政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/134191
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113311/144292 (79%)
Visitors : 50935451      Online Users : 953
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/134191


    Title: 台灣創業生態系之個人資料管理與法遵議題
    Personal Data Management and Legal Compliance Issue of Taiwan Entrepreneurial Ecosystem
    Authors: 黃炳曄
    Huang, Bing-Yeh
    Contributors: 鄭至甫
    Jeng, Jyh-Fu
    黃炳曄
    Huang, Bing-Yeh
    Keywords: 新創
    創業
    生態系
    歐盟
    個資
    法遵
    台灣
    GDPR
    personal data
    startup
    start-up
    entrepreneurial ecosystem
    compliance
    Taiwan
    Date: 2021
    Issue Date: 2021-03-02 14:53:29 (UTC+8)
    Abstract: 在巨量資料的時代裡,企業運用資料來進行分析以及驅動人工智慧模型來進行決策,藉以獲得豐厚的商業利潤。其中,個人資料所蘊含的商業價值更讓人無法忽視。因此,企業透過各種不同的手段來蒐集並使用個人資料,卻因此造成隱私權受侵害的事件不斷發生。有鑑於此,歐盟在2016年頒布了GDPR,並於2018年開始實施,藉此規範了企業使用個人資料的方式。台灣為了接軌國際,預計以GDPR作為基礎來對個人資料保護法進行修法。由於GDPR包含了為數眾多地新的個人資料使用概念,因此勢必對台灣之商業環境造成衝擊,尤其是台灣創業生態系將首當其衝。
    本研究旨在探討台灣創業生態系之個人資料管理與法遵議題,因此必須先檢視台灣創業生態系現行個人資料管理與法遵之現況,並再以未來台灣個人資料保護法將類比GDPR規格之修法前提下,探討台灣創業生態系之應對與調整。為了達到前述研究目的,本研究透過深度訪談法對台灣創業生態系的不同角色進行訪問,並且依據訪談結果與次級資料提出台灣創業生態系應對之策。
    首先,本研究發現,新創公司在包含知情同意以及資料安全性等方面的法遵措施的投入程度皆與新創公司的規模以及其蒐用資料的方式有關,並且遵循一法遵成長脈絡。此外,台灣創業生態系不同角色在個人資料管理與法遵議題上對新創公司的協助相當有限。
    接著,本研究透過分析GDPR與現行個人資料保護法的差異,並整理出法規遵循上的先後順序,藉此提供新創公司法遵上的建議。
    最後,本研究依據對台灣創業生態系的了解以及法規分析,對創業生態系提出關於去識別化與跨領域教育等方面之建議。如此一來,新創公司才能提早進行法遵,並有效節省法遵成本。另外,雖然仍有像是刪除權與兒童隱私保護等難以遵循之規定,但合規輔助者的出現,可望解決這些難解之題,並成為創新的契機。
    In the age of big data, enterprises utilize data analytics and artificial intelligence models to make important decisions, thereby obtaining great commercial profits. Especially, the commercial value brought by personal data is significant. Enterprise collects and uses personal data with a variety of methods, this has however resulted in frequent violations of privacy. In view of this, GDPR, the regulation to restrict enterprise’s personal data usage, was adopted in 2016 and became enforceable beginning in 2018. In order to connect with the world, the Taiwan government is expected to amend the personal data protection law based on GDPR. As GDPR contains various new concepts in the use of personal data, it is bound to have an impact on Taiwan business environment, especially on the Taiwan entrepreneurial ecosystem will bear the brunt.
    This research aimed to discuss the personal data management and legal compliance issue of Taiwan entrepreneurial ecosystem. Therefore, it is necessary to review the current situation of personal data management and legal compliance in Taiwan entrepreneurial ecosystem, and then discuss Taiwan entrepreneurial ecosystem’s response and adjustment to the future change of Taiwan new personal data protection law when it amended in accordance with GDPR. In order to achieve the aforementioned purposes of research, this research conducted in-depth interviews on different roles in Taiwan entrepreneurial ecosystem, based on the interview results and secondary data, this research proposed countermeasures for Taiwan entrepreneurial ecosystem.
    Firstly, this research found that the legal compliance investment (including informed consent and data security) of startup companies are related to the scale of startup companies and the way they process personal data, startup companies also follow a certain law-compliance growth path. In addition, with regard to personal data management and legal compliance issue, the current assistance provided by different roles in Taiwan entrepreneurial ecosystem is still limited.
    Next, this research analyzed the differences between GDPR and the current Taiwan personal data protection law, and points out the priority when complying regulation, for startup companies.
