Global ETD Search

1	An information processing model and a set of risk identification methods for privacy impact assessment in an international context / 国際的な文脈におけるプライバシー影響評価のための情報取扱モデル及び一連のリスク特定手法 Kuroda, Yuki 25 September 2023 (has links) 京都大学 / 新制・課程博士 / 博士(情報学) / 甲第24935号 / 情博第846号 / 新制\|\|情\|\|142(附属図書館) / 京都大学大学院情報学研究科社会情報学専攻 / (主査)教授黒田知宏, 教授矢守克也, 教授曽我部真裕 / 学位規則第4条第1項該当 / Doctor of Informatics / Kyoto University / DGAM Privacy Impact Assessment Risk identification Data mapping Privacy Personal Information Protection 007
2	求職者個人資訊保障之研究 / A Study on the Protection of Job Applicants’ Informational Privacy 詹岱蓉, Jan, Day Rong Unknown Date (has links) 雇主在招募過程中，為了提高企業的生產力或行政組織的效率，防免契約、侵權責任的發生，必須謹慎挑選人才，因此通常會以詢問或檢測（如人格測驗）盡量蒐集與求職者相關的資訊，來遴選合適員工。但是，雇主得要求應徵者揭露多少資訊？求職者在雇主的要求下，為了提高獲聘的機會，是否只能拋棄個人的隱私利益？這些疑惑均值得思考，從中也顯現出了雇主與求職者間利益衝突的問題。關於求職者個人資訊的保障，我國目前的基本規範為「個人資料保護法（簡稱個資法）」及「就業服務法（簡稱就服法）第5條第2項第2款」。雇主如欲蒐集求職者的個資，除必須符合個資法的特定條款外，假若涉及隱私資訊，尚須通過就服法第5條第2項第2款「就業所需」的檢驗。在這看似簡明的基本架構中，事實上存有許多令人困惑的地方，以個資法特定條款的蒐集事由為例，如：「執行法定職務必要範圍內」的意涵具體所指為何；「與當事人有類似契約之關係」是否包含雇主可請求當事人以外的第三人（如：前雇主）協助為履歷調查；以及「經當事人同意」在勞動關係不對等時其有效性的爭議等。而就服法第5條第2項第2款最讓人頭痛之處則為應如何詮釋「就業所需」。是以，我們須要更多的實務及學說見解來填充個資法與就服法勾勒出的雇主與求職者間利益權衡框架。本文將先探討雇主通常是基於什麼考量而對求職者為哪些詢問及檢測；而應徵者面對這些詢問及檢測往往會有什麼憂慮。接著借鏡美國法制，剖析我國針對求職者個人資訊保障的判準，並關注在個資法修正與就服法第5條第2項第2款增訂後，過往的實務見解是否依舊恰當或有所革新。最後比較美國與我國法制的異同，提出檢討與建議，期望能在保障求職者個資的同時，也兼顧到雇主的利益。 / In the hiring process, employers need to select workers cautiously in order to improve the productivity and efficiency of their enterprises, and to avoid the potential liability caused by reckless employees. To screen out the best possible candidate for a particular job, employers usually wish to gather as much information about job applicants as possible by making oral or written inquiries, or conducting different kinds of employment tests (such as personality tests). However, what kind of information can employers legally require job applicants to disclose? Do job applicants have no choice but to relinquish their personal privacy if they want to be employed? To answer these questions, we need to carefully balance the competing interests between employers and job applicants. In Taiwan, “Personal Information Protection Act (PIPA)” and “Employment Service Act (ESA) §5II②” form the basic framework of protecting job applicants’ informational privacy. Employers need to obey specific provisions of the PIPA before they can collect job applicants’ information; and if private information is to be collected, employers should further confirm their collecting actions meet the “job-related” requirement specified by §5II② of the ESA. This legal framework seems simple and clear, but there are many questions remain to be answered. For example, what is the exact scope of the term “within the scope of job functions provided by laws and regulations” of the PIPA? Does the condition “quasi-contractual relationship between the Parties” specified in PIPA allow employers to contact third parties (such as job applicants’ former employers) and conduct a reference check? Further, since there is a serious power-imbalanced problem in the employment relationship, can we truly expect the job applicants to offer a free and valid consent when they are requested to provide their personal information? Last but not the least, what is the precise meaning of the term “job-related” of §5II② of the ESA? More studies and court judgments are needed to delineate the boundaries between what employers are entitled to know and what job applicants should be able to keep private. This thesis begins with analyzing why employers need/hope to gather information about job applicants and what screening tools they prefer to use. It then discusses job applicants’ concerns when they face employers’ inquiries or employment tests. By comparing relevant U.S. legislation and judicial decisions regarding the protection of job applicants’ informational privacy, this thesis examines the standards used in Taiwan’s case-law when balancing employers’ and job applicants’ interests. Special attentions are paid to the issue whether these standards are still appropriate or should be updated in light of the latest amendments to the PIPA and ESA. Finally, through concrete cases, this thesis tries to provide practical recommendations on how we can better protect job applicants’ privacy while respecting employers’ legitimate interests in knowing their future employees. 求職者隱私權資訊隱私權就業所需個資法反歧視法 job applicant privacy informational privacy job-related personal information protection act anti-discrimination law
3	Logování průchozích dat v routerech / Logging of Transmitted Data in Routers Kislinger, Pavel January 2007 (has links) Transmitted data logging in routers is the main point of this semestral project. The suggestion of a system for data flows logging in routers and selection of suitable technology, that is used by implementation of the system within this thesis, is based on this analysis. In the thesis, a law responsibility of router administrator for transmitting data is analysed. In the next part, a general introduction to issue of data logging in computer networks including basic description of protocols and fundamentals of standard communication models is presented. Analysis of real enviroment is following. Suggestion and implementation of the system is described too. In the last part a reached results of this thesis are revealed.
4	The challenge of industry challenges : the uneasy encounter between privacy protection and commercial expression Miller, Danielle 09 1900 (has links) En s’inspirant de l’exemple des défis corporatifs, c’est-à-dire, des initiatives déployées par les sociétés pour rendre le marché de l’emploi plus accessible aux membres de groupes perçus comme marginalisés, ce mémoire cherche à analyser le conflit qui pourrait surgir au Québec entre le droit à la vie privé, protégé notamment par la Loi sur la protection des renseignements personnels dans le secteur privé et la Loi sur la protection des renseignements personnels et des documents électroniques et le besoin croissant de l’entreprise d’utiliser les données privées de leurs employés pour vendre leurs biens et services. Dans un premier temps, ce mémoire effectue un survol des régimes de protection de la vie privée des pays qui ont le plus influencé le droit québécois et canadien soit l’Europe, les États-Unis et le Royaume Uni en soulignant leur influence sur le régime en vigueur au Québec. Dans un second temps, il soulève les entraves que posent la LPRPS et la LPRPDE à la participation de l’entreprise aux défis corporatifs. Dans un troisième temps, il explore des pistes possibles à la fois interprétatives, législatives et contentieuses afin de rendre ces lois plus accommodantes aux besoins de l’entreprise. / This essay uses the example of Industry Challenges - a technique deployed by companies to promote the hiring and advancement of certain members of society - to explore a conflict that could arise in Quebec between the individual’s right to privacy as protected by An Act Respecting the Protection of Personal Information In the Private Sector and the Personal Information Protection and Electronic Documents Act , and that of an organisation to use personal information relating to its workforce to market itself. It briefly reviews privacy protection in jurisdictions with the greatest legal influence on Quebec and Canada: the European Union, the United States and the United Kingdom (Chapter 2). It demonstrates how a blend of these influences is reflected in the Quebec and Canadian approaches to privacy and how existing privacy legislation might prevent a company from effectively and efficiently responding to Industry Challenges (Chapter 3). Finally, the last two chapters respectively explore the interpretive and legislative amendments that could be made to PPIPS and PIPEDA to enable companies to respond to Industry Challenges (Chapter 4) as well as the possible legal action a company could take on the ground that Quebec’s privacy legislation violates its right to express itself commercially under s. 2(b) of the Canadian Charter of Rights and Freedoms (Chapter 5). Militantisme du consommateur; Défis corporatifs Expression commerciale Quebec Vie privée Canadian Charter of Rights and Freedoms Commercial Expression Consumer Activism Industry Challenge(s) Privacy Quebec
5	論偵查機關調閱銀行私人帳戶資料之合法性─與美國作比較 / The Legality on Our Law Enforcement's Access to Private Banking Account–In Comparison with the United States 張君寧, Chang, Chun Ning Unknown Date (has links) 長久以來，我國在偵辦民刑事案件時，調閱相關人等之銀行帳戶資料通常是必要作法之一，表面上看來行之有年、理所當然，但深究後卻發現未臻完善、有待改進，其中尤以正當合法性及與個人隱私權之衝突最具爭議。調閱銀行帳戶資料固然是快速有效偵查案情的方式之一，但若無合理的法律依據、明確的施行方針、完善的配套措施及必要的懲處規定，將易流於擴權濫用，不僅違背法理，亦侵害當事人之隱私權，影響甚鉅，而當今我國文獻中卻較缺乏關於此方面之探討，殊為可惜。因此，目前我國偵查機關調閱銀行帳戶資料之法律依據為何？與其他法律是否有矛盾衝突之處？實務上如何施行？有哪些配套措施？未來有何改進之道？若公務機關違法濫權有何懲罰機制？如何適當修改現有法令規範以使其更臻完善？凡此皆與社會大眾息息相關，並使筆者產生高度興趣及強烈研究動機，期盼透過深入研究，得以充分瞭解相關理論與實務，並對問題提出解決或改善之建議。無論自人性尊嚴、隱私權或資訊自決權之觀點來看，個人資料保護皆為基本且重要之議題，不容忽視，而銀行帳戶實為個人資料當中非常重要之一環。美國為隱私權概念發源地，理論與實務發展久遠，深具探討價值，故本文擇其作為比較分析對象。為求深入探討調閱銀行帳戶資料在台灣及美國司法實務面運作之情形，本文整理解析兩國近年來相關法規及民事刑事裁判，2010年4月我國立法通過之「電腦處理個人資料保護法修正案」(後更名為「個人資料保護法」，2012年10月付諸實行，以下亦簡稱「新個資法」)亦在本文討論範圍內。本文將介紹各相關法規內容，分析新舊法規之差異，探究實務面作法及未來可能走向，以提供各位讀者先進參考。國家為履行公共任務或打擊金融犯罪，通常需要調閱相關人等之銀行帳戶資料，此為偵查機關職責所在，但若稍有不慎即可能使個人資訊隱私權遭受重大侵害，而目前理論與實務面皆尚有未盡完善之處。筆者盼以本身面臨之法令疑義，對我國新個資法及台美兩國相關法規之檢視，對本文蒐集資料之研讀心得，及在金融業服務十年之工作經驗作為本文研究之核心。本篇論文之主要目的，盼藉由各面向之探討及對法律制度之論述，檢視當今我國與美國調閱銀行私人帳戶資料之正當性與合法性；本文不僅描述兩國偵查機關調閱銀行帳戶資料之現況，亦針對問題分析研究，提出建議策略，盼能為我國目前存在之問題困境貢獻一己之力，以供法律界、金融界及相關公務部門參考。透過本文研究，可觀察目前我國與美國調閱銀行私人帳戶資料相關法規與實務之發展方向，探討主管機關在提升偵查效率及保障個人財務資訊隱私權之間如何取得平衡，希冀政府機關不僅能快速有效完成偵查任務，亦能在合情合理合法範圍內作好個人資料保護，兩全其美。 / In Taiwan, law enforcement’s access to private banking account is a common way of investigating civil or criminal crimes. Although it seems very normal, it still has some problems need to be solved, especially its legality and controversy over privacy. It’s efficient to investigate a crime by retrieving data from private banking account, but it’s easy to invade personal privacy if there’s no reasonable law, clear direction, supplementary measures or necessary punishments. As a result, it’s very worthwhile and important to discuss this thesis’ title. However, there are not many relevant essays or writings in our country nowadays. About this issue, there are many relevant topics which are worthy to be discussed. For example, what is the legal basis of this kind of investigation? Is there any inconsistency between its legal basis and other laws? What are the implementations or supporting measures in practice and improvements in the future? Is there any supervision mechanism if the Government abuses its power? How to amend existing legal regulations appropriately to make them more perfect? Topics above are closely related to all society so the author has a high degree of interest and motivation. Hope this thesis will make readers fully understand relevant theory and practice then they may know how to solve problems and make improvements by this article’s suggestion. Whether from the point of view of privacy, human dignity or self-determination of revealing personal information, protection of personal data is always a basic and important issue which shouldn’t be ignored. The private banking account is actually one kind of the most important personal data. The United States (hereinafter also “America”) is the birthplace of the concept of privacy which has developed there for a long time. It is worth researching so the author selects America for comparative analysis task. In order to discuss the judicial practice about private banking account being investigated by the authorities in Taiwan and America, the author sorts out and analyzes relevant regulations and criminal judges of these two countries in recent years. “Computer Processed Personal Information Protection Act Amendments” (later renamed “Personal Information Protection Act”, implemented in October 2012, hereinafter also “New Personal Information Act”) passed by the Legislative Yuan of Taiwan in April 2010 is also within the scope of this article. This article will describe the contents of relevant laws, analyze the differences between old and new regulations and discuss practical approaches and possible directions in the future so this thesis will provide reference for all readers. The Government often needs to retrieve banking account information to fulfill public tasks or fight against financial crimes. Although this is the duty of the authorities, it will result in serious violation of personal information privacy if the authorities make any mistake. In fact, both of relevant theory and practice in our country have some drawbacks and deficiencies at this time. The author looks forward to discussing the doubts of law, examining “New Personal Information Act” and relevant regulations of Taiwan and America and sharing study experience on this issue and a decade of work experience in the financial industry in order to constitute the core of this research. The main purpose of