Content

WP installs solar panels to generate 18% of our energy needs

This weekend we successfully installed solar panels on our roof and once we get the all clear, will begin generating our own power later this month. The panels cover approximately 23 ping (76 square meters), or roughly half the available roof space. The panels are capable of generating 13,000 kilowatt hours of electricity annually.

According to estimates by our Green Office team, this is equivalent to around 18% of our own energy needs. The panels will help us reduce our carbon footprint, as well as lowering our reliance on other energy sources. Any energy that we do not use will be sold back to the grid, so other energy users in Taiwan will benefit too. Of course, the actual amount of energy produced will depend on the number of sunny days we receive.

So, in future, the energy you use may have been generated on our roof, and our hope is that more businesses will install solar power to meet their own and others’ needs. Our commitment to install solar panels is one of Winkler Partners’ 2017 Oath of Actions for 1% for the Planet.

How does Taiwan’s Fair Trade Commission define the relevant market?

This article is the second installment in our FAQ on merger control in Taiwan (Here you can read part one).  Here, we set out in broad brush strokes the factors and methodologies that the Fair Trade Commission (the “FTC”) and Taiwan courts use to determine the relevant market in horizontal merger cases.

The Fair Trade Act (the “FTA”) defines the relevant market with respect to any particular product or service as the geographic area or scope in which firms compete with respect to such product or service.  In 2015, the FTC issued relevant market definition guidelines (the “Taiwan Guidelines”) based on the European Union’s Commission Notice on the Definition of the Relevant Market for the Purposes of Community Law, the United States’ Federal Trade Commission’s 2010 Horizontal Merger Guidelines, and the FTC’s own past cases.[1]

According to the Taiwan Guidelines, demand substitution is the primary market constraint that the FTC evaluates in its analysis of relevant markets; however, the FTC may also evaluate supply substitution as part of its analysis.

The FTC evaluates the effect of these competitive constraints to define the relevant market both in terms of the nature of the product or service being offered and the geographic sales area of such product or service.  The Taiwan Guidelines separately list the factors used to assess (i) product or service scope and (ii) the appropriate geographic sales area.  However, these factors are largely the same and are each aimed at providing information as to the substitutability of a product or service within a geographic area.  According to the Taiwan Guidelines when establishing the appropriate relevant market, the FTC will typically consider a variety of factors, including:

  1. the general nature of the product or service and its use;
  2. views of customers and competitors regarding substitutability of the product or service generally and specifically within a particular geographic area;
  3. historical data on past substitution of similar products or services;
  4. the cross-price elasticity of demand;
  5. effects of price variation generally, the effect of price changes in different regions and related transportation costs between such regions, and the diversion of orders to other geographic areas in response to price changes; and
  6. costs to customers associated with switching to different products, including ease with which customers can obtain products from different regions and transaction costs for customers purchasing products from different regions.

When assessing the considerations listed above, the FTC employs familiar qualitative and qualitative analysis methodologies including (i) reasonable interchangeability of use; (ii) the hypothetical monopolist test (and the related concept of a small but significant non-transitory increase in price); and (iii) cross elasticity of demand measurements.  It is important to note, however, that the FTC emphasizes that it may use other tests depending on the particular circumstances of each case.

In most cases, we recommend that the best practical approach to determining the relevant market in Taiwan for any particular product or service is to begin by analyzing the relevant market as if preparing for an antitrust inquiry in the United States or the European Union.  However, each case is unique and we strongly recommend anyone contemplating a business combination that may impact the Taiwan market to contact us to get more specific advice as to how the relevant market should be defined for the purposes of (i) determining whether a Taiwan merger control filing is required and (ii) making any such filings, if required.

For more information on mergers and acquisitions in Taiwan, please contact Gregory A. Buxton at gbuxton@winklerpartners.com.


[1] 公平交易委員會對於相關市場界定之處理原則.   No English translation available.

