政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/128981
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113648/144635 (79%)
Visitors : 51576547      Online Users : 896
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/128981


    Title: Open banking 涉及之個人資料保護問題
    Personal Data Protection Issues among Open Banking
    Authors: 林旻
    Lin, Angela
    Contributors: 宋皇志
    Sung, Huang-Chih
    林旻
    Lin, Angela
    Keywords: 金融科技
    開放銀行
    開放API
    個人資料保護
    消費者資料權
    FinTech,
    Open banking
    Open API
    Personal Data Protection
    Consumer Data Right
    PSD2
    GDPR
    Date: 2020
    Issue Date: 2020-03-02 11:35:51 (UTC+8)
    Abstract: 資訊科技的進步,令消費者個人資料之價值由於資料得以被運用在各式各樣的 金融科技而大幅提高,過去視客戶資料為商業機密之銀行,也逐漸願意、或者被迫開 放其持有之資料,成為開放銀行(Open banking)生態系統中的一員。即便開放銀行 目前在大部份的司法管轄區仍處於起步階段,其已經成為全球銀行業的趨勢。
    Open banking的出現是銀行的機會,同時也是銀行的挑戰:其帶來更多創新產 品服務的可能,同時,銀行在個人資料保護以及資訊安全基礎設施上亦須投入大量成 本,避免在未經消費者同意利用其個人資料或是大規模消費者個人資料洩漏之情形, 造成不可回復之損害。不論是消費者害怕個人資料保護不夠周全,抑或是銀行與TPP 間之責任歸屬未明確釐清,都將有礙此種的新型態生態系統持續發展。
    本論文聚焦於銀行利用API分享資料給第三方服務提供商的Open banking商業 模式,個人資料保護之部分則以歐盟之GDPR為重點,探討Open banking法制以及 GDPR兩者重疊之處如何調和,以及Open banking實際運作上,銀行及TPP應採取何種 適當手段以符合個人資料保護法。並藉由回顧奧地利ING-DiBa Direktbank以及德國銀 行產業委員會的兩個案例,探討Open banking概念發展歷程中,對於金融業產品服務 創新以及個人資料保護取得平衡的兩難。最後,本論文以國外Open banking政策及法 制為借鏡,針對我國正在發展的Open banking制度提供建議,使我國銀行與TPP在發 生Open banking相關個人資料保護爭議時,有兼顧消費者保障及責任分擔明確之治理 模式得以遵循。
    As information technology develops rapidly, the applications of consumers’ personal data on financial technologies diversify significantly. This has given rise to the value of consumers’ personal data. Banks that used to see their clients’ financial data as classified trade secrets, whether it’s due to regulations or as a result of their business strategies, have also become more willing to share data with third party service providers in order to become a member of the Open banking system. Though Open banking is still in an embryonic stage in most jurisdictions, it has become an emerging global trend in recent years within the Banking industry.
    For traditional banks, Open banking brings opportunities for financial innovation, but it also brings about challenges regarding data protection. Open banking introduces more possibilities for innovation of financial products and services. However, this also indicates that banks shall devote themselves to establish information security infrastructure to avoid processing of personal data without client consent or to prevent personal data leakage. These are both problems that may cause irreversible damage to consumers. Customers’ growing awareness of data protection and unclarified responsibilities between banks and TPPs will also hinder the development of the Open banking ecosystem.
    The object of this study is to provide strategies given current circumstances that comply with personal data protection law for banks and TPPs. Furthermore, this dissertation also proposes some advice related to personal data protection for the Taiwanese government during the development of Open banking. By reviewing the regulations and the reconciling PSD2 and GDPR, some strategies are made to help clarify the responsibility between banks and TPPs, at the same time enhancing protection of consumers’ data.
    Reference: 一、中文文獻

    (一)期刊
    1.李智仁(2005),日本金融隱私權保障規範之發展--兼論我國面臨之問題與對策,國立中正大學法學集刊,第19期,頁1-70。
    2.臧正運(2019),從國際發展趨勢論我國推動開放銀行應有之思考,金融聯合徵信,第34期,2019年6月,頁4-12。

    (二)網路資源
    1.HKMA,香港銀行業開放API的實施階段,https://www.hkma.gov.hk/chi/key-functions/international-financial-centre/fintech/open-application-programming-interface-api-for-the-banking-sector/phase-approach/ (最後瀏覽日:2019年11月19日)。
    2.王宏仁,2019年,「臺灣Open Banking銀行實例:華南銀行」數位轉型從開放銀行做起華南要靠開放API擴大異業結盟,iThome,https://www.ithome.com.tw/news/133685。
    3.王宏仁,2019年,【開放銀行特別報導】跨海專訪英國Open Banking推手:英國開放銀行有成,API呼叫破億次觸及99%全英金融市場,iThome, https://www.ithome.com.tw/news/133675。
    4.周霈翎,2019年,揭開開放銀行面紗,聯合新聞網, https://udn.com/news/story/6877/3864429。
    5.麻布記帳,2019年,首家與20家銀行串接API的金融帳務整合服務誕生,「Moneybook麻布記帳」成功與20家銀行串接API, https://blog.moneybook.com.tw/2019/10/16/%e9%a6%96%e5%ae%b6%e8%88%8720%e5%ae%b6%e9%8a%80%e8%a1%8c%e4%b8%b2%e6%8e%a5api%e7%9a%84%e9%87%91%e8%9e%8d%e5%b8%b3%e5%8b%99%e6%95%b4%e5%90%88%e6%9c%8d%e5%8b%99%e8%aa%95%e7%94%9f%ef%bc%8c%e3%80%8cmoneyb/ 。



    二、外文文獻

    (一)書籍與專書論文
    1.Jelena Madir, 2019. FinTech: Law and Regulation, Cheltenham: Edward Elgar Publishing Limitred.
    2.Anna Omarini, 2015. Retail Banking: Business Transformation and Competitive Strategies for the Future. London: Palgrave MacMillan Publishers.
    3.Blakstad S. and Allen R., 2018, New Standard Models for Banking. Pp 147- 166 in: FinTech Revolution, edited by Blakstad S. and Allen R., Cham: Palgrave MacMillan Publishers.
    4.Ryan Mitchell, 2015, Web Scraping with Python: collecting data from the modern web. CA: O`Reilly Media.

    (二)期刊論文
    1.Anjan V. Thakor, 2019, Fintech and Banking: What Do We Know, Journal of Financial Intermediation. https://doi.org/10.1016/j.jfi.2019.100833
    2.Anna Omarini, 2018, Banks and Fintechs: How to Develop a Digital Open Banking Approach for the Bank’s Future, International Business Research 11(9):23-36.
    3.Arner, D. W., Barberis, J., & Buckley, R. P, 2015, The evolution of Fintech: A new post-crisis paradigm, Georgetown Journal of International Law 47:1271-1320.
    4.Cortet Mounaim, Rijks Tom & Nijland Shikko, 2016, PSD2: The digital transformation accelerator for banks, Journal of Payments Strategy & Systems 10(1):13-27.
    5.Hallam Stevens, 2019, Open data, closed government: Unpacking data.gov.sg, First Monday 24(4).
    6.Jeffrey Kenneth Hirschey, 2014, Symbiotic Relationships: Pragmatic Acceptance of Data Scraping, Berkeley Technology Law Journal 29:897-928.
    7.Neyer Gene, 2017, ‘Mobile First’ will become ‘API First’ — PSD2: Changing banking as we know it, Journal of Digital Banking 2(2):171-178.

    (三)研究報告
    1.Basel Committee on Banking Supervision, 2018, Bank for International Settlements, Sound Practices: Implications of Fintech Developments for Banks and Bank Supervisors.
    2.Basel Committee on Banking Supervision, 2019, Report on open banking and application programming interfaces.
    3.Capgemini & Efma, 2019, World Fintech Report 2019. Retrieve from https://www.capgemini.com/es-es/wp-content/uploads/sites/16/2019/06/World-FinTech-Report-WFTR-2019_Web.pdf
    4.Consumers International, 2017, Banking on the Future: An Exploration of Fintech and the Consumer Interest.
    5.Financial Stability Board, 2017, Financial Stability Implications from FinTech, Supervisory and Regulatory Issues that Merit Authorities’ Attention.
    6.KPMG, 2019, PSD2 and Open Banking: Revolution or evolution.
    7.KPMG, 2019, The future of banking Hong Kong Banking Report 2019.
    8.PwC, 2018, The future of banking is open - how to seize the Open Banking opportunity.
    9.PwC, 2018, What is Fintech.
    10.Thomas I. Palley, 2007. Financialization: What It Is and Why It Matters Working Papers wp153, Political Economy Research Institute, University of Massachusetts at Amherst.

    (四)司法裁判
    1.Case C‑191/17 Bundeskammer für Arbeiter und Angestellte v ING-DiBa Direktbank Austria Niederlassung der ING-DiBa AG, ECLI:EU:C:2018:809.
    2.Case C-41/90 Höfner and Elser v Macrotron, ECLI:EU:C:1991:161.
    3.Joined Cases C-293/12 and C-594/12 Digital Rights Ireland and Seitlinger and Others, ECLI:EU:C:2014:238.
    4.Joined Cases C-203/15 and C-698/15 Tele2 Sverige AB and Secretary of State for the Home Department, ECLI:EU:C:2016:970.

    (五)政府機關文獻
    1.ACCC, 2018, CDR Rules Outline.
    2.ACCC, 2019, Consumer Data Right Supplementary accreditation guidelines: insurance.
    3.ACCC, 2019, CDR draft accreditation guidelines.
    4.Article 29 Data Protection Working Party, Guidelines on Consent under Regulation 2016/679.
    5.Consumer Financial Protection Bureau, 2017, Consumer Protection Principles: Consumer-Authorized Financial Data Sharing and Aggregation.
    6.Council of the European Union, 2019, Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications). Retrieve from https://data.consilium.europa.eu/doc/document/ST-12633-2019-INIT/en/pdf.
    7.EBA Working Group on Electronic Alternative Payments, 2016, Understanding the business relevance of Open APIs and Open Banking for banks. Retrieve from https://www.abe-eba.eu/media/azure/production/1522/business-relevance-of-open-apis-and-open-banking-for-banks.pdf
    8.European Banking Authority, 2017, Guidelines on the criteria on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee under Article 5(4) of Directive (EU) 2015/2366 (PSD2).
    9.European Banking Authority, 2018, Opinion of the European Banking Authority on the implementation of the RTS on SCA and CSC.
    10.ECN SUBGROUP Banking and Payments, 2012, INFORMATION PAPER ON COMPETITION ENFORCEMENT IN THE PAYMENTS SECTOR. Retrieve from https://ec.europa.eu/competition/sectors/financial_services/information_paper_payments_en.pdf (last visited:2019/11/26).
    11.European Banking Authority, 2019, Opinion of the European Banking Authority on the elements of strong customer authentication under PSD2.
    12.European Commission, 2013, Proposal for a directive of the European parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/UE and 2009/110/EC and repealing Directive 2007/64/EC and Proposal for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions. Retrieve from: https://eur-lex.europa.eu/resource.html?uri=cellar:906ed6d3-f509-11e2-a22e-01aa75ed71a1.0001.04/DOC_2&format=PDF (last visited: 2019/11/27).
    13.European Commission, 2019, Frequently Asked Questions: Making electronic payments and online banking safer and easier for consumers.
    14.European Data Protection Board, 2018, PSD2 Letter. Retrieve from https://edpb.europa.eu/sites/edpb/files/files/news/psd2_letter_en.pdf (last visited: 2019/11/18).
    15.European Data Protection Supervisory, 2014, Guidelines on Data Protection in EU Financial Services Regulation, at 15.
    16.HKMA, 2018, Open API Framework for the Hong Kong Banking Sector.
    17.JBA Review Committee on Open APIs, 2017, Report of Review Committee on Open APIs: Promoting Open Innovation. Retrieve from : https://www.zenginkyo.or.jp/fileadmin/res/news/news290713_3.pdf (last visited: 2019/11/18 ).
    18.MAS &ABS, 2016, Finance-as-a-Service: API Playbook.
    19.Murray, 2014, Financial System Inquiry Final Report.
    20.OBWG, 2016, Open Banking Standard.
    21.ODI & Fingleton Associates, 2014, Data Sharing and Open Data for Banks A report for HM Treasury and Cabinet Office.
    22.Open Banking Ltd, 2018, Open Banking Guidelines for Open Data Participants.
    23.Open Banking Ltd, 2018, Open Banking Guidelines for Read/Write Participant
    24.Open Data Institute, 2016, Introducing the Open Banking Standard: Helping customers, banks and regulators take banking into a truly 21st-century, connected digital economy.
    25.Open Data Institute & Fingleton, 2019, Open Banking Preparing for lift off.
    26.Productivity Commission, 2017, Data Availability and Use.
    27.Professor ian Harper, Peter Anderson, Su Mccluskey & Michael o’Bryan Qc, 2015, Competition Policy Review Final Report.
    28.The European Banking Federation, 2016, Guidance for implementation of the revised Payment Services Directive.
    29.The parliament of the commonwealth of Australia, 2019, Explanatory memorandum of Treasury Laws Amendment (Consumer Data Right) Bill 2019.
    30.The Treasury of Australian government, 2019, Consumer Data Right Overview.
    31.The Treasury of Australian government, 2019, Explanatory materials of Treasury Laws Amendment (Consumer Data Right) Bill 2019. Retrieve from https://treasury.gov.au/sites/default/files/2019-06/t364234-explanatory-materials.docx (last visited: 2019/11/20).
    32.日本金融庁,2019年,電子決済等代行業者の登録申請時の留意事項等。
    33.金融審議会,2016年,金融制度ワーキング・グループ報告 ―オープン・イノベーションに向けた制度整備について―。
    34.首相官邸,2019年,産官協議会「FinTech/キャッシュレス化」第1回議事要旨。搜尋自:http://www.kantei.go.jp/jp/singi/keizaisaisei/miraitoshikaigi/sankankyougikai2019/fintech/dai1/gijiyousi.pdf(最後瀏覽日:2019/12/1)。

    (六)網路資料
    1.Alberto Di Felice, 2019, Study of proposal for an ePrivacy Regulation, https://www.digitaleurope.org/resources/study-of-proposal-for-an-eprivacy-regulation/.
    2.Arpan, 2012, Data Scraping vs. Data Crawling, PROMPT CLOUD, https://www.promptcloud.com/blog/data-scraping-vs-data-crawling/.
    3.Bird & Bird, 2018, The CJEU provides clarity on the definition of a "payment account", https://www.twobirds.com/en/news/articles/2018/global/the-cjeu-provides-clarity-on-the-definition-of-a-payment-account.
    4.Bundeskartellamt, 2016, Restriction of online payment services by German banking industry in violation of competition law, https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2016/05_07_2016_Sofort%C3%BCberweisung.html.
    5.CMA, 2014, Personal current account and small business banking face full competition investigation, https://www.gov.uk/government/news/personal-current-account-and-small-business-banking-face-full-competition-investigation.
    6.CMA, 2016, Retail banking market investigation: overview, https://www.gov.uk/government/publications/retail-banking-market-investigation-overview.
    7.Data.gov.sg, https://data.gov.sg/about.
    8.DBS, 2017, Reimagining banking, DBS launches world’s largest banking API developer platform, https://www.dbs.com/newsroom/Reimagining_banking_DBS_launches_worlds_largest_banking_API_developer_platform
    9.Deloitte, PSD2 and GDPR – Harmony or Dissonance?, https://www2.deloitte.com/cz/en/pages/legal/articles/psd2-a-gdpr-harmonie-ci-disonance.html (last visited: 2019/11/18).
    10.EBA, 2018, Consent for the provision of PIS and AIS, https://eba.europa.eu/single-rule-book-qa/-/qna/view/publicId/2018_4309.
    11.EBA, 2019, EBA goes live with its central register of payment and electronic money institutions under PSD2, https://eba.europa.eu/eba-goes-live-with-its-central-register-of-payment-and-electronic-money-institutions-under-psd2.
    12.Eileen Yu, 2017, Singapore government assures SingPass-MyInfo will stay secure, https://www.zdnet.com/article/singapore-government-assures-singpass-myinfo-will-stay-secure/.
    13.European Data Protection Supervisory, The History of the General Data Protection Regulation, https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en# (last visited:2019/11/27).
    14.FCA, Account Information & Payment Initiation Service Providers, https://register.fca.org.uk/shpo_searchresultspage?preDefined=AIPISP&TOKEN=3wq1nht7eg7tr (last visited: 2019/11/27).
    15.Finextra, 2019, Open Banking vs. Screen Scraping: looking ahead in 2019, https://www.finextra.com/blogposting/16494/open-banking-vs-screen-scraping-looking-ahead-in-2019.
    16.Finextra, 2019, Working with Technical Service Providers under PSD2, https://www.finextra.com/blogposting/17686/working-with-technical-service-providers-under-psd2.
    17.GDPR Enforcement Tracker, https://www.enforcementtracker.com/.
    18.GoCardless, 2017, Screen scraping 101: Who, What, Where, When?, https://openbankinghub.com/screen-scraping-101-who-what-where-when-f83c7bd96712.
    19.HKMA, 2019, Open API Framework for the Banking Sector: One year on, https://www.hkma.gov.hk/eng/news-and-media/press-releases/2019/07/20190731-3/#2.
    20.Innopay, PSD2 licensing: solving the puzzle of becoming a Third Party Provider, https://www.innopay.com/en/publications/psd2-becoming-a-third-party-provider(last visited: 2019/11/27).
