English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113656/144643 (79%)
Visitors : 51722854      Online Users : 582
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/61477


    Title: 行動應用軟體隱私保護標準研究
    Study on Mobile Application Privacy Protection Standards
    Authors: 郭淑儀
    Kuo, Shu Yi
    Contributors: 陳起行
    Chen, Chi Shing
    郭淑儀
    Kuo, Shu Yi
    Keywords: 資訊隱私
    行動應用軟體
    隱私標準
    Information Privacy
    Mobile Applications
    Mobile Apps
    Privacy Standards
    Date: 2012
    Issue Date: 2013-11-01 11:41:47 (UTC+8)
    Abstract: 行動應用軟體具備適地性、即時性、主動性,可以提供個人化的便利服務。智慧手機普及率上升,亦將帶動行動電子商務風潮,但是消費者對於隱私安全方面的顧慮,卻是推動之阻力。行動應用軟體暗藏隱私隱憂,可能輕易截取隱私資料,包括行動裝置代碼、帳號密碼、文字訊息、照片、影音、連絡資料、行事曆資料、歷史接聽紀錄、網路使用習慣、地理定位資料等。這些隱私資料是屬於我國個資法第二條「其他得以直接或間接方式識別該個人之資料」,為個資法保護之範圍。

    手機用戶隱私資訊外洩問題層出不窮,歐盟和美國之爭議案例頻仍,遂於近年陸續提出相關法案和隱私保護措施。歐盟為全方位式立法,著重政府主導功能;美國是部門式規範模式,尊重產業自律。為解決各國或國際組織之個資隱私保護規範不一致問題,透過信賴標章的產業自律規範,發展成為具有效力之民間保護標準,甚至是國家標準,進而與國際標準接軌,至少可為企業降低遵守法規所投入之成本。

    標準是可以用來捍衛國內產業競爭力,在國際市場競爭具有相當之重要性。國際標準組織的運作通常採共識決,強調嚴謹和透明化;需要在產業和政府支持下,累積國際標準制定經驗,長期堅持投入,始得取得領先主導標準之先機。最受到矚目的行動軟體隱私標準「不被追蹤」,因與廣告商利益衝突,W3C遲遲不能通過標準定案。在各國行動應用軟體隱私保護規範尚未完備之際,透過國際標準組織、區域組織和產業組織等自律發展,形成隱私保護標準,可彌補相關法令規範未及之處。

    建議自法規、隱私標準和隱私標章認證方面推動個資與隱私保護,朝向政府管制和產業自律併進之模式發展。國際行動應用軟體標準發展雖尚在萌芽階段,相關產業仍須密切關注。在科技推陳出新的時代中,個資和隱私保護法制總是趕不上科技變遷,為避免問題反覆發生,標準制定推動者、立法者和執法者皆需與時俱進。
    Mobile applications featured with localization, instant responsiveness and proactivenss can provide convenient and personalized services. The widespread adoption of smart phones may drive the next wave of m-commerce(mobile e-commerce), and however, consumer privacy fears limit the growth of m-commerce.

    There are concerns over privacy leaks that mobile applications can easily access to privacy-sensitive data, such as UDID, ID/password, text messages, photos, videos, address book, calendar, historical phone records, on-line behavior, geolocation, etc. The privacy information mentioned above should have been covered under Article 2 of Taiwan Personal Information Protection Act “other information which may be used to identify a natural person, both directly and indirectly”.

    In response to the increasing privacy leaks in mobile devices and law disputes, privacy protection measures and regulations have been proposed or enforced these years in European Union countries and the United States. European Union establishes a comprehensive legislation focused on government-centric functions, while the United States uses a sectoral approach that relies on industry self-regulation. In order to solve the inconsistent privacy regulations within countries and international organizations, one effective way is to promote privacy seals certified through industry self-regulation, and furthermore, develop to be industry standards, and national standards in line with international standards, and that can at least help enterprises reduce costs for responses to the mandatory regulations.

    Standards can be a means to safeguard industrial competitiveness, and are considered to be critically important to outcompete international trade markets. International standard bodies normally use consensus-building process, highlighted with impartiality and transparency. With supports from industry and government on accumulating experiences in international standard setting, and long-term inputs in participation, aim at competing for market dominance. The catching debate over digital advertisers interests to nail down the long overdue Do Not Track standard continues at W3C. While awaiting privacy regulations for mobile applications, self-regulation can be developed within international standard bodies, regional organizations, industry consortia, and privacy protection standards can help patch up the inadequacy of existing regulations.

    It is recommended to promote protection of personal data and privacy from aspects of regulations, privacy standards, and privacy seal certification, toward a model combined with government regulation and industry self-regulation. Mobile apps standards are still at the initiative stage, and therefore, the related industries should watch closely. Following by the advancement of technology with each passing day, personal data regulations and privacy laws are in danger of lagging behind technological change. In order to prevent recurring problems, standard setters, regulators, and executors should keep pace with the times.
