Due to the advancement of Information Technology in the ”information age”, ”Computer-processed data protection Act” was enacted by the Legislative Yuan in the Republic of China (R.O.C) in 1995. The Act is divided into six chapters (General Provisions, Data Processing by The Government Agency, Data Processing by Non-government Agency, Damages and Other Remedy, Penalties, and Supplementary Provisions), 45 sections in total. ”Computer processed data protection” and ”Computer-Processed Personal Data Protection Law Enforcement Rules” promulgated by the Ministry of Justice constitute the basic norm of data protection in the R.O.C. Since the act has been implemented for almost eight years, some suggestions for improvement have been proposed due to the complexity of the administrative procedure; the obscurity of some statutes; the imbalance of regulation between government agency and non-government agency; and the intrusion of privacy incurred by the increasingly popular electronic business. This paper first discussed the relationship between the right to privacy, ”the right of personality” or ”right to informational self-determination; summarising, then, the main content of ”Computer-processed data protection Act”, and categorising the recent cases with regards to data protection. Finally this paper suggests the measures for further improvement as follows 1. broadening the scope of the application of the Act; 2. intensifying the notice with subject's consent; 3.clarifing the relationship between administrative petition and legation; 4. Establishing the more rigor data protection mechanism.