    Finally, based on the understanding of Taiwan entrepreneurial ecosystem and legal analysis, this research puts forward suggestions on de-identification and interdisciplinary education for the entrepreneurial ecosystem. Thus, startup companies can implement legal compliance earlier and save legal compliance costs effectively. In addition, although there are still difficult-to-compliance regulations such as the right to delete and the protection of children`s privacy, the emergence of Compliance Supporter is expected to solve these difficult problems and become an opportunity for innovation.
    Reference: 英文文獻
    Acs, Z. J., Stam, E., Audretsch, D. B., & O’Connor, A. (2017). The lineages of the entrepreneurial ecosystem approach. Small Business Economics, 49(1), 1-10. doi:10.1007/s11187-017-9864-8
    Adner, R. (2016). Ecosystem as Structure: An Actionable Construct for Strategy. Journal of Management, 43(1), 39-58. doi:10.1177/0149206316678451
    Grow Advisors. (2017). The Startup Ecosystem White Paper. Retrieved from: https://www.startupcommons.org/download-documents.html
    Alm, J. G. (2015). The Privacies of Life: Automatic License Plate Recognition in Unconstitutional under the Mosaic Theory of Fourth Amendment Privacy Law. HAmLINE L. REv., 38, 127.
    Basin, D., Debois, S., & Hildebrandt, T. (2018). On Purpose and by Necessity: Compliance Under the GDPR, Berlin, Heidelberg: Springer.
    Blank, S., & Dorf, B. (2012). The startup owner`s manual: The step-by-step guide for building a great company, U.S, Hoboken: John Wiley & Sons.
    Bosma, N., Acs, Z. J., Autio, E., Coduras, A., & Levie, J. (2008). Global entrepreneurship monitor executive report. Santiago, London: Babson Park.
    Boyce, C., & Neale, P. (2006).Conducting in-depth interviews: A guide for designing andconducting in-depth interviews for evaluation input. Pathfinder International Watertown, MA.
    Cadwalladr, C., & Graham-Harrison, E. (2018, Mar 17). Revealed: 50 million facebook profiles harvested for cambridge analytica in major data breach. The Observer Retrieved from: https://login.autorpa.lib.nccu.edu.tw/login?url=https://www.proquest.com/newspapers/revealed-50-million-facebook-profiles-harvested/docview/2014573719/se-2?accountid=10067
    Cavoukian, A. (2009). Privacy by design: The 7 foundational principles. Information and privacy commissioner of Ontario, Canada, 5.
    Chou, C.-f., & Shy, O. (1990). Network effects without network externalities. International Journal of Industrial Organization, 8(2), 259-270.
    Clement, J. (2019). Number of monthly active Facebook users worldwide as of 4th quarter 2019. Retrieved from: https://www.statista.com/statistics/264810/number-of-monthly-active-facebook-users-worldwide/
    Carter, N., Bryant-Lukosius, D., DiCenso, A., Blythe, J., & Neville, A. J. (2014). The use of triangulation in qualitative research. Oncology nursing forum, 41(5), 545-547. doi:10.1188/14.onf.545-547
    Cormack, A. (2020). An Introduction to the GDPR. IDPro Body of Knowledge, 1(1).
    Crabtree, B. F., & Miller, W. L. (1992). Doing qualitative research. Paper presented at the Annual North American Primary Care Research Group Meeting, 19th, May, 1989, Quebec, PQ, Canada.
    Crabtree, B. F., & Miller, W. L. (1999). Doing Qualitative Research, 2d Edition. Newbury Park,CA: Sage Publications.
    Creswell, J. W., & Creswell, J. D. (2017). Research design: Qualitative, quantitative, and mixed methods approaches Newbury Park,CA: Sage Publications.
    Dempwolf, C. S., Auer, J., & D’Ippolito, M. (2014). Innovation accelerators: Defining characteristics among startup assistance organizations. Small Business Administration, Retrieved from: https://www.sba.gov/
    Denzin, N. (1970). Strategies of multiple triangulation. The Rresearch Act In Sociology: A Theoretical Iintroduction To Sociological Method, 297(1970), 313.
    Denzin, N. K. (1978). Triangulation: A case for methodological evaluation and combination. Sociological Methods, pp. 339-357.
    Evans, D. S., Schmalensee, R., Noel, M. D., Chang, H. H., & Garcia‐Swartz, D. D. (2011). Platform Economics: Essays on Multi‐Sided Businesses. In D. S. Evans (Ed.), Competition Policy International. Available at SSRN: https://ssrn.com/abstract=1974020.
