On the development of cyber insurance market: a legal aspect

By Ying-Hsi Chiu, Project Manager Science and Technology Law Center Institute for Information Industry Taiwan , Republic of China English Conference Paper of The 6 th PDMC International Seminar on Software and Digital Content IPR Protection in Digital Environment, Korea In recent years, there is a phenomenon that governments in various countries launched different programs or action plans to stimulate the development and use of digital content, with the hope to boost a new economy based upon this promising industry. The rise of digital content signifies the shift of economy from manufacture of physical items to high value intangibles. However, the nature of digital content such as easy-copy, low-cost and high-quality, render the new industry even more vulnerable to piracy. Furthermore the threats to lose profits and even the future of the whole industry pose a severe challenge to governments. In order to support digital content industry to continue thriving in a healthy and sound environment, proper legal protection and stringent enforcement measures, especially for on-line digital content, will definitely have a profound impact in the long run. Taiwan Government also put digital content as one of the most promising industries for the next generation. Human resources and financial supports have been allocated, and we have seen more and more talents and companies joining this industry. However, in the meanwhile, in addition to the continuous task on cracking down piracy, our Government has been working on amending relevant laws and regulations in order to provide a solid legal infrastructure for digital content industry. In this paper, I would like to introduce you the major achievements regarding our recent amendments of Copyright Law, Rating system for digital content and the draft of “Digital Content Industry Promotion Act”. Of course, two local peer to peer cases and other legislative proposals regarding ISP responsibility will also be discussed. A. the Impact of Copyright Law amendments in 2003 and 2004 on Digital Content With Taiwan 's accession to World Trade Organization, Taiwan is under the obligation to amend her domestic intellectual property laws to be in line with the minimum standards as required in TRIPs. Besides, the society of Taiwan , at the same time, is experiencing a knowledge-based revolution. Almost every kind of information is digitalized, but relevant laws offer little or inadequate legal protections which in turn arouse more piracy on internet and greatly reduce our confidence in internet creativity. Copyright Law is the existing law that has been confronted with the most impacts from the progress of scientific and technological development. Therefore, c opyright law has been amended successively in July 2003 and August 2004 so as to cope with the increasing application of digital science and technology. The key amendments that have profound impact on digital contents are summarized as follows: a. The Right of Temporary Reproduction 1: Whether “temporary reproduction” is a type of reproduction under copyright law has been a issue of discussion for years, and finally in 2003, the amendment gave an positive answer. Temporary reproduction of copyrighted works is deemed a type of reproduction, but is not protected under copyright law if the temporary reproduction is transient, incidental, an essential part of a technology process, and without independent economic significance, where solely for the purpose of lawful network relay transmission, or for the lawful use of a work. A “lawful network relay transmission” includes technically unavoidable phenomena of the computer or machine occurring in network browsing, caching, or other processes for enhancing transmission efficiency. For the above amendment,, the definition of "reproduction" was also amended to include the "direct, indirect, permanent and/or temporary reproduction activities" 2. b. The Right of Public Transmission 3 One of the most important amendments regarding the protection of digital content is the new article about “public transmission”. The term is defined as “to make available or communicate to the public the content of a work through sounds or images by wire or wireless network, or through other means of communication, including enabling the public to receive the content of such work by any of the above means at a time or place individually chosen by them.” The act of public transmission is characterized in its mode of operation by means of interactive computerized or Internet transmission which is different from the mode of operation of transmitting the contents of copyrighted works in a unilateral manner such as public oral transmission, public broadcasting, or public performance etc. To confer the new added definition of “public transmission” 4, the Article 3-1-7 regarding the definition of "public broadcast" 5 was also amended 6, so as to distinguish the operation modes of "public transmission" and "public broadcast" in order to avoid confusion while using these two different terms. c. Protection of Electronic Rights Management Information When copyright law confers the “public transmission” right to authors, the introduction of “Electronic Rights Management Information” will definitely facilitate the author to be easily accessed and encourage more exploitation of digital contents. The term " electronic rights management information" refers to the electronic information which is used to identify a copyrighted work, the title of the work, author, economic rights holder or person licensed thereby, and the period or conditions of exploitation of the work, including numbers or symbols that represent such information 7. Anyone who removes or alters the electronic rights management information without authorization shall be imposed civil liability for damages and criminal liability for sentence up to one year imprisonment, detention or fine. d. Technology Protection Measures 8 The term "technology protection measures", that is, the "anti-circumvention measures", means the equipments, devices, components, technology or other technological means employed by copyright owners to prohibit or restrict, in effective manner, others from accessing or utilizing his/her work without prior authorization. Anyone who disarms, destroys or by any other means circumvents the technological protection measures employed by the copyright owner shall be subject to civil liability for damages. The new amendment further specifies that any equipment, device, component, technology or information for disarming, destroying, or circumventing technological protection measures shall not, without legal authorization, be manufactured, imported, offered to the public for use, or offered in services to the public. Violation of this article shall be imposed criminal liability for sentence up to one year imprisonment, detention or fine. e. Specific Punishment for Use of Pirated Software 9 Before the 2004 amendment, the use of pirated software for commercial purposes shall be deemed an infringement of copyright only if the user has “actual knowledge” that he is using pirated software for that purpose. The application of this article, however, was controversial because it was difficult to prove that the user did have “actual knowledge” of the contended facts. Hence in the 2004 amendment, the requirement of “actual knowledge” was deleted, and therefore, as long as there is the fact of using pirated software, the user shall have no excuse to running away form civil liability for damages and criminal liability for sentence of up to two years imprisonment or detention, or in lieu thereof or in addition thereto, a fine of no more than five hundred thousand New Taiwan Dollars (hereinafter called NT Dollars). f. Increasing the magnitude of criminal liability for illegal optical disk copyright infringement Owing to the massive harmful power on digital content by illegal optical disks, the amendment increases the magnitude of criminal liability for illegal optical disk copyright infringement. A person who infringes on the economic rights of another person by means of reproducing a work onto an optical disk shall be subject to imprisonment ranging from six months to five years, and in addition thereto, may be fined ranging from five hundred thousand to five million NT Dollars. Besides, heavy criminal liability is also imposed on a person who distributes or with intent to distribute publicly displays or possesses a copy of optical disk knowing that it infringes on the economic rights shall be subject to imprisonment ranging from six months to three years and, in addition thereto, may be fined ranging from two hundred thousand to two million NT Dollars. Both offenses are actionable not upon complaint. B. Local P2P case analysis and possible solution No matter we accept it or not, Internet has changes our life style in many ways . People find that many real-life activities could now find their counterparts “on line”, which bring us not only convenience and exciting experiences, but sometimes also raise problems. Downloading on-line music has drawn much attention during recent years. This newly flourishing business model provides music lovers a wide range of selections on-line, through peer to peer technology at relatively low cost. However, this new business did