Taiwan labor law amendments: five key takeaways for employers

In December 2016, Taiwan’s Legislative Yuan made controversial amendments to the Labor Standards Act (the “LSA”) in order to implement a five-day work week and protect employees’ annual leave rights. In order to further clarify how employers can comply with these new laws in practice and to deal with some commonly raised concerns, the Ministry of Labor made various amendments to the Enforcement Rules of the LSA (the “Rules”) which were announced and put into effect in June 2017.

Five of these key amendments most pertinent to employers are:

(1) Working hours on flexible rest days are expressly treated as overtime

In line with recent amendments to the LSA regarding flexible rest days, working hours on rest days are expressly treated as overtime.

(2) Itemization of pay slips and ways of providing pay slips to employees

Employers must provide a detailed itemization of employees’ pay slips, including the employee’s total base salary as agreed upon between the employer and employee, the amount of each item which makes up the employee’s total base salary, any deductions which are required by law or by mutual agreement between the employer and employee, and the actual payment amount. When employers are required to provide employees’ pay slips, they can choose to provide hard copies, send the information electronically, or provide some other means for employees to access and print the information at any time.

(3) Acceptable methods of recording employee work attendance

In order to clarify how employers can record employees’ work attendance and comply with relevant laws, the amendments to the Rules now list the following as acceptable methods of recording employee attendance for both employers and employees to follow:  attendance books, attendance cards, swipe card machines, entry access cards, biometric identification systems, and computer attendance record systems.

(4) Relaxation of the period within which annual leave must be used

While employees’ annual leave is provided based on years of service and calculated from each employee’s on-board date, the period within which accumulated annual leave must be used has now been relaxed. The period must be mutually agreed upon between the employer and employee, and can be based on service years, calendar years, school years, fiscal years, or any other kind of annual system agreed upon between the employer and employee. Furthermore, employers must inform employees that they can arrange their annual leave and their annual leave entitlements within 30 days of the employee being eligible for annual leave.

(5) Calculation and payment of wages in respect of unused annual leave

Where an employee’s service year ends (if applicable) or where their employment contract is terminated, one day’s regular wages must be paid for each day of unused annual leave remaining. An employee’s “daily wage” is based on their regular working hours and wage at the time one day prior to the end of their service year or termination of their employment contract. Where an employee is paid monthly, “daily wage” is based on their regular working hours and wage at the time one month prior to the end of their service year or termination of their employment contract, divided by 30.

Employers can pay this amount either on the employee’s regular pay day, or within 30 days of the end of the employee’s service year. In the case of termination, the amount should be paid to the employee immediately.

Employers should notify their employees of their annual leave entitlements and the total amount to be paid in respect of unused annual leave on an annual basis, and should record this information in each employee’s salary roll. Employees should be notified in writing, electronically, or be provided with some means to access and print out the information, prior to the period when wages are usually paid each year.

For more information on Taiwan employment matters, please contact Christine Chen at cchen@winklerpartners.com or on +886 (0) 2 2311 8307.

Winkler Partners seeks Paralegal/Legal Consultant

Winkler Partners Attorneys at Law of Taiwan and Foreign Legal Affairs is seeking a full-time paralegal/legal consultant to assist our Taiwan lawyers in advising foreign clients and other related tasks, including:

  1. Assisting the firm’s employment, corporate and intellectual property teams in providing accurate and practical advice and recommendations to our clients.
  2. Helping colleagues understand the full cultural context of our foreign clients’ legal needs and questions.
  3. Drafting, reviewing and editing emails, agreements, legal memoranda, reports, and other documents.
  4. Conducting research into Taiwan laws, regulations, current events and changes in the legal landscape.
  5. Attending court hearings, client meetings and conference calls, as well as participating in local and international events and educational activities on behalf of the firm.
  6. Assisting legal staff on other matters as the opportunity or need arises.