    Reference: 英文文獻
    1.Abdelmounaam Rezgui, Mourad Ouzzani, Athman Bouguettaya, Brahim Medjahed, Preserving Privacy in Web Services, Proceedings of the 4th international workshop on Web information and data management, November 2002
    2.Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, David Wagner, Android Permissions:User Attention, Comprehension, and Behavior, Proceedings of the Eighth Symposium on Usable Privacy and Security, July 2012
    3.Ali Grami and Bernadette H. Schell, Future Trends in Mobile Commerce: Service Offerings, Technological Advances and Security Challenges, Proceedings Second Annual Conference on Privacy, Security and Trust, October 13~15, 2004
    4.Andre Charland, Brian LeRoux, Mobile Application Development: Web vs. Native, Association for Computing Machinery, Volume 9, Issue 4, April 2011
    5.A standard for standards – Principles of standardization, http://www.bsigroup.com/Documents/standards/bs0-pas0/BSI-BS0-Standard-for-Standards-UK-EN.pdf, BSI Standards Publication, 2011
    6.Biometrics and Standards, ITU-T Technology Watch Report, December 2009
    7.Bob Toth, Putting the U.S. standardization system into perspective: new insights, StandardView Vol. 4, No. 4, December 1996
    8.D. Cracker , "Making standards the IETF Way" in ACM StandardView, Vol.1, No.1, September 1993
    9.David Wright, Should privacy impact assessments be mandatory?, Communications of the ACM , Volume 54 Issue 8, August 2011
    10.Davies, Simon,“Monitor: Extinguishing Privacy on the Information Superhighway”, Pan Macmillan, Sydney, 1996
    11.E-health Standards and Interoperability, ITU-T Technology Watch Report, April 2012
    12.Emre Yildirim, Mobile Privacy: Is There An App For That? On smart mobile devices, apps and data protection, 2012
    13.Hans Löhr, Ahmad-Reza Sadeghi, Marcel WinandySecuring the E-Health Cloud, IHI `10 Proceedings of the 1st ACM International Health Informatics Symposium, 2010
    14.Haris Hamidovic, JOnline: An Introduction to the Privacy Impact Assessment Based on ISO 223, ISACA, Volume 4, 2010, http://www.isaca.org/Journal/Past-Issues/2010/Volume-4/Pages/JOnline-An-Introduction-to-the-Privacy-Impact-Assessment-Based-on-ISO22307.aspx
    15.Heejin Lee, Sangjo Oh, The political economy of standards setting by newcomers:China’s WAPI and South Korea’s WIPI, Telecommunication Policy 32, ScienceDirect, 2008
    16.HL7 Europe Newsletter , May 2013
    17.Ian Reay, Scott Dick, and James Muller, A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations, Transactions on the Web (TWEB) , Volume 3 Issue 2, Article 6, April 2009
    18.Ivo Salmre, Writing Mobile Code: Essential Software Engineering for Building Mobile Applications, Addison-Wesley Professional, 2005
    19.John Martin Ferris, Privacy Impact Assessment, The ISO PIA Standard for Financial Services, Law, Governance and Technology Series , Volume 6, Springer Netherland, 2012
    20.Jonathan A. Morell and Selden Stewart, Standards Development for Information Technology: Best Practices for the United States, StandardView Vol. 4, No. 1, March 1996
    21.Kobayashi, M. and Takeda, K, Information retrieval on the web, ACM Computing Surveys (ACM Press) 32 (2), 2000
    22.Matthias Finkbeiner, Atsushi Inaba, Reginald Tan, Kim Christiansen, Hans-Jürgen Klüppel, The New International Standards for Life Cycle Assessment: ISO 14040 and ISO 14044, The International Journal of Life Cycle Assessment, Volume 11, Issue 2, March 2006
    23.Mobile Applications, ITU-T TechWatch Alert, 1, July 2009
    24.Robert M. Gellman, Can Privacy Be Requlated Effectively on a National Level? Thoughts on the Possible Need for International Privacy Rules, Villanova Law Review, Vol. 41, Iss. 1, Art. 2, 1996
    25.Robert P. Minch, Privacy Issues in Location-Aware Mobile Devices, Proceedings of the 37th Hawaii International Conference on System Sciences, 2004
    26.Ronald Dworkin, Liberty and Liberalism, In Taking Rights Seriously, Cambridge, NA:Harvard University Press, 1977
    27.Serge Egelman, Lorrie Faith Cranor, Abdur Chowdhury, An analysis of P3P-enabled web sites among top-20 search results, August 2006
    28.Shane Greenstein, Victor Stango, Standards and Public Policy, Cambridge University Press, 2007
