高普及之行動裝置,其所搭載應用程式,乃現代人生活中不可或缺,然而應用程式常利用民眾「不經意」的同意,而蒐集使用者個人資料,應用程式業者為行銷目的之客製化服務,搭配上大數據技術蓬勃發展,縱使是片段的資料皆可能透過大量資料比對、分析出識別性,使得隱私危害可能更加嚴重。本文首先從應用程式之產業面切入,了解該產業之生態,才能具以發現實務運作之問題所在,亦即業者蒐集目的與告知使用者隱私保護,究應以如何之模式始能讓當事人確實知悉而為同意,並以我國近期關於應用程式侵害使用者個人資料之判決-M+Messenger案為例探討,反思我國社會對於隱私之價值與態度,與我國個人資料保護法保護資訊隱私權與資料合理利用之立法目的是否相符;接著藉由比較法分析,以美國Carrier IQ案對照前述判決,關於政策與規範模式對於判決之影響,再分別就以市場機制為主之美國,與以全面性立法管制之歐盟,二者間不同規範模式利弊,以及各自關於應用程式隱私保護相關規範、意見書之研究,尋求得以借鏡之處;了解具體保護作法,仍應回歸原則之探討,亦即蒐集者應遵守特定目的原則,被蒐集者則應受到告知同意原則保護,套用於應用程式隱私保護之呈現,以上從社會、產業、法律規範為全面性討論後,適用於該原則中,權衡使用者隱私保護與市場創新,並研擬因應對策與解決之道。
The rapid evolution of information technologies creates the era of internet, but privacy is also at risk of the innovation technologies. Therefore, the purpose of this thesis is to discover the balance between innovation and privacy protection. Particularly, the violation of privacy in applications (apps) on mobile devices, because of high penetration of mobile devices combined with the operation of apps. This combination makes our life become more convenient, but numerous personal data are collected. The prevalence of big data technology also causes worse invasion of privacy. Accordingly, the key point to protect privacy is “informed consent principle”. However, this principle on apps has difficulties being enforced. Specifically, the presentation of “privacy policy (terms)” causes consumers hard to understand, or just skip the terms and accept the policy. This “non-real” agreement is worth further studying. So this thesis will identify the relevant judgments in Taiwan (M+Messenger case) and USA (Carrier IQ case) in order to understand current conclusion of trial, and compare the regulations of United States of America (USA), the European Union (EU) and Personal Information Protection Act of Taiwan. Finally, this study will investigate the adequacy of legal protection, and examine whether legal protection is satisfied or whether the need for market self – regulatory can protect personal data.