    European Commission. (2018a). Who does the data protection law apply to? Retrieved from :https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/application-regulation/who-does-data-protection-law-apply_en
    European Commission. (2018b). Does my company/organisation need to have a Data Protection Officer (DPO)? Retrieved from: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/obligations/data-protection-officers/does-my-company-organisation-need-have-data-protection-officer-dpo_en
    Fan, Z., & Gupta, A. (2018). The Dangers of Digital Protectionism. Retrieved from Harvard Business Review website: https://hbr.org/2018/08/the-dangers-of-digital-protectionism
    Farboodi, M., Mihet, R., Philippon, T., & Veldkamp, L. (2019). Big data and firm dynamics. Paper presented at the AEA papers and proceedings.
    Feld, B. (2020). Startup communities: Building an entrepreneurial ecosystem in your city ,U.S, Hoboken: John Wiley & Sons.
    Freitas, M. D. C., & Mira da Silva, M. (2018). GDPR Compliance in SMEs: There is much to be done. Journal of Information Systems Engineering & Management, 3(4), 30.
    Gapper, J. (2016). LinkedIn Swaps Business Cards with Microsoft. Financial Times, 15.
    Gartner. (2017). Gartner Says Organizations Are Unprepared for the 2018 European Data Protection Regulation. Retrieved from: https://www.gartner.com/en/newsroom/press-releases/2017-05-03-gartner-says-organizations-are-unprepared-for-the-2018-european-data-protection-regulation
    Goddard, M. (2017). The EU General Data Protection Regulation (GDPR): European regulation that has a global impact. International Journal of Market Research, 59(6), 703-705.
    Graham, P. (2012). Startup= growth. Retrieved from: http://www.paulgraham.com/growth.html
    Grilo, A., Águeda, A., Zutshi, A., & Nodehi, T. (2017). Relationship between investors and european startup ecosystems builders. Paper presented at the 2017 International Conference on Engineering, Technology and Innovation (ICE/ITMC).
    Herrington, M., Kew, J., Kew, P., & Monitor, G. E. (2010). Tracking entrepreneurship in South Africa: A GEM perspective . South Africa: Graduate School of Business, University of Cape Town.
    Hintze, M., & LaFever, G. (2017). Meeting Upcoming GDPR Requirements While Maximizing the Full Value of Data Analytics. Available at SSRN 2927540.
    Holvast, J. (2007). 27 - History of privacy. In K. D. Leeuw & J. Bergstra (Eds.), The History of Information Security (pp. 737-769). Amsterdam: Elsevier Science B.V.
    Iansiti, M., & Levien, R. (2004). Strategy as ecology. Harvard business review, 82(3), 68-78.
    Isaak, J., & Hanna, M. J. (2018). User data privacy: Facebook, Cambridge Analytica, and privacy protection. Computer, 51(8), 56-59.
    Jia, J., Jin, G. Z., & Wagman, L. (2018). The short-run effects of gdpr on technology venture investment (No. w25248). National Bureau of Economic Research.
    Jiao, Y., Wang, P., Niyato, D., Alsheikh, M. A., & Feng, S. (2017). Profit maximization auction and data management in big data markets. Paper presented at the 2017 IEEE Wireless Communications and Networking Conference (WCNC).
    Jones, C. (2019). France issues Google with the heaviest GDPR fine to date. IT Pro. Retrieved from: https://www.itpro.co.uk/general-data-protection-regulation-gdpr/32811/france-issues-google-with-the-heaviest-gdpr-fine-to
    Khwaja, M., & Matic, A. (2019). Personality Is Revealed During Weekends: Towards Data Minimisation for Smartphone Based Personality Classification, Springer International Publishing. 551-560.
    Kirchhoff, B. A., & Phillips, B. D. (1988). The effect of firm formation and growth on job creation in the United States. Journal of business venturing., 3(4), 261-272. doi:10.1016/0883-9026(88)90008-0
    Konczal, J. (2012). Evaluating the effects of accelerators? Not so fast. Forbes 2012 [cited Aug 8 2012].
    Laney, D. (2001). 3D Data Management: Controlling Data Volume, Velocity, and Variety . META Group .
    Layton, R., & Elaluf-Calderwood, S. (2019, November). A Social Economic Analysis of the Impact of GDPR on Security and Privacy Practices. In 2019 12th CMI Conference on Cybersecurity and Privacy (CMI) (pp. 1-6). IEEE.
    Lievens, E., & Milkaite, I. (2017). Age of consent in the GDPR: updated mapping of recent national guidance and proposals. Better Internet for Kids.
    Love, H. (2016). The Start-Up J Curve: The Six Steps to Entrepreneurial Success: Greenleaf Book Group.
    Machuletz, D., & Böhme, R. (2020). Multiple purposes, multiple problems: A user study of consent dialogs after GDPR. Proceedings on Privacy Enhancing Technologies, 2020(2), 481-498.
    Markman, G. D., Phan, P. H., Balkin, D. B., & Gianiodis, P. T. (2005). Entrepreneurship and university-based technology transfer. Journal of Business Venturing, 20(2), 241-263.
    Marr, B. (2017). Data strategy: How to profit from a world of big data, analytics and the internet of things: Kogan Page Publishers.
    Martin, N., Matt, C., Niebel, C., & Blind, K. (2019). How Data Protection Regulation Affects Startup Innovation. Information Systems Frontiers, 21(6), 1307-1324. doi:10.1007/s10796-019-09974-2
    Mason, C., & Brown, R. (2014). Entrepreneurial ecosystems and growth oriented entrepreneurship. Final report to OECD, Paris, 30(1), 77-102.
    Mourby, M., Mackey, E., Elliot, M., Gowans, H., Wallace, S. E., Bell, J., & Kaye, J. (2018). Are ‘pseudonymised’data always personal data? Implications of the GDPR for administrative data research in the UK. Computer Law & Security Review, 34(2), 222-233.
    Neumann, J. (2019 ). A Taxonomy of Moats. Retrieved from: http://reactionwheel.net/2019/09/a-taxonomy-of-moats.html
    Polit, D., & Beck, C. (2012). Essentials of nursing research. Ethics, 23(2), 145-160.
    Politou, E., Alepis, E., & Patsakis, C. (2018). Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions. Journal of Cybersecurity, 4(1), tyy001.
    Porter, M. E. (1991, Apr 1991). America`s Green Strategy. Scientific American, 264, 168.
    Porter, M. E., & Van der Linde, C. (1995). Toward a new conception of the environment-competitiveness relationship. Journal of Economic Perspectives, 9(4), 97-118.
    Provost, F., & Fawcett, T. (2013). Data science and its relationship to big data and data-driven decision making. Big Data, 1(1), 51-59.
    Punch, K. F. (2013). Introduction to social research: Quantitative and qualitative approaches: sage.
    Radinsky, K. (2015). Data monopolists like Google are threatening the economy. Harvard Business Review, Retrieved from: https://hbr.org/2015/03/data-monopolists-like-google-are-threatening-the-economy
    Robehmed, N. (2013). What is a Startup. Forbes, Retrieved from: https://www.forbes.com/sites/natalierobehmed/2013/12/16/what-is-a-startup/?sh=abec67840440
    Schumpeter, J. A. (1955). The theory of economic development : an inquiry into profits, capital, credit, interest, and the business cycle / by Joseph A. Schumpeter. Massachusetts: Harvard University Press.
    Shah, A., Banakar, V., Shastri, S., Wasserman, M., & Chidambaram, V. (2019). Analyzing the Impact of {GDPR} on Storage Systems. Paper presented at the 11th {USENIX} Workshop on Hot Topics in Storage and File Systems (HotStorage 19).
    Siteimprove. (2019). GDPR Doesn`t Only Protect EU Citizens - Who Does GDPR Affect? Retrieved from: https://siteimprove.com/en/gdpr/who-gdpr-affects-and-whose-data-is-protected/
    Song, A. K. (2019). The Digital Entrepreneurial Ecosystem—a critique and reconfiguration. Small Business Economics, 53(3), 569-590.
    Spacey, J. (2016). Data Security vs Information Security. Retrieved from: https://simplicable.com/new/data-security-vs-information-security
    Stake, R. E. (1995). The art of case study research: sage.
    Startup Genome. (2019). Global startup ecosystem report 2019. Retrieved from: https://startupgenome.com/gser2019
    Startup Genome. (2020). Global startup ecosystem report 2020. Retrieved from: https://startupgenome.com/gser2020
    Subrahmanya, M. H. B. (2017). Comparing the entrepreneurial ecosystems for technology startups in Bangalore and Hyderabad, India. Technology Innovation Management Review, 7(7), 47–62.
    The Economist (2017). The world’s most valuable resource is no longer oil, but data. The Economist: New York, NY, USA.
    Trendall, S. (2019, 2019 Jul 09). ICO slaps record £183m fine on British Airways for GDPR breach. Public Technology.
    Voss, W. G. (2020). Airline Commercial Use of EU Personal Data in the Context of the GDPR, British Airways and Schrems II. British Airways and Schrems II (September 30, 2020), 19(2).
    Yin, R. (2003). Designing case studies. Qualitative Research Methods, 359-386.
    Zarsky, T. Z. (2016). Incompatible: the GDPR in the age of big data. Seton Hall Law Review., 47, 995-1020.

    中文文獻
    Mayer-Schönberger, V., & Cukier, K. (2013)。大數據: 「數位革命」之後,「資料革命」登場: 巨量資料掀起生活、工作和思考方式的全面革新。台北:天下遠見出版。
    Ryan,什麼是孵化器(Incubator)/加速器(Accelerator)?硬塞科技字典,上網日期2016年07月21日,檢自:https://www.inside.com.tw/article/6694-what-is-incubator-accelerator
    羅凱揚&蘇宇暉,有效提昇決策品質─資料導向決策,上網日期2018年06月22日,檢自:https://medium.com/marketingdatascience/%E8%B3%87%E6%96%99%E5%B0%8E%E5%90%91%E6%B1%BA%E7%AD%96-data-driven-decision-making-73cdd3581092
    李為, (2015)。德國生態環境保護的觀察與思考(簡體中文)。科學與管理,35(02),55-59。
    Jonathan Tepper&Denise Hearn,(2020)。競爭之死:高度壟斷的資本主義,是延誤創新、壓低工資、拉大貧富差距的元凶。吳慧珍、曹嬿恆譯 (初版 ed.)。台北市:麥田出版。
    林于蘅,台歐27日三度協商GDPR認定 國發會:個資法勢必修法,上網日期2019年01月26日,檢自:https://udn.com/news/story/7238/4188419
    阿文哥,【台灣軟體人看世界 #1】少了軟體的科技之島,上網日期2017年01月23日, 檢自:https://blog.gaaiho.com/2017/01/1.html
    范姜真媺, (2013)。 個人資料保護法關於「個人資料」保護範圍之檢討. [Personal Data Protection Act Applies to the Scope of Personal Data],東海大學法學研究(41),91-123。
    徐仕瑋,(2014)。個資法所保護個人資料之範圍界定--評臺灣臺北地方法院一○三年度北小字第一三六○號小額民事判決。月旦裁判時報, 總號:30,, 123-138。
    常紀文 & 尹立霞,霧霾治理的國際經驗(簡體中文) ,上網日期2016年06月09日,檢自:http://huanbao.bjx.com.cn/news/20160616/743006-2.shtml
    張陳弘,(2016)。個人資料之認定-個人資料保護法適用之啟動閥。法令月刊, 67(5),67-101。
    張陳弘& 莊植寧,(2019)。新時代之個人資料保護法制:歐盟GDPR與臺灣個人資料保護法的比較說明 (李啟琳 Ed. 1st ed.)。台北市:新學林出版股份有限公司。
    陳君毅,巨頭聯手!Facebook、Google、微軟要將個人資料所有權還給使用者,上網日期2018年07月23日,檢自:https://www.bnext.com.tw/article/49966/the-data-transfer-project
    鈕文英, (2012)。 質性硏究方法與論文寫作 (初版 ed.), 臺北市: 雙葉書廊.
    蕭佑和,【新創融資】種子輪、天使輪、A輪、B輪、C輪,你都弄懂了嗎. 大和有話說,上網日期2018年12月02日,檢自:https://dahetalk.com/2018/12/02/%E3%80%90%E6%96%B0%E5%89%B5%E8%9E%8D%E8%B3%87%E3%80%91%E7%A8%AE%E5%AD%90%E8%BC%AA%E3%80%81%E5%A4%A9%E4%BD%BF%E8%BC%AA%E3%80%81a%E8%BC%AA%E3%80%81b%E8%BC%AA%E3%80%81c%E8%BC%AA%EF%BC%8C%E4%BD%A0/
    唐子晴,當區塊鏈遇上GDPR,相愛或相殺?,上網日期2018年08月13日,檢自:https://www.bnext.com.tw/article/50219/when-blockchain-meet-gdpr
    Description: 碩士
    國立政治大學
    科技管理與智慧財產研究所
    107364119
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0107364119
    Data Type: thesis
    DOI: 10.6814/NCCU202100235
    Appears in Collections:[Graduate Institute of TIPM] Theses

    Files in This Item:

    File Description SizeFormat
    411901.pdf4919KbAdobe PDF20View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback