鑑於電腦與網路的普及與運用,大量「個人資料」愈發容易為公、私部門所蒐集及使用;資訊技術的發展,致使大量資料得於傳輸瞬間內跨國境流通,更加劇個人隱私遭受侵害的危險。立法院於2010年4月27日修正通過電腦處理個人資料保護法,更名為個人資料保護法,並於2010年5月26日公布,進一步擴大適用主體之範圍,增加蒐集、處理或利用個資之義務,並提高罰則。 個資法的通過與施行,代表政府對個人資料及隱私權的尊重,個資法在個資保護方面雖更加周全,但社會大眾對個資法所規定之「個人資料」及其保護範圍之界定,未能充分理解。本文藉由參酌歐盟、美國、德國、日本個資法之立法方式,及相關蒐集、處理或利用要件,探討我國個資法之規範定義、要件及施行成效;並藉由美國、加拿大之個資案例分析,提供我國個資法修正及實務上更臻完善之新方向。
Nowadays, a large amount of personal information, are gathered, acquired and used by government or even enterprises due to the popularity of computer and internet. Furthermore, as a result of a large amount of personal information being silently transmitted to foreign countries in a moment owing to recent development of information technology, the risk of violation of personal privacy is increased rapidly. The Legislative Yuan in Taiwan passed an amendment to the Computer-Processed Personal Data Protection Act on April 27, 2010. The revised Act is entitled the Personal Data Protection Act on May 26, 2010. The enactment of the Personal Information Prostection Act demonstrated a willingness of the government to show the respect for the right to privacy of all individuals regading their personal data. The Act creates a consent-based regime for the collection, use and disclosure of personal information. Analysis proceeds in three parts. First, it considers the interaction among the similar provisions in European Communities, United States, Canada, German and Japanese personal data protection Act and opinions of the scholars. Also analysis the U.S. and Canada’s Cases. Secondly, Personal Data Protection Act is more comprehensive in personal data protection, but the Act needs to be promoted and that require broad protections of information privacy. Finally, it tries to offer a new ideal for Personal Data Protection Act.