Legal Analysis of the U.S. BIOSECURE Act: Implications for Taiwanese Biotechnology Companies

I.Introduction Recently, many countries have attracted by Israel’s technology innovation, and wonder how Israel, resource-deficiency and enemies-around, has the capacity to enrich the environment for innovative startups, innovative R&D and other innovative activities. At the same time, several cross-border enterprises hungers to establish research centers in Israel, and positively recruits Israel high-tech engineers to make more innovative products or researches. However, there is no doubt that Israel is under the spotlight in the era of innovation because of its well-shaped national technology system framework, innovative policies of development and a high level of R&D expenditure, and there must be something to learn from. Also, Taiwanese government has already commenced re-organization lately, how to tightly connect related public technology sectors, and make the cooperation more closely and smoothly, is a critical issue for Taiwanese government to focus on. Consequently, by the observation of Israel’s national technology system framework and technology regulations, Israel’s experience shall be a valuable reference for Taiwanese government to build a better model for public technology sectors for future cooperation. Following harsh international competition, each country around the world is trying to find out the way to improve its ability to upgrade international competitiveness and to put in more power to promote technology innovation skills. Though, while governments are wondering how to strengthen their countries’ superiority, because of the differences on culture and economy, those will influence governments’ points of view to form an appropriate national innovative system, and will come with a different outcome. Israel, as a result of the fact that its short natural resources, recently, its stunning performance on technology innovation system makes others think about whether Israel has any characteristics or advantages to learn from. According to Israeli Central Bureau of Statistics records, Israel’s national expenditures on civilian R&D in 2013 amounted to NIS 44.2 billion, and shared 4.2% of the GDP. Compared to 2012 and 2011, the national expenditure on civilian R&D in 2013, at Israel’s constant price, increased by 1.3%, following an increase of 4.5% in 2012 and of 4.1% in 2011. Owing to a high level of national expenditure poured in, those, directly and indirectly, makes the outputs of Israel’s intellectual property and technology transfer have an eye-catching development and performance. Based on Israeli Central Bureau of Statistics records, in 2012-2013, approximately 1,438 IP invention disclosure reports were submitted by the researchers of various universities and R&D institutions for examination by the commercialization companies. About 1,019 of the reports were by companies at the universities, an increase of 2.2% compared to 2010-2011, and a 1% increase in 2010-2011 compared to 2008-2009. The dominant fields of the original patent applicants were medicines (24%), bio-technology (17%), and medical equipment (13%). The revenues from sales of intellectual property and gross royalties amounted to NIS 1,881 million in 2012, compared to NIS 1,680 million in 2011, and increase of 11.9%. The dominant field of the received revenues was medicines (94%). The revenues from sales of intellectual property and gross royalties in university in 2012 amounted to NIS 1,853 million in 2012, compared to NIS 1,658 million in 2011, an increase of 11.8%. Therefore, by the observation of these records, even though Israel only has 7 million population, compared to other large economies in the world, it is still hard to ignore Israel’s high quality of population and the energy of technical innovation within enterprises. II.The Recent Situation of Israel’s Technology Innovation System A.The Determination of Israel’s Technology Policy The direction and the decision of national technology policy get involved in a country’s economy growth and future technology development. As for a government sector deciding technology policy, it would be different because of each country’s government and administrative system. Compared to other democratic countries, Israel is a cabinet government; the president is the head of the country, but he/she does not have real political power, and is elected by the parliament members in every five years. At the same time, the parliament is re-elected in every four years, and the Israeli prime minister, taking charge of national policies, is elected from the parliament members by the citizens. The decision of Israel’s technology policy is primarily made by the Israeli Ministers Committee for Science and Technology and the Ministry of Science and Technology. The chairman of the Israeli Ministry Committee for Science and Technology is the Minister of Science and Technology, and takes charge of making the guideline of Israel’s national technology development policy and is responsible for coordinating R&D activities in Ministries. The primary function of the Ministry of Science and Technology is to make Israel’s national technology policies and to plan the guideline of national technology development; the scope includes academic research and applied scientific research. In addition, since Israel’s technology R&D was quite dispersed, it means that the Ministries only took responsibilities for their R&D, this phenomenon caused the waste of resources and inefficiency; therefore, Israel government gave a new role and responsibility for the Chief Scientists Forum under the Ministry of Science and Technology in 2000, and wished it can take the responsibility for coordinating R&D between the government’s sectors and non-government enterprises. The determination of technology policy, however, tends to rely on counseling units to provide helpful suggestions to make technology policies more intact. In the system of Israel government, the units playing a role for counseling include National Council for Research and Development (NCRD), the Steering Committee for Scientific Infrastructure, the National Council for Civil Research and Development (MOLMOP), and the Chief Scientists Forums in Ministries. Among the aforementioned units, NCRD and the Steering Committee for Scientific Infrastructure not only provide policy counseling, but also play a role in coordinating R&D among Ministries. NCRD is composed by the Chief Scientists Forums in Ministries, the chairman of Planning and Budgeting Committee, the financial officers, entrepreneurs, senior scientists and the Dean of Israel Academy of Sciences and Humanities. NCRD’s duties include providing suggestions regarding the setup of R&D organizations and related legal system, and advices concerning how to distribute budgets more effectively; making yearly and long-term guidelines for Israel’s R&D activities; suggesting the priority area of R&D; suggesting the formation of necessary basic infrastructures and executing the priority R&D plans; recommending the candidates of the Offices of Chief Scientists in Ministries and government research institutes. As for the Steering Committee for Scientific Infrastructure, the role it plays includes providing advices concerning budgets and the development framework of technology basic infrastructures; providing counsel for Ministries; setting up the priority scientific plans and items, and coordinating activities of R&D between academic institutes and national research committee. At last, as for MOLMOP, it was founded by the Israeli parliament in 2002, and its primary role is be a counseling unit regarding technology R&D issues for Israel government and related technology Ministries. As for MOLMOP’s responsibilities, which include providing advices regarding the government’s yearly and long-term national technology R&D policies, providing the priority development suggestion, and providing the suggestions for the execution of R&D basic infrastructure and research plans. B.The Management and Subsidy of Israel’s Technology plans Regarding the institute for the management and the subsidy of Israel’s technology plans, it will be different because of grantee. Israel Science Foundation (ISF) takes responsibility for the subsidy and the management of fundamental research plans in colleges, and its grantees are mainly focused on Israel’s colleges, high education institutes, medical centers and research institutes or researchers whose areas are in science and technical, life science and medicine, and humanity and social science. As for the budget of ISF, it mainly comes from the Planning and Budgeting Committee (PBC) in Israel Council for Higher Education. In addition, the units, taking charge of the management and the subsidy of technology plans in the government, are the Offices of the Chief Scientist in Ministries. Israel individually forms the Office of the Chief Scientist in the Ministry of Agriculture and Rural Development, the Ministry of Communications, the Ministry of Defense, the Ministry of National Infrastructures, Energy and Water Resources, the Ministry of Health and the Ministry of Economy. The function of the Office of the Chief Scientist not only promotes and inspires R&D innovation in high technology industries that the Office the Chief Scientist takes charge, but also executes Israel’s national plans and takes a responsibility for industrial R&D. Also, the Office of the Chief Scientist has to provide aid supports for those industries or researches, which can assist Israel’s R&D to upgrade; besides, the Office of the Chief Scientists has to provide the guide and training for enterprises to assist them in developing new technology applications or broadening an aspect of innovation for industries. Further, the Office of the Chief Scientists takes charge of cross-country R&D collaboration, and wishes to upgrade Israel’s technical ability and potential in the area of technology R&D and industry innovation by knowledge-sharing and collaboration. III.The Recent Situation of the Management and the Distribution of Israel’s Technology Budget A.The Distribution of Israel’s Technology R&D Budgets By observing Israel’s national expenditures on civilian R&D occupied high share of GDP, Israel’s government wants to promote the ability of innovation in enterprises, research institutes or universities by providing national resources and supports, and directly or indirectly helps the growth of industry development and enhances international competitiveness. However, how to distribute budgets appropriately to different Ministries, and make budgets can match national policies, it is a key point for Israel government to think about. Following the Israeli Central Bureau of Statistics records, Israel’s technology R&D budgets are mainly distributed to some Ministries, including the Ministry of Science and Technology, the Ministry of Economy, the Ministry of Agriculture and Rural Development, the Ministry of National Infrastructures, Energy and Water Resources, the Israel Council for Higher Education and other Ministries. As for the share of R&D budgets, the Ministry of Science and Technology occupies the share of 1.7%, the Ministry of Economy is 35%, the Israel Council for Higher Education is 45.5%, the Ministry of Agriculture and Rural Development is 8.15%, the Ministry of National Infrastructures, Energy and Water Resources is 1.1%, and other Ministries are 7.8% From observing that Israel R&D budgets mainly distributed to several specific Ministries, Israel government not only pours in lot of budgets to encourage civilian technology R&D, to attract more foreign capitals to invest Israel’s industries, and to promote the cooperation between international and domestic technology R&D, but also plans to provide higher education institutes with more R&D budgets to promote their abilities of creativity and innovation in different industries. In addition, by putting R&D budgets into higher education institutes, it also can indirectly inspire students’ potential innovation thinking in technology, develop their abilities to observe the trend of international technology R&D and the need of Israel’s domestic industries, and further appropriately enhance students in higher education institutes to transfer their knowledge into the society. B.The Management of Israel’s Technology R&D Budgets Since Israel is a cabinet government, the cabinet takes responsibility for making all national technology R&D policies. The Ministers Committee for Science and Technology not only has a duty to coordinate Ministries’ technology policies, but also has a responsibility for making a guideline of Israel’s national technology development. The determination of Israel’s national technology development guideline is made by the cabinet conference lead by the Prime Minister, other Ministries does not have any authority to make national technology development guideline. Aforementioned, Israel’s national technology R&D budgets are mainly distributed to several specific Ministries, including the Ministry of Science and Technology, the Ministry of Economy, the Ministry of Agriculture and Rural Development, the Ministry of National Infrastructures, Energy and Water Resources, the Israel Council for Higher Education, and etc. As for the plan management units and plan execution units in Ministries, the Office of the Chief Scientist is the plan management unit in the Ministry of Science and Technology, and Regional Research and Development Centers is the plan execution unit; the Office of the Chief Scientist is the plan management unit in the Ministry of Economy, and its plan execution unit is different industries; the ISF is the plan management units in the Israel Council for Higher Education; also, the Office of the Chief Scientist is the plan management unit in the Ministry of Agriculture, and its plan execution units include the Institute of Field and Garden Corps, the Institute of Horticulture, the Institute of Animal, the Institute of Plan Protection, the Institute of Soil, Water & Environmental Sciences, the Institute for Technology and Storage of Agriculture Products, the Institute of Agricultural Engineering and Research Center; the Office of the Chief Scientist is the plan management unit in the Ministry of National Infrastructures, Energy and Water Resources, and its plan execution units are the Geological Survey of Israel, Israel Oceanographic and Limnological Research and the Institute of Earth and Physical. As for other Ministries, the Offices of the Chief Scientist are the plan management units for Ministries, and the plan execution unit can take Israel National Institute for Health Policy Research or medical centers for example.

Shifting AI Governance in East Asia: AI Legislative Progress in Japan, South Korea and Taiwan 2025/09/09 Keywords: artificial intelligence, artificial intelligence regulation I.Introduction The landscape of AI governance in East Asia is changing, with two new AI laws enacted and one on the way. In South Korea, an act titled “the Basic Act on the Development of Artificial Intelligence and the Establishment of Foundation for Trustworthiness“ (“인공지능 발전과 신뢰 기반 조성 등에 관한 기본법”, henceforth referred to as “South Korea’s AI Act” or “SKAIA”)[1]was approved on December 26[2], 2024 and promulgated on January 21, 2025. The AI Basic Act is designed to establish a national AI governance framework and systematically foster the AI industry while preventing potential AI risks.[3]A few months later, Japan’s first law regulating AI was passed by the National Diet on May 28, 2025. The new law is titled "the Act on Promotion of Research and Development, and Utilization of AI-related Technology" (“人工知能関連技術の研究開発及び活用の推進に関する法律”, henceforth referred to as "Japan's AI Act" or "JAIA")[4], which reflects the strong will of the government to catch up in the global AI race.[5] Elsewhere in the region, Taiwan’s Executive Yuan finally passed its draft AI Basic Act (“人工智慧基本法草案”) on August 28[6] [7], which must now be submitted to the Legislative Yuan for deliberation. The government hopes the new law will lay the foundation for establishing Taiwan as an AI island and a key driving force in global AI development.[8] This article will give a quick overview of the key features of the three new AI regulations to illustrate the new landscape these countries are shaping in AI governance. II.Key features of Japan’s AI Act (JAIA) 1.Purpose and principles of JAIA Given Japan's lagging AI development and rising public concerns, JAIA reflects the government's worry about falling behind global peers in AI investment and adoption.[9] It is believed that new laws are needed in addition to existing laws and regulations to promote innovation and address risks.[10] Hence JAIA aims to advance the R&D and application of AI through the formulation of basic principles and plans, and the establishment of an "AI Strategic Headquarters".[11] JAIA establishes basic principles for the promotion of the R&D and application of AI-related technologies[12], including enhancing industry R&D capabilities and competitiveness, systematically promoting AI collaboration from research to application with transparency, and enabling Japan to shape global norms through international cooperation.[13] 2.Industry Development and Promotion JAIA requires the government to develop a National AI Basic Plan, in accordance with the basic principles, to promote the R&D and application of AI. The AI Basic Plan should set out fundamental policy guidelines and measures to comprehensively and systemically advance the R&D and application of AI-related technologies, along with other necessary provisions.[14] JAIA also specifies basic measures to be included in the plan, which cover issues of promotion of R&D, expansion and sharing of facilities and data, human resources and education, international engagement in AI norm setting, and domestic guidelines making. In addition, the government should monitor AI technology trends and analyze cases of rights violations from improper AI use to develop countermeasures and provide guidance accordingly.[15] 3.Governance JAIA stipulates that an AI Strategy Headquarters should be established under the Cabinet, composed of all cabinet members and headed by the Prime Minister.[16] The AI Strategic Headquarters is tasked with comprehensively and systematically advancing AI-related technology R&D and application policies, including the formulation, promotion, and implementation of AI Basic Plans and other related initiatives.[17] The Act also empowers the AI Strategy Headquarters to invite stakeholders to provide information, opinions or explanations, and other necessary assistance.[18] 4.Risk managements and rights protection JAIA does not impose direct compliance obligations, but AI companies and research institutions are required to cooperate with government investigations and follow government guidance in cases involving violations of human rights and interests.[19] 5.Implementation of JAIA and Follow-up Work JAIA came into force in May 2025. The Japanese government is required to develop guidelines that align with international standards and launch the Strategic Headquarters for the preparation and implementation of the National AI Basic Plan. III.Key features of the South Korea’s AI Act (SKAIA) 1.Purpose and principles of SKAIA SKAIA is designed to establish a foundation for AI development and trustworthiness, increasing citizens’ rights and interests protection, quality of life, and the country’s competitiveness.[20] It focuses on advancing national AI collaboration to foster a flourishing AI sector and developing legal frameworks to mitigate risks.[21] Accordingly, the Act establishes basic AI development principles: prioritizing safety and reliability to improve quality of life, and ensuring those affected by AI output receive clear, meaningful explanations within reasonable parameters.[22] 2.Industry development and promotion Supporting AI technology and industry development is a key feature of SKAIA. It establishes comprehensive measures covering technology development, industry revitalization, SME support, industrial foundations, talent cultivation, regulatory adaptation, and international cooperation.[23] 3.Governance SKAIA also strengthens the institutional framework for AI governance. The Ministry of Science and ICT (henceforth referred to as “MSIT”) is mandated to execute an AI Master Plan every three years and empowered to investigate violations, require corrective action, and impose fines on non-compliant entities.[24] The National AI Committee is authorized to review and decide on the AI Master Plan and AI-related matters, making it the highest decision-making body for South Korea's AI policies. It is composed of the heads of central administrative agencies and civilian AI experts appointed by the president.[25] SKAIA also establishes the AI Policy Center to support MSIT on AI policy formulation, and the AI Safety Institute for AI safety matters.[26] 4.Risk management and rights protection SKAIA imposes specific obligations on operators of high-impact AI and generative AI systems. All operators must ensure system transparency and safety, while high-impact AI operators face additional responsibilities including conducting fundamental rights impact assessments.[27] High-impact AI systems are defined as AI systems that have a significant impact on or may pose a risk to human life, safety, and fundamental rights and are mainly utilized in critical infrastructure sectors and human rights-sensitive areas, or other areas specified by presidential decree.[28] The procedure for determining whether an AI system qualifies as high-impact AI will be established through subordinate legislation.[29] 5.Implementation of SKAIA and Follow-up Work SKAIA will come into effect on January 1, 2026 and the formulation of subordinate statutes that detail enforcement mechanisms and guidelines should be expedited. However, domestic critics argue that corporate obligation provisions may hinder AI development and advocate for postponing their implementation.[30] Actually, an amendment to the Act was proposed in April 2025, seeking such a postponement along with a three-year grace period.[31] IV. Key features of Taiwan’s draft AI Basic Act 1.Purpose and Principles of the draft AI Basic Act[32] Taiwan adopts a relatively conservative approach to AI policy and measures to boost industrial development have long occupied the agenda of AI governance. Given that AI is a crucial technology for national development, the draft AI Basic Act (henceforth referred to as "the draft Act") seeks to ensure that AI technology develops vigorously in a human-centered approach, encourage innovation while considering human rights, and safeguard Taiwan’s national sovereignty and cultural values.[33] Hence, the draft Act establishes seven guiding principles in line with international norms, which are sustainability, human autonomy, privacy protection and data governance, security, transparency and explainability, fairness and accountability.[34] 2.Industry Development and Promotion It is the government’s responsibility to promote the R&D and application of AI and construct the infrastructure needed.[35] In order to facilitate AI innovations, competent authorities may provide a controlled environment for testing and validating AI innovation products and services before they are released to the market or put into use.[36] Considering the wide scope of AI application and development, the government is encouraged to collaborate with the private sector, including through public-private partnerships, and should promote international cooperation on AI matters.[37] The government should also continue to comprehensively promote AI education at all levels to enhance the public's AI literacy.[38] Data is crucial for AI development, so the draft Act mandates the government to establish mechanisms to enhance data availability, and measures to facilitate AI outputs that maintain the country's multicultural values, and protect intellectual property rights.[39] 3.Risk Management and Rights Protection (1) Risk Management The draft Act includes several provisions addressing AI risks. The government should take steps to prevent AI from being used for illegal purposes. For example, Ministry of Digital Affairs (MODA) and other relevant agencies may provide or recommend tools or methods for AI evaluation and verification to avoid misuse of AI.[40] Secondly, MODA is mandated to foster an AI risk classification framework, based on which sectoral competent authorities should establish risk-based tiered management standards.[41] Thirdly, the government may, through binding regulations or non-binding administrative guidance, promote safety standards, verification, transparent and explainable traceability, or accountability mechanisms to enhance the trustworthiness of AI development and application.[42] Lastly, the government should clarify the ownership and conditions of liability for high-risk AI applications and establish relevant mechanisms for relief, compensation or insurance to protect affected parties.[43] However, AI application responsibility norms would not apply to pre-release activities in order to support technological innovation.[44] [45] (2) Rights Protection The draft Act concerns not only the privacy rights of individuals but also labor rights. The government should ensure the protection of personal data used throughout the AI lifecycle on the one hand[46] , and also protect workers' rights and provide necessary assistance to help them adapt to technological changes, especially those who have lost their jobs due to AI use.[47] 4.Governance and Implementation Despite the heated debate regarding the designation of a dedicated AI regulatory authority in the country, the Executive Yuan decided against establishing such an authority, given AI's cross-ministerial nature. Relevant competent authorities will be responsible for formulating implementing regulations and guidelines and the Executive Yuan will continue to guide relevant agencies and departments at all levels through the existing Digital Legal Coordination Meeting to facilitate the development of AI.[48] V.Analysis and conclusion Japan, South Korea and Taiwan all seek to maintain the countries' momentum in promoting AI development through AI legislation. The three parties all emphasize trustworthy AI, though they actually place greater emphasis on AI development. They share considerable common ground in the policies to foster AI industry development, such as promoting AI R&D and application and supporting infrastructure-building, and diverge in their approaches to addressing potential AI-related risks and governance structure. Japan adopts a ‘light touch’ regulatory approach to AI regulation, maintaining coherent policy coordination that responds to domestic imperatives and global trends without imposing regulatory burdens on industries.[49] The country favors a soft approach with governmental guidance. In contrast, South Korea incorporates regulatory provisions specifically targeting high-impact AI systems in its AI Basic Act, seeking to balance between enhancing national competitiveness through AI and mitigating potential risks stemming from AI misuse, though this approach actually faces some domestic opposition currently. Taiwan adopts an approach similar to Japan's. The draft AI Basic Act avoids imposing regulatory obligations, and the government will prioritize AI verification and evaluation mechanisms to ensure trustworthy AI development. Regarding governance approaches, both Japan and South Korea seek to strengthen governmental AI governance functions through legislation, with Japan establishing an AI Strategic Headquarters and South Korea creating an AI Committee, both operating under their respective Cabinets. In contrast, Taiwan's draft AI Basic Act does not address governance structural matters. Given the profound societal transformations that AI technology may bring, all three East Asian countries recognize the importance of sustained AI advancement while acknowledging the critical need to ensure AI safety and trustworthiness to protect human rights. In an era of intense global AI competition, it seems to be the best policy for governments to carefully design AI policies that strike a balance between fostering innovation and safeguarding human rights. This cautious approach is essential as significant challenges remain and AI risks demand comprehensive solutions. Reference: [1] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법（법률 제20676호, 2025. 1. 21, 제정），법제처 국가법령정보센터，https://www.law.go.kr/%EB%B2%95%EB%A0%B9/%EC%9D%B8%EA%B3%B5%EC%A7%80%EB%8A%A5%20%EB%B0% 9C%EC%A0%84%EA%B3%BC%20%EC%8B%A0%EB%A2%B0%20%EA%B8%B0%EB%B0%98%20%EC%A1%B0%EC% 84%B1%20%EB%93%B1%EC%97%90%20%EA%B4%80%ED%95%9C%20%EA%B8%B0%EB%B3%B8%EB%B2%95/(206 76,20250121) （最後瀏覽日：2025/09/11）。 [2] A New Chapter in the Age of AI: Basic Act on AI Passed at the National Assembly‘s Plenary Session, Ministry of Science and ICT, https://www.msit.go.kr/eng/bbs/view.do?sCode=eng&mId=4&mPid=2&pageIndex=&bbsSeqNo=42&nttSeqNo=1071&searchOpt=ALL&searchTxt= (last visited Sept. 11, 2025). [3] A New Chapter in the Age of AI: Basic Act on AI Passed at the National Assembly‘s Plenary Session, Ministry of Science and ICT, https://www.msit.go.kr/eng/bbs/view.do?sCode=eng&mId=4&mPid=2&pageIndex=&bbsSeqNo=42&nttSeqNo=1071&searchOpt=ALL&searchTxt= (last visited Sept. 11, 2025). [4] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号），e-Gov法令検索，https://laws.e-gov.go.jp/law/507AC0000000053（最後瀏覽日：2025/09/11）。 [5] CABINET OFFICE, GOVERNMENT OF JAPAN, Outline of the Act on Promotion of Research and Development, and Utilization of AI-related Technology (AI Act), https://www8.cao.go.jp/cstp/ai/ai_hou_gaiyou_en.pdf (last visited Sept. 11, 2025). [6] 〈政院通過「人工智慧基本法」草案 建構AI發展與應用良善環境 打造臺灣成為AI人工智慧島〉，行政院，https://www.ey.gov.tw/Page/9277F759E41CCD91/5d673d1e-f418-47dc-ab35-a06600f77f07（最後瀏覽日：2025/09/09）。 [7] There are other AI bills brought up by legislators in the Legislative Yuan. The purpose of this article is to analyze the AI governance priorities of the governments of Japan, South Korea, and Taiwan; therefore, other AI bills proposed by legislators are not included in the discussion. [8] 蘇文彬，〈行政院通過AI基本法草案，將不設立AI專責機關〉，iThome，2025/08/28，https://www.ithome.com.tw/news/170874 (最後瀏覽日：2025/09/09)。 [9] Japan’s AI Bill Advances Toward Enactment, Connect on Tech (May 27, 2025), https://connectontech.bakermckenzie.com/japans-ai-bill-advances-toward-enactment/ (last visited Sept. 9, 2025). [10] 松尾剛行，〈【2025年施行】AI新法とは？AIの研究開発・利活用を推進する法律を分かりやすく解説！〉，Keiyaku-Watch，https://keiyaku-watch.jp/media/hourei/2025-ai-law/（最後瀏覽日：2025/09/11）。 [11] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第1条。 [12] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第3条。 [13] Japan Enacts AI Promotion Act: Overview and Implications for Businesses, Zelo Law Square (May, 2025), https://zelojapan.com/en/lawsquare/56899 (last visited Sept. 9, 2025). [14] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第18条。 [15] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第11-17条。 [16] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第19、21-24条。 [17] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第20条。 [18] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第25条。 [19] 人工知能関連技術の研究開発及び活用の推進に関する法律（令和7年法律第53号）第16条。 [20] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제1조。 [21] The Korean AI Basic Act: Asia’s First Comprehensive Framework on AI, Lexology (Mar. 17, 2025), https://www.lexology.com/library/detail.aspx?g=f91ff0fb-94ed-4aa9-b667-65d6206a7227 (last visited Sept. 9, 2025). [22] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제3조。 [23] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제13-26조。 [24] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제40조。 [25] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제7조。 [26] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제6-12조。 [27] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제31-32조。 [28] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제4조。 [29] 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법，제33조。 [30] Seungmin (Helen) Lee, South Korea’s Evolving AI Regulations, Stimson (June 12, 2025), https://www.stimson.org/2025/south-koreas-evolving-ai-regulations/ (last visited Sept. 9, 2025). [31] 〈인공지능 발전과 신뢰 기반 조성 등에 관한 기본법 일부개정법률안〉，대한민국국회，https://likms.assembly.go.kr/bill/bi/billDetailPage.do?billId=PRC_N2M5K0S3R2R0Q1O3X5X1W1U1T7P3Q6&currMenuNo=2600044（最後瀏覽日：2025/09/09）。 [32] 〈政院通過「人工智慧基本法」草案 建構AI發展與應用良善環境 打造臺灣成為AI人工智慧島〉，行政院，https://www.ey.gov.tw/Page/9277F759E41CCD91/5d673d1e-f418-47dc-ab35-a06600f77f07（最後瀏覽日：2025/09/09）。 [33] 人工智慧基本法草案第1條。 [34] 人工智慧基本法草案第3條。 [35] 人工智慧基本法草案第4條。 [36] 人工智慧基本法草案第5條。 [37] 人工智慧基本法草案第6條。 [38] 人工智慧基本法草案第7條。 [39] 人工智慧基本法草案第14條。 [40] 人工智慧基本法草案第8條。 [41] 人工智慧基本法草案第9條。 [42] 人工智慧基本法草案第10條。 [43] 人工智慧基本法草案第11條。 [44] 人工智慧基本法草案第11條。 [45] See also: Taiwan Rolls Out Draft Artificial Intelligence Law, OCACNEWS, July 18, 2024, https://ocacnews.net/article/374412 (last visited Sept. 3, 2025). [46] 人工智慧基本法草案第14條。 [47] 人工智慧基本法草案第12條。 [48] 蘇文彬，〈行政院通過AI基本法草案，將不設立AI專責機關〉，iThome，2025/08/28，https://www.ithome.com.tw/news/170874 (最後瀏覽日：2025/09/09)。 [49] Sun Ryung Park, Less Regulation, More Innovation in Japan’s AI Governance, East Asia Forum (May 21, 2025), https://eastasiaforum.org/2025/05/21/less-regulation-more-innovation-in-japans-ai-governance/ (last visited July 4, 2025).

1、Chinese REACH has put into shape, how about Taiwan REACH? - A Perspective of Chinese Measures on Environmental Management of New Chemical Substances Taiwan food industry has been struck by the government agency's disclosure that certain unfaithful manufacturers have mixed toxic chemicals into the food additives for the past 30 years, and the chemicals may seriously threaten public health. This event has not only shocked the confidence of the customers to the industry, but also drew public attention on the well-management and the safe use of chemicals. In order to manage the fast advancing and widely applicable chemical substance appropriately, the laws and regulations among the international jurisprudences in recent years tend to regulate unfamiliar chemicals as “new chemical substances” and leverage registration systems to follow their use and import. REACH is one the most successful models which has been implemented by European Union since 2006. China, one of our most important business partners, has also learned from the EU experience and implemented its amended " Measures on Environmental Management of New Chemical Substances" (also known as "Chinese REACH") last year. It is not only a necessity for our industry which has invested or is running a business in China to realize how this new regulation may influence their business as differently , but also for our authority concerned to observe how can our domestic law and regulation may connect to this international trend. Therefore, except for briefing the content of Chinese REACH, this article may also review those existing law and regulations in Taiwan and observe the law making movement taken by our authority. We expect that the comparison and observation in this article may be a reference for our authorities concerned to map out a better environment for new chemical management. 2、The study on Taiwanese businessmen Join the Bid Invitation and Bidding of Science and Technology Project China government invests great funds in their Science and Technology Project management system, containing most of innovated technology. It also creates the great business opportunity for domestic industry. China government builds up a Bid Invitation and Bidding Procedure in the original Science and Technology Project Regime recent years, in order to make the regime become more open and full of transparency. It also improves Regime to become more fairness and efficiency. Taiwan industry may try to apply for those Science and Technology Project, due to this attractive opportunity, but they should understand china's legal system before they really do that. This Article will introduce the "Bid Invitation and Bidding Law of the Peoples Republic of China", and the "Provisional Regulation on Bid Invitation and Bidding of Science and Technology Project", then clarify applied relationship between the "Bid Invitation and Bidding Law of the Peoples Republic of China", and "Government Procurement Law of the Peoples Republic of China". It also analyzes "Bid Invitation and Bidding Procedure", "Administration of Contract Performance Procedure", "Inspection and Acceptance Procedure", and "Protest and Complaint Procedure, providing complete legal observation and opinion for Taiwan industry finally. Keyword Bid Invitation and Bidding Law of the Peoples Republic of China; Government Procurement Law of the Peoples Republic of China; Provisional Regulation on Bid Invitation and Bidding of Science and Technology Project; Applying for Science and Technology Project Regime; Bid Invitation and Bidding Procedure; Administration of Contract Performance Procedure; Inspection and Acceptance Procedure; Protest and Complaint Procedure. 3、Comparing the Decisions of the United States Supreme Court regarding Preempting Marketing Medical Devices and Drugs from State Tort Litigations with the Decision of a Hypothetical Case in Taiwan The investment costs of complying with pertinent laws and regulations for manufacturing, marketing, and profiting from drugs and medical devices (abbreviated as MD) are far higher than the costs necessary for securing a market permit. The usage of MD products contains the risk of harming their users or the patients, who might sue the manufacturer for damages in the court based on tort law. To help reduce the risk of such litigation, the industry should be aware of the laws governing the state tort litigations and the preemption doctrine of the federal laws of the United States. This article collected four critical decisions by the United States Supreme Court to analyze the requirements of federal preemption from the state tort litigations in these cases. The article also analyzed the issues of preemption in our law system in a hypothetical case. These issues include the competing regulatory requirements of the laws and regulations on the drugs and MDs and the Drug Injury Relief Act versus the Civil Code and the Consumer Protection Law. The article concluded: 1. The pre-market-approval of MD in the United States is exempted from the state tort litigations; 2. Brand-name-drug manufacturers must proactively update the drug label regarding severe risks evidenced by the latest findings; 3. Generic-drug manufacturers are exempted from the product liability litigations and not required to comply with the aforementioned brand-name-drug manufacturers' obligation; 4. No preemption issues are involved in these kinds of product liability litigations in our country; 5. The judge of general court is not bound by the approval of marketing of drug and MD; 6. The judge of general court is not bound by the determination and verdict of the Drug Injury Relief Act. 4、Through Computer-Aided Detection Software, Comparing by Discussing and Analyzing the Regulatory Requirements for Marketing Medical Devices in the United States and in Taiwan Computer-Aided Detection (CADe) software systematically assists medical doctors to detect suspicious diseased site(s) inside patients' bodies, and it would help patients receive proper medical treatments as soon as possible. Only few of this type of medical device (MD) have been legally marketed either in the United States of America (USA) or in Taiwan. This is a novel MD, and the rules regulating it are still under development. Thus, it is valuable to investigate and discuss its regulations. To clarify the requirements of legally marketing the MD, this article not only collects and summarizes the latest draft guidance announced by the USA, but also compares and analyzes the similarities and differences between USA and Taiwan, and further explains the logics that USA applies to clarify and qualify CADe for marketing, so that the Department of Health (DOH) in Taiwan could use them as references. Meanwhile, the article collects the related requirements by the Administrative Procedure Act and by the Freedom of Government Information Law of our nation, and makes the following suggestions on MD regulations to the DOH: creating product code in the system of categorization, providing clearer definition of classification, and actively announcing the (abbreviated) marketing route that secures legal permission for each individual product. 5、A Discussion on the Recent Cases Concerning the Joint Infringement of Method/Process Patents in the U.S. and Japan In the era of internet and mobile communication, practices of a method patent concerning innovative service might often involve several entities, and sometimes the method patent can only be infringed jointly. Joint infringement of method/process patents is an issue needed to be addressed by patent law, since it is assumed that a method patent can only be directly infringed by one entity to perform all the steps disclosed in the patent. In the U.S., CAFC has established the "control or direction" standard to address the issue, but the standard has been criticized and it is under revision now. In Japan, there is no clearly-established standard to address the issue of joint infringement, but it seems that the entity that controls and benefits from the joint infringement might be held liable. Based on its discussion about the recent development in the U.S. and Japan, this article attempts to provide some suggestions for inventors of innovative service models to use patents to protect their inventions properly: they should try to avoid describing their inventions in the way of being practiced by multi-entities, they should try to claim both method and system/apparatus inventions, and they should try to predict the potential infringement of their patents in order to address the problem of how to prove the infringement.

Post Brexit – An Update on the United Kingdom Privacy Regime 2021/9/10 　　After lengthy talks, on 31 January 2020, the United Kingdom (‘UK’) finally exited the European Union (‘EU’). Then, the UK shifted into a transition period. The UK government was bombarded with questions from all stakeholders. In particular, the data and privacy industry yelled out the loudest – what am I going to do with data flowing from the EU to the UK? Privacy professionals queried – would the UK have a new privacy regime that significantly departs from the General Data Protection Regulation (‘GDPR’)? Eventually, the UK made a compromise with all stakeholders – the British, the Europeans and the rest of the world – by bridging its privacy laws with the GDPR. On 28 June 2021, the UK obtained an adequacy decision from the EU.[1] This was widely anticipated but also widely known to be delayed, as it was heavily impacted by the aftermaths of the invalidation of the US- EU Privacy Shield.[2] 　　While the rest of the world seems to silently observe the transition undertaken by the UK, post-Brexit changes to the UK’s privacy regime is not only a domestic or regional matter, it is an international matter. Global supply chains and cross border data flows will be affected, shuffling the global economy into a new order. Therefore, it is crucial as citizens of a digital economy to unpack and understand the current UK privacy regime. This paper intends to give the reader a brief introduction to the current privacy regime of the UK. The author proposes to set out the structure of the UK privacy legislation, and to discuss important privacy topics. This paper only focuses on the general processing regime, which is the regime that is most relevant to general stakeholders. UK Privacy Legislation 　　There are two main privacy legislation in the UK – the Data Protection Act 2018 (‘DPA’) and the United Kingdom General Data Protection Act (‘UK GDPR’). These two acts must be read together in order to form a coherent understanding of the current UK privacy regime. 　　The UK GDPR is the creature of Brexit. The UK government wanted a smooth transition out of the EU and acknowledged that they needed to preserve the GDPR in their domestic privacy regime to an extent that would allow them to secure an adequacy decision. The UK government also wanted to create less impact on private companies. Thus, the UK GDPR was born. Largely it aligns closely with the GDPR, supplemented by the DPA. ICO 　　The Information Commissioner’s Office (‘ICO’) is the independent authority supervising the compliance of privacy laws in the UK. Prior to Brexit, the ICO was the UK’s supervisory authority under the GDPR. A unique feature of the ICO’s powers and functions is that it adopts a notice system. The ICO has power to issue four types of notices: information notices, assessment notices, enforcement notices and penalty notices.[3] The information notice requires controllers or processors to provide information. The ICO must issue an assessment notice before conducting data protection audits. Enforcement is only exercisable by giving an enforcement notice. Administrative fines are only exercisable by giving a penalty notice. Territorial Application 　　Section 207(1A) of the DPA states that the DPA applies to any controller or processor established in the UK, regardless where the processing of personal data takes place. Like the GDPR, the DPA and the UK GDPR have an extraterritorial reach to overseas controllers or processors. The DPA and the UK GDPR apply to overseas controllers or processors who process personal data relating to data subjects in the UK, and the processing activities are related to the offering of goods or services, or the monitoring of data subjects’ behavior.[4] Transfers of Personal Data to Third Countries 　　On 28 June 2021, the UK received an adequacy decision from the EU.[5] This means that until 27 June 2025, data can continue to flow freely between the UK and the European Economic Area (‘EEA’). 　　As for transferring personal data to third countries other than the EU, the UK has similar laws to the GDPR. Both the DPA and the UK GDPR restrict controllers or processors from transferring personal data to third countries. A transfer of personal data to a third country is permitted if it is based on adequacy regulations.[6] An EU adequacy decision is known as ‘adequacy regulations’ under the UK regime. 　　If there is no adequacy regulations, then a transfer of personal data to a third country will only be permitted if it is covered by appropriate safeguards, including standard data protection clauses, binding corporate rules, codes of conduct, and certifications.[7] The ICO intends to publish UK standard data protection clauses in 2021.[8] In the meantime, the EU has published a new set of standard data protection clauses (‘SCCs’).[9] However, it must be noted that the EU SCCs are not accepted to be valid in the UK, and may only be used for reference purposes. It is also worth noting that the UK has approved three certification schemes to assist organizations in demonstrating compliance to data protection laws.[10] Lawful Bases for Processing 　　Basically, the lawful bases for processing in the UK regime are the same as the GDPR. Six lawful bases are set out in article 6 of the UK GDPR. To process personal data, at least one of the following lawful bases must be satisfied:[11] The data subject has given consent to the processing; The processing is necessary for the performance of a contract; The processing is necessary for compliance with a legal obligation; The processing is necessary to protect vital interests of an individual – that is, protecting an individual’s life; The processing is necessary for the performance of a public task; The processing is necessary for the purpose of legitimate interests, unless other interests or fundamental rights and freedoms override those legitimate interests. Rights & Exemptions 　　The UK privacy regime, like the GDPR, gives data subjects certain rights. Most of the rights granted under the UK privacy regime is akin to the GDPR and can be found under the UK GDPR. Individual rights under the UK privacy regime is closely linked with its exemptions, this may be said to be a unique feature of the UK privacy regime which sets it apart from the GDPR. Under the DPA and the UK GDPR, there are certain exemptions, meaning organizations are exempted from certain obligations, most of them are associated with individual rights. For example, if data is processed for scientific or historical research purposes, or statistical purposes, organizations are exempted from provisions on the right of access, the right to rectification, the right to restrict processing and the right to object in certain circumstances.[12] Penalties 　　The penalty for infringement of the UK GDPR is the amount specified in article 83 of the UK GDPR.[13] If an amount is not specified, the penalty is the standard maximum amount.[14] The standard maximum amount, at the time of writing, is £8,700,000 (around 10 million Euros) or 2% of the undertaking’s total annual worldwide turnover in the preceding financial year.[15] In any other case, the standard maximum amount is £8,700,000 (around 10 million Euros).[16] Conclusion 　　The UK privacy regime closely aligns with the GDPR. However it would be too simple of a statement to say that the UK privacy regime is almost identical to the GDPR. The ICO’s unique enforcement powers exercised through a notice system is a distinct feature of the UK privacy regime. Recent legal trends show that the UK while trying to preserve its ties with the EU is gradually developing an independent privacy persona. The best example is that in regards to transfers to third countries, the UK has developed its first certification scheme and is attempting to develop its own standard data protection clauses. The UK’s transition out of the EU has certainly been interesting; however, the UK’s transformation from the EU is certainly awaited with awe. [1] Commission Implementing Decision of 28.6.2021, pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate protection of personal data by the United Kingdom, C(2021) 4800 final,https://ec.europa.eu/info/sites/default/files/decision_on_the_adequate_protection_of_personal_data_by_the_united_kingdom_-_general_data_protection_regulation_en.pdf.. [2] Judgment of 16 July 2020, Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems, C-311/18, EU:C:2020:559, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:62018CJ0311. [3] Data Protection Act 2018, §115. [4] Data Protection Act 2018, §207(1A); REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), art 3. [5] supra note 1. [6] Data Protection Act 2018, §17A-18; REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), art 44-50. [7] Data Protection Act 2018, §17A-18; REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), art 46-47. [8]International transfers after the UK exit from the EU Implementation Period, ICO, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-transfers-after-uk-exit/ (last visited Sep. 10, 2021). [9] Standard contractual clauses for international transfers, European Commission, https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en (last visited Sep. 10, 2021). [10] ICO, New certification schemes will “raise the bar” of data protection in children’s privacy, age assurance and asset disposal, ICO, Aug. 19, 2021, https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2021/08/ico-approves-the-first-uk-gdpr-certification-scheme-criteria/ (last visited Sep. 10, 2021). [11] REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), art 6(1)-(2); Lawful basis for processing, ICO, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/ (last visited Sep. 10, 2021). [12] Data Protection Act 2018, sch 2, part 6, para 27. [13] id. at §157. [14] id. [15] id. [16] id.