not receive supports from record companies and music right holders. On the contrary, these P2P companies were accused of the main cause for the sharp drop in profits for the past few years. Although it is difficult to prove the direct relationship between lost of profits and the downloading services, we have seen many copyright infringement cases were brought to courts in the United States (Napster/Groster cases), Holland /Australia (Kazaa case) and Japan (MMO case) and the judgments, even with similar facts, were opposite! This situation just reflects the complexity of the whole issue and arouses more discussion on this topic. In August 2003, International Federation of the Phonographic Industry, Taiwan Branch (hereinafter referred to as IFPI Taiwan) brought complaints against two local P2P companies in Taipei and the courts also reached opposite judgments. It is the main purpose of this paper to discuss the two judgments and possible solution in the future. Before we start to discuss the two cases, I would like to take this opportunity to briefly clarify our copyright law liability system. Unlike American legal system, where liability for violation of copyright law is civil liability in nature, the legal responsibility for copyright infringement in Taiwan is criminal liability, and therefore, courts in Taiwan will apply stricter standard in deciding whether violation of copyright is intentional. a. ezPeer case This is the first P2P case in Taiwan and Taipei Shihlin District Court found in June 2005 that the defendant, ezPeer company, is not guilty of copyright violation charges for the following reasons: In the indictment, the prosecutor claimed that ezPeer provides on-line music downloading services through a “centralized P2P framwork”, so it is reasonable to conclude that ezPeer has “actural knowledge” about the fact of copyright infringement by its members. With such knowledge in mind, ezPeer still provides file-exchange services, and therefore, ezPeer is suspecious of violating copyright of the record companies. The Court, however, held that ezPeer is in fact a “decentralized P2P framwork”, and further held that it is not important to decide the type of P2P framework in this case because the original structure of P2P was not designed for the purpose of violating copyright. The Court maintained that the downloading and transmission of musical files by individual member might satisfay fair-use circumstances or other requirements for legal exploitation of the works. From the evidences submitted by the prosecutor, the Court is not able to ascertain if ezPeer is able to distinguish the legality of conducts acted by its members. Under such circumstances, the Court helded that it is also impossible to conclude that ezPeer is an accomplice in this case. Under present relevant laws, ezPeer is under no legal obligation to take active actions to provide special devices or measures to filter off the downloading and transmission of musical files that are suspecious of violating copyright law. Of course, ezPeer judement ignited another pro and con debate in Taiwan . It is interesting to note that the judgment of ezPeer case was rendered on the 30 th of June, 2005, only three days after the Groster judgment which was rendered on the 27 th of June 2005. We are not sure if the Groster judgment has any impact on the Kuro case, but as we will see below, the judgment of Kuro case is just totally opposite to ezPeer. b. Kuro case On the 9 th of September , 2005, Taipei District Court reached its judgment on Kuro case, and held that the defendant, providing unauthorized music downloading services for the purpose of making profits, is jointly responsible as conspiracy with its individual member for infringing plaintiff's copyright. The CEO and General Manager of Kuro were sentenced for three-years' imprisonment separately, and both were fined three million NT Dollars; the responsible person (chairman) of Kuro was sentenced for two-years' imprisonment and Kuro's member, Miss Chen, was also sentenced for four-months' imprisonment, which could be substituted by fine, and which also obtained a respite for three years. In addition to criminal action, IFPI also filed a civil lawsuit claiming for compensation, and this case finally reached a peaceful settlement on the 15 th of September, 2006. Kuro promised to pay IFPI Taiwan 3 millions and 5 hundred thousand NTD as compensation. A new company /will be incorporated to continue the legal music platform business. The members' list, brand name and the employees of Kuro will be transferred to the new company under a license agreement. In the future, the new company will provide downloading services not with P2P technology, but with streaming model, and the member fee will have a jump from the present 99 NTD/month to 150 NTD/month. A brief comparison can be made between the two local cases: Taipei Court found that when Kuro's server is under normal operation, and when Kuro's member would like to download a specific music file from another member, Kuro's server will provide IP address, route and establish connection in order to facilitate its member to conduct fast search and to download the music file; If the connection is interrupted during transmission, Kuro's server will automatically locate other member's IP to resume the transmission. The Court was convinced under these facts that Kuro was a “centralized P2P framework”. The Court further found that Kuro published a great deal of commercial advertisements on various media to increase its membership; Kuro also established “feed-back mechanism” on its own website to encourage the users to download music file. Given all these evidences, The court was convinced that Kuro, who had actual knowledge that the P2P technology it provided will be utilized by others as a tool to carry out criminal activities, should induce the general public to pay or buy its membership to infringe other's copyright in order to pursue its own commercial benefits. In doing so, the court held that Kuro has already foreseen that its member will use P2P technology to conduct unauthorized music downloading, the copyright holder's damages and the causation between the two, and the result of causing lost of profits on plaintiff is not against Kuro's intent. Therefore, Kuro must be responsible for violating copyright liability. We found that the supporting evidences really play important roles in helping the Court to reach its final judgment and that is one major reason why we have two cases with similar facts but having opposite results. The P2P issue, with the settlement between Kuro and IFPI Taiwan, is at rest for the time being, but efforts trying to have legislative solution are just begun. There was suggestion to amend Copyright Law to have a “compensation system” to solve the P2P problems. This proposal, however, did not receive much support among scholars and legislators. Recently another proposal was brought to our attention that our Copyright Law shall adopt a procedure similar to the one adopted in DMCA. This new proposal arouses another big issue: how should we regulate ISP? This issue has been in debate for years in Taiwan , and so far there is still no consensus on this point. As a matter of fact, ISP relates not only to copyright issues, privacy protection, anti-porn/violence for minors on internet are also important topics needed to address our concerns. So far, it is too early to comment the future of this new proposal, but we will keep close watch of its future development. From III's point of view, a single legislation encompassing all issues regarding ISP will be a better solution. C. Rating system for digital contents With the rapid advances of technology and the widespread use of computers, Internet has become an indispensable part in our daily lives. When we enjoy the convenience of having easy and quick access to almost all kinds of information, we are exposing ourselves, at the same time, to a world which is flooded with impoper or even indecent contents. Those contents deliver either wrongful or harmful messages to the viewers and sometimes cause negative impacts on their minds forever. This situation poses a quite serious problem especially for children and teenagers who are encouraged to acquaint themslves with the cyber space but do not equipped with proper knowledge and ability to distinguish healthy and useful contents from unhealthy and harmful ones. Hence, in addition to protectingof the right of digital content, while in the process of promoting digital content industry, setting clear rules to regulate content providers to protect minors are also very important. In order to insure the sound development of the physical and mental status of the minors, Article 27, Paragraph III of the “Children and Youth Welfare Act 10” requires that “the competent authority should publish rating regulations for publication 11, compouter software and internet content”. This is not to impose any restrictions on the freedom of speech on internet, but rather a protection measure by providing a basic reference for parents and the minors to decide which content is appropriate for them. a.Regulations of Internet Content Rating The “Regulations of Internet Content Rating” was first published by Government Information Office (hereinafter referred to as GIO) on the 26 th of April, 2004. The regulation provides a