    29.Shirley Chan, Heejin Lee, Sangjo Oh, An International Mobile Security Standard Dispute: From the Actor—Network Perspective, Designing Ubiquitous Information Environments: Socio-Technical Issues and Challenges, IFIP — The International Federation for Information Processing Volume 185, 2005
    30.Stephen T. Kent, Internet Privacy Enhanced Mail, Communications of the ACM , Volume 36 Issue 8, August 1993
    31.The Inadequacy of Self Regulation within the Internet Behavioral Advertising Industry, Brooklyn Journal of Corporate, Financial & Commercial Law, 7 Brook. J. Corp. Fin. & Com. L. 277, Fall 2012
    32.Warren and Brandeis,“The Right to Privacy”, Harvard Law Review, Vol. IV, December 15, 1890
    33.Warwick Ford, Advances in Public-key Certificate Standards, SIGSAC Review , Volume 13 Issue 3, July 1995

    中文文獻
    1.Web Services的應用與省思,鼎新電腦企業通電子報,第46期,2003年8月。
    2.刁仁國,淺論美國與歐盟《乘客姓名記錄(PNR)協議》對我國國境執法的啟示第一屆「國境安全與人口移動」學術研討會,2007年。
    3.立法院三讀通過「個人資料保護法」,法務部新聞稿,法務部法律事務司,2010年4月27日。
    4.行動上網將成主流,比PC革命更偉大,遠見雜誌2011年1月號 第295期。
    5.李兆國,標準制定組織及標準專利權之爭議,2003年12月。
    6.李震山,電腦處理個人資料保護法之回顧與前瞻,中正法學集刊第14期,2003年12月。
    7.周慧蓮,隱私標準保護爭議之國際化,月旦法學雜誌第104期,2004年1月。
    8.邱文聰,從資訊自決與資訊隱私的概念區分 - 評「電腦處理個人資料保護法修正草案」的結構性問題,月旦法學雜誌No.168,2009年5月。
    9.翁清坤,論個人資料保護標準之全球化,東吳法律學報第22卷第1期,2010年。
    10.財團法人工業技術研究院,經濟部商業交易安全認證前瞻技術研發與應用委外案 網路交易安全問題及企業應變架構之研究期末報告,2009年12月。
    11.財團法人中華民國國家資訊基本建設產業發展協進會,深入國際標準化組織,產業技術標準活絡及推廣委辦計畫,經濟部標準檢驗局,2009年6月。
    12.財團法人資訊工業策進會,符合W3C標準之網頁製作基本指引結構篇 - XHTML1.0,2006年10月。
    13.許孝萱,行動RFID私密性研究,2008年6月。
    14.陳起行,資訊隱私法理探討 - 以美國法為中心,政大法學評論,第64期,2000年12月。
    15.湯亦敏,標準制定組織之智慧財產保護政策及競爭法問題探討,2006年6月。
    16.葉英秋,論個人隱私與公共利益-以警察資料之取得與運用為中心,2008年。
    17.詹文男暨MIC研究團隊,2012資通訊產業發展十大趨勢,財團法人資訊工業策進會產業情報研究所(MIC),2012年。
    18.廖緯民,論搜尋引擎的隱私權威脅,月旦民商法雜誌第24期。
    19.劉靜怡,資訊隱私權保護的國際化爭議 – 從個資保護體制的規範到國際貿易規範的適用,月旦法學雜誌,第86期,2002年。
    20.劉靜怡,網際網路時代的資訊使用與隱私權保護規範:個人、政府與市場的拔河,資訊管理研究第四卷第三期,2002年11月。
    21.樊國禎、黃健誠,「後檯實名,前檯匿名」與隱私架構初探:根基於ISO/IEC 29100:2011-12-15 標準系列,網路通訊國家型科技計畫簡訊,第50期,2013年4月。
    22.蕭文生譯,關於「1983年人口普查法」之判決 - 聯邦憲法法院判決第65輯第1頁以下,西德聯邦憲法法院裁判選輯(一),司法院,1990年10月。

    中文網站部份
    1."金錢損失"和"隱私洩露" 網路安全亂象如何治?,解放日報,2013年2月13日,http://www.ce.cn/cysc/tech/07hlw/guonei/201302/13/t20130213_21336538.shtml。
    2.10萬隱私地雷!近三成Android應用程式越矩取個資,2012年11月5日 ,http://news.cnyes.com/Content/20121105/KFNV4RYTE6QW7.shtml。
    3.2012中華民國電子商務年鑑:環境篇,http://eccommerceenvironment.blogspot.tw/2012/11/blog-post_9665.html。
    4.BS 10012個資保護標準的10大實務作法,http://www.ithome.com.tw/itadm/article.php?c=62797&s=4。
    5.Continua Health Alliance,360°科技,2008年8月4日, http://www.digitimes.com.tw/tw/dt/n/shwnws.asp?CnlID=10&Cat=20&Cat1=&id=100637#ixzz2VE8jkR1D。
    6.Gartner選出2012年十大消費性無線行動應用,2009年12月24日, http://www.ctimes.com.tw/DispNews/tw/LBS/NFC/Gartner/0911241813BO.shtml。
    7.GSMA行動經濟報告:全球行動數據營收於2017年超越語音營收,數位時代網站,2012年2月26日, http://www.bnext.com.tw/article/view/cid/128/id/26698http://www.bnext.com.tw/article/view/cid/128/id/26698。
    8.LBS結合多元行動應用 再創「打卡」新商機,DIGITIMES中文網,2012年1月18日, http://www.digitimes.com.tw/tw/things/shwnws.asp?cnlid=15&cat=10&cat1=15&id=0000268484_MMX5XIBW715TLV5CCR8QW#ixzz2VKFekulW。
    9.TSM平台過關,五銀行卡位搶手機信用卡商機,MoneyDJ 財經知識庫,2013年1月24日,http://www.moneydj.com/kmdj/news/NewsViewer.aspx?a=81b2d9a1-786c-45a2-96b8-d08b5726b294#ixzz2cOJlNSuI。
    10.プライバシーマーク制度,http://privacymark.jp/privacy_mark/about/outline_and_purpose.html。
    11.中美就WAPI申請國際標準達成一致,2009年6月16日,http://news.mydrivers.com/1/137/137274.htm。
    12.王忠,美國網路隱私保護框架之啟示,中國科學基金第2期,頁99~100,http://pub.nsfc.gov.cn/sficcn/ch/reader/view_abstract.aspx?file_no=201302099&flag=1。
    13.加拿大與荷蘭指控WhatsApp侵犯個人隱私,2013年1月29日,http://www.ithome.com.tw/itadm/article.php?c=78611。
    14.行動支付產業鏈 安全環環相扣,2013年4月9日,http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=7393。
    15.洪羿漣,透過認證標章減輕法律風險 因應個資規定 適法性最要緊,2012年9月3日, http://www.netadmin.com.tw/article_content.aspx?sn=1208280009
    16.面對個資風暴 善設資訊管理機制,DAF 2012 個資防護與網路安全應用研討會,2012年8月27日, http://www.digitimes.com.tw/tw/b2b/Seminar/shwnws_new.asp?CnlID=18&cat=99&product_id=051A10816&id=0000299295_IFS1RCXBL6BR1O4ZCN1QZ。
    17.個人資料保護法Q&A-從NFC手機談個人資料的管制(上),2011年10月1日,http://www.is-law.com/post/4/765;個人資料保護法Q&A-從NFC手機談個人資料的管制(中),2011年10月4日,http://www.is-law.com/post/4/766;個人資料保護法Q&A-從NFC手機談個人資料的管制(下),2011年10月7日,http://www.is-law.com/post/4/767。
    18.個資法兩階段施行,經建會網站,2012年10月24日,http://www.cepd.gov.tw/m1.aspx?sNo=0017751&ex=2。
    19.個資法通過 誰有可能成為受惠產業?資安人科技網,2010年6月28日, http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=5786。
    20.財團法人台灣網路資訊中心,2011年IETF第82次台北會議活動說明書, http://www.ietf82.tw/2011_IETF82_Taipei-final-chn.pdf,2011年。
    21.財團法人臺灣網路資訊中心新聞稿,2012年7月9日,http://www.twnic.net.tw/NEWS4/119.pdf。
    22.高易中,以Web技術建立跨行動平台APP, RUN!PC網站,2013年1月9日,http://www.runpc.com.tw/content/content.aspx?id=109324。
    23.許舜喨,以新修正個人資料保護法探討病歷資料之保護,2013年02月18日,http://www.ibmi.org.tw/client/ReportDetail.php?REFDOCTYPID=0lgfj8ve17pfj9w5&REFDOCID=0miejmapz7bntxai。
    24.國家資通安全會報,國際個資保護發展趨勢與標準規範,2012年4月,http://www.icst.org.tw/docs/Fup/%E8%AD%B0%E9%A1%8C%E4%B8%80%EF%BC%9A%E5%9C%8B%E9%9A%9B%E5%80%8B%E8%B3%87%E4%BF%9D%E8%AD%B7%E7%99%BC%E5%B1%95%E8%B6%A8%E5%8B%A2%E8%88%87%E6%A8%99%E6%BA%96%E8%A6%8F%E7%AF%84-%E6%9B%B4%E6%96%B0%E7%89%88.pdf。
    25.許多安卓手機軟體 竊用戶隱私,中央社,2013年3月16日,http://tw.news.yahoo.com/%E8%A8%B1%E5%A4%9A%E5%AE%89%E5%8D%93%E6%89%8B%E6%A9%9F%E8%BB%9F%E9%AB%94-%E7%AB%8A%E7%94%A8%E6%88%B6%E9%9A%B1%E7%A7%81-124426037--finance.html。
    26.虛實緊密結合的SoLoMo時代來臨,你準備好了嗎?http://emf.migosoft.com/case/case122.html。
    27.新版個資法預計10月正式上路,資訊工業策進會新聞中心,2012年8月8日,http://www.iii.org.tw/service/3_1_1_c.aspx?id=1037。
    28.運用個資遮罩,為重要個資穿上金鐘罩- 既保護個資,也讓作業流程不打結,2012年12月19日,http://www.ithome.com.tw/privacylaw/article/77886。
    29.廖珮君,TPIPAS開放輔導權 未來有機會成為國家標準?! 資安人,2012年10月8日, http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=7087。
    30.簡榮宗,追蹤式廣告與個人資料保護的分界,台灣法律網,http://www.lawtw.com/article.php?template=article_content&area=free_browse&parent_path=,1,561,&job_id=186137&article_category_id=200&article_id=107773。

    英文網站部份
    1.A High Level Reference Architecture for Mobile Health, GSMA, March 29, 2012, http://www.gsma.com/connectedliving/wp-content/uploads/2012/03/mobilearchitectureinteractive241111.pdf
    2.Alex Simonelis, A Concise Guide to the Major Internet Bodies, Magazine Ubiquity, Feburary 2005, http://ubiquity.acm.org.autorpa.lib.nccu.edu.tw/article.cfm?id=1071915http://ubiquity.acm.org.autorpa.lib.nccu.edu.tw/article.cfm?id=1071915
    3.Anderson, Chris, The Long Tail, Wired Magazine, 12.10, October 2004, http://www.thelongtail.com/about.html
    4.Andreas U. Schmidt, Nicolai Kuntze, Michael Kasper, On the deployment of Mobile Trusted Modules, http://sit.sit.fraunhofer.de/smv/publications/download/MTM_deployment_paper.pdf
    5.Apple Accused in Suit of Tracking IPad, IPhone User Location , April 26, 2011, http://www.bloomberg.com/news/2011-04-25/apple-accused-in-suit-of-tracking-ipad-iphone-user-location-1-.html
    6.Apple Beefs Up Privacy Protections In iOS 7, June13, 2013, http://www.mediapost.com/publications/article/202222/apple-beefs-up-privacy-protections-in-ios-7.html#ixzz2W4zRaWQr
    7.Apple Sneaks A Big Change Into iOS 5: Phasing Out Developer Access To The UDID, August 19, 2011, http://techcrunch.com/2011/08/19/apple-ios-5-phasing-out-udid/
    8.Armin Hornung, Gleb Krivosheev, Noor Singh, Jeff Bilger, Standards War, CSEP 590A: History of Computing, Autumn 2006, http://www.cs.washington.edu/education/courses/csep590/06au/projects/standards-wars.pdf
    9.Bill would put mobile app vendors on the hook for privacy in US, May 10, 2013, http://www.computerworlduk.com/news/networking/3446597/bill-would-put-mobile-app-vendors-on-the-hook-for-privacy/
    10.Boris Segalis, Mobile Location Privacy Opinion Adopted by Europe’s WP29, May 19, 2011, http://www.infolawgroup.com/2011/05/articles/data-privacy-law-or-regulation/mobile-location-privacy-opinion-adopted-by-europes-wp29/
    11.CEN BOSS(Business Operations Support System), http://www.cen.eu/boss/supporting/Guidance%20documents/GD026%20-%20Standards%20and%20Regulations/Pages/default.aspxhttp://www.ithome.com.tw/itadm/article.php?c=78611
    12.Chantal Tode, FTC wants mobile firms to do more to protect consumer privacy, February 5, 2013, http://www.mobilemarketer.com/cms/news/legal-privacy/14723.html
    13.Chris Brook, FTC Endorses New Privacy Guidelines, Do Not Track for Mobile Apps, Devices, February 4, 2013 , http://threatpost.com/ftc-endorses-new-privacy-guidelines-do-not-track-mobile-apps-devices-020413/
    14.http://clicktoverify.truste.com/pvr.php?page=validate&url=www.travelzoo.com&sealid=102&lang=zh-tw