this thesis is to examine the necessity and legality of retrieving banking account information in Taiwan and America by discussing all relevant aspects and legal systems. This article not only describes the authorities’ access to banking account information in the current situation but also analyzes problems, makes suggestions and offers strategies. The author hopes to do his best to make some contribution to the law, financial industry and related public authorities. Through this thesis, readers could observe Taiwan and America’s investigation of private banking account currently and developing directions of relevant regulations and actual situations in the future. Readers could also learn and discuss how the authorities weigh improvement of investigation efficiency and protection of personal financial information privacy. Hope our Government will not only complete investigation quickly and efficiently but also protect personal information privacy legally and reasonably. 調閱美國偵查機關銀行帳戶財務資訊隱私權個人資料保護個人資料保護法正當性合法性 Retrieval the United States Investigation Banking Account Financial Information Privacy Protection of Personal Information Personal Information Protection Act Legitimacy Legality
6	健康資料之個人資料類別屬性研究──以IoT設備之蒐集、處理或利用為中心 / A Study on Personal Health Data Attributes: Focus on the Data Collection, Process or Use of IoT Device 張幼文, Chang, Yu Wen Unknown Date (has links) 我國於2015年底通過新修正之個人資料保護法（以下簡稱「個資法」），將病歷納入特種個人資料中保護。目前個資法第六條特種個人資料列舉包含病歷、醫療、基因、性生活、健康檢查及犯罪前科之個人資料。雖然該條文係取法自國際賦予敏感性個人資料特別保護的模式，惟在個人相關健康資料保護部分，我國個資法不若歐盟一般資料保護規則（EU General Data Protection Regulation, GDPR）保護寬廣，納入資料之類型仍較國際立法例狹窄。尤其此次GDPR修法擴大特種個人資料空間，增列基因資料、生物性資料和性傾向，檢視我國特種個人資料列舉類型是否符合現今科技社會需求有其必要性。過去研究針對健康資料個資法適用問題較少。大數據資料來源來自各處，以一般健康保健物聯網模式為例，自行操作之檢查數據或穿戴式裝置所蒐集之資料，若非須由醫師或其他之醫事人員施以檢查，而可由一般民眾自行測量之行為，該民眾自行測量之結果應不屬於個資法所謂之病歷、醫療或健康檢查個人資料，即非為特種個人資料。惟大數據分析技術進步之環境下，健康資料亦攸關資料主體生理健康之敏感性，且容易連結並識別個人，考量健康資料敏感性提升，蒐集、處理、利用健康資料易侵犯到個人隱私，因此有加強保護之需求。將來可刪除個資法第六條第一項各種個人資料例示之「醫療」、「病歷」與「健康」資料，並新增「健康」或「與健康相關」之列舉項目。但解釋「與健康相關」資料之內涵時不能無限上綱，在適用時應考量情境說，依據不同使用情境判斷是否為係作為特種個人資料利用，以排除一般性描述健康的使用情境。 / The change to the regulation of special categories of data (sensitive data) in the Taiwan Personal Information Protection Act (PIPA) in 2015 comes with the inclusion of medical records. The definition of sensitive data in the PIPA Article 6(1) refers to personal information of medical records, medical treatment, genetic information, sexual life, health examination and criminal records. However, the list of sensitive data in PIPA do not contain categories as broad as foreign legislation such as EU General Data Protection Regulation (GDPR). It is important to review the continuing relevance of existing categories of sensitive data in the light of change in social structures and advances in technology. Differ from “medical data” such as medical records, medical treatment and health examination, the collection, process and use of “health data” which is measured from wearable device, is not included in the sensitive data. Concerning the development of big data analysis, the “health data” which sensitivity enhanced is easy to identify an individual. It needs to give a higher level of protection to “health data” under PIPA. Therefore, this thesis suggests that medical records, medical treatment and health examination in PIPA Article 6(1) should be consolidated and amended to health records or data concerning health. However, this is not to say that the processing of all kinds of medical and health data should be regarded as the processing of sensitive data. But data, under certain contexts/circumstances may be treated as the processing of sensitive data. 個人資料保護法特種個人資料敏感性資料健康資料大數據物聯網 Personal information protection act Special categories of data Sensitive data Health data Big data Internet of Things

1

Page generated in 0.1713 seconds