    21.John Wagnon, 2013, Web Scraping-DataCollection or Ilegal Activity, DEVCENTRAL, https://devcentral.f5.com/s/articles/web-scraping-data-collection-or-illegal-activity.
    22.Kwok Quek Sin, 2019, Inside Singapore’s National Digital Identity programme, https://www.techradar.com/news/inside-singapores-national-digital-identity-programme.
    23.Lester Hio, 2017, MyInfo access extended to local businesses, https://www.straitstimes.com/singapore/myinfo-access-extended-to-local-businesses.
    24.MAS, Financial Industry API Register, https://www.mas.gov.sg/development/fintech/financial-industry-api-register (last visited:2019/11/19).
    25.MAS, Fintech and Innovation Group, https://www.mas.gov.sg/who-we-are/Organisation-Structure/Fintech-and-Innovation (last visited: 2019/11/12).
    26.Niels Vandezande, 2019, Reconciling Consent in PSD2 and GDPR, https://thepaypers.com/expert-opinion/reconciling-consent-in-psd2-and-gdpr/777976.
    27.Norman T.L. Chan, 2017, A New Era of Smart Banking, https://www.hkma.gov.hk/eng/news-and-media/speeches/2017/09/20170929-1.
    28.Open Banking Ltd, About us, https://www.openbanking.org.uk/about-us/ (last visited: 2019/11/5).
    29.Open Banking Ltd, Open Banking APIs Performance, https://www.openbanking.org.uk/providers/account-providers/api-performance/ (last visited: 2019/11/11).
    30.Open Banking Ltd, Website Glossary, https://www.openbanking.org.uk/about-us/glossary/ (last visited: 2019/11/11).
    31.Open Banking Ltd, What is Open Banking? , https://www.openbanking.org.uk/customers/what-is-open-banking/ (last visited: 2019/11/11).
    32.Open Data Institute, About the ODI, https://theodi.org/about-the-odi/ (last visited: 2019/11/5).
    33.Open Data Institute, Projects and services, https://theodi.org/project/open-banking-setting-a-standard-and-enabling-innovation/ (last visited: 2019/11/5).
    34.Orenstein D., 2000, Quick Study: Application Programming Interface (API). https://www.computerworld.com/article/2593623/application-programming-interface.html
    35.Sean Creehan and Paul Tierno, 2019, The Slow Introduction of Open Banking and APIs in Japan, https://www.frbsf.org/banking/asia-program/pacific-exchanges-podcast/open-banking-apis-japan/.
    36.Sing Pass, About us, https://www.singpass.gov.sg/singpass/common/aboutus.
    37.Smart Nation Singapore, 2014, Transcript of speech by speech by prime minister Lee Hsien Loong at smart nation launch, https://www.smartnation.sg/whats-new/speeches/smart-nation-launch/.
    38.STET, PSD2 API V1.4, https://www.stet.eu/en/psd2/.
    39.The Berlin Group, https://www.berlin-group.org/psd2-access-to-bank-accounts.
    40.The finance, 2017, 改正銀行法で何が変わる? オープンAPIとFinTechの推進, https://thefinance.jp/law/170906.
    41.The Treasury of Australian government, Consumer Data Right, https://treasury.gov.au/consumer-data-right.
    42.日本金融庁,2019,電子決済等代行業を営むみなさまへ,https://www.fsa.go.jp/common/shinsei/dendai/index.html。
    Description: 碩士
    國立政治大學
    科技管理與智慧財產研究所
    106364218
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0106364218
    Data Type: thesis
    DOI: 10.6814/NCCU202000212
    Appears in Collections:[Graduate Institute of TIPM] Theses

    Files in This Item:

    File SizeFormat
    421801.pdf2363KbAdobe PDF2260View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback