Taiwan Announced the Biobanks Regulations and Management Practices

Recognized that Research infrastructures (RIs) are at the centre of the knowledge triangle of research, education and innovation and play an increasingly important role in the advancement of knowledge and technology, the EU began to finance for the establishments of RIs by its Framework Programmes (FPs) since the start of FP2 of 1987. On the other hand, the EU also assigned the European Strategy Forum on Research Infrastructures (ESFRI) to develop a coherent and strategy-led approach to policy-making on RIs between Member States and to facilitate the better use and development of RIs at EU and international level. Based on those efforts, the European Commission understood that a major difficulty in setting up RIs between EU countries is the lack of an adequate legal framework allowing the creation of appropriate partnerships and proposed a legal framework for a European research infrastructure adapted to the needs of such facilities. The new legal framework for a European Research Infrastructure Consortium (ERIC) entered into force on 28 August 2009. An successfully-set-up ERIC will have the legal personality based on EU law, and can benefit from exemptions from VAT and excise duty in all EU Member States and may adopt its own procurement procedures to get rid of the EU's public procurement procedures. It is predicted that the Biobanking and Biomolecular Resources Research Infrastructure (BBMRI) will apply to become a BBMRI-ERIC in the near future. The EU also seeks to lead in Energy, Food and Biology through the reforms of ERICs to assist the high quality of activities of European scientists and attract the best researchers from around the world. Besides, in order to connect the knowledge triangle effectively, the European Commission also established the European Institute of Innovation and Technology (EIT) on March 2008. It hopes through the research development partnership network to gather all the advantages from the science and technology chains of multiple areas, and make an effort for the strategy of EU innovation development jointly；Meanwhile, extends its roadmap to the objectives and practices of the Knowledge and Innovation Communities (KICs) of the EIT. Contrast with the EU's advance, it is necessary to our government to concentrate and contemplate whether it is the time to reconsider if our existing legal instruments available to domestic research facilities and infrastructures are sufficient enough to reach our science and technology development goals.

Blockchain and General Data Protection Regulation (GDPR) compliance issues (2019) I. Brief 　　Blockchain technology can solve the problem of trust between data demanders and data providers. In other words, in a centralized mode, data demanders can only choose to believe that the centralized platform will not contain the false information. However, in the decentralized mode, data isn’t controlled by one individual group or organization[1], data demanders can directly verify information such as data source, time, and authorization on the blockchain without worrying about the correctness and authenticity of the data. 　　Take the “immutable” for example, it is conflict with the right to erase (also known as the right to be forgotten) in the GDPR.With encryption and one-time pad (OTP) technology, data subjects can make data off-chain storaged or modified at any time in a decentralized platform, so the problem that data on blockchain not meet the GDPR regulation has gradually faded away. II. What is GDPR? 　　The purpose of the EU GDPR is to protect user’s data and to prevent large-scale online platforms or large enterprises from collecting or using user’s data without their permission. Violators will be punished by the EU with up to 20 million Euros (equal to 700 million NT dollars) or 4% of the worldwide annual revenue of the prior financial year. 　　The aim is to promote free movement of personal data within the European Union, while maintaining adequate level of data protection. It is a technology-neutral law, any type of technology which is for processing personal data is applicable. 　　So problem about whether the data on blockchain fits GDPR regulation has raise. Since the blockchain is decentralized, one of the original design goals is to avoid a large amount of centralized data being abused. 　　Blockchain can be divided into permissioned blockchains and permissionless blockchains. The former can also be called “private chains” or “alliance chains” or “enterprise chains”, that means no one can join the blockchain without consent. The latter can also be called “public chains”, which means that anyone can participate on chain without obtaining consent. 　　Sometimes, private chain is not completely decentralized. The demand for the use of blockchain has developed a hybrid of two types of blockchain, called “alliance chain”, which not only maintains the privacy of the private chain, but also maintains the characteristics of public chains. The information on the alliance chain will be open and transparent, and it is in conflict with the application of GDPR. III. How to GDPR apply to blockchain ? 　　First, it should be determined whether the data on the blockchain is personal data protected by GDPR. Second, what is the relationship and respective responsibilities of the data subject, data controller, and data processor? Finally, we discuss the common technical characteristics of blockchain and how it is applicable to GDPR. 1. Data on the blockchain is personal data protected by GDPR? 　　First of all, starting from the technical characteristics of the blockchain, blockchain technology is commonly decentralized, anonymous, immutable, trackable and encrypted. The other five major characteristics are immutability, authenticity, transparency, uniqueness, and collective consensus. 　　Further, the blockchain is an open, decentralized ledger technology that can effectively verify and permanently store transactions between two parties, and can be proved. 　　It is a distributed database, all users on the chain can access to the database and the history record, also can directly verify transaction records. Each nodes use peer-to-peer transmission for upload or transfer information without third-party intermediation, which is the unique “decentralization” feature of the blockchain. 　　In addition, the node or any user on the chain has a unique and identifiable set of more than 30 alphanumeric addresses, but the user may choose to be anonymous or provide identification, which is also a feature of transparency with pseudonymity[2]; Data on blockchain is irreversibility of records. Once the transaction is recorded and updated on the chain, it is difficult to change and is permanently stored in the database, that is to say, it has the characteristics of “tamper-resistance”[3]. 　　According to Article 4 (1) of the GDPR, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 　　Therefore, if data subject cannot be identified by the personal data on the blockchain, that is an anonymous data, excluding the application of GDPR. (1) What is Anonymization? 　　According to Opinion 05/2014 on Anonymization Techniques by Article 29 Data Protection Working Party of the European Union, “anonymization” is a technique applied to personal data in order to achieve irreversible de-identification[4]. 　　And it also said the “Hash function” of blockchain is a pseudonymization technology, the personal data is possible to be re-identified. Therefore it’s not an “anonymization”, the data on the blockchain may still be the personal data stipulated by the GDPR. 　　As the blockchain evolves, it will be possible to develop technologies that are not regulated by GDPR, such as part of the encryption process, which will be able to pass the court or European data protection authorities requirement of anonymization. There are also many compliance solutions which use technical in the industry, such as avoiding transaction data stored directly on the chain. 2. International data transmission 　　Furthermore, in accordance with Article 3 of the GDPR, “This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not. This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or (b) the monitoring of their behaviour as far as their behaviour takes place within the Union”.[5] 　　In other words, GDPR applies only when the data on the blockchain is not anonymized, and involves the processing of personal data of EU citizens. 3. Identification of data controllers and data processors 　　Therefore, if the encryption technology involves the public storage of EU citizens' personal data and passes it to a third-party controller, it may be identified as the “data controller” under Article 4 of GDPR, and all nodes and miners of the platform may be deemed as the “co-controller” of the data, and be assumed joint responsibility with the data controller by GDPR. For example, the parties can claim the right to delete data from the data controller. 　　In addition, a blockchain operator may be identified as a “processor”, for example, Backend as a Service (BaaS) products, the third parties provide network infrastructure for users, and let users manage and store personal data. Such Cloud Services Companies provide online services on behalf of customers, do not act as “data controllers”. Some commentators believe that in the case of private chains or alliance chains, such as land records transmission, inter-bank customer information sharing, etc., compared to public chain applications: such as cryptocurrencies (Bitcoin for example), is not completely decentralized, and more likely to meet GDPR requirements[6]. For example, in the case of a private chain or alliance chain, it is a closed platform, which contains only a small number of trusted nodes, is more effective in complying with the GDPR rules. 4. Data subject claims 　　In accordance with Article 17 of the GDPR, The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay under some grounds. 　　Off-chain storage technology can help the blockchain industry comply with GDPR rules, allowing offline storage of personal data, or allow trusted nodes to delete the private key of encrypted information, which leaving data that cannot be read and identified on the chain. If the data is in accordance with the definition of anonymization by GDPR, there is no room for GDPR to be applied. IV. Conclusion 　　In summary, it’s seem that the application of blockchain to GDPR may include: (a) being difficulty to identified the data controllers and data processors after the data subject upload their data. (b) the nature of decentralized storage is transnational storage, and Whether the country where the node is located, is meets the “adequacy decision” of Article 45 of the GDPR. 　　If it cannot be met, then it needs to consider whether it conforms to the transfers subject to appropriate safeguards of Article 46, or the derogations for specific situations of Article 49 of the GDPR. Reference: [1] How to Trade Cryptocurrency: A Guide for (Future) Millionaires, https://wikijob.com/trading/cryptocurrency/how-to-trade-cryptocurrency [2] DONNA K. HAMMAKER, HEALTH RECORDS AND THE LAW 392 (5TH ED. 2018). [3] Iansiti, Marco, and Karim R. Lakhani, The Truth about Blockchain, Harvard Business Review 95, no. 1 (January-February 2017): 118-125, available at https://hbr.org/2017/01/the-truth-about-blockchain [4] Article 29 Data Protection Working Party, Opinion 05/2014 on Anonymisation Techniques (2014), https://www.pdpjournals.com/docs/88197.pdf [5] Directive 95/46/EC (General Data Protection Regulation), https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN [6] Queen Mary University of London, Are blockchains compatible with data privacy law? https://www.qmul.ac.uk/media/news/2018/hss/are-blockchains-compatible-with-data-privacy-law.html

Taiwan Government Lauched the “Biotechnology Action Plan” The Taiwan Government has planned to boost the support and develop local industries across the following six major sectors: biotechnology, tourism, health care, green energy, innovative culture and post-modern agriculture. As the biotechnology industry has reached its maturity by the promulgation of "Biotech and New Pharmaceutical Development Act" in July, 2007, it will be the first to take the lead among the above sectors. Thus, the Executive Yuan has launched the Biotechnology Action Plan as the first project in building the leading industry sectors, to upgrade local industries and stimulate future economic growth. Taiwan Government Planed to Promote the Biotechnology and Other newly Industries by Investing Two Hundred Billion To expand every industrial scale, enhance industrial value, increase the value around the main industrial field, and to encourage the industrial development by government investments for creating the civil working opportunities to reach the goal of continuous economic development, the Executive Yuan Economic Establishment commission has expressed that, the government has selected six newly industrials including "Biotechnology", "Green Energy", "Refined Agriculture", "Tourism", "Medicare", and "Culture Originality" on November 19, 2009 to promote our national economic growth. The government will invest two hundred billion NT dollars to support the industrial development aggressively and to enhance the social investments from year 2009 to 2012. According to a Chung-Hua Institution for Economic Research report, the future growth rate will reach 8.16% after the evaluation, Hence, the future of the industries seems to be quite bright. Currently, the government plans to put money into six newly industries through the existing ways for investment. For instance, firstly, in accordance with the "Act For The Development Of Biotech And New Pharmaceuticals Industry" article 5 provision 1 ",for the purpose of promoting the Biotech and New Pharmaceuticals Industry, a Biotech and New Pharmaceuticals Company may, for a period of five years from the time it is subject to corporate income tax, enjoy a reduction in its corporate income tax payable for up to thirty-five percent (35%) of the total funds invested in research and development ("R&D") and personnel training each year; provided, however, that if the R&D expenditure of a particular year exceeds the average R&D expenditure of the previous two years or if the personnel training expenditure of a particular year exceeds the average personnel training expenditure of the previous two years, fifty percent (50%) of the amount in excess of the average may be used to credit against the amount of corporate income tax payable. Secondly, according to same act of the article 6 provision 1 ", in order to encourage the establishment or expansion of Bio tech and New Pharmaceuticals Companies, a profit-seeking enterprise that (i) subscribes for the stock issued by a Biotech and New Pharmaceuticals Company at the time of the latter's establishment or subsequent expansion; and (ii) has been a registered shareholder of the Biotech and New Pharmaceuticals Company for a period of three (3) years or more, may, for a period of five years from the time it is subject to corporate income tax, enjoy a reduction in its corporate income tax payable for up to twenty percent (20%) of the total amount of price paid for the subscription of shares in such Biotech and New Pharmaceuticals Company; provided that such Biotech and New Pharmaceuticals Company has not applied for exemption from corporate income tax or shareholders investment credit based on the subscription price under other applicable laws and regulations. Thirdly, to promote the entire biotechnological industry development, the government has drafted the "Biotechnology Takeoff Package" for subsidizing the startup´s social investment companies which can satisfy the conditions to invest in "Drug discovery", "Medical Device" or other related biotech industries up to 5 billion with the capital invest in domestic industry over 50%, , with operating experience of multinational biotech investment companies with capital over 150 million in related industrial fields, and with the working experiences of doctor accumulated up to 60 years. Additionally, the refined agriculture industry field has not only discovered the gene selected products, but also combined the tourism with farming business for new business model creation. According to the "Guidelines for Preferential Loans for the Upgrading of Tourism Enterprises" point 4 provision 1, the expenditure for spending on machine, instruments, land or repairing can be granted a preferential loan in accordance with the rule of point 6, and government will provide a subsidy of interest for loaning Tourism Enterprises with timely payments. At last, Council for Economic Planning and Development also points out because most of technology industry has been impacted seriously by fluctuation of international prosperity due to conducting the export trade oriented strategy. Furthermore, the aspects of our export trade of technology industry have been impacted by the U.S. financial crisis and the economic decay in EU and US; and the industrial development seems to face the problem caused by over centralization in Taiwan. Hence, the current framework of domestic industry should be rearranged and to make it better by promoting the developmental project of six newly industries. Taiwan Government Had Modifies Rules to Accelerate NDA Process and Facilitate Development of Clinical Studies in Taiwan In July 2007, the "Biotech and New Pharmaceutical Development Act" modified many regulations related to pharmaceutical administration, taxes, and professionals in Taiwan. In addition, in order to facilitate the development of the biotechnology and pharmaceutical industries, the government has attempted to create a friendly environment for research and development by setting up appropriate regulations and application systems. These measures show that the Taiwanese government is keenly aware that these industries have huge potential value. To operate in coordination with the above Act and to better deal with the increasing productivity of pharmaceutical R&D programs in Taiwan, the Executive Yuan simplified the New Drug Application (NDA) process to facilitate the submission that required Certificate of Pharmaceutical Product (CPP) for drugs with new ingredients. The current NDA process requires sponsors to submit documentation as specified by one of the following four options: (1) three CPPs from three of "ten medically-advanced countries," including Germany, the U.S., England, France, Japan, Switzerland, Canada, Australia, Belgium, and Sweden; (2) one CPP from the U.S., Japan, Canada, Australia, or England and one CPP from Germany, France, Switzerland, Sweden, or Belgium; (3) a Free Sale Certificate (FSC) from one of ten medically-advanced countries where the pharmaceuticals are originally produced and one CPP from one of the other nine countries; or (4) a CPP from the European Medicines Agency. Thus, the current NDA process requires sponsors to spend inordinate amounts of time and incur significant costs to acquire two or three FSCs or CPPs from ten medically-advanced countries in order to submit an NDA in Taiwan. According to the new rules, sponsors will not have to submit above CPPs if (1) Phase I clinical studies have been conducted in Taiwan, and Phase III Pivotal Trial clinical studies have been simultaneously conducted both in Taiwan and in another country or (2) Phase II and Phase III Pivotal Trial clinical studies have been simultaneously conducted both in Taiwan and in another country. Besides, the required minimum numbers of patients were evaluated during each above phase. Therefore, sponsors who conduct clinical studies in Taiwan and in another country simultaneously could reduce their costs and shorten the NDA process in Taiwan. The new rules aim to encourage international pharmaceutical companies to conduct clinical studies in Taiwan or to conduct such studies cooperatively with Taiwanese pharmaceutical companies. Such interactions will allow Taiwanese pharmaceutical companies to participate in development and implementation of international clinical studies in addition to benefiting from the shortened NDA process. Therefore, the R&D abilities and the internationalization of the Taiwanese pharmaceutical industry will be improved.

Introduction to the “Public Procurement for Startups” mechanism I.Backgrounds 　　According to the EU’s statistics, government procurement budget accounted for over 14% of GDP. And, according to the media report, the total amount of government procurement in Taiwan in 2017 accounted for nearly 8%. Therefore, the government’s procurement power has gradually become a policy tool for the government to promote the development of innovative products and services. 　　In 2017, the Executive Yuan of the R.O.C.（Taiwan）announced a government procurement policy named “Government as Good Partners with Startups （政府成為新創好夥伴）”[1] to encourage government agencies and State-owned Enterprises to procure and adopt innovative goods or services provided by startups. This policy was subsequently implemented through an action plan named “Public Procurement for Startups”（新創採購）[2] by the Small and Medium Enterprise Administration（SMEA）.The action plan mainly includes two important parts：One created the procurement process for startups to enter the government contracts market through inter-entities contracts. The other accelerated the collaboration of the government agencies and startups through empirical demonstration. II.Facilitating the procurement process for startups to enter the government market 　　In order to help startups enter the government contracts market in a more efficient way, the SMEA conducts the procurement of inter-entity supply contracts with suppliers, especially startups, for the supply of innovative goods or services. An inter-entity supply contract[3] is a special contractual framework, under which the contracting entity on behalf of two or more other contracting parties signs a contract with suppliers and formulates the specifics and price of products or services provided through the public procurement process. Through the process of calling for tenders, price competition and so on, winning tenderers will be selected and listed on the Government E-Procurement System. This framework allows those contracting entities obtain orders and acquire products or services which they need in a more efficient way so it increases government agencies’ willingness to procure and use innovative products and services. 　　From 2018, the SMEA started to undertake the survey of innovative products and services that government agencies usually needed and conducted the procurement of inter-entity supply contracts for two rounds every year. As a result, the SMEA plays an important role to bridge the demand and supply sides for innovative products or services by means of implementing the forth-mentioned survey and procurement process. Moreover, in order to explore more innovative products and services with high quality and suitable for government agencies and public institutions, the SMEA actively networked with various stakeholders, including incubators, accelerators, startups mentoring programs sponsored by private and public sectors and so on. 　　Initially the items to be procured were categorized into four themes which were named the Smart Innovations, the Smart Eco, the Smart Healthcare, and the Smart Security. Later, in order to show the diversity of the innovation of startups which response well to various social issues, from 2019, the SMEA introduced two new theme solicitations titled the Smart Education and the Smart Agriculture to the inter-entities contracts. 　　Those items included the power management systems, the AI automated recognition and image warning system, the chatbot for public service, unmanned flying vehicles, aerial photography services and so on. Take the popular AI image warning system as an example, the system is used by police officers to make instant evidence searching and image recording. Other government agencies apply the innovative system to the investigation of illegal logging and school safety surveillance. 　　Moreover, the SMEA has also offered subsidy for local governments tobuy those items provided by startups. That is the coordinated supporting measure which allows startups the equal playing field to compete with large companies. The Subsidy scheme is based on the Guideline for Subsidies on Procurement of Innovative Products and Services[3] (approved by the Executive Yuan on March 29, 2018 and revised on Feb. 20, 2021). In the Guideline, “innovative products and services” refer to the products, technologies, labor, service flows or items and services rendered with creative activities through deploying scientific or technical means and a certain degree of innovations by startups with less than five years in operation. Such innovative products and services are displayed for the inter-entity supply contractual framework administered by the SMEA for government procurement. III.Accelerating the collaboration of the government agencies and startups through empirical demonstration 　　To assist startups to prove their concepts or services, and become more familiar with the governemnrt’s needs, the SMEA also created a mechanism called the “Solving Governmental Problems by Star-up Innovation”（政府出題˙新創解題）. It plans to collect government agencies’ needs, and then solicit innovative proposals from startups. After their proposals are accepted, startups will be given a grant up to one million NT dollars to conduct empirical studies on solution with government agencies for about half a year. 　　Take the cooperation between the “Taoyuan Long Term Care Institute for Older People and the Biotech Startup” for example, a care system with sanitary aids was introduced to provide automatic detection, cleanup and dry services for the patients’discharges, thus saving 95% of cleaning time for caregivers. In the past, caregivers usually spent 4 hours on the average in inspecting old patients, cleaning and replacing their bedsheets as their busy daily routines. Inadequate caregivers makes it difficult to maintain the care quality. If the problem was not addressed immediately, it would make the life of old patients more difficult. IV.Achievements to date 　　Since the promotion of the products and services of the startups and the launch of the “Public Procurement for Startups” program in 2018, 68 startups, with the SMEA’s assistance, have entered the government procurement contracts market, and more than 100 government agencies have adopted the innovative resolutions. With the encouragement for them in adopting and utilizing the fruits of the startups, it has generated more than NT$150 million in cooperative business opportunities. V.Conclusions 　　While more and more startups are obtaining business opportunities from the favorable procurement process, constant innovation remains the key to success. As such, the SMEA has regularly visited the government agencies-buyers to obtain feedbacks from startups so as to adjust and optimize the innovative products or services. The SMEA has also regularly renewed the specifics and items of the procurement list every year to keep introducing and supplying high-quality products or services to the government agencies. [1] Policy for investment environment optimization for Startups（2017）,available athttps://www.ndc.gov.tw/nc_27_28382.（last visited on July 30, 2021 ) [2] https://www.spp.org.tw/spp/（last visited on July 30, 2021 ) [3] Article 93 of Government Procurement Act：I An entity may execute an inter-entity supply contract with a supplier for the supply of property or services that are commonly needed by entities. II The regulations for a procurement of an inter-entity supply contract, the matters specified in the tender documentation and contract, applicable entities, and the related matters shall be prescribed by the responsible entity. [4] https://law.moea.gov.tw/LawContent.aspx?id=GL000555（last visited on July 30, 2021）