{"id":110378,"date":"2025-08-06T14:13:35","date_gmt":"2025-08-06T14:13:35","guid":{"rendered":"https:\/\/my.legal500.com\/guides\/?post_type=comparative_guide&#038;p=110378"},"modified":"2025-08-19T11:27:23","modified_gmt":"2025-08-19T11:27:23","slug":"taiwan-tmt","status":"publish","type":"comparative_guide","link":"https:\/\/my.legal500.com\/guides\/chapter\/taiwan-tmt\/","title":{"rendered":"Taiwan: TMT"},"content":{"rendered":"","protected":false},"template":"","class_list":["post-110378","comparative_guide","type-comparative_guide","status-publish","hentry","guides-tmt","jurisdictions-taiwan"],"acf":[],"appp":{"post_list":{"below_title":"<div class=\"guide-author-details\"><span class=\"guide-author\">Lee and Li, Attorneys-at-Law<\/span><span class=\"guide-author-logo\"><img src=\"https:\/\/my.legal500.com\/guides\/wp-content\/uploads\/sites\/1\/2019\/03\/Firm-Logo_Lee-and-Li.jpg\"\/><\/span><\/div>"},"post_detail":{"above_title":"<div class=\"guide-author-details\"><span class=\"guide-author\">Lee and Li, Attorneys-at-Law<\/span><span class=\"guide-author-logo\"><img src=\"https:\/\/my.legal500.com\/guides\/wp-content\/uploads\/sites\/1\/2019\/03\/Firm-Logo_Lee-and-Li.jpg\"\/><\/span><\/div>","below_title":"<span class=\"guide-intro\">This country specific Q&amp;A provides an overview of TMT laws and regulations applicable in Taiwan<\/span><div class=\"guide-content\"><div class=\"filter\">\r\n\r\n\t\t\t\t<input type=\"text\" placeholder=\"Search questions and answers...\" class=\"filter-container__search-field\">\r\n\t\t\t<\/div>\r\n\r\n\t\t\t\r\n\r\n\r\n\t\t\t<ol class=\"custom-counter\">\r\n\r\n\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 How are proprietary rights in software and associated materials protected?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The propriety rights in software are mainly provided under the Copyright Act and the Patent Act.<\/p>\n<p>I. Copyright Act<\/p>\n<p>The Copyright Act of Taiwan follows the principle of &#8220;protection upon creation,&#8221; which means that a work is protected as long as it possesses originality, without the need for registration or recordation. Protection under the Copyright Act arises automatically upon the completion of the work. &#8220;Computer program works&#8221; are among the categories of works protected under the Copyright Act of Taiwan. According to a ruling issued by the Taiwan Intellectual Property Office (<strong>TIPO<\/strong>), any &#8220;combination of instructions, whether directly or indirectly, intended to produce a certain result by means of a computer&#8221; constitutes a &#8220;computer program work&#8221; as defined by the Copyright Act.<\/p>\n<p>Generally, software may include both &#8220;computer programs&#8221;, &#8220;programs descriptions&#8221; and &#8220;supporting documents for computer programs.&#8221; Therefore, program instructions (such as source code) typically fall within the scope of computer program works. Other materials, if referring to &#8220;program descriptions&#8221; (such as flowcharts, program architecture, and explanations of program content created during the design stage before the computer program is written into source code), or &#8220;supporting documents for computer programs&#8221; (such as user manuals and other explanatory documents for computer programs), etc., may be classified as &#8220;literary works&#8221; or &#8220;graphic works.&#8221; However, as long as the requirements for protection are satisfied, all such works are protected by copyright.<\/p>\n<p>II. Patent Act<\/p>\n<p>According to the Patent Act and the Examination Guidelines for Invention Patents Related to Computer Software, computer software is essentially regarded as one form of implementing an algorithm. Where computer software is an essential element of an invention for which a patent is sought, such invention is considered a computer software-related invention patent. In other words, if the relevant computer software comprises specific implementation steps and such steps possess technical character, the invention may constitute a patent-eligible subject matter. Accordingly, individuals or businesses may, in accordance with the Patent Act, apply for invention patent protection for computer software-related inventions that produce concrete technical effects, such as audio-visual outputs, control mechanisms, or human-machine interfaces, developed through their software.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 In the event that software is developed by a software developer, consultant or other party for a customer, who will own the resulting proprietary rights in the newly created software in the absence of any agreed contractual position?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Article 12 of the Copyright Act provides that, where a work is completed by a person under commission, unless otherwise agreed upon, such commissioned person is the author of the work.\u00a0 Unless another agreement is otherwise provided, where a commissioned person is the author of a work, the economic rights to such work shall be owned by the commissioned person.<\/p>\n<p>Likewise, under the Article 8 of the Patent Act, in the case of an employee completing an invention, utility model or design that has no relation with his\/her job duties, the right to apply for the patent and the patent right for such invention shall be vested in the employee.\u00a0 However, if such invention, utility model or design is made through the utilization of the employer&#8217;s resources or experiences, the employer may, after paying the employee a reasonable remuneration, exploit the invention concerned in the enterprise.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 Are there any specific laws that govern the harm \/ liability caused by Software \/ computer systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Currently, there are no laws that specifically address harm or liability caused by software or computer systems. However, the provision of software or computer systems may still be subject to contract terms, consumer protection laws, or general civil laws, as applicable.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 To the extent not covered by (3) above, are there any specific laws that govern the use (or misuse) of software \/ computer systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>According to the Criminal Code of Taiwan, offenses against computer security are punishable acts. Specifically, an individual may be subject to criminal liability if he or she: (1) without legitimate reason, inputs another person\u2019s account password, circumvents computer protection measures, or exploits system vulnerabilities to access into another person\u2019s computer or related equipment; (2) without legitimate reason, obtains, deletes, or alters the electromagnetic records of another person\u2019s computer or related equipment; or (3) without legitimate reason, interferes with another person\u2019s computer or related equipment by means of computer programs or other electromagnetic methods; and is found by the court to have committed a punishable act. Furthermore, producing computer programs for oneself or others to commit any of the aforementioned offenses may also subject the individual to criminal liability.<\/p>\n<p>In July 2025, a court in Taiwan issued a decision concerning the use of web crawler software. In this case, the court found that the defendant\u2019s use of such software constituted the unlawful acquisition of another party\u2019s magnetic records by accessing and extracting specific data from a competitor\u2019s legal database. The court determined that the defendant (i) obtained magnetic records belonging to another entity; (ii) lacked legitimate grounds for this conduct, as it violated the database&#8217;s terms of use; and (iii) impaired the owner&#8217;s ability to use or benefit from those magnetic records. As a result, the court assigned criminal liability to both the company&#8217;s representative and its chairperson.<\/p>\n<p>Although this ruling is not yet final since the defendant has appealed, the potential risks associated with using web crawler software to collect information from other websites have increased significantly. Accordingly, unless the judgment is overturned, it is advisable for relevant businesses to closely monitor further developments in this area and to exercise greater caution when deploying such technology.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (Licence and SaaS) \u2013 Other than as identified elsewhere in this overview, are there any technology-specific laws that govern the provision of software between a software vendor and customer, including any laws that govern the use of cloud technology?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Currently, there are no laws that generally govern the use of cloud technology; however, there are requirements specifically applicable to government agencies or financial institutions.<\/p>\n<p>When government agencies establish or utilize cloud services, they should refer to the &#8220;Reference Guidelines for Information Security in Cloud Services Applications for Government Agencies,&#8221; which include common cybersecurity management planning, IaaS, PaaS, SaaS, and cybersecurity control measures for self-built cloud services, among others. In addition, if a financial institution has its user data processed by a cloud service provider, the requirements set forth in the &#8220;Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operations&#8221; will apply. For example, as a general principle, the storage location of user data related to significant retail financial business information systems should be within Taiwan.<\/p>\n<p>In addition, according to Article 17 of the Consumer Protection Act, each competent authority of the respective industry may promulgate standardized contract clauses, as well as mandatory and prohibited provisions, for specific services. For example, the terms and conditions for online game software and instant messaging software are governed by (i) the Mandatory and Prohibited Provisions of Standardized Contracts for Instant Messaging Software Services and (ii) the Mandatory and Prohibited Provisions of Standardized Contracts for Online Game Services.<\/p>\n<p>These regulations enhance the compliance obligations of business operators regarding information disclosure, billing, account application, management, contract termination, and other matters, thereby providing greater protection for consumers.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Is it typical for a software vendor to cap its maximum financial liability to a customer in a software transaction? If \u2018yes\u2019, what would be considered a market standard level of cap?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Yes. In most software contracts, vendors usually limit their maximum financial liability to the customer. There isn\u2019t a standard level for these liability caps, as they typically depend on the size and specifics of the software transaction. In practice, it is common for the cap to be set at either the total contract value or at a specified percentage or multiple of that value.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Please comment on whether any of the following areas of liability would typically be excluded from any financial cap on the software vendor\u2019s liability to the customer or subject to a separate enhanced cap in a negotiated software transaction (i.e. unlimited liability): (a) confidentiality breaches; (b) data protection breaches; (c) data security breaches (including loss of data); (d) IPR infringement claims; (e) breaches of applicable law; (f) regulatory fines; (g) wilful or deliberate breaches.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The law does not prohibit parties from including liability caps in contracts for any specific areas. However, the validity of such liability cap cause would be reviewed by a court on a case-by-case basis if the dispute being brought to the court.<\/p>\n<p>Based on local practice, a contract\u2019s financial liability cap usually would not cover damages caused by wilful breaches or with gross negligence; or death or personal injury caused intentionally or by negligence. Therefore, theoretically speaking, items (a) to (f) may be subject to liability cap clause agreed by the parties.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Is it normal practice for software source codes to be held in escrow for the benefit of the software licensee? If so, who are the typical escrow providers used? Is an equivalent service offered for cloud-based software?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Yes, there is a growing number of vendors in Taiwan providing software source codes escrow services. These escrow services help ensure that businesses can access the source codes if the software developer ceases operations or discontinues support. This allows companies to modify, update, and maintain their software to ensure business continuity. We have also noticed some providers offering cloud-based software escrow solutions, though this segment of the market is still developing.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Are there any export controls that apply to software transactions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The National Science and Technology Council (<strong>NSTC<\/strong>) established and published the National Core Key Technology Determination Measures on April 26, 2023. Pursuant to these Measures, the Executive Yuan has since issued and updated the List of National Core Key Technologies (<strong>List<\/strong>). On March 31, 2025, ten additional core key technologies were added to the List, including cybersecurity technologies. In particular, Post-Quantum Cryptography Protection Technology (No. 28) and Network Active Defense Technology (No. 29) have been designated as core key technologies.<\/p>\n<p>These core key technologies are subject to export controls. According to Article 8 of the National Security Act, any infringement or violation involving core key technologies constitutes the crime of economic espionage, and offenders may be subject to criminal liability.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">IT Outsourcing \u2013 Other than as identified elsewhere in this questionnaire, are there any specific technology laws that govern IT outsourcing transactions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Currently, there are no laws that specifically govern IT outsourcing transactions.\u00a0 However, there are sectoral regulations regarding IT outsourcing in the financial and medical sectors.<\/p>\n<p>For example, the Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation set forth restrictions on the matters and scope of IT outsourcing by financial institutions. Furthermore, depending on the specific outsourcing arrangement, financial institutions may be required to either (i) report to the competent authority in advance, or (ii) apply to the competent authority for approval.<\/p>\n<p>In addition, the Regulations for the Production and Management of Electronic Medical Records by Medical Institutions specify that IT service providers must meet the information security certification standards. They also outline the requirements that must be included in outsourcing contracts when medical institutions engage external providers to set up and manage electronic medical record systems. Furthermore, if medical institutions use cloud services, they should implement appropriate risk control and oversight measures.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">IT Outsourcing \u2013 Please summarise the principal laws (present or impending), if any, that protect individual staff in the event that the service they perform is transferred to a third party IT outsource provider, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Currently, there are no specific laws that address this matter.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise the principal laws (present or impending), if any, that govern telecommunications networks and\/or services, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Taiwan Congress passed the Telecom Management Act (<strong>TMA<\/strong>) on May 31, 2019 and the TMA has taken effect on July 1, 2020.\u00a0 The TMA changes the mechanism of market participation from &#8220;license mechanism&#8221; to &#8220;voluntary registration&#8221;. \u00a0Unless certain conditions as stipulated under Article 5 of the TMA are met, a business operator that intends to provide telecom services may freely choose whether or not to register it as a telecommunications enterprise with the competent authority, National Communications Commission (<strong>NCC<\/strong>).<\/p>\n<p>Under the TMA, the term &#8220;Telecom Services&#8221; refers to public communications services provided through the public switched telecommunications network (<strong>PSTN<\/strong>). Although the definition is still quite vague, Article 5 of the TMA provides that &#8220;[A]ny entity that provides telecom services and engages in any of the following activities shall be required to register as a telecommunications enterprise with the competent authority: (1) Apply for a NCC&#8217;s ruling in connection with its dispute in terms of interconnection with other telecom operators; (2) Apply for the assignment of a radio frequency outside Article 56; (3) Apply for the assignment of identification code or signal point code for establishing a PSTN; or (4) Apply for the assignment of subscriber numbers.<\/p>\n<p>Furthermore, the Legislative Yuan passed the amendments to the TMA (<strong>TMA Amendments<\/strong>) on June 17, 2025. According to TMA Amendments, (i) service providers engaging in wholesale, by leasing or purchasing telecommunications services bundled with subscriber numbers from other Telecom Operators (who have been allocated subscriber numbers), and resell such services to subscribers in their own names (<strong>Reseller<\/strong>) and (ii) service providers offering internet access services (<strong>IASPs<\/strong>) are required to complete Telecom Operator registrations.<\/p>\n<p>In addition, according to Article 38 of the TMA, to construct a PSTN, a business entity has to first submit an application form and network establishment plan to the NCC for its approval.\u00a0 The aforesaid network establishment plan hall include following matters: (1) the region and schedule planning of the establishment; (2) communications type, network framework and performance that are in compliance with operating plan; (3) the brand, model, functions and quantity of major telecommunications equipment; (4) technical interface and network interface points that will be used for the interconnection with other PSTN or connection with subscribers\u2019 terminal equipment; (5) telecommunications equipment that complies with related authorities\u2019 national security concerns; (6) the info-communications security detection and protection plan for networks; (7) use of the equipment complying with the info-communications security standard announced by the competent authority; and (8) other competent authority designated items that are related to the establishment of network.\u00a0 And if there is any change to the establishment plan, it shall also obtain the NCC\u2019s approval.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise any licensing or authorisation requirements applicable to the provision or receipt of telecommunications services in your country. Please include a brief overview of the relevant licensing or authorisation regime in your response.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Please refer to our advice to question 12.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise the principal laws (present or impending) that govern access to communications data by law enforcement agencies, government bodies, and related organisations. In your response, please outline the scope of these laws, including the types of data that can typically be requested, how these laws are applied in practice (e.g., whether requests are confidential, subject to challenge, etc.), and any legal or procedural safeguards that apply.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Code of Criminal Procedure (<strong>CCP<\/strong>) and the Communication Security and Surveillance Act (<strong>CSSA<\/strong>) empower law enforcement authorities to obtain access to communications data held by private entities for the purpose of investigating and prosecuting crimes.\u00a0 The CCP regulates the detection, prosecution and trial proceedings for criminal offenses, whereas the CSSA regulates the monitoring of real-time communications, obtaining user data, communications records and Internet traffic records for the purpose of (i) criminal investigations and (ii) gathering intelligence on national security threats and interests.<\/p>\n<p>Under the CCP, searches and seizures must be conducted based on probable cause and pursuant to a warrant issued by a competent court. \u00a0\u00a0All natural persons and legal entities located within the territory of Taiwan fall within the jurisdiction of the government\u2019s criminal prosecutorial authority are legally obligated to cooperate during criminal investigation.<\/p>\n<p>All Telecom Operators are obligated to assist in law enforcement agencies for communications surveillance in accordance with Article 14 of the CSSA. In practice, this involves providing data or information in response to lawful warrants or requests from law enforcement agencies in appropriate methods.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Mobile communications and connected technologies \u2013 What are the principle standard setting organisations (SSOs) governing the development of technical standards in relation to mobile communications and newer connected technologies such as digital health or connected and autonomous vehicles?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>In Taiwan, the principle standard setting organisations (<strong>SSOs<\/strong>) governing the development of technical standards for mobile communications and emerging connected technologies generally include the NCC and the Bureau of Standards, Metrology and Inspection (<strong>BSMI<\/strong>) under the Ministry of Economic Affairs.\u00a0 In addition, the MODA sets the relevant standards of cyber security management for critical telecommunications infrastructure; for example, the Technical Specifications for Information and Communication Security Testing of Critical Telecommunications Infrastructure Equipment.<\/p>\n<p>The BSMI is responsible for formulating and enforcing national standards (<strong>CNS<\/strong>) for electronic and information technology products that are not regulated by the NCC. Meanwhile, the NCC establishes the regulations on telecommunications-controlled radio frequency equipment, as well as various technical specifications for PSTNs and base station installations (such as the Technical Specifications for Public Telecommunications Network Base Station Approval). When developing relevant standards, Taiwanese regulators typically refer to international standards set by organizations such as 3GPP, IEEE, ISO or NIST.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Mobile communications and connected technologies \u2013 How do technical standards facilitating interoperability between connected devices impact the development of connected technologies?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>As 5G technology continues to advance, 5G Mobile Broadband Dedicated Telecommunications Networks (<strong>Mobile Broadband Dedicated Networks<\/strong>) are expected to play a key role in supporting applications like the Internet of Things (IoT), big data, and artificial intelligence. These networks offer more flexible and customized communication solutions for specific environments, delivering improved reliability and performance.\u00a0 To support this development, Taiwan has allocated the 4.8\u20134.9 GHz frequency band for Mobile Broadband Dedicated Networks. In June 2023, the MODA introduced the &#8220;Regulations Governing the Establishment and Use of Mobile Broadband Dedicated Telecommunications Networks&#8221; (<strong>Mobile Broadband Dedicated Network Regulations<\/strong>). Under these regulations, businesses can apply for the frequencies to build and operate their own dedicated 5G networks for internal use.<\/p>\n<p>According to local news reports, as of October 2024, a total of 121 applications have been approved, with more than 50 networks already built and officially licensed. Most of these networks are being used for smart factory applications.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 Please summarise the principal laws (present or impending), if any, that govern data protection, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The main statute governing personal data protection in Taiwan is the Personal Data Protection Act (<strong>PDPA<\/strong>). The Enforcement Rules of the PDPA (<strong>PDPA Enforcement Rules<\/strong>) provide further guidelines on the interpretation and implementation of the PDPA.\u00a0 There are also rulings and regulations issued by relevant authorities, in particular the sectoral rules on the security maintenance plans stipulated by the regulator of different industries (the &#8220;<strong>PDPA Sectoral Rules<\/strong>&#8220;)<\/p>\n<p>It is worth noting that, as part of the effort to establish an independent supervisory mechanism for the protection of personal data, the Executive Yuan (Taiwan\u2019s Cabinet) is in the process of establishing the PDPC as the competent authority under the PDPA.\u00a0 The PDPC will be responsible for safeguarding information privacy rights and promoting the reasonable and lawful use of personal data.\u00a0 The PDPC is scheduled to be formally established prior to August 2025.\u00a0 In the interim, the preparatory office of the PDPC serves as the authority currently responsible for interpreting the PDPA.\u00a0 The preparatory office of the PDPC has also proposed draft amendments to the PDPA, aiming to strengthen the regulation of personal data.<\/p>\n<p>As a general principle under the PDPA, all personal data must be used only for the specified purposes regardless of the legal basis on which the personal data was collected, unless there is a valid legal basis.\u00a0 Furthermore, when receiving personal data directly from a data subject, a data controller is required to notify the data subject of the designated information.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable data protection laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>According to Article 48 of the PDPA, competent authorities may impose an administrative fine ranging from NT$150,000 to NT$15 million if a non-government agency fails to implement proper safety measures to prevent data breaches, or if it violates the PDPA Sectoral Rules and the violations are considered serious.\u00a0 For less serious violations, authorities may impose a fine between NT$20,000 and NT$2 million. However, if the agency fails to correct the issue within the specified time limit, a higher fine of NT$150,000 to NT$15 million may then be imposed.<\/p>\n<p>Please note that these administrative fines can be imposed repeatedly until the violation is rectified. Both the non-government agency and its statutory representative may be fined the same amount.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 Do technology contracts in your country typically refer to external data protection regimes, e.g. EU GDPR or CCPA, even where the contract has no clear international element?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Foreign regulations such as the EU GDPR or the CCPA do not have direct applicability in Taiwan. While the framework of the PDPA shares certain similarities with the privacy legislation of the EU and other foreign jurisdictions, the PDPA is not identical to the GDPR.<\/p>\n<p>Parties to technology contracts in Taiwan are not required to comply with foreign data protection regimes, but may choose to do so if either party falls under the jurisdiction of foreign data protection laws or if higher corporate internal control standards are in place.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Cybersecurity \u2013 Please summarise the principal laws (present or impending), if any, that govern cybersecurity (to the extent they differ from those governing data protection), including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Cybersecurity Management Act (<strong>CMA<\/strong>) is the primary legislation governing cybersecurity in Taiwan. Nonetheless, the CMA only applies to government agencies and specific non-government agencies (i.e., critical infrastructure providers (<strong>CI Providers<\/strong>), state-owned businesses, and government-sponsored foundations). Currently, except for specific legal requirements applicable to organizations in specific sectors (e.g., financial services or telecommunications), there are no cybersecurity requirements generally applicable to all non-government entities.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Cybersecurity \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable cybersecurity laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>According to Article 21 of the CMA, the competent authorities may impose an administrative fine ranging from NT$300,000 to NT$5 million on a specific non-government agency for failing to report cybersecurity incidents pursuant to the Regulations on the Notification and Response of Cybersecurity Incidents. If such failure is not corrected within the specified time limit, such administrative fines may be imposed repeatedly until the failure is rectified.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Which body(ies), if any, is\/are responsible for the regulation of artificial intelligence?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Currently, there are no mandatory AI-specific laws or regulations in force in Taiwan. However, since 2023, the Executive Yuan has been considering introducing a draft AI Basic Act for review and potential enactment by the Legislative Yuan.\u00a0 Recently, the MODA has been tasked with finalizing the AI Basic Act bill. MODA now faces the challenge of deciding whether and how to build on previous efforts by other government agencies and how to coordinate with them to complete the draft.<\/p>\n<p>At this stage, it is difficult to predict the specific content or timeline for any new legislation, but this is an area that warrants close attention.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Please summarise the principal laws (present or impending), if any, that govern the deployment and use of artificial intelligence, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>As advised, there are currently no mandatory AI-specific laws or regulations in force in Taiwan.<\/p>\n<p>However, even before the introduction of the draft AI Basic Act, Taiwan has addressed AI-related concerns by including relevant provisions in existing laws.\u00a0 For example, the Fraud Prevention Act contains specific rules regarding the misuse of AI in fraudulent activities. Notably, it requires online advertising platforms to disclose when deepfake or AI technologies are used to generate personal images in advertisements.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Are there any specific legal provisions (present or impending) in respect of the deployment and use of Large Language Models and\/or generative AI (including agentic AI)?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>As advised, there are no mandatory AI-specific laws or regulations in force in Taiwan.<\/p>\n<p>However, when deploying and using Large Language Models and\/or generative AI, it is important to consider the protections afforded by the Copyright Act with respect to copyrights. Taiwan Intellectual Property Office (TIPO) has issued several rulings concerning generative AI. For instance, one such ruling clarifies that copyright holders may authorize the use of their works for AI training purposes through contractual agreements. Nevertheless, operators of Large Language Models and\/or generative AI should exercise caution and avoid using others works without proper authorization (such as reproducing copyrighted works), as such actions may potentially constitute copyright infringement under the Copyright Act.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Do technology contracts in your jurisdiction typically contain either mandatory (e.g. mandated by statute) or recommended provisions dealing with AI risk? If so, what issues or risks need to be addressed or considered in such provisions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>At present, there are no specific legal restrictions on AI applications in Taiwan. Consequently, the parties of technology contracts may freely negotiate terms in terms of AI risks or AI usage.<\/p>\n<p>However, on June 20, 2024, the Financial Supervisory Commission (<strong>FSC<\/strong>) released the \u201cGuidelines on the Use of Artificial Intelligence by Financial Institutions.\u201d According to these guidelines, the FSC urges financial institutions to respect the rights of customers to make choices and must provide suitable disclosure of information when utilizing AI systems to deliver financial services to clients. Furthermore, in situations where financial services are rendered through AI systems that are created or managed by third-party vendors, financial institutions are required to implement proper risk management and oversight of these third parties. While these guidelines do not possess legal enforceability, certain financial institutions might choose to reference them as terms within contracts.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Do software or technology contracts in your jurisdiction typically contain provisions regarding the application or treatment of copyright or other intellectual property rights, or the ownership of outputs in the context of the use of AI systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Again, the parties of technology contracts may freely negotiate terms in terms of AI risks or AI usage. However, it is observed that software and technology contracts will increasingly include terms related to intellectual property rights. Typically, one party may want to include provisions to ensure that users only use AI services with authorized data and do not use AI for illegal purposes or to generate illegal content, among other requirements.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Blockchain \u2013 What are the principal laws (present or impending), if any, that govern (i) blockchain specifically (if any) and (ii) digital assets, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are no laws that govern blockchain specifically.\u00a0 The FSC is the competent authority for Virtual Asset Service Providers (<strong>VASPs<\/strong>) in Taiwan. In recent years, the FSC&#8217;s regulatory scope has gradually expanded from anti-money laundering to the protection of user rights. And, the FSC has published the draft Virtual Asset Service Act in March 2025 for public comments, aiming to expand and strengthen the supervision and law enforcements on VASPs.<\/p>\n<p>Currently, under the authorization of Article 6 of the AML ACT, the FSC promulgated the (i) &#8220;Regulations on the Registration of Money Laundering Prevention for Virtual Asset Service Providers&#8221; (<strong>VASP Registration Regulations<\/strong>); and the (ii) amendment to the Regulations Governing Anti-Money Laundering and Countering the Financing of Terrorism for Enterprises or Persons Providing Virtual Asset Services (<strong>VASP AML\/CFT Regulations<\/strong>) in November, 2024.<\/p>\n<p>The VASP Registration Regulations set forth the specific qualifications, requirements, and procedures necessary for the registration of VASPs, as well as compliance obligations for VASPs engaging in various types of virtual asset services. Generally, a VASP shall not engage in virtual asset services in Taiwan without completing the VASP registration. Furthermore, the amendment to the VASP AML\/CFT Regulations impose certain obligations on registered VASPs, such as the establishment of an internal control and audit system and the submission of an annual risk assessment report.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Search Engines and Marketplaces \u2013 Please summarise the principal laws (present or impending), if any, that govern search engines and marketplaces, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are currently no specific laws that apply exclusively to search engines and marketplaces.\u00a0 However, the Fair Trade Commission (<strong>FTC<\/strong>) has previously determined that using a competitor&#8217;s company name or trademark as a keyword in online advertisements, or displaying a competitor&#8217;s business name or trademark alongside such advertisements, may violate Article 25 of the Fair Trade Act.\u00a0 Additionally, according to a decision of FTC in 2022, marketplace (or e-commerce) operators using Search Engine Optimization (SEO) techniques to improperly display specific brand names in search engine results in a way that could mislead consumers into believing that the stores are selling those branded products, with the intent of increasing traffic to their own websites may also be considered a violation of Fair Trade Act.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Social Media \u2013 Please summarise the principal laws (present or impending), if any, that govern social media and online platforms, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are currently no laws that apply exclusively to social media. However, online platform providers must comply with various content moderation laws that govern Internet content.<\/p>\n<p>The general regulations governing content accessible to children (defined as individuals under 12 years old) and youth (defined as individuals under 18 years old) via the Internet are stipulated in Article 46-1 of the Children Protection Act. According to this provision, it is prohibited for any person to: (1) distribute or transmit any material that may be detrimental to the physical or mental health of children or youth (<strong>Harmful Content<\/strong>); or (2) permit children or youth to access or view any Harmful Content without implementing appropriate protective measures.<\/p>\n<p>Furthermore, pursuant to Article 46 of the Children Protection Act, online platform providers are obligated to adopt protective measures (such as implementing an age rating system) to prevent children and youth from accessing or viewing Harmful Content. \u00a0Upon notification by regulators, online platform providers are required to remove or restrict access to harmful content.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Social Media \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable online safety laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Any person who violates Article 46-1 of the Children Protection Act may be imposed with an administrative fine ranging from NT$100,000 to NT$500,000 and be ordered to rectify the violation within a designated period, and the violator&#8217;s name may be published. In the event of failure to rectify the violation by the given deadline, the fine may be imposed consecutively until the violation is rectified. For a material violation, the violator may be ordered to suspend operations for a period of between one month and one year (Article 94 of the Children Protection Act).<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Spatial Computing \u2013 Please summarise the principal laws (present or impending), if any, that govern spatial computing, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are currently no laws that apply exclusively to spatial computing.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Quantum Computing \u2013 Please summarise the principal laws (present or impending), if any, that govern quantum computing and\/or issues around quantum cryptography, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are currently no laws that apply exclusively to quantum computing.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Datacentres \u2013 Does your jurisdiction have any specific regulations that apply to data centres?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are currently no specific laws that apply exclusively to data centres.<\/p>\n<p>Data centre operators typically do not need to apply for telecommunications resources or establish their own telecommunications networks. Instead, data centres rely on the network connectivity provided by existing Telecom Operators. In view of this, the data centres are unlikely be subject to telecom licensing requirements as long as the data centre operators (i) does not establish or control a PSTN or DTN within Taiwan; and (ii) does not apply with the MODA for allocation of telecommunications resources.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">General \u2013 What are your top 3 predictions for significant developments in technology law in the next 3 years?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>We believe that over the next three years, significant developments are likely to occur in Taiwan\u2019s technology law in the following three areas:<\/p>\n<p><strong>1. Satellite Communications:<\/strong><\/p>\n<p>To encourage foreign satellite service providers to enter the Taiwan market, the MODA released frequency bands for satellite communications services and began accepting applications for frequency allocation for fixed satellite services (<strong>FSS<\/strong>) in November 2022. Specifically, the MODA published the &#8220;Matters Concerning Applications by Telecommunications Enterprises for the Assignment of Radio Frequency for Satellite Service (<strong>Allocation Regulations)<\/strong>, which outlines the procedures, qualifications, and restrictions for applicants and users. Furthermore, the MODA also released frequencies for mobile satellite services (<strong>MSS<\/strong>) by amending the radio frequency supply plan in February 2025 and updating the Allocation Regulations in June 2025.<\/p>\n<p>As a result, we can expect more FSS and MSS providers to enter the Taiwan market and offer a wider range of services.<\/p>\n<p><strong>2. Tightened Regulations on Telecom Resellers and IASPs<\/strong><\/p>\n<p>To strengthen anti-fraud measures in Taiwan\u2019s telecommunications sector and expand the regulatory scope over Telecom Operators, the Legislative Yuan passed the amendments to the TMA (TMA Amendments) on June 17, 2025. According to TMA Amendments, (i) service providers engaging in wholesale, by leasing or purchasing telecommunications services bundled with subscriber numbers from other Telecom Operators (who have been allocated subscriber numbers), and resell such services to subscribers in their own names (<strong>Reseller<\/strong>) and (ii) service providers offering internet access services (<strong>IASPs<\/strong>) are required to complete Telecom Operator registrations.\u00a0For IASPs, the competent authority may implement a tiered management system, taking into account telecommunications service revenue, number of subscribers, and other factors.<\/p>\n<p>After the TMA took effect on July 1, 2020, certain Resellers that were not allocated frequencies or subscriber numbers (i.e., type-two telecommunications operators under the old Telecommunications Act) were de-regulated. Thereafter, to deter telecommunications fraud, the NCC announced the Regulations Governing the Use of Subscriber Numbers on Telecom Operators (<strong>Number Regulations<\/strong>) on April 26, 2024, under which the Resellers must register as Telecom Operators in order to obtain subscriber numbers and fulfil the KYC and risk management obligations.<\/p>\n<p>The TMA Amendments further expand the regulatory scope and strengthens the obligations for Resellers and IASPs. Resellers and IASPs are required to complete the Telecom Operator registration within one year from the effective date of the TMA Amendments.<\/p>\n<p><strong>3. Anti-fraud laws<\/strong><\/p>\n<p>To prevent and deter fraud, the Fraud Prevention Act (<strong>FPA<\/strong>) passed the third reading at the Legislative Yuan on July 12, 2024.\u00a0 The FPA aims to prevent and combat fraud crimes committed through inappropriate use of finance, telecom and Internet, and thus sets forth obligations on the following persons\/entities: (a) financial institutions, (b) businesses or personnel providing virtual asset services, (c) Telecom Operators, (d) online advertisement platform providers, (e) third-party payment service providers, (f) e-commerce companies, and (g) online gaming operators<\/p>\n<p>According to the FPA, financial institutions and VASPs should enhance customer due diligence, strengthen control mechanisms and collaborate with judicial police agencies on establishing a joint prevention and reporting mechanism. In addition, Telecom Operators should implement a real-name certification system for subscribers, cooperate with competent authorities or judicial police agencies to restrict or cease the provision of services to subscribers, and strengthen the identity and exit\/entry record verification mechanism for international roaming services.<\/p>\n<p>Particularly, the FPA strengthens the supervision of digital economic industries. A designated online advertising platform provider without a local office, residence, or branch must designate a local legal representative. Said online advertising platform providers should verify the identities of advertisers and sponsors, disclose the information on the publishers, and cooperate with the competent authorities or the judicial police agencies on take-down request or other anti-fraud measures. Third-party payment service providers should also strengthen customer due diligence, implement control measures, and retain relevant information and transaction records. E-commerce and online gaming operators should take reasonable measures to prevent the abuse of their services for fraudulent purposes, and cooperate with the notifications of judicial police agencies or the competent authorities of the target business to suspend provision of services to subscribers.<\/p>\n<p>Violation of such obligations would incur consecutive fines, and the competent authorities may further impose internet traffic control measures domain name seizure or access restriction.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">General \u2013 Do technology contracts in your country commonly include provisions to address sustainability \/ net-zero obligations or similar environmental commitments?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>We believe that including sustainability, net-zero obligations, or environmental commitments in technology contracts is not yet common in the local market. However, some local technology product suppliers may agree to such commitments in their contracts to meet the sustainability requirements of foreign clients, following international practices. We expect this trend may gradually become more widespread in the future.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\r\n<div class=\"word-count-hidden\" style=\"display:none;\">Estimated word count: <span class=\"word-count\">6346<\/span><\/div>\r\n\r\n\t\t\t<\/ol>\r\n\r\n<script type=\"text\/javascript\" src=\"\/wp-content\/themes\/twentyseventeen\/src\/jquery\/components\/filter-guides.js\" async><\/script><\/div>"}},"_links":{"self":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/comparative_guide\/110378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/comparative_guide"}],"about":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/types\/comparative_guide"}],"wp:attachment":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/media?parent=110378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}