Requirements

  1. A willingness to learn about Taiwan law and a general understanding of Taiwan’s legal system.
  2. Relevant work experience in the legal industry either in Taiwan or abroad or a keen interest in the law and legal affairs.
  3. Strong communication/interpersonal skills and an open mind.
  4. Strong English skills equivalent to that of a native speaker, with at least intermediate or advanced spoken Mandarin Chinese, including listening and reading abilities.
  5. Experience working in a multicultural or multilingual environment is preferred.
  6. Can work individually or as part of a team.
  7. A general interest in Taiwan’s social and current affairs.
  8. Experience with document and client management tools and applications is a plus.
  9. While admission to the bar is not required, legal training or experience is a plus.

Please send a current resume and one-page cover letter outlining why you believe you are an ideal candidate for this role to personnel@winklerpartners.com.

Exenciones a los requisitos para el permiso de trabajo en Taiwán: El Mecanismo de Consulta

This is a Spanish translation of our English article “Exemptions to Taiwan’s work permit requirements: the Consultation Mechanism”, which you can find here.
Esta es la traducción al español de nuestro artículo en inglés “Exemptions to Taiwan’s work permit requirements: the Consultation Mechanism”, el cuál se encuentra disponible aquí.

Los requisitos para la obtención del permiso de trabajo en Taiwán pueden ser un tanto inflexibles, sin embargo, existen algunas exenciones disponibles para dos de los cuatro requisitos: ingresos/capitalización mínima del empleador y experiencia laboral mínima del empleado (adquirida después de la culminación de los estudios universitarios).

Los Requisitos Básicos

La mayoría de los profesionales extranjeros en Taiwán, fuera de los que trabajan como profesores, corresponden a la Clase A (profesionales o técnicos).

Para contratar a empleados extranjeros bajo la Clase A, el posible empleador del candidato extranjero debe aplicar a un permiso de trabajo ante la Agencia de Desarrollo del Empleo (“WDA” por sus siglas en inglés) bajo la tuición del Ministerio de Trabajo.

En general, cuatro requisitos básicos deben ser cumplidos:

  1. ingresos /capitalización del empleador;
  2. nivel académico/experiencia laboral del empleado;
  3. trabajo profesional o técnico; y
  4. salario mensual mínimo de NT$47,971

Existen exenciones tanto para el requisito de ingresos/capitalización del empleador como para el de educación/experiencia del empleado. Estas exenciones no son disponibles para trabajos que no formen parte del alcance del trabajo profesional o técnico. Tampoco existen exenciones al salario mensual mínimo de NT$47,791 para profesionales extranjeros que posean títulos de universidades extranjeras (no taiwanesas).

Requisito de ingresos/capitalización

Para contratar a un profesional extranjero en la Clase A, el empleador debe ser una empresa nueva con un capital registrado de NT$ 5 millones o una empresa existente con ingresos (del último año fiscal) de NT$ 10 millones (o ingresos promedios de NT$ 10 millones durante los últimos tres años).

Requisito de nivel académico y experiencia laboral

En general, para ser contratado, un empleado extranjero debe tener un diploma universitario y dos años de experiencia laboral relacionada al trabajo por el cual se lo pretende contratar. La experiencia laboral debe ser aquella adquirida después de la culminación de los estudios universitarios.

Exenciones

Las exenciones disponibles corresponden a lo que el Ministerio de Trabajo denomina el “Mecanismo de Consulta” .

Si un empleador no llega a cumplir con el requisito de ingresos/capitalización mínima, el empleador debe adjuntar este formulario (en chino) a la aplicación de permiso de trabajo del empleado.

Si el candidato no llega a tener los dos años de experiencia laboral relacionada al trabajo que se lo pretende contratar, el empleador debe adjuntar este formulario (en chino) a la aplicación de permiso de trabajo del empleado.

Favor tomar en cuenta que los candidatos extranjeros por lo general no pueden aplicar a permisos de trabajo o a las exenciones por su cuenta. El empleador es el que debe aplicar por el permiso para contratar al candidato.

