翔; Chih-Hsiang Yen

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88427

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	李建良	zh_TW
dc.contributor.advisor	Chien-Liang Lee	en
dc.contributor.author	嚴治翔	zh_TW
dc.contributor.author	Chih-Hsiang Yen	en
dc.date.accessioned	2023-08-15T16:15:18Z	-
dc.date.available	2023-11-09	-
dc.date.copyright	2023-08-15	-
dc.date.issued	2023	-
dc.date.submitted	2023-06-25	-
dc.identifier.citation	一、中文文獻（一）專書 Brittany Kaiser（著），楊理然等（譯）（2020）。《操弄【劍橋分析事件大揭祕】：幫川普當選、讓英國脫歐，看大數據、Facebook 如何洩露你的個資來操弄你的選擇？》，初版，新北市：遠足文化。 Viktor Mayer-Schönberger（著），林俊宏（譯）（2015）。《大數據:隱私篇：數位時代，「刪去」是必要的美德》，初版，台北市：天下遠見。王澤鑑（1998），《侵權行為法第一冊，基本理論：一般侵權行為》，初版，臺北：自刊。王澤鑑（2012），《人格權法》，初版：臺北：自刊。向淑君（2011）。《敞開與遮蔽:新媒介時代的隱私問題研究》，初版。中國：知識產權。何建志（2016），《醫療法律與醫學倫理》，三版，台北：元照。肖莎娜．祖博夫（著），溫澤元、林怡婷、陳思穎（譯）（2020）。《監控資本主義時代（上卷）：基礎與演進》，初版。台北：時報文化。洪遜欣（1976），《中國民法總則》，初版，台北：自刊。張陳弘、莊植寧（2019），《新時代之個人資料保護法制：歐盟GDPR與台灣個人資料保護法的比較說明》，初版，台北：新學林。陳聰富（2014），《醫療責任的形成與展開》，初版，台北：台大出版中心。黃立（1995），《民法債編總論》，二版，台北：元照。（二）專書篇章林子儀（2002），〈基因資訊與基因隱私權—從保障隱私的觀點論基因資訊的利用與法的規制〉，收於：Robert Heuser（等著），《當代公法新論（中） ─翁岳生教授七秩誕辰祝壽論文集》，頁693-726，初版，元照。陳文吟（1997），〈探討美國Moore vs. Regents of the University of California對生化科技的影響〉，收於：曾陳明汝教授祝壽論文集編輯委員會，《智慧財產權與國際私法—曾陳明汝教授六秩誕辰祝壽論文集》，頁221以下，初版，蔡明誠發行。邱文聰（2018），〈初探人工智慧中的個資保護發展趨勢與潛在的反歧視難題〉，收於：劉靜怡編，《人工智慧相關法律議題芻議》，頁153-175，元照。謝銘洋（1999），〈論人格權之經濟利益〉，氏著，《智慧財產權基本問題研究》，頁37-62，初版，翰蘆。（三）期刊論文王紹睿（2018），〈淺談人工智慧系統的隱私資訊安全保護機制〉，《科儀新知》，215期，頁74-84。朱宸佐（2020），〈人工智慧時代數據財產權的保護路徑〉，《月旦民商法雜誌》，67期，頁129-149。何明諠（2016），〈數位時代的隱私邊界：以健保資料庫與ETC交通資料庫為例〉，《台灣人權學刊》，3卷4期，頁139-153。何建志（2020），〈COVID-19疫情期間防疫與隱私之平衡：相關法律議題分析與社會正義觀點〉，《台灣法學雜誌》，387期，頁23-32。吳全峰、許慧瑩（2018），〈健保資料目的外利用之法律爭議：從去識別化作業工具談起〉，《月旦法學雜誌》，272期，頁45-62。吳侑霖、張育瑋、呂佩玲（2019），〈科技執法於易肇事路段之應用－以台 2 線萬里隧道為例〉，《臺灣公路工程》， 45 卷 2 期，頁14-25。宋皇志（2018），〈巨量資料交易之法律風險與管理意涵—以個人資料再識別化為中心〉，《管理評論》，37卷4期，頁37-51。李崇僖（2020），〈在瘟疫蔓延中檢視個資保護法制〉，《台灣法學雜誌》，387期，頁39-43。李斯壯、黃彥男（2019），〈數位時代之數位隱私保護〉，《國土與公共治理》，7卷4期，頁 30-39。李愛君（2018），〈數據權利屬性與法律特徵〉，《東方法學》，3期，頁64-68 周林彬、馬恩斯（2018），〈大數據確權的法律經濟學分析〉，《東北師大學報》，292期，頁30-37。林志六（2003），〈病歷之所有權、閱覽權與謄寫請求權〉，《醫望雜誌》，21期，頁93-95。林昕璇（2020），〈論大規模政府監控之資訊隱私保障—評析美國聯邦法院相關裁判〉，《台灣民主季刊》，17卷2期，頁43-93。邱文聰（2018），〈被淘空的法律保留與變質的資訊隱私憲法保障──評最高行政法院一○六年度判字第五四號判決與相關個資法條文〉，《月旦法學教室》，272期，頁32-44。祝亞琪、魏銪志（2016），〈行動支付之個人資料去識別化方法〉，《電腦稽核》，34期，頁 18-27。翁清坤（2020），〈大數據對於個人資料保護之挑戰與因應之道〉，《東吳法律學報》，31卷3期，頁79-159。翁清坤，（2018），〈賦予當事人個人資料財產權地位之優勢與局限：以美國法為中心〉，《臺大法學論叢》，47卷3期，頁941-1051。馬俊駒（2016），〈人格與人格權立法模式探討〉，《重慶大學學報(社會科學版)》，22卷1期，頁184-196。張兆恬（2016），〈人體生物資料庫之隱私權爭議：美國法的啟示〉，《法律與生命科學》，5卷1期，頁29-46。張陳弘（2018），〈國家建置全民健康保險資料庫之資訊隱私保護爭議－評最高行政法院 106 年度判字第 54 號判決〉，《中原財經法學》，40期，頁185-257。張陳弘（2018），〈新興科技下的資訊隱私保護：「告知後同意原則」的侷限性與修正方法之提出〉，《臺大法學論叢》，47卷1期，頁201-297。程法彰（2020），〈我國資通訊產業的個資去識別化運用爭議〉，《萬國法律》，230期，頁73-81。程嘯（2018），〈論大數據時代的個人數據權利〉，《中國社會科學》，3期，頁102-208。楊立新，林旭霞（2006）．〈論人格標識商品化權及其民法保護〉，《福建師範大學學報（哲學社會科學版）》，136期，頁184-196。楊岳平（2021），〈重省我國法下資料的基本法律議題—以資料的法律定性為中心〉，《歐亞研究》，17期，頁31-39。溫世揚（2013），〈析「人格權商品化」與「人格商品化權」〉，《法學論壇》，149期，頁107-111。葉志良（2016），〈大數據應用下個人資料定義的檢討：以我國法院判決為例〉，《資訊社會研究》， 31期，頁1-36。劉小紅（2020），〈數據按貢獻參與分配實現的法律意蘊〉，《月旦民商法雜誌》，70期，頁65-82。蔡甫昌、莊宇真、陳俞璇、葉曉宜（2020），〈病歷與健康資料研究應用之倫理與法律〉，《台灣醫學》，24卷5期，頁471-489。蔡昀臻、樊國楨（2016），〈大數據之資料去識別的標準化實作初探：根基於ISO/IEC 2nd WD 20889：2016-05-30〉，《資訊安全通訊》，22 卷4期，頁1-26。簡宏偉等著（2020），〈大數據運用與隱私保護－手機定位資訊於防疫應用之法律問題研析〉，《國土及公共治理季刊》，8卷3期，頁64-75。顏厥安（2002），〈財產、人格，還是資訊？論人類基因的法律地位〉，《台大法學論叢》，31卷1期，頁1-44。（四）學位論文王瑋（2020），《人格特徵商業利用之研究》，國立台灣大學法律學研究所碩士論文。陳泓歷（2017），《基於差分隱私之資料去識別化保護與隱私洩漏風險評估系統》，逢甲大學通訊工程學系碩士論文。黃松茂（2008），《人格權之財產性質以人格特徵之商業利用為中心》，國立台灣大學法律學研究所碩士論文。（五）政府出版品經濟部標準檢驗局（2019），《CNS 29100-2:2019資訊技術-安全技術-個人資訊去識別化過程管理系統-要求事項》。（六）網路資料 Google，《GOOGLE 如何匿名處理資料》，載於：https://policies.google.com/technologies/anonymization?hl=zh-HK。台權會網站，《健保資料庫訴訟案》，載於：https://www.tahr.org.tw/cases/NHID。司法院網站（2022）《健保資料庫案言詞辯論新聞稿》，載於：https://www.judicial.gov.tw/tw/cp-1887-629970-b76ca-1.html。交通部公路總局網站（2020），《公總與中市警合作台61線區間測速109年1月15日上路》，載於：https://www.thb.gov.tw/sites/ch/modules/news/news_details?node=eeb33aa6-58a1-4d5d-b6aa-28dd4d5270b0&id=0393a5b4-649f-45d6-9549-3927b7b35fe7。何琳潔（2019），《你的個資真的已經匿名化了嗎？》。載於：https://infolaw.iias.sinica.edu.tw/?p=1831。吳全峰（2018），《個資保護再思考》，載於：https://tw.appledaily.com/forum/20180625/D43MRQWXCC7AX5KKKDBGTFKKF4/。吳全峰（2019），《不用你同意，政府做莊賣個資？》，載於：https://infolaw.iias.sinica.edu.tw/?p=984。林其樺（2015），〈一般常見把姓名、身分證字號隱碼的做法，其實並不等於將個人資料「去識別化」〉，《關鍵評論》，載於：https://www.thenewslens.com/article/33049。科技部生科司（2021），《科技部生科司110年度健康大數據永續平台之「建置轉譯導向生醫巨量資料」詳細計畫書申請須知》，載於：https://www.most.gov.tw/most/attachments/cd750957-fc6f-4fe5-8052-ff6615a0ba37。高速公路局網站（2022），《111年國道智慧交通管理創意競賽》，載於：https://www.freeway.gov.tw/Publish.aspx?cnid=2863。許可（2021），《數據要素市場的大哉問》，載於：https://ppfocus.com/sg/0/te71a8d59.html。新北市政府警察局（2019），《平均速率科技執法》，載於：https://www.traffic.police.ntpc.gov.tw/cp-2772-44747-27.html。衛生福利部中央健康保健署網站（2020），《防疫再升級健保雲端系統提供高風險地區旅遊史》。載於：https://www.nhi.gov.tw/News_Content.aspx?n=FC05EB85BD57C709&s=012016EE70C9A226。衛生福利部疾病管制署網站（2020），《「COVID-19(武漢肺炎)」防疫新生活運動：實聯制措施指引》。載於：https://www.cdc.gov.tw/File/Get/t-_Xs5DDee2qzBFC1fRXJA。二、英文文獻（一）專書 Becker, L. C. (1970). Property Right: Philosophic Foundations. Routledge and K. Paul. Bentham, J. (1690). The Theory of Legislation. Oceana Publ'ns, Inc. Blackstone, W. (1766). Commentaries on the Law of England (facsimile ed.) (1766). The University of Chicago Press. Cooter, R. D., Ulen, T. (2004). Law And Economics (4th ed.). Addison Wesley. Elkin-Koren, N., Salzberger, E. M. (2004). Law, Economics and Cyberspace: The Effects of Cyberspace on the Economic Analysis of Law. Edward Elgar Publishing. Mayer-Schönberger, V., Cukier, K. (2013). Big Data: A Revolution That Will Transform How We Live, Work, and Think. Harper Business. Posner, R. A. (1998). Economic Analysis of Law (4th ed.). Aspen. Purtova, N. N. (2011). Property rights in personal data: A European perspective. BOXPress BV. Radin, M. J. (1996). Contested Commodities. Harvard University Press. Schroeder, W. J., Martin, K. M. (2005). Visualization Handbook. Academic Press. Sprankling J. G., Coletta, R. R., Mirow, M. C. (2006). Global. Issues in Property Law. West Academic Publishing. Stucke, M. E., Grunes, A. P. (2016). Big Data and Competition Policy. Oxford University Press Underkuffler, L. S. (2003). The Idea of Property: Its Meaning and Power. Oxford University Press. Waldman, A. E. (2018). Privacy as Trust: Information Privacy for an Information Age. New York Law School. Westin, A. F. (1967). Privacy and Freedom. Athenum. （二）專書篇章 Allen, A. L. (1997). Genetic Privacy: Emerging Concepts and Values. In Rothstein, M. A. (Ed.), Genetic Secrets: Protecting Privacy and Confidentiality in the Genetic Era (pp. 31-59). Yale University Press. Bittner, P. (2018). Intellectual Property Management Challenges Arising from Persuasive Digitalisation: The effect of the Digital Transformation on Daily Life. In Seuba, X. et al. (Ed.), Intellectual Property and Digital Trade in the Age of Artificial Intelligence and Big Data. (pp. 67-74). CEIPI-ICTSD. Gray, K. & Gray, S. F. (1998). The Idea of Property in Land. In Bright, S. & Dewar, J. K. (Ed.), Land Law: Themes and Perspectives (pp. 15-51). Oxford University Press. Hugenholtz, P. B. (2017). Data Property in the System of Intellectual Property Law: Welcome Guest or Misfit?. In S. Lohsse, R. Schulze & D. Staudenmayer (Eds.). Trading Data in the Digital Economy: Legal Concepts and Tools: Münster Colloquia on EU Law and the Digital Economy III (pp. 75–100). Portland: Hart/Nomos. Wen-Tsong, C. (2021). Digital development and privacy: Is there a way to alleviate the uneasy tension? In Chien-Liang, L. (Ed.), The Way to Law: IIAS’s 10th Anniversary (pp. 461-474). Institutum Iurisprudentiae Academia Sinica. （三）期刊論文 Ad Hoc Committee on DNA Technology, American Society of Human Genetics (1988). DNA banking and DNA analysis: points to consider. American journal of human genetics, 42(5), 781–783. Annas, G. J. (1999). Genetic privacy: There ought to be a law. Tex. Rev. L. & Pol., 4, 9. Balaban, T. L. (2009). Comprehensive Data Privacy Legislation: Why Now Is the Time. Case W. Res. JL Tech. & Internet, 1, 1. Barnhizer, D. D. (2006). Propertizataion Metaphors for Bargaining Power and Control of the Self in the Information Age. Clev. St. L. Rev., 54, 69. Baron, J. B. (2011). Property as control: the case of information. Mich. Telecomm. & Tech. L. Rev., 18, 367. Barrad, C. M. V. (1992). Genetic information and property theory. Nw. UL Rev., 87, 1037. Bartow, A. (1999). Our date, ourselves: Privacy, propertization, and gender. USFL Rev., 34, 633. Basho, K. (2000). The licensing of our personal information: Is it a solution to Internet privacy. Calif. L. Rev., 88, 1507. Bell, A., & Parchomovsky, G. (2018). The privacy interest in property. U. Pa. L. Rev., 167, 869. Bergelson, V. (2003). It's personal but is it mine-toward property rights in personal information. UC Davis L. Rev., 37, 379. Bloustein, E. J. (1964). Privacy as an aspect of human dignity: An answer to Dean Prosser. NYUL rev., 39, 962. Bovbjerg, R. R., Sloan, F. A., & Blumstein, J. F. (1988). Valuing life and limb in tort: Scheduling pain and suffering. Nw. UL Rev., 83, 908. Chen, C. M., Jyan, H. W., Chien, S. C., Jen, H. H., Hsu, C. Y., Lee, P. C., Lee, C. F., Yang, Y. T., Chen, M. Y., Chen, L. S., Chen, H. H., & Chan, C. C. (2020). Containing COVID-19 Among 627,386 Persons in Contact With the Diamond Princess Cruise Ship Passengers Who Disembarked in Taiwan: Big Data Analytics. Journal of medical Internet research, 22(5), e19540. Cofone, I. (2021). Beyond data ownership. Cardozo L. Rev., 43, 501. Cohen, J. (2000). Examined Lives: Informational Privacy and the Subject as Object. Stan. L. Rev., 52, 1373-1438. Colonna, T. E. (1998). Protection of Privacy in Personal Genetic Information. West Virginia Journal of Law and Technology, 2(2), 1. Demsetz, H. (1967). Toward a Theory of Property Rights. The American Economic Review, 57(2), 347-359. Drexl, J. (2017). Designing competitive markets for industrial data. J. Intell. Prop. Info. Tech. & Elec. Com. L., 8, 257. El Emam, K., & Alvarez, C. (2015). A critical appraisal of the Article 29 Working Party Opinion 05/2014 on data anonymization techniques. International Data Privacy Law, 5(1), 73-87. Epstein, R. A. (1977). Privacy, Property Rights, and Misrepresentations. Ga. L. Rev., 12, 455. Finck, M., & Pallas, F. (2020). They who must not be identified—distinguishing personal from non-personal data under the GDPR. International Data Privacy Law, 10(1), 11-36. Haddock, D. D., & Kiesling, L. (2002). The Black Death and property rights. The Journal of Legal Studies, 31(S2), S545-S587. Hagel III, J., & Rayport, J. F. (1997). The coming battle for customer information. The McKinsey Quarterly, (3), 64. Hall, M. A. (2009). Property, privacy, and the pursuit of interconnected electronic medical records. Iowa L. Rev., 95, 631. Hall, M. A., & Schulman, K. A. (2009). Ownership of medical information. JAMA, 301(12), 1282–1284. Hirsch, D. D. (2013). The glass house effect: Big Data, the new oil, and the power of analogy. Me. L. Rev., 66, 373. Hull, S. C., Sharp, R. R., Botkin, J. R., Brown, M., Hughes, M., Sugarman, J., Schwinn, D., Sankar, P., Bolcic-Jankovic, D., Clarridge, B. R., & Wilfond, B. S. (2008). Patients' views on identifiability of samples and informed consent for genetic research. The American journal of bioethics: AJOB, 8(10), 62–70. Janger, E. J. (2002). Privacy Property, Information Costs, and the Anticommons. Hastings LJ, 54, 899. Janger, E. J., & Schwartz, P. M. (2001). The gramm-leach-bliley act, information privacy, and the limits of default rules. Minn. L. Rev., 86, 1219. Jerome, J. W. (2013). Buying and selling privacy: Big data's difference burdens and benefits. Stan. L. Rev., 66, 47. Kang, J. (1997). Information privacy in cyberspace transactions. Stan. L. Rev., 50, 1193. Kang, J., & Buchner, B. (2004). Privacy in Atlantis. Harv. JL & Tech., 18, 229. Kim, T. W., Lee, J., Routledge, B., & Xu, J. (2021). Data and Manure: Are Data Subjects Investors?. Berkeley Bus. LJ, 18, 65. Koskinen, J. S. S., Kainu, V. M. A., & Kimppa, K. K. (2016). The concept of Datenherrschaft of patient information from a Lockean perspective. Journal of Information, Communication and Ethics in Society, 14(1), 70-86. Laudon, K. C. (1996). Markets and privacy. Communications of the ACM, 39(9), 92-104. Lemley, M. A. (1997). Romantic Authorship and the Rhetoric of Property. Texas Law Review, 75, 873. Lemley, M. A. (1998). The modern Lanham Act and the death of common sense. Yale LJ, 108, 1687. Lemley, M. A. (2000). Private Property: A Comment on Professor Samuelson’s Contribution. Stanford Law Review, 52(5), 1545-1557. Lessig, L. (1999). The architecture of privacy. Vand. J. Ent. L. & Prac., 1, 56. Lessig, L. (2002). Privacy as property. Social Research: An International Quarterly, 69(1), 247-269. Lin, M. M. (1996). Conferring a federal property right in genetic material: Stepping into the future with the Genetic Privacy Act. American Journal of Law & Medicine, 22(1), 109-134. Litman, J. (1999). Information privacy/information property. Stan. L. Rev., 52, 1283. Lund, J. (2011). Property Rights to Information. Nw. J. Tech. & Intell. Prop., 10, 1. Mattioli, M. (2017). The data-pooling problem. Berkeley Technology Law Journal, 32(1), 179-236. McClurg, A. J. (2003). A thousand words are worth a picture: A privacy tort response to consumer data profiling. Nw. UL Rev., 98, 63. McMahon, D. J. (2008). The future of privacy in a unified national health information infrastructure. Seton Hall L. Rev., 38, 787. Mell, P. (1996). Seeking shade in a land of perpetual sunlight: privacy as proeprty in the electronic wilderness. Berkely Tech. LJ, 11, 1. Miller Jr, W. W., & O'Rourke, M. A. (2001). Bankruptcy Law v. Privacy Rights: Which Holds the Trump Card. Hous. L. Rev., 38, 777. Miller, K. (2014). Total surveillance, big data, and predictive crime technology: Privacy's perfect storm. J. Tech. L. & Pol'y, 19, 105. Mossoff, A. (2003). What is property-putting the pieces back together. Ariz. L. Rev., 45, 371. Murphy, R. S. (1995). Property Rights in Personal Information: An Economic Defense of Privacy. Geo. LJ, 84, 2381. Narayanan, A., & Shmatikov, V. (2010). Myths and fallacies of" personally identifiable information". Communications of the ACM, 53(6), 24-26. Nehf, J. P. (2005). Incomparability and the passive virtues of ad hoc privacy policy. U. Colo. L. Rev., 76, 1. Netanel, N. W. (2000). Cyberspace self-governance: A skeptical view from liberal democratic theory. Calif. L. Rev., 88, 395. Newman, N. (2014). Search, antitrust, and the economics of the control of user data. Yale J. on Reg., 31, 401. Ohm, P. (2009). Broken promises of privacy: Responding to the surprising failure of anonymization. UCLA l. Rev., 57, 1701. Org. for Econ. Co-Operation & Dev. (OECD) (2013), Exploring the Economics of Personal Data: A Survey of Methodologies for Measuring Monetary Value. OECD Digital Economy Papers, 220, 4. Posner, R. A. (1977). The right of privacy. Ga. L. Rev., 12, 393. Price, W., & Nicholson, I. I. (2017). Risk and resilience in health data infrastructure. Colo. Tech. LJ, 16, 65. Prosser, W. L. (1960). Privacy, Cal. L. Rev., 48(3), 383-423. Purtova, N. (2008). Property in personal data: A European perspective on the instrumentalist theory of propertisation. Eur. J. Legal Stud., 2, 193. Radin, M. J. (1987). Market-inalienability. Harvard law review, 100, 1849-1937. Radin, M. J. (2006). A comment on information propertization and its legal milieu. Clev. St. L. Rev., 54, 23. Rocher, L., Hendrickx, J. M., & De Montjoye, Y. A. (2019). Estimating the success of re-identifications in incomplete datasets using generative models. Nature communications, 10(1), 1-9. Rockandel, K. (2013). A Myriad of Reasons to Celebrate: Why the Invalidation of Isolated DNA Patents Is a Victory for Personal Property Rights. Vt. L. Rev., 38, 225. Rothstein, M. A. (2010). Is deidentification sufficient to protect health privacy in research?. The American Journal of Bioethics, 10(9), 3-11. Samuelson, P. (1999). A New Kind of Privacy-Regulating Uses of Personal Data in the Global Information Economy. Cal. L. Rev., 87, 751. Samuelson, P. (1999). Privacy as intellectual property. Stan. L. Rev., 52, 1125. Scholz, L. H. (2018). Big data is not big oil: the role of analogy in the law of new technologies. Tenn. L. Rev., 86, 863. Schwartz, P. M. (2003). Property, privacy, and personal data. Harv. L. Rev., 117, 2056. Suter, S. M. (2003). Disentangling privacy from property: toward a deeper understanding of genetic privacy. Geo. Wash. L. Rev., 72, 737. Sweeney, L. (2002). Achieving k-anonymity privacy protection using generalization and suppression. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(5), 571-588. Tankard, C. (2016). What the GDPR means for businesses. Network Security, 2016(6), 5-8. Veale, M., Binns, R., & Ausloos, J. (2018). When data protection by design and data subject rights clash. International Data Privacy Law, 8(2), 105-123. Victor, J. M. (2013). The EU general data protection regulation: Toward a property regime for protecting data privacy. Yale LJ, 123, 513. Volokh, E. (1999). Freedom of speech and information privacy: The troubling implications of a right to stop people from speaking about you. Stan. L. Rev., 52, 1049. Warren, S. D., & Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 4, 193. Weeden, J. L. (2006). Genetic liberty, genetic property: protecting genetic information. Ave Maria L. Rev., 4, 611. Yu, P. K. (2018). Data producer's right and the protection of machine-generated data. Tul. L. Rev., 93, 859. Yu, X., & Zhao, Y. (2019). Dualism in data protection: Balancing the right to personal data and the data property right. Computer Law & Security Review, 35(5), 105318. （四）研討會論文 Bauer, C., Korunovska, J., Spiekermann, S. (2012, May 15) On the Value of Information: What Facebook Users are Willing to Pay [Conference Presentation] Proceedings of the 20th European Conference on Information Systems, Barcelona, Spain. https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1196&context=ecis2012. Shapiro, C. & Varian, H. R. (1997, June 8). US Government Information Policy. [Conference presentation] Highlands Forum, Department of Defense, Washington, DC. https://www.researchgate.net/publication/248244291_US_Government_Information_Policy. Westin, A. F. (2007, Oct. 1) How the Public Views Privacy and Health Research, Results of a National Survey Commissioned by the Institute of Medicine Committee on “Health Research and the Privacy of Health Information: The HIPAA Privacy Rule” [Conference presentation]. Institute of Medicine Committee Meeting, https://www.ftc.gov/sites/default/files/documents/public_comments/health-care-delivery-534908-00001/534908-00001.pdf. （五）網路資料 (N.d.). Experian Official Website. https://www.experian.com/consumer-products/identity-theft-and-credit-protection.html Australian Medical Association (2005, July 20). AMA Poll Shows Patients Are Concerned About the Privacy and Security of Their Medical Records. AMA. https://www.ama.com.au/media/ama-poll-shows-patients-are-concerned-about-privacy-and-security-their-medical-records Brewster, T. (2017, Dec. 19). 120 Million American Households Exposed In 'Massive' ConsumerView Database Leak. Forbes. https://www.forbes.com/sites/thomasbrewster/2017/12/19/120m-american-households-exposed-in-massive-consumerview-database-leak/?sh=72dbdffb7961 European Commission (2017, Oct. 1). Commission Staff Working Document on the Free Flow of Data and Emerging Issues of the European Data Economy, SWD(2017) 2 final. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52017SC0002&from=EN Gregorio, G. D. (2022). Digital Constitutionalism in Europe: Reframing Rights and Powers in the Algorithmic Society. Cambridge University Press. https://www.cambridge.org/core/services/aop-cambridge-core/content/view/A3F61C6368D17D953457234B8A59C502/9781316512777AR.pdf/Digital_Constitutionalism_in_Europe.pdf?event-type=FTLA Hern, A. (2017, Aug. 2). Anonymous' Browsing Data Can Be Easily Exposed, Researchers Reveal. The Guardian. https://www.theguardian.com/technology/2017/aug/01/data-browsing-habits-brokers Information Commissioner’s Office (ICO) (2017, Sep. 4). Big Data, Artificial Intelligence, Machine Learning and Data Protection. Version: 2.2. https://ico.org.uk/media/for-organisations/documents/2013559/big-data-ai-ml-and-data-protection.pdf. MacCarthy, M. (2018, Nov. 2). Privacy Is Not A Property Right In Personal Information. Forbes. https://www.forbes.com/sites/washingtonbytes/2018/11/02/privacy-is-not-a-property-right-in-personal-information/?sh=24ea407a280f Oberhaus, D. (2017, Aug. 3) Your 'Anonymous' Browsing Data Isn't Actually Anonymous. VICE. https://www.vice.com/en/article/gygx7y/your-anonymous-browsing-data-isnt-actually-anonymous Patrizio, A. (2015, Nov. 25) Why Your Big Data Needs Good Algorithms. Datamation. https://www.datamation.com/data-center/why-your-big-data-needs-good-algorithms/ Sabin, S. (2019, Feb. 20). Nearly Half of Voters Support California Governor’s ‘Data Dividend’ Plan. Morning Consult. https://morningconsult.com/2019/02/20/nearly-half-of-voters-support-california-governors-data-dividend-plan/ Serwer, A. (2018, Nov. 15) Mark Warner: This will 'send a shiver down the spine' of Facebook, Twitter, and Google. Yahoo Finance. https://finance.yahoo.com/news/mark-warner-will-send-shiver-spine-facebook-twitter-google-161313831.html?guccounter=1&guce_referrer=aHR0cHM6Ly9zdGF0ZXNjb29wLmNvbS8&guce_referrer_sig=AQAAAHAoiOeFyH_MFU8vy49mBtOCNTo3lhEFQZ8zUf-ez8GfTwHGr22dp6s8fmW48dRHqKwlj8JJ7s6UhZu1MmalyWgwURSQStgqiEps6KPV44HlOI_GGGnKm62cJQMJ8s2Am3-oSBpS7wXy9KNQJADQ4qyDOlfGO5jdMfenGUqZNrDu Steel, E., Locke, C., Cadman, E., Freese, B. (2013, June 13) How Much Is Your Personal Data Worth?. Fin. Times. http://www.ft.com/cms/s/2/927ca86e-d29b-11e2-88ed-00144feab7de.html Swant, M. (2019, Oct. 1). Andrew Yang Proposes Digital Data Should Be Treated Like A Property Right. Forbes. https://www.forbes.com/sites/martyswant/2019/10/01/andrew-yang-proposes-digital-data-should-be-treated-like-a-property-right/?sh=1fcad6a83ab7 What is Attribute and Record Suppression. (n.d.). IGI Global. https://www.igi-global.com/dictionary/attribute-and-record-suppression/72012 What Is Infrastructure? Definition and Examples. (n.d.). Market Business News (MBN). https://marketbusinessnews.com/financial-glossary/infrastructure-definition-means/ Working Party Article 29. (2007, June 20). Opinion 4/2007 on the Concept of Personal Data. 01248/07/EN WP 136. https://www.Clinicalstudydatarequest.com/Documents/Privacy-European-guidance.pdf. Working Party Article 29. (2014, Apr. 10). Opinion 05/2014 on Anonymisation Techniques. 0829/14/EN WP216. https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2014/wp216_en.pdf.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88427	-
dc.description.abstract	本文首先聚焦於我國近年來各類政府主導的大型資料庫蒐集案例，歸納出其等多以去識別化為由規避取得個資主體的同意，本文因此分別從去識別化於於定義、技術、定位上的困境討論。首先當前法律定義上內國定義混亂、比較法上因歷史脈絡無法同一比較，且運作上也不足以賦予個人足夠的控制；再者技術層面上也面臨類型化困難、欠缺統一量化標準等困境；最後於定位上，當前GDPR將「匿名化」概念跟其他個資同意、組織、程序保障掛鉤，也愈趨無法解決再識別技術所造成的威脅。為了因應日漸升高的再識別風險，本文認為（1）應限縮當前歐盟GDPR中的「匿名化」概念，使其與其他個資同意、組織、程序保障脫鉤。（2）應將去識別化處理單純理解為資安風控手段，而非影響個資保護規範適用範圍的前提影響因子。（3）應統一目前「去識別化」於法律上及技術定義上的不同。（4）應立法區分不同利用目的、不同資料類型、不同個資主體，以適用不同的同意授權模式。另外，也應使個體就該模式下需面臨再識別風險有更清楚的認知。最後，為了使個人就其個資的控制，無論如何皆不因去識別化處理而喪失，本文從病歷、基因資訊的利用案例出發，探討美國法上「資料財產權」的理論是否得以透過談判交易、市場手段、限制授權、金錢賠補償等方式，增加個人對零碎、去識別個資的控制。結論上，本文認為美國法的資料財產權理論，基於人對財產具有控制的素樸想像，應有助於建立個人在資料關係中持續性的控制，進而有機會在理論上解決前述如何就去識別化資料賦予個人控制的難題。只不過從功能性、實用性角度而言，此一理論可能並非唯一解答，具體仍須仰賴立法解決。	zh_TW
dc.description.abstract	This thesis focuses on the trend of government claiming that there’s no need to obtain consents from data subjects, since the personal data has already gone through de-identification. However, this could cause harm to data subjects. To analyze, this thesis then discusses the three dangers of the over-reliance on de-identification which includes that there’s no single definition on de-identification and anonymization; there’re also difficulties in categorizing, or generalizing different standards on the de-identification techniques; further, there’s no general standard to measure or quantify how high the risk of re-identification is; lastly, present GDPR adopts the concept of anonymous information and uses it to distinguish whether GDPR applies, which makes the regulation itself incapable of dealing with the threat of re-identification. This thesis suggest that: (1) the concept of anonymous information should be disconnected with the application of GDPR, (2) the process of de-identification should be simply taken as a measure to safeguard the information security rather than the distinguisher of whether the information concerned applies to GDPR, (3) a single, generalized standard on the techniques of de-identification should be established, though it may be difficult, (4) different kind of purpose of data utilizations, genres, and data subjects should apply to different de-identification models, and different consent models. In addition, data subject should be clearly informed about the risk of re-identification under different models. Lastly, in order to enhance data subjects’ control over their personal information, not to let this control weaken by the process of de-identification, this thesis refers to the past disputes between ownership and privacy in the cases of medical records and genetic information. Some suggested to use ‘privacy as property’ theory in these cases, which aimed to solve the problems by adopting the concept of information market, negotiation, transaction, monetary compensation, and restraints on PII alienation. In essence, this theory considers the instinct of thinking personal information as one’s property help enhance data subjects’ control over their information. Though there may be some downsides of this theory, it’s a good reference to solve the difficulties of people losing control in the process of de-identification. The theory may not be the only answer to the problem, while it does provide a great insight to the dilemma brought by the big data and the new re-identification techniques. The ultimate solution still has to rely on the legislation.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2023-08-15T16:15:18Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2023-08-15T16:15:18Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	謝詞 I 摘要 III Abstract IV 簡目 V 詳目 VI 第一章緒論 1 第一節問題意識 1 第二節研究範圍 2 第三節研究方法 4 第四節論文架構 4 第二章資訊隱私權的當代困境 6 第一節近期實際案例 6 第一項 ETC案 6 第二項健保資料庫案 10 第三項疫情電信追蹤案 12 第二節大型資料庫對資訊隱私權的挑戰 16 第一項目的外利用風險 16 第二項去識別化的失能 18 第三項小結 19 第三節細論去識別化的挑戰 20 第一項定義上的困境 22 第一款美國法 23 第二款歐盟法 24 第三款我國法 24 第二項技術上的困境 26 第一款再識別風險的質疑 27 第二款去識別化技術與模型 29 第一目去識別化技術 29 第二目去識別化模型 33 第三款小結 36 第三項延伸個資定義困境 41 第四節我國學者見解 43 第五節本文見解 46 第一項限縮解釋「匿名化」概念 46 第二項類型化、細緻化去識別化處理 47 第三項去識別化作為資安保障工具 48 第四項賦權強化控制 49 第三章資料的權利歸屬與性質 54 第一節從病歷資訊爭議思考資訊財產權 54 第一項載體及載體上的資訊 54 第二項可能形成的爭議 56 第三項國內外文獻介紹 57 第四項小結 59 第二節從基因資訊爭議思考資訊財產權 64 第一項 Moore vs. Regents of the University of California案 64 第二項國內外文獻介紹 65 第三項小結 68 第三節隱私於人格權、財產權間的重新爬梳 69 第一項人格權的多面性 70 第二項財產概念的多面性 74 第三項隱私權的權利定位 77 第一款隱私權的特性 78 第二款隱私的經濟利益 78 第四章資料性質理論的比較法觀察 79 第一節先決定義問題 80 第二節近期對資料財產性格之主張 82 第一項美國立法倡議 82 第二項美國立法實踐 84 第三項小結 85 第四項美國學者主張 86 第一款主張資料是財產/適用財產規則者 86 第二款資料財產權的理論依據 94 第三款小結 97 第四款主張資料不是財產/不適用財產規則者 99 第五款小結 103 第五項與歐盟GDPR的比較 104 第六項中國學者主張 106 第一款具體主張 107 第二款小結 110 第七項本節總結 110 第三節資料財產權更細部的區分 111 第一項資料為有體財產權？ 111 第二項資料為無體財產權？ 113 第一款學說介紹 113 第二款「發現」與「創造」，誰取得財產權？ 116 第三項資料為公開權？ 118 第四項其他可能？ 118 第四節本文見解 120 第一項回應對資料財產權理論之批評 120 第二項強化資訊隱私財產權性格的益處 123 第五章結論 125 參考文獻 128	-
dc.language.iso	zh_TW	-
dc.title	個人資料去識別化困境新解—「資料財產權」進路	zh_TW
dc.title	A New Way to Solve the Problems of Personal Data in the Process of De-identification:	en
dc.type	Thesis	-
dc.date.schoolyear	111-2	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	何之行;吳全峰	zh_TW
dc.contributor.oralexamcommittee	Chih-hsing Ho;Chuan-Feng Wu	en
dc.subject.keyword	個人資料,隱私,去識別化,匿名化,財產權,人格權,所有權,	zh_TW
dc.subject.keyword	personal identifiable information,data property right,de-identification,anonymous information,restraints on PII alienation,genetic information,data ownership,	en
dc.relation.page	147	-
dc.identifier.doi	10.6342/NTU202301113	-
dc.rights.note	同意授權(全球公開)	-
dc.date.accepted	2023-06-27	-
dc.contributor.author-college	法律學院	-
dc.contributor.author-dept	法律學系	-
顯示於系所單位：	法律學系

文件中的檔案：

檔案	大小	格式
ntu-111-2.pdf	2.72 MB	Adobe PDF	檢視/開啟

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。