    15.Cloud Security Alliance Announces Key Initiative in Development of Cloud Security Standards in Partnership with ISO/IEC, 2011 CSA Press Release, April 20, 2011, https://cloudsecurityalliance.org/csa-news/key-initiative-in-development-of-cloud-security-standards-in-partnership-with-isoiec/
    16.Colin Bennett, An International Standard for Privacy Protection: Objections to the Objections, Jurisdiction II: Global Networks/Local Rules, Internet Law and Policy Forum, September 11~12, 2000, http://www.ilpf.org/events/jurisdiction2/presentations/bennett_pr/#f2
    17.Colleen Frye, A look at the W3C’s mobile Web application best practices, January 2011, http://searchsoa.techtarget.com/tip/A-look-at-the-W3Cs-mobile-Web-application-best-practices
    18.Daneil Castro, Benefits and Limitations of Industry Self-Regulation for Online Behavioral Advertising, The Information Technology & Innovation Fundation, December 2011, http://www.ntia.doc.gov/files/ntia/2011-self-regulation-online-behavioral-advertising.pdf
    19.Durlak, Jerry, “Privacy and Security”, Communication for Tomorrow, http://renda.colunato. yorku.ca/com4tomo/1296.html
    20.European data protection authorities publish their joint opinion on mobile apps, Press Release, ARTICLE 29 DATA PROTECTION WORKING PARTY, 14 March, 2013, http://ec.europa.eu/justice/data-protection/article-29/press-material/press-release/art29_press_material/20130314_pr_apps_mobile_en.pdf
    21.First California lawsuit over mobile privacy issues crashes, May14, 2013, http://www.computerworlduk.com/news/public-sector/3447146/first-california-lawsuit-over-mobile-privacy-issues-crashes/?intcmp=rel_articles;ntwrkng;link_1
    22.First FTC Privacy Action Against Mobile App Publisher Alleging COPPA Violation Results in $50,000 Settlement, August 2011, http://digilaw.edwardswildman.com/blog.aspx?entry=3813 15
    23.FTC Staff Issues Privacy Report, Offers Framework for Consumers, Businesses, and Policymakers, December 1, 2010, http://www.ftc.gov/opa/2010/12/privacyreport.shtm
    24.FTC Staff Report Recommends Ways to Improve Mobile Privacy Disclosures, Released by FTC, Feburary 1, 2013, http://www.ftc.gov/opa/2013/02/mobileprivacy.shtm
    25.Galen Gruman, http://www.infoworld.com/d/mobile-technology/3-easy-steps-more-secure-iphone-or-ipad-204930, October 16, 2012
    26.Gartner Highlights Top Consumer Mobile Applications and Services for Digital Marketing Leaders, October 11, 2012, http://www.gartner.com/newsroom/id/2194115
    27.Geolocation API Specification, http://dev.w3.org/geo/api/spec-source.html#security
    28.Geolocation Privacy Legislation, April 10, 2013, http://www.gps.gov/policy/legislation/gps-act/
    29.GlobalPlatform and TCG to work on mobile security standards, July 3, 2012 http://www.nfcworld.com/2012/07/03/316640/globalplatform-and-tcg-to-work-on-mobile-security-standards/
    30.Google Calls for International Standards on Internet Privacy, September 15, 2007, http://www.washingtonpost.com/wp-dyn/content/article/2007/09/13/AR2007091302248.html
    31.Hannes Tschofenig, Henning Schulzrinne, Andrew Newton, Jon Peterson, Allison Mankin, Siemens Networks GmbH Co KG, The IETF Geopriv and Presence Architecture Focusing on Location Privacy, October 18, 2006, http://www.w3.org/2006/07/privacy-ws/papers/26-tschofening-geopriv/
    Hans J. Kleinsteuber, Self-regulation, Co-regulation, State Regulation, http://www.osce.org/fom/13844
    34.How Mobile Apps are Invading Your Privacy Infographic, May 31, 2012, http://www.veracode.com/blog/2012/05/how-mobile-apps-are-invading-your-privacy-infographic/
    35.How secure is your personal health information? ISO provides guidelines for health care organizations, ISO news, September 29, 2004, http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref934
    36.http://ec.europa.eu/justice/data-protection/document/international-transfers/binding-corporate-rules/index_en.htm
    37.http://en.wikipedia.org/wiki/Privatus
    38.http://isotc.iso.org/livelink/livelink?func=ll&objId=8862396&objAction=browse&sort=name
    39.http://standards.ieee.org/develop/
    40.http://uddi.xml.org
    41.http://welcome.hp.com/country/tw/zh/privacy/p3p_popup.html
    42.http://www.bsigroup.tw/;http://www.bsigroup.com
    43.http://www.cgmopen.org
    44.http://www.dcml.org
    45.http://www.ehealth.scot.nhs.uk/