Alta tasa de aprobación

Las exenciones bajo el Mecanismo de Consulta han estado disponibles desde el 2010. Estadísticas parciales del WDA muestran que las exenciones son otorgadas a la mayoría de las aplicaciones. Desde el 2010 al 2015, 176 empleadores aplicaron a la exención del requisito de ingreso/capitalización mínima. De éstas, 156 (89%) han sido aprobadas. De forma similar, durante el mismo periodo, 50 empleadores aplicaron a la exención del requisito de experiencia laboral mínima de dos años. De éstas, 47 fueron aprobadas, alcanzando así una tasa de aprobación del 94%.

Pese a que las tasas de aprobación son altas, el número de aplicaciones es sorprendentemente bajo. Esto puede deberse a que hasta hace algún tiempo el WDA no tenía una guía clara sobre el Mecanismo de Consulta ni en inglés ni en chino.

EZ WORK Taiwán: Información sobre el Mecanismo de Consulta y Permisos de Trabajo en general

Como mencionamos anteriormente, el WDA no tenía un mecanismo directo y eficaz para transmitir información. Sin embargo, a finales de 2016, el WDA añadió una nueva sección a su página web EZWORK Taiwán, la cual proporciona información completa sobre el Mecanismo de Consulta en chino e inglés. Candidatos profesionales extranjeros pueden familiarizarse con el Mecanismo de Consulta en inglés aquí. Dado que es muy probable que el departamento de recursos humanos de las empresas taiwanesas no tenga familiaridad con el Mecanismo de Consulta, los candidatos pueden remitir a sus posibles empleadores a la misma información en chino aquí.

De forma general, la página EZ WORK Taiwán proporciona información completa en inglés y chino para la obtención de permisos de trabajo para trabajos profesionales y técnicos de la Clase A y también para otras clases de permisos de trabajo profesional incluyendo aquéllos para profesores, artistas e intérpretes. Reiteramos que remitir a los posibles empleadores a la versión en chino de la página puede ser de mucha ayuda especialmente si es la primera vez que la empresa contrata a un empleado extranjero.

Reglas especiales para graduados de universidades taiwanesas y empleados de algunas empresas emergentes (startups)

Cabe mencionar que existen reglas especiales para graduados extranjeros de universidades taiwanesas y empleados de algunas startups que cumplen ciertos requisitos (“startups calificadas”). Estas reglas especiales se encuentran fuera del alcance de este artículo pero más información sobre el Sistema de Puntaje para graduados extranjeros de universidades taiwanesas se la puede encontrar aquí. Empleados de startups calificadas no están sujetos al requisito de experiencia de trabajo mínima de dos años.

Amendments to Trade Secrets Act proposed

The Taiwan Intellectual Property Office (“TIPO”) has recently held a series of public hearings on proposed amendments to Taiwan’s Trade Secrets Act (the “Act”). The amendments under discussion include provisions that would give foreign corporations standing to bring private prosecutions for trade secret misappropriation and extend trade secret protection to foreign nationals from jurisdictions that are parties to multilateral treaties. Participants in the hearings also took the opportunity to urge that a mechanism be created to redact sensitive parts of judgments and that the Act address fair competition issues in trade secret protection.

Private Prosecutions and Scope of Trade Secret Protection

Currently foreign corporations without a presence in Taiwan do not have standing to file criminal complaints or private prosecutions for trade secret misappropriation.[1] The TIPO has proposed adding a new Article 13-5 to the Trade Secrets Act that would create a statutory exception permitting such private prosecutions.

The TIPO has also proposed amending Article 15 of the Act to extend trade secret protection to jurisdictions that are members of multilateral treaties to which Taiwan is also a party. Since Taiwan is a member of the WTO, this amendment would extend trade secret protection to businesses from other WTO member jurisdictions. Article 15 currently provides that Taiwan’s protection of trade secrets extends to those jurisdictions whose laws protect Taiwanese trade secrets. The draft amendment of Article 15 clarifies that such laws need not be statutory laws. In other words, if a jurisdiction’s case law protects Taiwanese trade secrets, Taiwan trade secret protection would reciprocally protect trade secrets from that jurisdiction.

Access to Confidential Information

The Act currently permits a judge to issue a protective order restricting access to party filings during litigation. A judge can also order closed hearings to protect trade secrets. The TIPO is proposing a new Article 13-6 that would give prosecutors similar powers during the investigative proceedings that precede an indictment. This amendment has been controversial and it is unclear whether the TIPO will revise its draft of 13-6 or abandon it entirely.

Judgements and Fair Competition

In addition to the amendments proposed by the TIPO, participants in the hearings also discussed whether there should be a mechanism to allow parties to trade secret litigation to comment on judgments before they issue. Proponents of this mechanism take the view that the court should consider the views of the parties as to whether a judgment discloses confidential information before the judgment is published. Such a mechanism could ultimately lead to partial redactions of published judgments to avoid disclosures.

Others at the hearings recommended adding language to the Act prohibiting competitors from obtaining trade secrets by means of coercion, incentives, or other unfair means. A similar prohibition in the Taiwan Fair Trade Act was removed in 2015.

Future Developments

The proposed amendments to the Act reflect the continuing concerns that Taiwanese technology companies have about the adequacy of Taiwan’s trade secret protection. The TIPO will now consider the views expressed during the hearings with a view to revising the proposed amendments prior to submitting them to the Executive Yuan for approval. If approved by the Executive Yuan, a bill will be introduced to the legislature where lawmakers may make further changes before enacting or rejecting the bill.

We recommend that businesses concerned with trade secret protection in Taiwan monitor these amendments as they make their way through the legislative process. There will be further opportunities for international businesses to make their voices heard on this important issue before the law is changed.

For more information about trade secret protection and other intellectual property matters in Taiwan, please contact Christine Chen at cchen@winklerpartners.com.


[1] A 1931 Judicial Yuan interpretation generally precludes unregistered foreign corporations from filing private prosecutions under Article 319 of Taiwan Code of Criminal Procedure unless the legislature has created a statutory exception. Judicial Yuan Interpretation 533. Taiwan Copyright, Trademark, and Patent Acts already have statutory exceptions for unregistered foreign corporations. Taiwan’s Supreme Court has however held that US companies may file private prosecutions under the Treaty of Friendship, Commerce and Navigation between the United States of America and the Republic of China.

Taiwan constitutional court issues decision on marriage equality

Taiwan’s constitutional court today issued Interpretation 748 holding that Book IV Chapter II (marriage) of the Taiwan Civil Code is unconstitutional to the extent that it does not permit same-sex couples to enter into a permanent, exclusive, and intimate relationship in violation of Articles 22 (freedom of marriage) and Article 7 (right to equality before the law) of the Taiwanese Constitution.

The court gave the Taiwan Legislature two years to amend the current Civil Code or enact a new law consistent with Interpretation 748. While the court deferred to the Legislature to decide what form equal protection for marriage freedom should take, it also set a time limit for legislative action.  If the Legislature fails to take action within the next two years, same sex couples can register their marriages under the existing Civil Code.

Taiwan’s Ministry of Labor further clarifies new leave rules

Since amendments to Taiwan’s Labor Standards Act (the “LSA”) came into force in December 2016, both employees and employers have often found themselves unsure of how the changes apply in the workplace. In order to clarify how employers can in practice comply with these amendments regarding flexible rest days and avoid potential disputes with their employees, the Ministry of Labor (the “MOL”) has subsequently issued two interpretative letters. Below is a summary of these two letters, and what they mean for employers.

Make-up leave on flexible rest days

Previously under the LSA, employees who consent to work on flexible rest days could only choose to be provided with overtime payment in respect of their hours worked. The MOL has now clarified that such employees can choose either make-up/compensatory leave or overtime payment after the fact (i.e. after their overtime work has been completed). There must be some written agreement between employers and employees stating clearly the relevant standards for make-up leave, the period within which the make-up leave should be taken, and how any outstanding make-up leave is dealt with at the end of this period. Employers cannot force their employees to choose make-up leave.

This written agreement can be in the form of email correspondence, or a simple consent letter which is signed by the employee each time they complete overtime work on a flexible rest day. In the event of a dispute arising, the burden of proof falls on the employer.

Inability to work on flexible rest days/overtime

A second and related interpretative letter issued by the MOL deals with the situation where an employee agrees to work on a flexible rest day, however due to some personal reason (e.g. sickness) is either (a) unable to come to work at all, or (b) comes to work but is unable to complete the agreed hours of work. Previously, in such a situation, the employee would have to take personal or sick leave and the employer would still have to pay the full overtime pay amount in line with the recent flexible rest day overtime rules (please see our previous update here). This lead to many employment disputes, and was perceived as being unfair to employers. As such, the MOL has clarified that the employees’ consent to work on flexible rest days can be effectively rescinded where they are unable to work due to personal reasons.

In situation (a), this means that the employee will need to inform their employer of their inability to work, and the employer can negotiate with the employee to rescind the employees’ overtime obligation so that they do not need to take leave and overtime pay does not need to be provided.

In situation (b), in respect of the time when the employee is absent, the employer can negotiate with the employee to rescind the employees’ overtime obligation so that they do not need to take leave and overtime pay does not need to be provided. The employee’s overtime period can be dealt with as make-up leave. The details of how the employee’s absence from work in both situations (a) and (b) is dealt with can be mutually agreed upon in writing in a separate agreement, such as work rules, collective agreements (where there is a labor union) or employment contracts.

The MOL has further stated that only the amount of actual overtime hours worked will count towards the total amount of overtime (which cannot exceed 12 hours in one day or 46 hours in one month, under Article 32 of the LSA). This differs from the calculation of overtime payment.

Further developments

As the MOL releases further clarifications on the LSA amendments, employers must ensure that employees are made aware of the rules governing working on flexible rest days, overtime, and annual leave. This will ensure that disputes are minimized or avoided all together, and will prevent administrative penalties being levied on employers.

For more information on Taiwan employment matters, please contact Christine Chen at cchen@winklerpartners.com.

WP awarded B Corporation certification

Winkler Partners, a full service law firm based in Taipei, Taiwan, has become the first legal service provider in Asia to become a Certified B Corporation. According to B Lab, a non-profit that awards B Corporation certification, Winkler Partners is the 17th company in Taiwan to be certified. Worldwide, only 36 legal service providers have received certification, out of a total of 1932 companies since B Lab began awarding certification in 2007.

B Corp stands for Benefit Corporation, a type of for-profit corporate entity that places an equal importance on sustainability, working for the shared benefit of workers, stakeholders, wider society and the environment, as it does on profit making. B Corps adhere to greater accountability and transparency rules than traditional companies. Currently, 30 states in the United States, Italy and the UK (known as Community Interest Companies) allow for Benefit Corporation entities to be formed. B Lab provides certification for businesses in other jurisdictions whose corporate laws do not yet provide for registration as a Benefit Corporation.

The B Corp assessment survey covers sections on Environment, Workers, Customers, Community, Governance, and based on the answers, an Overall score is given. These scores make up our B Impact Report, which can be viewed here. Winkler Partners obtained an Overall score of 98, with 80 being the minimum score needed to receive certification.

Winkler Partners scored high for Environment, which takes into account our commitment to reducing energy usage and increasing energy savings, our extensive recycling program and measurement of our carbon footprint, the use of environmentally friendly products throughout our office, rainwater capture and our roof garden. We also scored above the B Corp median score for Workers, where our salary, benefits, diversity and work environment were evaluated; and Community, where our membership of 1% for the Planet, support for Wild at Heart Legal Defense Association and other organizations, as well as pro-bono work for Forward Taiwan were taken into consideration. Going forward, B Corp certification will allow us to effectively evaluate the ongoing contributions we make to these communities and enable us to identify areas in which we can improve.

You can read more about our commitment to our colleagues, clients and community on our B Corp profile page here. You can find out more about B Lab and the B Corp movement here. For more information on Winkler Partners’ B Corp certification, please contact James Hill at jhill@winklerpartners.com or +886 (0) 2 2311 2345 extension 535.

Data protection enforcement decisions by Taiwan’s Financial Supervisory Commission

Taiwan has had data protection laws since the mid-1990s, but a new era in data protection began in October of 2012 when the Personal Information Protection Act of 2010 (the “PIPA”) took force.

Enforcement of the PIPA is dispersed. Instead of having a single data protection authority (DPA), central government regulators share responsibility for enforcing the PIPA along with local governments. In addition, the Ministry of Justice plays an important coordinating role and interprets the PIPA.

The only regulator that publishes its data protection enforcement decisions is the Financial Supervisory Commission (“FSC”). The FSC is Taiwan’s super-regulator for financial industries. In this role, it oversees securities and futures firms, banks, and insurers. FSC data protection enforcement decisions are thus an important source for understanding enforcement of the PIPA by Taiwan’s executive branch.

Enforcement Cases by the Numbers

The FSC has published 16 enforcement decisions since the PIPA took force in 2012. The number of enforcement decisions in each year has varied. For example, while seven decisions were issued in 2016, no decisions were issued in 2015. Between 2012 and 2014, the FSC issued an average of two or three FSC enforcement decisions each year.

The seven 2016 enforcement decisions included five enforcement decisions against insurance companies by the FSC Insurance Bureau and two decisions against banks by the FSC Banking Bureau. As of this writing (March 2017), the FSC has already issued two enforcement decisions. Both of the 2017 decisions have been against insurers.

Of the various FSC sub-agencies, the Insurance Bureau has been the most active in its PIPA enforcement. Eleven of the 16 FSC enforcement decisions since 2012 have been insurance cases while just five decisions have been banking cases. Thus two trends can be identified. The first is increasing overall enforcement activity by the FSC since 2016. The second is that the FSC is especially concerned about the collection, processing, and use of personal information by the insurance industry.

We anticipate that these trends will continue and expect to see an increasing number of PIPA enforcement cases issued by the FSC with a focus on the insurance industry.

Types of Enforcement Decisions

FSC Enforcement decisions since 2012 can be categorized into four types: data breach cases, failure to obtain consent cases, inadequate security cases, and cases involving failure to notify.

1. Data Breaches

Data breaches are the most common reason for enforcement decisions. In general, these cases have involved negligent disclosures of customer personal information. In some cases, the disclosures were caused by poorly designed or maintained internal control and internal audit mechanisms while in other cases there were procedural errors in the course of business. Examples of data breaches cases are briefly discussed below in reverse chronological order by the date of the enforcement decision.

10 January 2017: Nan Shan Life Insurance Co., Ltd. improperly mailed policyholder personal information to third parties in the course of mailing notices to policyholders. The FSC found that the personal information disclosures were caused by execution errors in Nan Shan’s computer system. This enforcement decision is notable because the FSC also found that the breach was material and penalized Nan Shan for failing to immediately report the breach. This is the only enforcement decision to date in Taiwan that addresses late reporting.

11 April 2016: A customer requested information about salary transfers to the customer’s account at Cathay United Bank. In its response to the customer’s request, Cathay United Bank’s Da’an Branch disclosed the personal information of another customer to the requesting customer.

22 August 2013: CTBC Bank committed an error in its internet banking operations that enabled any internet user to enter, browse, and obtain customer information stored in the bank’s internal index pages.

2. Failure to obtain consent

Enforcement decisions have also been made against financial enterprises who have violated the PIPA by providing personal information of customers for use by third parties without first obtaining the customers’ consent. This type of case is illustrated by the following enforcement decisions.

29 June 2016: Mega International Commercial Bank, without having obtained the consent of its customers, provided basic customer personal information to its affiliate Chung Kuo Insurance Company Limited to conduct telemarketing.

4 October 2013: A Nan Shan Life Insurance solicitor, without obtaining written permission from the policyholders, gave personal information of customers to a third party whom the solicitor had engaged to answer policyholders’ questions about a policy.

10 July 2013: A Chang Hwa Commercial Bank, Ltd. employee made a query to the Joint Credit Information Center about a customer’s credit information without having obtained the customer’s written consent.

3. Inadequate Security

Cases of this type include the following:

16 November 2016: PCA Life Assurance Co., Ltd. inadequately implemented its 2015 personal information inventory operations, resulting in failure to delete personal information before the expiration of the relevant retention period.

11 November 2016: Mercuries Life Insurance Co., Ltd. was penalized for having inadequate overall personal data protection measures and a lack of effective internal control mechanisms in conducting its information operations.

8 September 2016: A Fubon Life Insurance Co., Ltd. customer complaint handler failed to adopt appropriate security measures and failed to use encryption when sending photocopies of policyholder call-in card applications to personal email addresses.

4. Failure to notify

14 February 2017: Mercuries Life Insurance Co., Ltd. was penalized for failing to expressly inform data subjects of statutorily required matters when it collected personal information of customers through its official website on a web page it provided for customer email queries about insurance.

Penalties

Under the PIPA, regulators are empowered to order private sector actors to remedy a violation of the PIPA. Failure to remedy the violation by a prescribed deadline will result in an administrative fine ranging from NT$20,000 (c. US$650) to NT$500,000 (c. US$16,300). However the FSC also has the power to fine financial businesses when they violate rules governing internal controls, and these fines are considerably higher than the fines that may be imposed under the PIPA. A notable feature of the FSC enforcement decisions is that when the FSC determines that a financial institution has violated the PIPA, it usually also finds that the same facts simultaneously constitute a violation of internal controls. As a result, the fines imposed in most FSC enforcement decisions are generally the higher fines for violation of internal controls.

In less serious cases, the administrative fine for a violation of internal controls in a data protection case is NT$600,000 (c. US$19,570). However higher fines are imposed in more serious cases. For example the FSC imposed a fine of NT$1.2 million (c. US$39,100) in the 2016 PCA Life Assurance case where PCA Life Assurance failed to delete personal information by the expiration of the retention period. Relatively high fines were also imposed in two cases involving external leaks of personal information: NT$3 million (c. US$97,830) in a 2014 case in which an ex-employee of Cathay United Bank had downloaded personal information of customers onto a private external storage device, and NT$4 million (c. US$130,400) in the 2013 CTBC Bank data breach case.

Typically, these fines for violations of internal controls are also accompanied with an order to remedy the PIPA violation by a prescribed deadline. In the majority of cases, a deadline of one month was set to remedy the PIPA violation. In a minority of more serious cases, a deadline ranging from seven to ten days was set.

To date, the FSC has imposed stand-alone PIPA fines in just three cases: the 2016 Mega International Commercial Bank decision, the 2013 Nan Shan Life Insurance decision, and the 2013 Chang Hwa Commercial Bank decision. The administrative fines imposed by these decisions were respectively: NT$50,000 (c.US$1,630), NT$20,000 (c. US$650), and NT$50,000 (c. US$1,630). All three of these cases fall in the category of providing a customer’s personal information for use by a third party without having obtained consent.

Conclusions

Taiwan’s Financial Supervisory Commission is actively enforcing violations of the PIPA with remedy orders and fines. While fines remain low by international standards, Taiwan’s media covers violations of data protection law extensively. As a result, members of the public and consumers are increasingly aware of their rights under the PIPA and are already highly sensitive to disclosures of personal information. This will put pressure on other regulators to follow the FSC’s lead and publish enforcement decisions. Ultimately Taiwan is likely to follow regional and international trends and replace dispersed enforcement with centralized enforcement by a unitary data protection authority.

For more information on data protection and privacy matters in Taiwan, please contact Chen Hui-ling at hchen@winklerpartners.com.

 

Archives