政府機關提高隱私保護信任機制之研究－以金融監理為例 / A study on improving the trust mechanism of privacy protection in government agencies -a case of the financial supervision system

林占山

Unknown Date

個人資料保護係屬隱私權的範疇之一， 現代化政府不斷面臨內外在施政環境變遷的衝擊與挑戰，其中資訊科技的快速發展與廣泛運用，更直接衝擊著政府施政定位、服務範圍、運作模式及治理原則。現代化國家在思考打破施政的常規和舊制，面對資訊公開與行政效率要求下，走向電子化政府的道路，也就成為勢之所趨。但另一方面，資訊革命所帶來對隱私與個人資料保護的衝擊，亦較以往更為強烈而深刻。從許多文獻可得知為何民眾可能不信任政府的原因是多方面的，這些原因與他們個人資料安全、隱私權保護及完整性維護是息息相關連的。在政府努力發展電子化政府以便民眾享受其便利性的同時，如何建構政府機關及政府企業間之個人資料隱私保護電子治理機制及協同作業，以強化我國公共治理指標之政府效能、回應力及課責能力，確保個資的合理流通，並能兼顧隱私保護，提昇整體政府信任度，實為電子化政府對人民基本權利之保障及實踐「隱私保護」之重要課題。 新版《個人資料保護法》已於民國九十九年四月在立法院三讀通過，在新法實施後，將因擴大適用個資法之主體範圍，規範個人資料蒐集與處理程序，加重持有個資業者的保管責任，並調整資料外洩求償上限至二億元，預計將加重企業蒐集與利用個人資料的成本與相關責任。本研究之目的在於探討政府機關如何透過持續隱私保護IT治理框架及系統，設計有效的「行政程序控制」(administrative procedural control)、課責(Accountability)及透明(Transparency)機制進的定期公開與積極散佈。透過個人控制自己資訊應該如何被處理與使用的資訊自我控制（local control）權利，一方面提高了政府的施政透明度及政府課責，另一方面也增強隱私保護及人民信任度；同時並以金融監理體系為例，如何因應新版個資法的衝擊，有效的調整內部資料蒐集與資安控管流程，試圖以銀行業透過監理機制建構雛型，監督管理金融業之營運，以期能提供客戶最佳之服務，有效避免新個資法為金融機構帶來的營運風險，進而建議政府機關隱私保護之IT架構，冀能提供主動積極安全又便利之服務，以贏取國民對政府之信任與向心力。 / Personal data protection is one of the categories in privacy. Modern governments constantly face impacts and challenges of political environment changes internally and externally, which rapid developments and extensive applications of information technologies affect the government policy positioning, service ranges, operation modes, and governance principles directly. Modern countries are always thinking over to break routines and aged systems of administration. Under requirements of facing the information disclosure and the administration efficiency, it has become a potential of the trend towards the road of e-government. However, on the other hand, compares to impacts of privacy and personal data protection which have been brought about by the revolution of information, currently, it becomes more intense and profound than before. Many literatures reveal why civilians may not trust the government for reasons in multiple aspects which is related closely with their personal data security, privacy protection, and integrity maintenance. In the meantime, in order to strengthen our government performances of public governance indicators, responsiveness, and accountability for ensuring a reasonable flow of private data, taking into account of privacy protection, and enhancing the overall trust into government, government is striving to develop e-government for civilians’ ease to enjoy its convenience, and this is truly the important subject for e-government of how to construct e-governance mechanisms of personal data privacy and collaboration operations between government organizations internally and between government vs. business enterprises externally on the protection of civilians’ basic rights and the practice of "privacy protection”. The new version of “Personal Data Protection Act” has been passed after third reading by Legislative Yuan on April, 2010. After taking effective of this new law, due to the applicable main scope enlargement of Personal Data Protection Act, it regulates personal data collections and processing procedures, expends the custodial responsibility to dealers who own the personal data, and adjusts the limitation of penalty up to NTD$200 millions for data leakage, which expects to enlarge the cost and relative responsibilities to enterprises for collecting and using personal data. The object of this analysis is going to explore how government organizations go through IT government frameworks and systems of the consistent privacy protection to design effective “Administrative Procedural Control”, “Accountability”, and “Transparency” mechanisms for proceeding periodic disclosure and positive broadcast. Not only to increase the transparency of government administration and the government accountability, but also to enhance the privacy protection and the trust to civilians, through the right of information “Local Control”, individual controls over self own information which should be dealt with and used. Meanwhile, for example of governance system in financial industry, how to respond to the impact of the new version in Personal Data Protection Act to adjust internal data collections and information security control processes effectively, and try to build up the prototype through governance mechanisms in banking for supervising and managing operations of financial industry. Furthermore attempt providing clients with the best service to avoid operation risks effectively for financial institutions which are caused by the new version of Personal Data Protection Act, and then suggest the IT infrastructure of privacy protection for government organizations. Hope to be able to provide active, positive, safe, and convenient services for winning upon trust and cohesion from civilians to the government.

隱私保護

信任機制

滿意度

課責

透明

privacy protection

trust mechanism

Effectiveness

Accountability

Transparency

建構信任模型探討合作夥伴間資訊分享之意願 / Constructing the model of trust to discuss the will of information sharing between partner relationship

張瓊云

Unknown Date

由於跨組織關係的出現，企業為增加全球競爭力，供應鏈管理已成為非常重要的議題。其所重視的不僅是功能性的連結，亦著重於內部的流通，因此非常注重供應鏈成員間的資訊分享，用以創造長期永久的利潤。而為達到此目的，企業與企業彼此會互相逹成共識，進而相互結盟成為夥伴關係，這樣的夥伴關係是建立於相互信任、共擔風險與利益共享上，因此可藉由夥伴關係的建立，達到相互的信任進而願意資訊分享，如此不但可取得競爭優勢，並可創造出比企業個體更大的事業績效（Lambert et al., 1996）。 由上述得知，供應鏈組織中夥伴關係的建立常會牽涉到信任的形成，並用此來考量是否願意分享資訊。所以本研究針對資訊分享的議題，探討合作夥伴的信任程度對資訊分享的意願兩者是否有影響，藉由此協助企業在實施供應鏈管理上能有較適當的依循。即是希望建構一個信任函數，並經由運算設定此函數的門檻值進而探討資訊分享意願，若合作夥伴達信任門檻值，則彼此是願意資訊分享的；而針對未達門檻值的合作夥伴，可藉由信任函數中最具效益的構面指標，進行最有效的績效改善，提升供應夥伴的品質、服務、交貨速度及成本等等，用以達到信任門檻值，增加合作夥伴間資訊分享的意願。 因此本研究主要目的為建構一信任函數模型，使合作夥伴達到信任門檻，增加資訊分享意願，最終希望能提升整體供應鏈的績效表現。 / Because of Inter-organizational Relationships’ appearance, enterprises are in order to increase the global competitiveness, supplying chain management has already become very important topic. That pays attention to not only functional linking of ones, also focus on internal circulation. Therefore it pays much attention to supplying the information sharing among a member of the chain. And for achieve this purpose, among enterprises reach an agreement to form an alliance and become the partnership. Such a partnership is founded on trust in each other, taking risks together and benefits-sharing. So they can reach mutual trust then would like to carry on information sharing by setting up the partnership. That not only can make the competition advantage, but also can create the performance greater than the individual enterprise （Lambert et al., 1996）. Consequently setting up the partnership regular involves in forming trust in supply chain. So we can use this viewpoint to consider would like to share information or not. Hence the research focuses on information sharing to probe into the relation between the degree of trust in the partnership and the willingness of information sharing.That is that builds and constructs a trust function, and sets up the threshold value via operation and then discusses the willingness of information sharing. If the cooperative partner reaches the value of threshold will willing to share information between each other. And aimed at cooperative partners who can’t reach the value of threshold, they can precede the most effective performance by using the beneficial dimension. Then improve their quality, service, delivery pace and cost, etc., in order to reach the will of information sharing.

信任機制

資訊分享

決策實驗室法

網路程序分析法

模糊理論

Trust Mechanism

Information Sharing

Analytic Network Process

Fuzzy