    46.http://www.gs1tw.org/twct/web/gs1_wordshowdetail.jsp?MID=DT200606068
    47.http://www.gsma.com
    48.http://www.hl7.org.tw/about.htm
    49.http://www.hl7.org/implement/standards/index.cfm?ref=nav
    50.http://www.hl7.org/implement/standards/nocost.cfm
    51.http://www.ietf.org
    52.http://www.iso.org
    53.http://www.iso.org/iso/home/standards_development/list_of_iso_technical_committees/jtc1_home/jtc1_sc37_home.htm
    54.http://www.itu.int
    55.http://www.itu.int/en/ITU-T/about/groups/Pages/sg17.aspx
    56.http://www.legalxml.org
    57.http://www.mefmobile.org/about-mef
    58.http://www.mefmobile.org/activities-and-analytics/analytics/global-privacy-survey-2013
    59.http://www.mefmobile.org/Regions/north-america/MEF_NA_mcommerce_Steering_Committee/ASC_X9
    60.http://www.mefmobile.org/Regions/north-america/MEF_NA_mcommerce_Steering_Committee/webinar-driving-mobile-security-standards-in-m-commerce
    61.http://www.oasis-pki.org/
    62.http://www.rsa.com/rsalabs/node.asp?id=2306
    63.http://www.tpipas.org.tw
    64.http://www.truste.com/consumer-privacy/about-oba/
    65.http://www.trustedcomputinggroup.org/about_tcg
    66.http://www.w3.org/
    67.http://www.w3.org/2005/10/Process-20051014/tr
    68.http://www.w3.org/TR/mwabp/
    69.http://www.w3.org/TR/ws-arch/#whatis
    70.https://cloudsecurityalliance.org/research/mobile/
    71.https://www.oasis-open.org
    72.https://www.pcisecuritystandards.org
    73.https://www.x9.org/about/
    74.Industry Renews Plea To Keep "Do Not Track" Off By Default, April 29, 2013, http://www.adexchanger.com/online-advertising/industry-renews-plea-to-set-do-not-track-off-by-default/
    75.Inside iOS 5: privacy change kills app developers` access to UDID, 19 August, 2011, http://appleinsider.com/articles/11/08/19/inside_ios_5_privacy_change_kills_app_developers_access_to_udid
    76.ISO 22857:2004, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=36522
    77.ISO/IEC 15944-8:2012(E) Information technology — Business Operational View — Part 8: Identification of privacy protection requirements as external constraints on business transactions, first edition 2012/04/01
    78.ISO/IEC 24745:2011, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=52946
    79.ISO/IEC 24760, first Edition 2011/12/15, http://webstore.iec.ch/preview/info_isoiec24760-1%7Bed1.0%7Den.pdf
    80.ISO/IEC 24760-1:2011, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=57914
    81.ISO/IEC 27018, http://www.iso27001security.com/html/27018.html
    82.ISO/IEC 29100:2011, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=45123
    83.ISO/IEC 29176 Information technology — Mobile item identification and management — Consumer privacy-protection protocol for Mobile RFID services, first edition 2011/10/15
    84.ISO/IEC 29176:2011, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=45255
    85.ISO/IEC 29187-1 ed1.0, Information technology -- Identification of privacy protection requirements pertaining to learning, education and training (LET) -- Part 1: Framework and reference model
    86.ISO/IEC 29187-1:2013, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=45266
    87.ISO/IEC Directives Supplement — Procedures specific to JTC 1, First edition, 2010
    88.ISO/IEC Directives, Part 1, Ninth edition, 2012, http://www.iec.ch/members_experts/refdocs/iec/isoiecdir-1%7Bed9.0%7Den.pdf
    89.ISO/IEC JTC 1/SC 6 Telecommunications and information exchange between systems
    90.ISO/TC 68 Financial services, http://www.iso.org/iso/iso_technical_committee.html?commid=49650
    91.ISO/TR 12859:2009, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=52052
    92.ISO/TS 13582:2013, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54037
    93.ISO/TS 21547:2010, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=44479
    94.ISO/TS 25237:2008, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=42807
    95.Jason Cipriani, How to control Your Privacy Settings on iOS 6, http://howto.cnet.com/8301-11310_39-57507698-285/how-to-control-your-privacy-settings-on-ios-6/, September 19, 2012
    96.Jim Brock, Do Not Track arrives for mobile apps, courtesy of Apple and Google (really) , September 27, 2012 , http://blog.privacychoice.org/2012/09/27/do-not-track-arrives-for-mobile-apps-courtesy-of-apple-and-google-really/