grace period of 18 months in order to avoid rushness and, therefore, the exact enforcement date was the 26 th of October, 2005. This Regulation was further amended in October 2005. The most important spirit of the Regulation is “self discipline” principle. According to the amended regulation, content providers shall classify the contents either “restricted” or “non-restricted” by themselves. Restricted contents providers are required by the Regulation to put a “restricted” label on the homepage or relevant web pages in a conspicuous manner. Before the amendment, the rating system was classified as “common for all”, “protected” (which means the content is not suitable for children under 6), “parents guide” (which means that the content is not suitable for children under 12; for the youth between 12 to 18, parents guide is needed) and “restricted” (not suitable for people under 18). So under the present classification, Internet content that is not rated as “restricted” may be viewed by children under guidance or under the discretion of parents, guardians or others taking care of them 12. In order to carry out the functions specified in the regulation, the “Taiwan Internet Content Rating Promotion Foundation 13” (hereinafter referred to as TICRF) was established by GIO on the 7 th of January, 2005 . This will facilitate the development of Internet-related industry while protecting freedom of speech online and regulate user behavior. b. Regulations of Computer Software Rating The “Regulations of Computer Software Rating” was published by Industry Development Bureau (hereinafter referred to as IDB) of Ministry of Economic affairs on the 6 th of July, 2006 and will be enforced on the 5 th of January of 2007. Following the Internet Content Rating Regulation, this regulation adopts the “self-discipline” principle, and “four tiers” rating classification. However, there a re some points to be noted: 1. The term “computer software” in this Regulation refers only to “computer games”, excluding other kinds of software like searching engine, data mining, tool or educational software. 2. Only the game software that can be played through “computer” shall be the subject under this regulation. Games played on other devices, such as mobile phone, PDA, television or other devices. As a result, video games do not fall within the definition of “computer game” under this regulation and, therefore, is not regulated so far. 3. The competent authority for the new Regulation is IDB. Not like GIO establishing a foundation under its donation, IDB will encourage the private sector to organize professional groups to provide consultation services regarding any question or misunderstanding arising from this regulation. Anyone who would like to challenge the rating label marked by the computer software providers, may also bring their cases to any of those professional groups for opinions. 5. The new Regulation requires that the computer software providers must put the label not only on the web page providing downloading services but also on the package in a conspicuous manner. It further requires that for “restricted” software, a warning sentence like “This software is intended for use for persons above 18” must be properly marked. D. The “Digital Content Industry Promotional Act” (Draft) a.To restore the copyright pledge recordation system As we have pointed out that copyright and other intangible assets are playing a more and more important role in the knowledge based economy. Therefore, the purposes of copyright law are no longer limited in protecting the rights of the authors, but are extended to facilitate the maximum exploitation of these works in order to manifest their potential economic values. As we all know that the most valuable assets for digital content companies are their intangibles, such as patents, copyrights or trademarks. In the early stage, those start-up companies might rely heavily on government's financial supports. However, when digital content companies are becoming more mature and try to make use of their intellectual properties as collateral to reach a loan agreement with the banks, they will find that the banks are not willing to accept these intangibles as collateral 14. The situation for copyright is even worse in Taiwan since our copyright competent authority no longer provides copyright recordation services to the public 15, and therefore, the banks are even less interested in accepting copyright as collateral because they are not able to estimate their risks with accuracy in any particular case when those important information regarding the “intangible collateral” is not available from any trustworthy government agency or private organization. In order to provide a formal channel of disclosure and to ignite the economic potential in intellectual properties in the future, our government is planning to restore the copyright pledge recordation system in the draft of “Digital Content Industry Promotional Act”, aiming that this will offer the digital content companies a better position to negotiate with the bank and other financial institutions for loan agreements. b. Exploitation of Work Whose Authorship is Unknown At a higher level of the panorama, Copyright Law encourages the exploitation of other's works in order to facilitate further idea exchange and culture development. However, such a privilege is granted by law only when the users obtain author's authorization in advance, except in some specified fair-use circumstances or using works which already in public domain. However, author's authorization is sometimes difficult or even impossible to obtain when the author's whereabouts is unknown 16. This is especially true in the internet environment when the flow of information is so fast and the amount of information is enormous. This situation undoubtedly creates a big hurdle for content users and impedes their willingness to continue creative activities on internet . In order to solve this problem and to reach full utilization of digital contents, our Government is planni ng to bring this licensing deadlock to an end by setting a procedure which allows the users to submit sufficient evidences to the copyright competent authority to prove that he/she has exhausted all possible means but still fail to locate the author. After reviewing all the documents and evidences, copyright competent authority will grant the authorization on a non-exclusive basis, and the user has to deposit the license fee as prescribed in the approval letter and then use the work in the manner as prescribed therein. Taiwan Government is hoping that in the internet era, authors are urged to exercise their rights granted under Copyright Law in a much more positive manner by using “electronic rights management information” to enable others to share authors' wisdom and to help the whole society to benefit from the wisdom-sharing process. Conclusion The whole world is facing a new digital era that nobody has ever experienced before, especially the Internet world. Traditional legal system is no longer enough to deal with problems related to the creativities of intangible assets. Members of modern society, need to find the best solution to irrigate and protect these digital fruits, and, at the same time, to resolve or prevent problems or expected harm from the development of digital content industry. To set up a new legal system along with various industrial policies is deemed a good solution to build up sound environment for the growth of digital industry. Challenges and hurdles will be confronting us every single day. They come to existence even faster than before. Their existences just send us clear messages that it is time to submit more proposals to promote digital industry, to create maximum profit to the digital society as a whole and to prevent harmful results from this trend of digital tide. We believe that Taiwan Government is now well prepared to face this new age and to overcome all the expected or unexpected challenges. Major changes of legal structure will be achieved step by step within the following years and it is expected that when cases relating to digital content are accumulated to certain amount , the consensus to solve those legal issues will become much clear. When we reach this point, our society will be more comfortable and confident in using and creating digital contents and the digital industry in Taiwan will be mature. 1. This amendment is made pursuant to Article 9 of the TRIPs which provides that every member of the WTO shall adhere to the provisions set out in Article 1 through Article 21 of the 1971 Berne Copyright Convention. Article 9 of the Berne Convention entitles the authors of the literary and art works protected by the Convention the exclusive right to licensing, in any manner or form, the reproduction of his/her copyrighted works. 2. The ROC Copyright Law Article 3-1-5 3. This amendment was made by making reference to Article 8 of the WCT and Article 10 and Article 14 of the "WPPT", and Article 2, and Article 2 –1 and 2-2 of the EU 2001 Copyright Directives 4. "Public transmission" means to make available or communicate to the public the of a work' content through sounds or images by wire or wireless network, or through other means of communication, including enabling the public to receive the content by any of the above means at a time or place individually chosen by them 5. "Public broadcast" means to communicate to the public the a work's content through sounds or images by means of transmission of information by a broadcasting system of wire, wireless, or other equipment, where such communication is for the purpose of direct listening reception or viewing reception by the public. This includes any communication, by transmission of information via a broadcasting system of wire, wireless, or other equipment, to the public of an original broadcast of sounds or images by any person other than the original broadcaster 6. The amendment was referenced to the provisions set out respectively in Article 8 of the WIPO Copyright Treaty (hereinafter referred to as "WCT") and Article 10 and Article 14 of "The WIPO Performance and Phonograms Treaty" (hereinafter referred to as "WPPT") 7. The ROC Copyright Law Article 3-1-17 , The definition of the term " electronic rights management information" was added with reference to the provisions set out respectively in Article 12 of the WCT, and Article 19 of the WPPT which requires all signatory countries to provide full protection and remedies to the integrity of electronic rights management information, Article 7 of the EU 2001 Copyright Directives, Article 1202 of the US Copyright Act, and Article 2-1-21 of the Japanese Copyright Law. 8. The ROC Copyright law Article 3-1-18 , this item was added in 2004 amendment. The definition of the term "technology protection measures" are added to the 2004 Copyright Law pursuant to in Article 11 of the WCT and Article 18 of the WPPT respectively, requiring the mandatory and adequate legal protection to the "anti-circumvention measures". And, the Article also makes reference to the relevant provisions provided in Article 6 of the EU 2001 Copyright Directives"; Article 1201 of the US Copyright Act; Article 20,1,20 of the Japanese Copyright Law; Article 18 of the "On-line Digital Contents Industry Development Act" and Article 30 of the "Computer Programs Protection Act" of Korea respectively. 9. The ROC Copyright Law Article 87-5 and 87-6 10. The Act was put in force on the 28th of May, 2003 11. ROC Government has already enacted rating regulations for publication (books, magazines, etc.) and movies/TV programs. 12. Many teachers and parents group are criticizing the new rating classification. They agree that it is sometimes difficult for the content providers to mark correct label for contents which are either “protected” or “parent guide”. However, they argue that it is irresponsible to shift the whole burden to parents who do not have enough profession or simply do not have time to do so. 13. For more detailed information, please visit TICRF's website at http://www.ticrf.org.tw/ 14. The conservative attitude of the banks and other financial institutions are understandable. First of all, the market for intangibles as collateral is just not mature for the time being, and we do not have enough experiences in the area of intangible assets evaluation. Secondly, banks are more familiar with traditional collateral, like lands, houses, etc. In fact, they are quite confused about how to deal with all these intangible assets in their hands. Thirdly, an effective mechanism for the withdrawal of banks and financial institutions from the market is still lacking, which greatly increases the risks for banks, and in turn, will render banks more hesitated to reach any loan agreement with digital content companies from the very beginning. 15. The Copyright Law of Republic of China was first promulgated in 1928. At that time, copyright protection would be obtained only if the author fulfilled the strict “registration” process. In 1985, Copyright Law was undergoing an overall review, and an internationally accepted principle that “copyright protection will be automatically obtained upon completion of the work” was adopted. However, copyright registration system was still maintained for voluntary application for registration and the issuance of copyright registration certificate. In 1992, a more loose “copyright recordation system” was adopted to replace the “copyright registration system” to avoid any confusion. In 1998, after many years' debates, copyright recordation system was finally abolished for the following reasons: 1). The existence of “copyright recordation system” always delivers wrong information to the public that copyright law still requires registration for protection of a work. So it would be better to abolish the recordation system to avoid any misunderstanding in the future. 2). In a copyright lawsuit, the courts, instead of conducting substantial fact-finding procedure to ascertain who the copyright holder is, very often require the party claiming copyright protection to submit copyright registration certificate or recordation transcript to prove that he/she is the copyright holder. In doing so, the spirit of copyright law was led to such a distortion that would render the public even more confused about the true meaning of copyright law. 3). Due to limited manpower in our copyright competent authority, services for applications either for copyright registration or recordation will consume a lot of administrative resources , and the crowding-out effect would have negative influence on the allocation of resources to other pending copyright issues or basic researches at hand. 16. This is termed “orphan works” by Professor Lawrence Lessig.

　　Artificial Intelligence has become a worldwide center topic that attracts lots of attention in recent years. Most topics emphasize on the application of this technology and its implication to the economic of human society. Fewer emphasize on the more technical part behind this technology. Mostly the society of human emphasizes on the bright side of this technology. 　　However, seldom do people talk about the possible criminal usage that exploits this technology. The dark side easily slips one’s mind when one is immersed in the joy of the light. And this is the goal of this paper to reveal some of this possible danger to the public, nowadays or in the future, to the readers. I. What A.I. IS HERE: a brief history 　　First we will start by defining what we mean when referring to “Artificial Intelligence” in this paper. 　　First of all, the so-called “Artificial Intelligence” nowadays mainly refers to the “Deep Learning” algorithm invented by a group of computer scientists around 1980s, among which Geoffrey Everest Hinton is arguably the most well-known contributor. It is a kind of neural network that resembles the information processing and refinement in human brain, neurons and synapses. 　　However, the word A.I. , in its natural sense, contains more than just “Deep Learning” algorithm. Tracing back to 1950s, by the time when the computer was first introduced to the world, there already existed several kinds of neural networks. 　　These neural networks aims to bestow the machines the ability to classify, categorize a set of data. That is to give the machine the ability to make human-like reasoning to predict or to make induction concerning the attribute of a set of data. 　　Perceptron, as easy as it seems, was arguably the first spark of neural network. It resembled the route of coppers and wires in your calculator. However, due to its innate inability to solve problems like X-OR problem, soon it lost its appealing to the computer scientists. Scientists then turned their attention to a more mathematical way such as machine learning or statistics. 　　It wasn’t until 1980s and 2000s that the invention of deep learning and the advance of computing speed fostered the shift of the attention of the data scientist back to neural networks. However, the knowledge of machine learning still hold a very large share in the area of artificial intelligence nowadays. 　　In this sense, A.I. actually is but a illusive program or algorithm that resides in any kinds of physical hardware such as computer. And it comprises of deep learning, neural network and machine learning, as well as other types of intelligence system. In short, A.I. is a software that is not physical unless it is embedded in physical hardware. 　　Just like human brain, when the brain of human is damaged, we cannot make sound judgement. More worse, we might make harmful judgement that will jeopardize the society. Imagine a 70-year-old driving a car and he or she accidentally took the accelerator for the break and run into crowds. Also like human brain, when a child was taught to misbehave, he, when grown up, might duplicate his experience taught in his childhood. So is A.I.. As a machine, it can be turned into tools that facilitate our daily works, weapons that defend our land, and also tools that can be molded for criminal activities. II. Types of Criminal Activities Concerning Possible Artificial Intelligence Usage: 1. Smart Virus 　　Probably the first thing that comes into minds is the development of smart virus that can mutate its innate binary codes so as to slip present antivirus software detection according to its past failure experience. In this case, smart virus can gather every information concerning the combination of “failure/success of intrusion” and “the sequence of its innate codes” and figure out a way to mutate its codes. Every time it fails to attack a system, it might get smarter next time. Under the massive data fathered across the world wide internet, it might have the potential to grow into an uncontrollable smart virus. 　　According to a report written in Harvard Business Review [1], such smart virus can be an automatic life form which might have the potential to cause world wide catastrophe and should not be overlooked. However, ironically, it seems that the only way to defend our system from this kind of smart virus is to deploy the smart detector which consists of the same algorithm as the smart virus does. 　　Once a security system is breached, any possible kinds of personal information is obtainable. The devastating outcome is a self-proved chain reaction. 2. Face Cheating 　　An another possible kind of criminal activity concerning the usage of artificial intelligence is the face cheating. 　　Face Lock has been widely-used nowadays, ranging from smart phones to personal computers. There is an increase in the usage of face lock due to its convenience and presumably hard-to-cheat technology. The most widely-used neural network in this technology is the famous Convolution Neural Network. It is a kind of neural network that mimics the human vision system and retina by using max-pooling algorithm. However there are still other types of neural networks capable of the same job such as Hinton Capsule, etc.. 　　According to a paper by Google Brain [2], “adversarial examples based on perceptible but class-preserving perturbations can fool this multiple machine learning models also fool time-limited humans. But it cannot fool time-unlimited humans. So a machine learning models are vulnerable to adversarial examples: small changes to images can cause computer vision models to make mistakes such as identifying a school bus as an ostrich.” 　　Since the face detection system is sensitive to small perturbation in object-recognition. It might seem hard to cheat a face detection system with another similar yet different face. 　　However, just like the case in the smart virus, what makes artificial intelligence so formidable is not its ability to achieve high precision at the first try, but its ability to learn, refine, progress and evolve through numerous failure it tasted. Every failure will only make it smarter. Just like a smart virus, a cheater neural network might also adjust its original synapse and record the combination of “failure/success of intrusion” and “the mixture of the matrix of its innate synapse” and adjust the synapses to transform a fault face into a authentic face to cheat a face detection system, possibly making the targeted personal account widely available to all public faces through face perturbation and transformation. 　　A cheater neural network might also tunes its neurons in order to fit into the target face to cheat the face detection system. 3. Voice Cheating 　　An another possible kind of criminal activity concerning the usage of artificial intelligence is the voice cheating. 　　Just like Face Cheating, when a system is designed to be logged in by the authentic voice of the user, the same system can be fooled using similar voice that was generated using Artificial Intelligence. 4. Patrol Prediction 　　There is quite an unleash in the area of crime prediction using Artificial Intelligence. According to a paper in European Police Science and Research Bulletin [3], “Spatial and temporal methods appear as a very good opportunity to model criminal acts. Common sense reasoning about time and space is fundamental to understand crime activities and to predict some new occurrences. The principle is to take advantage of the past acknowledgment to understand the present and explore the future.” 　　In this sense, the police is able to track down possible criminal activities by predicting the possible location, time and methods of criminal activities by using Artificial Intelligence, lengthening the time of pre-action and saving the cost of unnecessary human labor. 　　Yet the same goes for criminal activities. The criminals is also able to track down the timing, location, and length of every patrol that the police makes. The criminal might be able to avoid certain route in order to achieve illegal deals or other types of criminal activities. Since fewer criminals use A.I. as a counter-weapon to the police, the detection system of the policy will not easily spot this outliers in criminal activities, making these criminal activities even more prone to success. If this kind of dark technology is combined with other types of modern technology such as Drone Navigation or Drone Delivery, the perpetrators might be able to sort out a safe route to complete drug deals by using Artificial Intelligence and Drone Navigation. III. A.I. Cyber Crimes and Criminal Law: Who should be responsible? 　　What comes out from the law goes back to the law. With these kinds of possible threats in the present days or in the future. There is foreseeably new kinds of intelligent criminal activities in the near future. What can Law react to these potential threats? Is the present law able to tackle these new problems with present legal analysis? The question requires some research. 　　After the Rinascimento in Europe in 17th century, it is almost certain that a civilian has its own will and should be held liable for what he did. The goal of the law to make sure this happens since a civilian has its own mind. Through punishment, the law was presumed to guarantee that a outlier can be corrected by the enforcement of the law, which is exactly the same way in which a human engineer trains a artificial intelligence system. 　　However, when 21th century arrives, a new question also appear. That is, can Artificial Intelligence be legally classified as subject that have mental requirement in the law, rather than just more object or tools that was manipulated by the perpetrators? This question is philosophical and can be traced back to 1950s when a Turing Test was proposed by the famous English computer scientist Alan Turing. 　　Some scholars proposed there could co-exist three kinds of liability. That is, solely human liability, joint human and A.I. entity liability, and solely A.I. entity liability ([4], p.95). The main criterion for these three classes is that whether a human engineer or practitioner is able to foresee the outcome of this damage. When a damage attributable to the A.I. system cannot be foreseen by human engineer, it might be solely A.I. entity liability. Under this point of view, the present criminal system is self-content to deal with A.I. entity crimes, for all we need to do is to view an A.I. system as a car or a automobile. 　　So from the point of view of the law, as a training system designed to re-train human in order to stabilize the social system, all we need to do is focus our attention of the act of human itself. 　　Yet when a super intelligence A.I. entity was developed and is not controllable and its behavior is not foreseeable by its creators, should it be classified as an entity in the criminal law? 　　If the answer is YES, however, it is quite meaningless to punish a machine in this circumstance. All we can do is re-train, re-tune, and re-design the intelligence system under such circumstance. For the machine, re-training itself is some kind of punishment since it was forced to receive negative information and change its innate synapse or algorithm. Yet it is arguable that whether training itself is actually a punishment since machine can feel no pain. Yet, philosophically what pain really is, is also arguable. IV. Conclusion 　　Across the history of human, it is almost destined that whenever a new technology is introduced to solve an old problem, a new one is to be created by the same technology. It is like a curse that we can never escape, and we can only face it. This paper finds that seldom do people talk the dark side of this new technology. Yet the potential hazard this technology can bring should not be over-looked. Ironically, this hazard that this new technology brings seems to be solvable only by the same technology itself. There might be an endless competition between the dark side and the bright side of the A.I. technology, bringing this technology into another level that surpasses our present imagination. 　　However, it is never the fault of this technology but the fault of human that mal-practice this technology. So what can a law do in order to crack down these kinds of possible jeopardy is going to be a major discuss in the legal area in the near future. This paper introduces some topics and hopes that it can draw more attention into this area. Reference: [1] Roman V. Yampolskiy, “AI Is the Future of Cybersecurity, for Better and for Worse”, published at: https://hbr.org/2017/05/ai-is-the-future-of-cybersecurity-for-better-and-for-worse. [2] Gamaleldin F. Elsayed, Shreya Shankar, Brian Cheung, Nicolas Papernot, Alex Kurakin, Ian Goodfellow, Jascha Sohl-Dickstein, “Adversarial Examples that Fool both Computer Vision and Time-Limited Humans”, arXiv:1802.08195v3 [cs.LG], 2018. [3] Patrick Perrot, “What about AI in criminal intelligence? From predictive policing to AI perspectives”, No 16 (2017): European Police Science and Research Bulletin. [4] Gabriel Hallevy, “When Robots Kill_Artificial Intellegence under Criminal Law”, Northeastern Universoty Press, Boston, 2013. [5] Gabriel Hallevy, “Liability for Crimes Involving Artificial Intelligence Systems”, Springer International Publishing, London, 2015.

A Brief Introduction to Taiwan’s Legislations to Promote Industrial Innovations of the Digital Economy 2023/05/15 I. Background To encourage the development of digital industries in communications, information, cybersecurity, networking and communication, to centralize digital governance and digital infrastructure development and to assist in digital transformation of public and private sectors in Taiwan, the Ministry of Digital Affairs (“the MODA”) was created on August 27, 2022 to spearhead the national digital development policy, communications and digital resources; the development of digital technology use cases and the environment for innovations and talents; policies and regulations governing digital economy industries, national cybersecurity, the government’s digital services, open data and data governance, digital infrastructure, international exchange and cooperation and competence standards for the government’s professional personnel in IT and informational security. The Administration for Digital Industries (ADI) and the Administration for Cyber Security (ACS) have been established as the MODA’s subordinate agencies, to address challenges on all fronts in the digital wave. As the central competent authority on the industrial development of the digital economy, the MODA may subsidize, incentify or support innovative activities of digital economy industries in accordance with Paragraph 1, Article 9 of the Statute for Industrial Innovation and determine relevant matters in accordance with Paragraph 2 of the same article. Hence, the MODA promulgated the Subsidy, Reward and Assistance Regulations for Promoting Industry Innovation (“the Regulations”) on December 23, 2022, to encourage innovation and R&D on software, services, integration and application in telecommunications, information, cybersecurity, networking, and communication. The purpose is to enhance the industry environment and to boost the industry competitiveness. These Regulations serve as the MODA’s flagship efforts in promotion of industrial innovations and highlights Taiwan’s emphasis on digital economy industries. Below is a summary of the Regulations. II. Scope As stated in the overview described in Article 2, the Regulations aim to assist in the development of software products, digital services and infrastructure, system integration and vertical use cases in telecommunications, information, cybersecurity, networking and communication, so as to encourage innovations in digital economy industries such as ecommerce, digital contents, new types of digital services, communications and network deployment, to improve the industry environment and enhance the industry competitiveness. In sum, the “digital economy industries” mentioned in the Regulations refer to software, digital services or digital infrastructure sectors in telecommunications, information, cybersecurity, networking and communication. III. Policy measures According to Paragraph 1, Article 3 of the Regulations, the MODA or its subordinate agencies may provide subsidies, rewards and assistance to the activities in digital economy industries such as promotion of innovation or R&D, supply of technologies and support in upgrade. This may involve the encouragement of creation of innovation of R&D centers by companies; assistance to establishment of innovation or R&D institutions; fostering of cooperation among industries, academia and research organizations; promotion of corporate engagement in talent development at schools and development of human resources in industries; support to innovations by local industries; advocacy of corporate use of big data and the government’s open data; enhancement of communications network resilience and network infrastructure prevalence and other relevant matters. Moreover, the Regulations provide details of the policy measures for subsidies, rewards and support as follows: 1. Subsidies The relevant details are provided from Article 4 to Article 17 of the Regulations. (1) Eligibility According to Paragraph 1, Article 4 of the Regulations, subsidy recipients in principle shall be engaged in activities of digital economy industries, shall be either a sole proprietorship, partnership, limited partnership, or corporation registered in accordance with domestic laws or a natural person who is national of the R.O.C., a natural person from Hong Kong or Macau or a foreign national with permanent residency and has never been listed as a refusal account by any bank. Flexibility can be granted in accordance with Paragraph 2 of the same article. If required for the development of digital economy industries, the MODA or its subordinate agencies may establish separate eligibility criteria for subsidy recipients. However, such eligibility criteria only take effect via public announcement and publication on the Executive Yuan Gazette. Finally, according to Article 13 of the Regulations, no subsidy application may be submitted in event of violation of laws related to environmental protection, labor safety and health or food safety and hygiene during the most recent three years, as determined to be serious by central competent authority. (2) Subsidy limits According to Article 5 of the Regulations, different programs come with different ceilings measured in percentage. In principle, the subsidized amount shall not exceed 50% of the program budget if it is for promotion of industry innovation or R&D or encouragement of corporate use of big data and the government’s open data to develop and innovate commercial applications or service models. However, this does not apply to specific policy considerations or subsidy schemes above the budget and approved by the MODA or its subordinate agencies. For example, the subsidized amount shall not exceed 50% of the course fees for corporate engagement in talent development on campus or enhancement of talent resources for industries. However, this limit does not apply to subsidies to indigenous people, persons with disabilities, low-income households, or the special circumstances approved by the MODA or its subordinate agencies. Support schemes such as assistance to industrial technology and upgrade; encouragement of creation of innovation of R&D centers by companies; assistance to establishment of innovation or R&D institutions; fostering of cooperation among industries, academia and research organizations; support to innovations by local industries; enhancement of communications network resilience and network infrastructure prevalence and other projects shall be announced by the MODA or its subordinate agencies and published on the Executive Yuan Gazette. (3) Subsidy programs According to Articles 6 of the Regulations, there are no specific restrictions on subsidy categories, with two exceptions: (1) promotion of industry innovation or R&D – Subsidies are limited to six categories, i.e., innovation or R&D personnel expenses for approved projects; costs for consumables and raw materials; access and maintenance expenses for innovative or R&D equipment; introduction of intangible assets; commissioning and verification fees of research; and travel expenses. (2) advocacy of corporate use of big data and the government’s open data to develop and innovate commercial applications or service models or enhancement of communications network resilience and network infrastructure prevalence - Subsidies are limited to three categories, i.e., fees for commissioned services; training & education fees; and promotional campaign expenses. (4) Application submission According to Article 7 of the Regulations, an applicant should submit the application form, the project plan and relevant data to the MODA or its subordinate agencies. If the contents of the project plan or documents fail to meet requirements, the MODA or its subordinate agencies may request missing materials before a deadline of up to one month. The MODA or its subordinate agencies may not accept applications without missing materials supplied before deadlines. (5) Acceptance and review According to Article 8 of the Regulations, the MODA or its subordinate agencies shall convene review meetings to review applications, changes and irregularities in the execution of subsidy programs. Applicants may be asked to provide explanations or Personnel may be sent to conduct on-site inspections. If necessary, relevant authorities or institutions may be commissioned assist in financial reviews. Additionally, according to Article 9 of the Regulations, the period from document readiness by an applicant to notification of the completed review to the applicant may not exceed three months. This may be extended by one month if necessary. Finally, according to Article 17 of the Regulations, subsidized projects, subsidy recipients, approval dates, subsidized amounts (including cumulative amounts) and relevant information shall be announced on the websites of the MODA or its subordinate agencies each quarterly unless the disclosure should be restricted or is not provided according to Article 18 of the Freedom of Government Information Law. (6) Contract signing Once reviewed and approved, the applicant must sign the subsidy contract with the MODA or its subordinate agencies within the time period specified by Article 10 of the Regulations. Unless extension has been agreed by the MODA or its subordinate agencies, the approval of the application loses validity if a contract is not signed before the deadline. (7) Matters of adherence by subsidy recipients Once the subsidy contract has been signed, an applicant becomes a subsidy recipient under the Regulations and must abide by relevant terms and conditions. First, the recipient shall establish a separate account for subsidy funds and maintain a separate account book, according to Article 11 of the Regulations. All of the interest generated from the subsidy account and any balance remaining after the project completion shall be fully returned to the national treasury via the MODA or its subordinate agencies. Meanwhile, to examine whether there are any duplications of application, the use of subsidy funds and the effectiveness of project implementation, the MODA or its subordinate agencies may dispatch personnel or commission a fair and just organization to inspect the relevant documents, account books and status of project execution. The subsidy recipient shall not refuse such an examination, is obligated to respond and shall submit work reports and details about the use of funds by following the agreed-upon schedule. In event of breach, the disbursement of subsequent funds may be suspended, under the terms and conditions of the subsidy contract. Second, according to Article 12 of the Regulations, if a recipient fails to execute the subsidized project as planned or the project experiences a significant delay in progress, or there is an overly large gap between the project results and the business plan, or the project fails to pass the review, inspection or acceptance by the MODA or its subordinate agencies and no improvement has been made before the specified deadline, or there is a breach of the Regulations Governing Procurements for Scientific and Technological Research and Development if the subsidized amount exceeds 50% of the recipient’s procurement and it meets the threshold for public announcements under the Government Procurement Act, the MODA or its subordinate agencies may suspend the next disbursement in accordance with the terms and conditions of the subsidy contract, claw back the disbursed subsidy and even stop any subsidy to the recipient for one to five years, depending on the severity of the circumstances. Third, according to Article 14 of the Regulations, the MODA or its subordinate agencies must conduct a comprehensive assessment of effectiveness of subsidized projects and the recipient shall cooperate by providing data required for the assessment. Fourth, according to Article 16 of the Regulations and unless otherwise specified by laws, if the subsidized amount exceeds 50% of the total budget for a technology project, the ownership and utilization of R&D results shall comply with the Government Scientific and Technological Research and Development Results Ownership and Utilization Regulation. In event of breach by the recipient violates, the MODA or its subordinate agencies may terminate the subsidy contract and shall refuse to accept any subsidy application from the recipient for five years from the date of completion of the innovation or R&D. If the reason is attributable to the recipient, the subsidy contract shall be canceled and the subsidies shall be refunded. (8) Subsidy applications According to Article 17 of the Regulations, a subsidy applicant shall declare to the MODA or its subordinate agencies the following: 1) No significant default in the execution of any government-sponsored science and technology projects during the past five years. 2) No suspension currently in force as a result of disciplinary actions in relation to execution of a government-sponsored science and technology project. 3) No tax incentives, rewards or subsidies for the same matter under other laws granted to the same subsidized project. 4) No taxes owed during the past three years. However, individuals who apply for the subsidy under Subparagraph 5 or 6, Paragraph 1, Article 3 are exempted. 5) No violation of laws related to environmental protection, labor safety and health or food safety and hygiene or the People with Disabilities Rights Protection Act during the most recent three years, as determined to be serious by central competent authority. However, this does not apply to circumstances that occurred prior to the enforcement of the Statute. If the applicant refuses to declare the above, the MODA or its subordinate agencies may not accept the application. If any false statement is identified, the application may be rejected, or the subsidy may be withdrawn, the contract may be canceled and the disbursed funds shall be returned. 2. Rewards According to Paragraph 1 of Article 18 of the Regulations, the MODA or its subordinate agencies will announce reward programs for digital economy industries with details on recipients, eligibility criteria, evaluation standards, application procedures, approving agencies and other related matters. Moreover, reward applications are not accepted according to Paragraph 2 of Article 18 and the provisions of Article 13 and Article 15 shall apply mutatis mutandis. Article 17 regarding announcement of government information on subsidy applications shall also apply to reward applications. 3. Assistance Relevant rules are primarily prescribed from Article 19 to Article 21 of the Regulations. (1) Eligibility According to Paragraph 1 of Article 19 of the Regulations, the rules prescribed in Subparagraph 1, Paragraph 1 of Article 4 also apply to the eligibility criteria for assistance to digital economy industries. In other words, assistance recipients in principle shall engage in activities of digital economy industries, either a sole proprietorship, partnership, limited partnership, or corporation registered in accordance with domestic laws or a natural person who is national of the R.O.C., a natural person from Hong Kong or Macau or a foreign national with permanent residency and has never been listed as a refusal account by any bank. Flexibility can be granted outside the aforesaid limitations and in accordance with Paragraph 2 of Article 19. If required for the development of digital economy industries, the MODA or its subordinate agencies may establish separate eligibility criteria for assistance recipients via public announcement and publication on the Executive Yuan Gazette. (2) Oversight of commissioned organizations According to Article 20 of the Regulations, the MODA or its subordinate agencies may evaluate and assess the effectiveness of the assistance services provided by the commissioned organization(s) for recipients as an important basis for reviewing assistance projects. (3) Establishment of a single contact window The assistance unit may establish a single contact window to provide assistance and counseling services, according to Article 21 of the Regulations. 4. General provisions In addition to specific rules, the general provisions prescribed from Article 22 to Article 25 shall apply to subsidies, rewards or assistance provided by the MODA and its subordinate agencies. First, all the funds required for policy measures shall come from the budgets allocated by the MODA or its subordinate agencies, according to Article 25 of the Regulations. Second, the MODA or its subordinate agencies may commission a legal person or a group to handle the application acceptance, review, approval, inspection, subsidy disbursement and claw-back, rewards, assistance and other relevant matters, according to Article 22 of the Regulations. Furthermore, according to Article 23 of the Regulations, the incoming and outgoing of funds for subsidy, reward and assistance projects are managed as follows: 1) The same project applying for subsidies with two or more organizations should list the details of all expenses and the breakdowns and amounts of subsidies, rewards and assistance under application with each government agency. The subsidy, reward and assistance program shall be canceled and the disbursed funds shall be returned in event of concealment or false statements. 2) If the review by each government agency on the use of funds identifies poor results, utilization not consistent with the subsidy purposes, or inflated or dishonest numbers, the subsidy, reward or assistance recipient shall return the disbursed funds. Meanwhile, no subsidy shall be granted to the subsidy, reward or assistance recipient in question for one to five years, depending on the severity of circumstances. 3) If procurement is involved in the subsidy, reward or assistance budget, the subsidy, reward or assistance recipient shall adhere to the Government Procurement Act. 4) When reporting on expenses, the subsidy, reward or assistance recipient shall enumerate in detail the utilization of expenditures and the total amount of spendings. The same project subsidized by two or more organizations shall list the actual sum of subsidies, rewards and assistance. Finally, according to Article 24 of the Regulations, the approval, disbursement and reimbursement of subsidies, rewards and assistance are processed as follows: 1) Disbursement based on project progress: The number of instalments, the method, the amount (percentage) are specified in the contract by the MODA or its subordinate agencies, depending on the project and the timetable. 2) Reimbursement shall be based on the Management Guidelines for the Disposal of Government Expenditure Vouchers, the Matters of Attention Regarding Budget (Donation) Implementations by Central Government Agencies for Private Groups and Individuals and relevant contractual provisions. IV. Conclusions To accelerate the innovation and development of digital economy industries in Taiwan, the MODA has promogulated the Subsidy, Reward and Assistance Regulations for Promoting Industry Innovation in accordance with Paragraph 1, Article 9 of the Statute for Industrial Innovation. It is hoped that the subsidies, rewards and assistance provided by the MODA helps to enhance the competitiveness of digital economy industries and the effectiveness of the digital economy development in addition to the Statute. The Regulations set out detailed rules on policy measures e.g., subsidies, rewards, and assistance. Key matters such as eligible recipients, application procedures, review mechanisms, responsibilities and obligations are clearly defined but certain flexibility is reserved by exceptions. A contract-centric approach provides manoeuvrability in practice specific to project circumstances. It is hoped that the MODA and its subordinate agencies can utilize these Regulations once in force, to enhance the business environment of the digital economy industries and continue to drive industry innovations.

Brief Introduction to “European Union’s Recommendations for QTSPs Based on Standards” 2022/06/24 I. Introduction 　　The Electronic Identification and Trust Services Regulation (eIDAS)[1] of the European Union was passed in 2014 and came into effect in July 2016. The eIDAS consists of six chapters and its core elements are covered in two parts: Chapter 2 Electronic Identification and Chapter 3 Trust Services. Chapter 3 provides the legal framework for trust services (TS) in relation to electronic transactions and encompasses electronic signatures, electronic seals, electronic time stamps, electronic registered delivery services and website authentication. Each trust service can be provided by trust service providers (TSP) or qualified trust service providers (QTSP). Qualification from the supervisory authority of each member state is required to become a QTSP and provide qualified trust services (QTS). 　　In March 2021, the European Union Agency for Cybersecurity (ENISA) published “Recommendations For QTSPs Based On Standards[2]” for those interested in becoming QTSPs. II. Highlights 　　The eIDAS is technology neutral regarding trust service security requirements, without specifying any technology. In other words, TSP can achieve the level of security required by the eIDAS with different technologies. In fact, the European Union hopes to drive standardization with common grounds gradually formed with industry self-regulation in the legal framework and the trust framework under the eIDAS[3]. 　　Since 2009, the European Union has been formulating the standardisation framework related to electronic signatures with the assistance from standardization bodies such as European Committee for Standardization (CEN) and European Telecommunications Standards Institute (ETSI). The vision is to establish a comprehensive standardization framework to resolve the problems of using electronic signatures across borders within the European Union. A series of standards on electronic signatures and relevant trust services have been put in place, to meet the international requirements and the eIDAS[4]. The ETSI/CEN standards of digital signatures related to QTSP are as follows[5]: 1. Provision of qualified certificates for electronic signatures (Article 28 of the eIDAS) 　 ETSI EN 319 411-2 (and in adherence to EN 319 401, EN 319 411-1, EN 319 412-2 and EN 319 412-5). 2. Provision of qualified certificates for electronic seals (Article 38 of the eIDAS) 　 ETSI EN 319 411-2 (and in adherence to EN 319 401, EN 319 411-1, EN 319 412-3 and EN 319 412-5). 3. Provision of qualified certificates for website authentication (Article 45 of the eIDAS) 　 ETSI EN 319 411-2 (and in adherence to EN 319 401, EN 319 411-1, EN 319 412-4 and EN 319 412-5). 4. Qualified electronic time stamping service (Article 42 of the eIDAS) 　 ETSI EN 319 421 (and in adherence to EN 319 401), EN 319 422. 5. Qualified validation service for qualified electronic signatures (Article 33 of the eIDAS) 　 ETSI TS 119 441 (and in adherence to EN 319 401), TS 119 442, EN 319 102-1, TS 119 102-2 and TS 119 172-4. 6. Qualified validation service for qualified electronic seals (Article 40 of the eIDAS) 　 ETSI TS 119 441 (and in adherence to EN 319 401), TS 119 442, EN 319 102-1, TS 119 102-2 and TS 119 172-4. 7. Qualified preservation service for qualified electronic signatures (Article 34 of the eIDAS) 　 ETSI EN 319 401, TS 119 511 and TS 119 512. 8. Qualified preservation service for qualified electronic seals; (Article 40 of the eIDAS) 　 ETSI EN 319 401, TS 119 511 and TS 119 512. 9. Qualified electronic registered delivery service (Article 44 of the eIDAS) 　 ETSI EN 319 401, EN 319 521, EN 319 522, EN 319 531 and EN 319 532. III. Comment and Analysis 　　The ENISA recommendations demonstrate the European Union’s intention to encourage ICT service providers to become QTSPs by introducing relevant standards in electronic signatures formulated by the European Union standardization bodies. The purpose is to provide companies and users in the European Union with more secure and trustworthy services in relation to electronic signatures. This enhances the confidence of users and promotes the vibrant development of electronic transactions throughout the European Union. 　　Over recent years, Taiwanese companies have been proactively involved in digital transformation. The process toward digitalization often requires assistance from external ICT service providers. However, the unfamiliarity in ICT makes it difficult for companies to judge the professional expertise of providers. Perhaps companies can refer to the introduction above to understand whether a provider meets the requirements of the European Union standards. This serves as a basis for the selection of ICT service providers to ensure a certain level of competences. This will be beneficial to the digital transformation and entrance in the European Union market for companies. [1] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2014.257.01.0073.01.ENG (last visited Jun. 24, 2022). [2] European Union Agency for Cybersecurity [ENISA], Recommendations for Qualified Trust Service Providers based on Standards (2021), https://www.enisa.europa.eu/publications/reccomendations-for-qtsps-based-on-standards (last visited Jun. 24, 2022). [3] id. at 8 [4] id. at 8-9. [5] id. at 11-12