    97.John J. Altorelli and Amy L. Rosenberg , California Enacts Nation’s First State Online Privacy Protection Act, December 2003, http://www.paulhastings.com/Resources/Upload/Publications/256.pdf
    98.Kai Rannenberg , A framework for identity management (ISO/IEC 24760) , Mobile Business & Multilateral Security, June 2006, http://fg-secmgt.gi.de/fileadmin/gliederungen/fb-sec/Workshops_neu/WS_2012-06_IdentityMgmt/6_Rannenberg_framework_for_identity_management.pdf
    Katy Bachman, What Exactly Does `Do Not Track` Mean? Digital Advertising Alliance is fighting misinformation, May 6, 2013, http://www.adweek.com/news/technology/what-exactly-does-do-not-track-mean-149149
    99.Location-based mobile services are profiting but need to do more to ease privacy fears, March 22, 2013, http://www.computerworlduk.com/news/mobile-wireless/3346389/location-based-mobile-services-are-profiting-but-need-ease-privacy-fears/
    Mathew J. Schwartz, W3C Proposes Do Not Track Privacy Standard, November 14, 2011, http://www.informationweek.com/security/privacy/w3c-proposes-do-not-track-privacy-standa/231902974
    100.MEF joins ASC X9 to develop essential standards for advancing Mobile Commerce (M-Commerce) in the US, May 10, 2011, http://www.mefmobile.org/News/mef-news/21/mef-joins-asc-x9-to-develop-essential-standards-for-advancing-mobile-commerce-m-commerce-in-the-us
    101.MEF launches App Privacy Initiative to build Consumer Trust around User Data Collection , April 25, 2012, http://www.mefmobile.org/News/mef-news/197/mef-launches-app-privacy-initiative-to-build-consumer-trust-around-user-data-collection
    102.MEF tackles Mobile Threats and Security implications as next phase of its m-Commerce Initiative, May 14, 2012, http://internetretailing.net/2012/05/mef-tackles-mobile-threats-and-security-implications-as-next-phase-of-its-m-commerce-initiative/
    103.Mike Clendenin, ISO rejects China`s WLAN standard, December 3, 2006, http://www.eetimes.com/electronics-news/4059133/ISO-rejects-China-s-WLAN-standard
    104.Minutes of JTC1 Ad Hoc Meeting, January 19, 2012, https://mentor.ieee.org/802.11/dcn/12/11-12-0199-00-0jtc-jacksonville-minutes-jan-2012.doc
    105.Mobile and Privacy, GSM Association 2012, February 2012, http://www.gsma.com/publicpolicy/wp-content/uploads/2012/03/gsmaprivacydesignguidelinesformobileapplicationdevelopmentv1.pdf
    Mobile App Developers: Start with Security, February 2013,
    http://business.ftc.gov/documents/bus83-mobile-app-developers-start-security
    106.Mobile Apps Developer Settles FTC Charges It Violated Children`s Privacy Rule, August 15, 2011, http://www.ftc.gov/opa/2011/08/w3mobileapps.shtm
    107.Mobile Privacy Disclosures:Building Trust Through Transparency , FTC Staff Report, February 2013, http://www.ftc.gov/os/2013/02/130201mobileprivacyreport.pd
    108.Mobile Web Standards (OMA, BONDI, GSMA OneAPI, HTML5), https://developer.att.com/developer/tierNpage.jsp?passedItemId=2400412
    109.Opinion 02/2013 on apps on smart devices, ARTICLE 29 DATA PROTECTION WORKING PARTY, Adopted on February27, 2013, http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2013/wp202_en.pdf
    110.P3P and Privacy:An Update for the Privacy Community, March 2009, http://www.ipc.on.ca/images/Resources/p3p.pdf
    111.Paper, Plastic... or Mobile? An FTC Workshop on Mobile, March 2013, Paymentshttp://www.ftc.gov/os/2013/03/130306mobilereport.pdf
    112.Pareto principle, http://www.businessdictionary.com/definition/Pareto-principle.html
    113.PCI Mobile Payment Acceptance Security Guidelines for Developers, September 2012, https://www.pcisecuritystandards.org/documents/Mobile_Payment_Security_Guidelines_Developers_v1.pdf
    114.PCI Security Standards Council Releases Gudiance for Merchants on Mobile Payment Acceptance Security, February 14, 2013, https://www.pcisecuritystandards.org/pdfs/13_02_13_Mobile_Press_Release.pdf
    115.Peter Fleischer , The need for global privacy standards, September 14, 2007, http://portal.unesco.org/ci/fr/files/25452/11909026951Fleischer-Peter.pdf/Fleischer-Peter.pdf
    116.Privacy Requirements for Mobile Services, Approved Version 1.0.1 – 07 Aug 2007, http://technical.openmobilealliance.org/technical/release_program/docs/Privacy/V1_0-20070807-A/OMA-RD-Privacy-V_1_0_1-20070807-A.pdf
    117.Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), Brussels, 25.1.2012, COM(2012) 11 final, http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf
    118.Rockefeller Reintroduces, Do Not Track Act Privacy heats up again in Congress , Febuary 28, 2013, http://www.adweek.com/news/technology/rockefeller-reintroduces-do-not-track-act-147610
    119.Ron Kim, Trusted Platform Module and Privacy:Promises and Limitations, http://www.cs.auckland.ac.nz/compsci725s2c/archive/termpapers/skim.pdf
    120.Rajnish Tiwari1, Stephan Buse and Cornelius Herstatt, From Electronic to Mobile Commerce: Technology Convegence Enables Innovative Business Services, http://www.mobile-prospects.com/publications/files/E2M-Commerce.pdf
    121.Richard Santalesa , W3C Publishes Draft “Do-Not-Track” Standard, November 18, 2011, http://www.infolawgroup.com/2011/11/articles/privacy-law/w3c-publishes-draft-donottrack-standards/
    122.S. Thrum and Y. Kane, Your Apps are Watching You, Wall Street Journal, http://online.wsj.com/, 2010
    123.Scott Bradner, IETF Structure and Internet Standards Process, 62nd IETF, March 2005, http://www.ietf.org/newcomers.html
    124.Standards for Web Applications on Mobile: current state and roadmap, May 2012, http://www.w3.org/2012/05/mobile-web-app-state/
    125.The History of the Do Not Track Header, January 21, 2011, http://paranoia.dubfire.net/2011/01/history-of-do-not-track-header.html
    126.TECH SENSE: What “Do Not Track” Means for Advertisers, February 21, 2013, http://blog.pointroll.com/aducation/tech-sense-what-do-not-track-means-for-advertisers/
    127.ITU-T Report, “Measuring and Reducing the Standards Gap” , December 4, 2009, http://itu.int/en/ITU-T/gap
    128.The Application Privacy, Protection, and Security (APPS) Act of 2013 (Discussion Draft), http://hankjohnson.house.gov/sites/hankjohnson.house.gov/files/documents/APPS_Act_Key_Provisions.pdf
    129.The APPS Act – a proposal to protect users’ mobile privacy, May 17, 2013, http://www.infosecurity-magazine.com/view/32482/the-apps-act-a-proposal-to-protect-users-mobile-privacy/
    130.The New Firefox Cookie Policy, Feburary 22, 2013, http://webpolicy.org/2013/02/22/the-new-firefox-cookie-policy/
    131.The Rise of China in Technology Standards: New Norms in Old Institutions, January 16, 2013, http://origin.www.uscc.gov/sites/default/files/Research/RiseofChinainTechnologyStandards.pdf
    132.Tracking Preference Expression (DNT), W3C Working Draft, April 30, 2013, http://www.w3.org/TR/2013/WD-tracking-dnt-20130430/
    133.United States of America (For the Federal Trade Commission), Plaintiff, v. Path, Inc., Defendant (United States District Court for the Northern District of California, San Francisco Division), Case No. C 13 0448, FTC File No. 122 3158, http://www.ftc.gov/opa/2013/02/path.shtm
    134.United States of America, Plaintiff v. W3 Innovations, LLC, also d/b/a Broken Thumbs Apps, and Justin Maples, individually and as an officer of W3 Innovations, LLC, Defendants (United States District Court for the Northern District of California) Case No. CV-11-03958-PSG, FTC File No. 102 3251, http://ftc.gov/os/caselist/1023251/
    135.US regulators probe mobile app developing firms over violation of children`s privacy, http://appdev.cbronline.com/news/us-regulators-probe-mobile-app-developing-firms-over-violation-of-childrens-privacy-111212, December 11, 2012
    136.W3C Workshop: Do Not Track and Beyond, November 26~27, 2012, http://www.w3.org/2012/dnt-ws/report
    137.Why Europe’s Do Not Track stance could spark a trade war, March 22, 2013, http://lastwatchdog.com/europes-track-stance-spark-trade-war/
    138.http://www.sans.org/reading-room/whitepapers/privacy/comparison-online-privacy-seal-programs-685
    139.Xinwen Zhang, Onur Acıiçmez, and Jean-Pierre Seifert, A Trusted Mobile Phone Reference Architecture via Secure Kernel, 2007, http://profsandhu.com/zhang/pub/zhang-stc07.pdf
    Description: 碩士
    國立政治大學
    法學院碩士在職專班
    99961011
    101
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0099961011
    Data Type: thesis
    Appears in Collections:[法學院碩士在職專班] 學位論文

    Files in This Item:

    File SizeFormat
    101101.pdf1191KbAdobe PDF21093View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback