Norms of Critical Infrastructure Protection in Japan

The approaches to promote critical infrastructure protection in Japan

The approaches to promote critical infrastructure protection in Japan are illustrated below:

1. Coverage of Critical Information Infrastructure

In the "Action Plan on Information Security Measures for Critical Infrastructure" promulgated by the Information Security Policy Council (ISPC) in 2005, critical infrastructure is defined as: Critical infrastructure which offers the highly irreplaceable service in a commercial way is necessary for people's normal lives and economic activities, and if the service is discontinued or the supply is deficient or not available, it will seriously influence people's lives and economic activities. Based on the definition of the action plan, the critical infrastructure contains: telecommunication systems, administration services of the government, finance, civil aviation, railway, logistics, power, gas, water, and medical services

 

2. Promoted Relevant Policies of The Past

The issues regarding the CIIP are gradually being developed with the norm of information social security policy in Japan. Adopting the Action Plan of the Basic Guidelines Toward the Promotion of an Advanced Information and Telecommunications Society of 1998 proposed by the Japanese government in 1998 as a basis. The Japanese government keeps presenting polices of improvement for the relevant issues in order to acquire the stable development of telematics and telecommunications. Several years later, the Ministry of Economy, Trade, and Industry (METI) announced the Comprehensive Strategy on Information Security in 2003. The formulation of the strategy not only emphasizes the possible telematics-related risks and protection against threats that may be encountered in the information society, but it also enhances the level of information security to the level of national security and presents a comprehensive information security improvement program. Furthermore, the submission of the strategy has identified government’s responsibility in the development of information security Therefore, a division which is solely responsible for information security was established in the Cabinet Secretariat and is devoted to the development of it.

 

In 2005, the Ministry of Economy, Trade, and Industry (METI) amended the Comprehensive Strategy on Information Security and announced the First National Strategy on Information Security based on the creation of a policy of a long-term information security task in Japan which is also the foundation for the policy of guidelines and action security concerning critical information infrastructure. This is in addition to being the most important basis for the policy of information security development. The strategy is different from the Comprehensive Strategy on Information Security in connotation. In the range of information security protection, it not only maintains information security from the perspective of the government; for instance, to divide the rights and duties on information security protection practices between the central government and the local government, and to strengthen the capacity of the government to solve emergencies such as cyber attacks, but it also tries to employ the public-private partnership on the CIIP issue to construct an extensive information security protection and to develop a Capability for Engineering of Protection, Technical Operation, Analysis and Response (CEPTOAR): one similar to the ISAC of America, to strengthen the information sharing and analysis of information security of all industry involved. According to the strategy, the METI established the Information Security Policy Council (ISPC) and the National Information Security Center (NISC) under the subordination of the Cabinet Secretariat in order to reach a goal of dependable society of information security.1

 

Finally, the information security policies more directly related with the CIIP are the Action Plan on Information Security Measures for Critical Infrastructure and the Standards for Information Security Measures for the Central Government Computer Systems, both of which regulate CI-related threats, information security standards, public-private partnership information sharing system, and the levels of information security standards between different governments and critical infrastructures, respectively.


3. Oraganization Framework

Generally speaking, the Cabinet Secretariat is the main division of the CIIP and the information security for the Japanese government, while the ISPC and the NISC established under the Cabinet Secretariat in 2005 are the core organizations for the development of the CIIP policy. In addition, the National Policy Agency (NPA) and the Ministry of Internal Affairs and Communications (MIC) also played an important role in assisting the Cabinet Secretariat with critical infrastructure protection. The part of public-private partnership is covered by the CEPTOAR which takes the responsibility for information sharing and analysis of information security between the government and private organizations.

 

4. Notification System

For critical infrastructure protection, Japan has set up a warning and notification system in addition to the emphasis on fundamental information security protection. With the concept of public-private partnership, various messages related with information security are analyzed and shared in order to prevent information security incidents from occurring. The network of notification system in Japan mainly consists of several organizations as listed below.

(1) National Incident Response Team

The National Incident Response Team (NIRT) which is the information security office under the Cabinet Secretariat in the organization framework belongs to the Computer Emergency Response Team (CERT)2 and is first in line in the government to handle internet emergencies. According to the Action Plan for Ensuring e-Government's IT Security, the NIRT which consists of 17 experts from the government and the private organizations is responsible to (1) accurately understand and analyze emergencies, (2) develop technical strategies to solve and rehabilitate emergencies to prevent incidents from reoccurrence, (3) provide other governmental organizations the assistance to solve the information security issue, (4) collect and analyze information or intelligence so that effective solutions and strategies may be provided when an incident happens, (5) provide the governmental organization with professional knowledge and information, and (6) enhance and improve all knowledge pertinent to information security.

(2) Computer Emergency Response Team Coordination Center

The Japan Computer Emergency Response Team Coordination Center (JPCERT/cc) is the first Computer Security Incident Response Team (CSIRT) established in Japan. It consists of internet service suppliers, security products/service suppliers, governmental agencies, and associations of industry & commerce. The JPCERT/CC is also a member of the Asia Pacific Computer Emergency Response Team (APCERT) and a member of the Forum of Incident Response and Security Teams (FIRST). It coordinates and integrates prevention measures pertinent to information security and is consistent with other CSIRTs.

(3) Telecom Information Sharing and Analysis Center

In Japan, besides the mechanism responsible to notify the government, which functions as a bridge for communication between it and all those outside of it, the mechanism of information sharing and notification is also established among industries to provide each with a channel for information exchange and consultation. In 2001, Japan established the Telecom Information Sharing and Analysis Center Japan (Telecom-ISAC Japan). In addition to real-time inspection for computer intrusion incidents and conducting information collection and analysis, the Telecom-ISAC Japan proposes to e-government many suggestions related with the Transact-SQL issue as well. The reasons for launching the Telecom-ISAC are to instantaneously detect a computer intrusion incident, and to instantaneously gather and analyze its information, and then exchange this with other telecom carriers and offer them relevant countermeasures for precaution; so that in can reach the goal of ensuring telecom security since it is an important infrastructure concerning social economy.

(4) Cyber Force

The reasons for launching the Cyber Force are to maintain the security to use the internet by regularly "patrolling" it, searching for evidence of internet crime, and to notify the critical infrastructure operators about any unusual internet use so as to prevent the occurrence of cyber terror attacks. The Cyber Force also assists operators to solve and diminish the damage and influences when an incident occurs.

(5) Portal Site of National Police Agency

The National Police Agency owns the portal site "@police". It exists to prevent large-scale cyber emergencies and to provide gathered information concerning information security to government. In addition to providing the techniques related with the safe use of computer networks, @police is also dedicated to educating internet users about the concept of information security and to increase security awareness.

(6) Ministry of Economy, Trade and Industry

Since 1990, the Ministry of Economy, Trade and Industry (METI) has cooperated with the JPCERT/CC and the Information Technology Promotion Agency (IPA) to provide reports on virus, intrusion, and the damage caused by them, to remind the public to pay attention.

5. Legal Norms

The laws regarding critical infrastructure protection in Japan are illustrated as follows:

(1) Unauthorized Computer Access Law of 1999

The Unauthorized Computer Access Law includes various conducts such as cyber intrusion, and data thefts, into the norms of criminal punishment to deter cyber crimes from spreading in order to ensure the safety of the critical information infrastructure.

(2) Act on Electronic Signatures and Certification Business of 2000

With the formulation of the Act on Electronic Signatures and Certification Business, the smooth promotion of the electronic signature system is ensured and the circulation and process of electronic communication can be fostered further.

(3) Basic Law on Formation of an Advanced Information and Telecommunication Network Society of 2001

Through the formulation of the Basic Law on Formation of an Advanced Information and Telecommunication Network Society, the legal basis to execute an information technology policy is enhanced, and the direction and job content for the government to execute this policy is explicitly stated.


1.http://www.nisc.go.jp/eng/pdf/national_strategy_001_eng.pdf(last accessed date: 2009/07/20).

2.http://www.nisc.go.jp/en/sisaku/h1310action.html(last accessed date: 2009/07/20).

※Norms of Critical Infrastructure Protection in Japan,STLI, https://stli.iii.org.tw/en/article-detail.aspx?no=105&tp=2&i=169&d=6150 (Date:2024/10/07)
Quote this paper
You may be interested
The effective and innovative way to use the spectrum: focus on the development of the "interleaved/white space"

1. Prologue Flexible and collective usage of spectrum is the mainstream in the modern times. Julius Genachowski, chairman of the Federal Communications Commission, delivered the keynote address to the CTIA-Wireless Association convention on Oct. 7, 20091. He said the U.S. government has been tripling the amount of spectrum available for commercial uses. The problem is that many industry experts predict wireless traffic will increase 30 times because of online video and other bandwidth-heavy applications. Accordingly, he warned that the shortage of spectrum would be a crisis for the on-going evolution of mobile broadband communication. Therefore, it’s critical for using precious spectrum effectively. Now, with the breakthrough of ICT, there is an alternative solution to this crisis: "application of interleaved/white space". 2. The cure for shortage of the spectrum To solve the shortage and ineffective use of scarce spectrum, developed countries have innovated technology to overcome the dilemma. Accordingly, the cognitive radio (CR) network with OFDMA (Orthogonal Frequency Division Multiple Access)2 systems, namely "spectrum sensing", to use the interleaved/white space is the therapy nowadays, especially after digital switchover (DSO). CEPT (European Conference of Postal and Telecommunications Administrations) identified "white space" as a part of the spectrum, which is available for a radio-communication application (service, system) at a given time in a given geographical area on a non-interfering / non-protected basis with regard to primary services and other services with a higher priority on a national basis. Specified clearly, the wording of "White Spots" or "White Spaces" or "Interleaved Spectrum" applied by CEPT has been used to introduce a concept of frequency spectrum which is potentially available at a given time for further utilization within frequency spectrum originally planned for broadcasting in GE063. The current CEPT view is that any new white space applications should be used on a non protected non interfering basis. Further studies are required into the framework needed to enable the use of CR devices within white space spectrum. Meanwhile, Millions more — both rural and urban — couldn’t afford computers and internet access in the United States. Yet big telephone and cable companies won’t bring broadband internet to rural America. Therefore, U.S. administration takes it seriously and considers to bridge the "digital gap" via CR networks for using white space to high-speed wireless internet access in rural area. Moreover, innovative way to use the spectrum after DSO could also satisfy the demand of band immediately with National Broadband Plan which proposed by President Barack Obama. 3. The definition and function of "white/interleaved space" In a word, the spectrum licensed to commercial use or public safety is not always occupied totally all the time. Accordingly, some bands are vacant just like "white" or "interleaved". If communicators use these interleaved and fragmented bands temporally, the spectrum-usage will be more effective and the cost of the spectrum now we used will be much lower. Not only U.S but also UK regulator Ofcom has published a discussion document to explore the possibility of using interleaved spectrum to wirelessly link up different devices and offer enhanced broadband access in rural areas. The idea is based on the development of technology that could search for unoccupied radio waves between TV channels to transmit and receive wireless spectrum. Take DSO in U.S. for example, when TV goes digital in June, 2009, TV broadcasters will use only a small portion of the public airwaves they are allocated.4 This is because digital transmissions can be packed into adjacent channels, while analog ones cannot. This means that the band can be "compressed" into fewer channels, while still allowing for more transmissions, which could result in a kind of "white space" (or so-called digital dividend) mentioned above. In most rural areas, 60 to 70 percent of these digital airwaves will be vacant. It goes without saying that those bands will be idle, which will also increase the cost the spectrum-usage. However, the TV band can carry a broadband signal that penetrates buildings, travels great distances, and penetrates heavy foliage. If people could search the "spectrum hole", off course, with CR or DSA (Dynamic Spectrum Sensing), and then link up those unoccupied band for wireless communication, the compelling needs of spectrum will be eased. Most important of all, this innovative way fits the trend of collective and flexible spectrum usage in 3G/4G era. 4. The key to open "white space" Undoubtedly, the WSD (White Space Devices) is the key to open the new gate. FCC issues some R&O to test WSD for welcoming white space. On October 5, 2007, OET (the Office of Engineering and Technology) of FCC issued a public notice inviting submittal of additional prototype devices for further tests (Phase II). On February 24, 2010, OET selected Wilmington, North Carolina, for the test market for the DTV transition, and unveiled a new municipal Wi-Fi network, after a month of testing. OET permitted that TV Band has an 18-month experimental license.5 For the goal of "smart city", the network has used the white space made available by the end of analog TV transmission. Spectrum Bridge (a famous company devoted to working out WSD and solution to white space)6 has worked to make sure TV stations in the market do not receive interference (no interference issues have been reported), and the company hopes to do the same if similar service becomes nationwide. The "smart city" network will not compete with cell phone companies but will instead be used for "national purposes", including government and energy monitoring (i.e. Smart Grid). TV Band Network, made up of private investors, has put up cameras in parks, and along highways to show traffic. Other uses include water level and quality, turning off lights in ball parks, and public Wi-Fi in certain areas.7 This success has promptly encouraged those have eyed unlicensed band/devices for wireless broadband internet access, especially the White Spaces Coalition8. The White Spaces Coalition consists of eight large technology companies that originally planned to deliver high speed broadband internet access beginning in June 2009 to United States consumers via existing white space in unused television frequencies between 54-698 MHz (TV Channels 2-51). The coalition expects speeds of 80 Mbps and above, and 400 to 800 Mbps for white space short-range networking9. Therefore, the Coalition hasn’t only pushed FCC to free up the band, namely unlicensed-band approach, but also eagerly innovated the WSD and advanced IT technology (i.e. Geo-Location, CR, DSA, OFDMA and IEEE 802.2210 …etc. ) to promote the awareness of white space. 5. How to use the key to unlock the door ? First of all, Geo-Location technology is the threshold to use the white space. Geo-Location is the identification of the real-world geographic location of Internet-connected computers, mobile devices, website visitors or others. In avoidance of band-interference and public safety communication, users mustn’t interfere with the prior ones, or s/he couldn’t access the band via WSD. Thus, Geo-Location can assist WSD users, just like a beacon, to avoid the occupied band and keep them away from nearby transmissions. Second, a spectrum database that contains Geo-Location information about devices using the free channels in the radio spectrum and some strong database managers are needed. Frankly speaking, the original idea was that WSD would detect existing users and switch frequencies to avoid them, but that's technically dubious and hasn't been demonstrated to FCC's satisfaction. So the proposed solution requires devices to locate themselves then connect to a database which will allocate a frequency along with a timeout, after which the device will have to repeat its request. For example, the followings are the necessary information in the TV database. • Transmitter coordinates (latitude and longitude), • Effective radiated power (ERP), • Height above average terrain of the transmitter (HAAT), • Horizontal transmit antenna pattern (if the antenna is directional), • channel number, • Station call sign. In a word, in order to protect existing broadcasters, FCC mandated the creation of a Geo-Location database that details what spectrum is in use and where. Furthermore, the idea is that unlicensed broadband devices will tap this database before sending or receiving data, using the info in tandem with spectrum sensing technologies to avoid interference. Accordingly, White Spaces Database (WSDB) was introduced, a DB which would permit public access to register and discover devices and the frequencies used based on their location11. This database would be used in conjunction with local device discovery to avoid contention between devices. FCC has worried about that no one has ever run a radio system like this, so no one can really claim experience in the area (though most of the proposals try). The FCC commissioner Robert McDowell has raised an eyebrow at Google's request to serve as an administrator of a national database detailing the use of white-space spectrum. Google proposes the operation of a WSDB for at least five years, promising to "transfer to a successor entity the Database, the IP addresses and URLs used to access the Database, and the list of registered Fixed WSD" in case they cannot live up to it. Google does not plan to "implement per-query fees"12 , but they are considering a per-device fee. No decision has been made yet, but the FCC allows a WSDB administrator to charge such fees.13 Finally but innovating initially, it’s the Cognitive Radio system (CR). There are various definitions of CR. Herewith the paragraph 10 of the FCC 03-322 NPRM, the definition of Cognitive Radio could be specified as a radio that can change its transmitter parameters based on interaction with the environment in which it operates. The following figure shows how the Cognitive Radio System does work. Figure 1.Cognitive Radio System Let’s explain it more clearly and vividly. Imagine a radio which autonomously detects and exploits empty spectrum to increase your file transfer rate. Suppose this same radio could remember the locations where your calls tend to drop and arrange for your call to be serviced by a different carrier for those locations. These are some of the ideas motivating the development of cognitive radio. In effect, a cognitive radio is a software radio whose control processes leverage situational knowledge and intelligent processing to work towards achieving some goal related to the needs of the user, application, and network. Although cognitive radio was initially thought of as a software-defined radio extension (Full Cognitive Radio), most of the research work is currently focusing on Spectrum Sensing Cognitive Radio. In other words, the focus on CR has been switched into "DSA" (Dynamic Spectrum Access) nowadays.14 Therefore, some fellows replace Cognitive Radio with "Cognitive Systems" for accurate description.15 The following is the figure to show the function of DSA to detect "spectrum hole" that could be used as TV white space.16 Figure 2.The sensing of the spectrum hole "Digital dividend", one kind of interleaved/white space, has been viewed as precious band in Unite Kingdom, too. In U.K., its regulatory body, Ofcom, has also published a discussion document to explore the possibility of using these "dividend" to wirelessly link up different devices and offer enhanced broadband access in rural areas. Ofcom has predicted that could enable the use of the spectrum in this way would take at least three years to develop. Possible applications include mobile broadband, the transmission of home media such as photos from cameras to a computer wirelessly and the ability to control appliances in the home. Moreover, Ofcom firmly contended that if there was evidence that interference could be avoided, it would allow the use of interleaved spectrum without the need for individual licenses, the same as the FCC’s policy. However, local TV coalition United for Local Television (ULTV)17 has strongly criticized the Ofcom’s current proposal to appoint a band manager to "control" interleaved spectrum (and make it available to applications such as wireless microphones for special events) and to ensure that the spectrum is made available to local TV groups on fair, reasonable and non-discriminatory terms. According to current proposals, Ofcom’s "band manager" would be required to allocate spectrum to special event organizers on fair and non-discriminatory terms but not to local TV groups. ULTV has protested this unfair condition. In contrast, FCC has clearly issued the "2nd report" to mandate the bidder of upper 700 MHz D block should apply to fair and non-discriminatory terms. 6. Technological challenges for accessing white space In November 2008 the FCC issued an R&O on the unlicensed use of TV white space.18 The FCC regulated some vital requirements to rule the usage of TVWS in this document. These requirements impose technical challenges for the design of devices operating in TV white space spectrum, which brings new tough task for the innovation and production of WSD.19 These new rules provide an opportunity but they also introduce a number of technical challenges. The challenges require development of cognitive radio technologies like spectrum sensing as well as new wireless PHY and MAC layer designs. For example, the development of spectrum sensing techniques involves RF (Radio Frequency) design, robust signal processing, pattern recognition and networking protocols… etc. The choice of RF architecture is no longer merely a hardware issue, but will directly affect the upper layer performance. Furthermore, these challenges include spectrum sensing of both TV signals and wireless microphone ones, frequency agile operation, geo-location, stringent spectral mask requirements, and of course the ability to provide reliable service in unlicensed and dynamically changing spectrum.20 In addition, the FCC has strict out-of-band emission (OOBE) requirements to prevent interference with licensed transmissions in other channels. A detailed description of these out-of-band emission requirements and their impact on the transmission spectral mask for WSD is provided in Section VII of the R&O. Unfortunately, there are still other hurdles to be overcome. While the frequencies used by television stations do have a long reach and easily penetrate walls, it is important to remember that these signals are one-way communications, often broadcast from giant antennas at megawatts of power. For gadgets and computers, a much lower transmission power would be used, greatly decreasing the range of the White Space devices. So are we talking the Wi-Fi-like ranges here or 3G-like ranges? The National Association of Broadcasters has also questioned the ability of WSD to operate without interfering with television broadcasts. In addition, wireless microphones could be affected, although Google has proposed a "beacon" that could be utilized alongside existing wireless microphone equipment that would alert WSD not to operate on the same channel. Last but not least, how to ensure QoS of WSD users is implicit trouble. The Cognitive Radio system should provide that fast, robust, coordinated sensing and quite periods and to protect incumbents as well as provide QoS. It will be a dilemma faced by the regulatory bodies and ICT industry. Another real-world problem is that there are no WSD for consumers and even if someone comes out with a new product, it will likely be very expensive since it isn’t widely produced,21 although Spectrum Bridge has proven one example mentioned above. Nevertheless, some people still criticized what Spectrum Bridge has done probably could have used 5 GHz for the point-to-point backhaul connections. "The Smart City" is using Wi-Fi for the last mile rather than white spaces because there are no white space devices on the consumer end. Rick Rotondo, chief marketing officer for Spectrum Bridge argued Spectrum Bridge tried using Wi-Fi at 2.4GHz, 5GHz would never have made it; 2.4 didn’t make it. However, Spectrum Bridge did use Wi-Fi for the last hundred feet, not the last mile, but for the last hundred feet because there are Wi-Fi receivers built into laptops and smartphones and that’s who we wanted to be able to connect to this network. It sounds like a tautology. 7. What’s beyond the white space ? What kind of ICT could people apply to after getting the white/interleaved space? "Super Wi-Fi" is the first application connected with white space. As Larry Page, co-founder of Google, has described that white spaces are like "Wi-Fi on steroids" linked up wireless internet with much faster speeds, stronger signals and more affordable costs. Besides, there are other advanced ICT could function via white space, such as LTE, IPTV, MediaFLO, DVB-H, ISDB-T, MVNO, ITS (DSRC) and so on. 8. Vision: Legal challenges for accessing white space in Taiwan Although not mentioned above, FCC indeed allows the secondary-market of spectrum boosting in U.S. That’s an important reason, or motivation, to develop white space applications and regulations. In other words, the spectrum, not the license, could be auctioned, leased, retailed, weaved and so on. However, the regulatory mode of communication in Taiwan is "Vertical Regulatory Framework", which would be an obstacle to evolve the spectrum-usage in contrast to U.S and EU. Under the interpretation of Legal Positivism, Taiwan Budget Act Article 94 states, "Unless otherwise provided for by law, grant of quota, frequency, or other limited or fixed amount special licenses shall be conducted by open auction or public invitation to tender and the proceeds of which shall be turned in to the national treasury." Hereby, the administration could really fulfill the legal assignment via public invitation to tender or auction for the "license", not the band. Nevertheless, the administration does not apply auction process to issue the licenses, but approaches the frequency licenses with "Radio and Television Act" and "Administrative Regulations on Radio Waves" which is promulgated under the Telecommunications Act in accordance with the first paragraph of 48, Section 1 of said Act instead. Step closely, Radio and Television Act Article 4 firmly states, "The frequencies used by radio/television businesses are owned by the state and their allocation shall be planned by the MOTC in conjunction with the regulatory agency. The frequencies mentioned in the preceding paragraph may not be leased, loaned, or transferred. (emphasis added)". This article has resulted in inflexible use of spectrum, and dragged the collective use of spectrum, too. Undoubtedly, only we have to do is to amend the article for accessing white space in accordance with Legal Positivism. Second, according to Administrative Regulations on Radio Waves, the National Communications Commission shall be responsible for the overall coordination and regulation of radio waves including radio frequencies, power, emission method and radio station identification call sign etc., which shall not be used or altered without approval. Thus, under the justice of legal system, NCC should revise the spectrum policy/regulations in harmony with Administrative Regulations on Radio Waves. For example, the Article 6 and 10 separately regulates, "The radio equipment shall adopt the latest technical advances to limit the number of frequencies and the frequency bandwidth used to the minimum essential for the necessary services. The frequency assigned to a station of a given service shall be separated from the limits of the band allocated to this service in such a way that, taking account of the frequency band assigned to a station, no harmful interference is caused to services to which frequency bands immediately adjoining are allocated." Therefore, WSD indeed, even necessarily, should be applied to band management and revolution of ICT industry. Moreover, Central Regulation Standard Act Article 5 (embodied the principle of constitutional requirement of a specific enactment) also requires, "The following objects shall be stipulated by a statute: 1. It is required to stipulate by a statute as the Constitution or a statue expressly stipulated. 2. Stipulation concerns the rights or obligations of the people. 3. Stipulation concerns the organization of a government agency at national level. 4. Other objects with substantial importance shall be stipulated by a statute." The Legislative Yuan must consider to promote the status of Administrative Regulations on Radio Waves to Statue, which conforms to Constitutional requirement. To sum up, Taiwan administration should take white space seriously, or ICT in Taiwan will be doomed as if getting lost in "space". 9. ad hoc Conclusion :Do not lock the door of white space "Open access" is the most important canon in the usage of white space. In this meaning, there are two dimensions for open access. One is unlicensed band-usage, the other is unlicensed WSD which is also unlicensed and interlocks into different operators’ networks. The later is a big task in America. FCC’s decision was contested by the TV broadcasters who fear using the freed channels would interfered with TV signals and live singers who are using the same wave spaces.22 Larry Page also argued that unlicensed white spaces offer a way for the U.S. to catch up with the rest of the world in broadband access. Today, 10% of Americans still don't have access to DSL or cable broadband, according to consultancy Parks Associates. Fortunately, the first steps towards white space communications have already been taken and FCC has approved unlicensed use of the spectrum, but FCC requires a database of all known licensed users to be deployed in order to prevent from interfering with the existing broadcasts and devices already using the space, such as licensed TV broadcasts and some wireless microphones The second dimension is unlicensed WSD to compatible different network architecture. At first, the unlicensed devices must fit the criterion which could guarantee that they will not interfere with assigned broadcasts can use the empty white spaces in frequency spectrum. In order not to harm nearby transmission, the best way is to set a standard for WSD in one network built by certain operator. For example, if WSD users want to connect to Verizon Wireless’ network, s/he has to buy/use Verizon Wireless’ WSD. However, out of Verizon Wireless’ network, WSD users have to purchase/use another WSD. It will be inconvenient and raise the cost, but quench people’s desire to use WSD. As a result, FCC issued the R&O to prevent devices-locked, so-called "discriminatory QoS", from deploying the white space proposal. Accordingly, the mandatory rule indeed slows down the innovation of WSD. Obviously, unlicensed use of the vacant TV channels is an economic and social revival waiting to happen in rural areas. In addition, white/interleaved space will manage to fit the core principle of modern spectrum-development, "collective and effective use". There are so many merits to share the "dividend", but at this time, we are still far away the real "white space". The situation in Taiwan is much worse unfortunately. 1.See FCC official document,http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-293891A1.pdf (last visited 03/05/2010) 2.OFDMA is a multi-user version of the popular Orthogonal frequency-division multiplexing (OFDM) digital modulation scheme. Multiple access is achieved in OFDMA by assigning subsets of subcarriers to individual users. This allows simultaneous low data rate transmission from several users. 3.See Final Acts of the Regional Radio-communication Conference for planning of the digital terrestrial broadcasting service in parts of Regions 1 and 3, in the frequency bands 174-230 MHz and 470-862 MHz (RRC-06). 4.In the United States, the abandoned television frequencies are primarily in the upper UHF "700-megahertz" band, covering TV channels 52 to 69 (698 to 806 MHz). 5.See http://spectrumbridge.com/web/images/pdfs/smart_city-spectrumbridge.pdf visited on 2010/2/27. 6.http://spectrumbridge.com/web/ 7.See http://showmywhitespace.com/portals/1/Spectrum%20Bridge%20Launches%20White%20Spaces%20Network%20In%20Wilmington-New%20Hanover%20County.pdf visited on 2010/2/27. 8.The group includes Microsoft, Google, Dell, HP, Intel, Philips, Earthlink, and Samsung Electro-Mechanics. 10.The standardization is another crucial issue but will not be discussed in detail hereunder. 11.In February 2009, Google joined Comsearch, Dell, HP, Microsoft, Motorola, and Neustar to form the White Spaces Database Working Group (WSDG), an effort to build such a database.. 12.Actually, the database host will know where users are and the kit they're using, both of which are commercially valuable pieces of information. Google thinks that data will pay for the database, and Google is very good at extracting value from information; but even if it can't turn white space into gold, it will have five years to drive the competition out of business. 13.See generally Google’s proposal to FCC, http://www.scribd.com/doc/24784912/01-04-10-Google-White-Spaces-Database-Proposal visited on 2010/2/28. 14.Specifying clearly, the main mechanism of CR is including, but not limited to DSA. 15.Evolution of Cognitive Radio toward Cognitive Networks is under process, in which Cognitive Wireless Mesh Network (i.e. Cog-Mesh) is considered as one of the enabling candidates aiming at realizing this paradigm change. 16.Test conducted in the rural sector west of Ottawa, Canada. See C. R. Stevenson, G. Chouinard, W. Caldwell,Tutorial on the P802.22.2 PAR for :"Recommended Practice for the Installation and Deployment of IEEE 802.22 Systems," IEEE802, San Diego, CA, 7/17/06 http://grouper.ieee.org/groups/802/802_tutorials/july06/Rec-Practice_802.22_Tutorial.ppt. 17.United for Local Television ("ULTV") is a coalition of groups and campaigners who together lobby the government to recognize local TV as a public service. ULTV argues that all citizens should have access to local TV, no matter where they live, without having to subscribe to pay-TV or broadband. ULTV proposes that the government reserve capacity for local TV services on the most popular television platform in the UK today – digital terrestrial television (commonly known as "Freeview"). ULTV anticipates that local TV channels will provide local news and sport, together with a range of other local and networked programming. ULTV envisages local TV services would also provide local advertising, for the first time offering a cost-effective option for many local businesses seeking to advertise on terrestrial TV in their target market. 18.See Second Report and Order and Memorandum Opinion and Order In the Matter of Unlicensed Operation in the TV Broadcast Bands, Additional Spectrum for Unlicensed Devices Below 900 MHz and in the 3 GHz Band, Federal Communication Commission, Document 08-260, Nov. 14, 2008. 19.In detail, the FCC distinguished fixed WSD from portable one. There are different restrictions and requirements between them. 20.See http://ita.ucsd.edu/workshop/09/files/paper/paper_1500.pdf visited on 2010/2/20. 21.See http://www.digitalmediabuzz.com/2010/03/broadband-debate-white-space/ visited on 2010/3/17. 22.See http://lasarletter.net/docs/nabpet4review.pdf visited on 2010/2/25.

Implementing Information Security to Protect Individuals' Privacy

The development of new technology is bound to have both positive and negative effects. However, when a new technology is first introduced, it is common for insufficient attention to be paid to its negative aspects, either because there has not been time to accumulate sufficient experience in using it or because users are blinded by the potential benefits. It is only later, when the technology begins to be abused, that people wake up to the potential dangers. The evolution of computers and the Internet is a classic example of this phenomenon. While the rapid development of information technology has helped to stimulate the flow of information in every corner of society, cyberspace has also become the setting for a wide range of criminal activities. In many cases, countries' existing legal and regulatory frameworks have proved inadequate to cope with the threat posed by the various forms of unauthorized access. A variety of forms of cyber-crime have developed, including denial-of-service attacks, unauthorized accessing of databases, phishing, identity theft and online fraud or intimidation. Cyber-crime may involve making unauthorized use of individuals' personal information, stealing companies' confidential business information or selling state secrets; these new types of crime thus affect every level of society. The effects can be catastrophic, hence the growing importance is now being attached to information security, including both the establishment of effective management mechanisms to prevent cyber-crime from occurring in the first place and the development of the capabilities needed to detect such crime when it occurs. Recognizing the need to plug the gaps in the existing legal and regulatory framework in the face of cyber-crime, countries all over the world are working on the formulation of new legislation, and Taiwan is no exception. The following sections will discuss the key developments in the laws and regulations governing information security in Taiwan in recent years. I. The Convention on Cyber-crime and Chapter 36 of Taiwan’s Criminal Code (offences relating to the abuse of computers) Today, governments throughout the world are formulating measures to combat criminal activity that makes use of the Internet (cyber-crime). In many cases these measures are based on the Convention on Cyber-crime announced by the European Commission on November 23, 2001, and which came into effect on July 1, 2004. This convention is the first international agreement to be established specifically to combat cyber-crime. Its contents include discussion of the various types of cyber-crime, regulations governing the obtaining of electronic evidence, provisions for mutual assistance between nations in judicial matters with respect to cyber-crime and measures to encourage multilateral collaboration. The European Commission asked all signatory nations to revise their own national laws so that they conform to the provisions of the Convention, with the aim of establishing a unified international framework for combating cyber-crime. Responding to the international trend towards the enactment of legislation to fight cyber-crime and to eliminate any loopholes in Taiwanese law that might result in Taiwan becoming a haven for cyber-criminals, on June 25, 2003 the Taiwanese government added a new chapter, Chapter 36 (Offences Relating to the abuse of Computers) to Taiwan's Criminal Code. It contains six articles covering four types of crime: unauthorized access (Article 358), the unauthorized acquisition, deletion or titleeration of electromagnetic records (Article 359), unauthorized use of or interference with a computer system (Article 360) and creating computer programs specifically for the perpetration of a crime (Article 362). Article 361 specifies that more severe punishment should be imposed in the case of violations carried out against the computers or other equipment of a public service organization, and Article 363 states that the provisions of Articles 358–360 shall apply only after prosecution is instituted upon complaint. These new articles provide a clear legal basis for the punishment of common types of cyber-crime such as unauthorized access by hackers, the spreading of computer viruses and the use of Trojan horse programs. In formulating these articles, reference was made to the categorization of cyber-crimes used in the Convention on Cyber-crime and to the suggestions for revision of national laws put forward there. Article 36 is thus in broad conformity with current international practice in this regard and can be expected to achieve significant results in terms of combating cyber-crime. II. The authority of law enforcement to get evidence and ISPs liability In its discussion of the securing of electromagnetic records by law enforcement agencies, the Convention on Cyber-crime notes that such securing of records falls into two broad categories: immediate access and non-immediate access. Immediate access includes the monitoring of communications by law enforcement agencies, non-immediate access relates mainly to the data retention obligations imposed on Internet Service Providers (ISPs). As regards the regulatory framework for the monitoring of communications, Communications Protection and Surveillance Act came into effect in Taiwan on July 16, 1999. According to its provisions, monitoring of communications may only be implemented when it is deemed necessary to protect national security or to maintain social order. Warrants for such surveillance may only be issued if the content of the communications is related to a threat to national security or to the maintenance of social order. Furthermore, the crime in question must be a serious one. In principle, the period for which surveillance is implemented should not exceed 30 days. These restrictions reflect the government’s determination to ensure that citizens' right to privacy is protected. While the Internet is an environment conducive to the maintenance of anonymity, electromagnetic records are easy to erase. Effective investigation of cyber-crime requires automatic recording of communications by the equipment used to transmit the messages, that is to say, it requires the retention of historic data. As regards the extent to which companies are required to collaborate with law enforcement agencies and the conditions applying to the making available of electromagnetic records, these issues relate to the public's right to privacy, and the law in this area needs to be very clear and precise. For the most part, data retention obligations are laid down in Taiwan’s Telecommunications Act. In Taiwan ISPs are classed as "Type II Telecommunications Operators". Article 27 of the Administrative Regulations on Type II Telecommunications Businesses stipulates that Type II telecommunications operators may be required to confirm the existence of, and provide the contents of, customers' communications for the purpose of investigation or collection of evidence upon request in accordance with the requirements of the law. ISPs are required to retain, for a period of between 1 and 6 months, data relating to the account number of subscribers, the times and dates of communications, the times at which subscribers logged on and off, free e-mail accounts, the IP addresses used when applying for Web space and the time and date when such applications were made, the IP address used to make postings on message boards and newsgroups, the time and date when such postings were made and subscribers' e-mail communications records. If a Type II telecommunications operator violates these provisions, he may be fined between NT$200,000 and NT$1 million and be required to remedy the situation within a specified time limit in accordance with Paragraph 2 of Article 64 of the Telecommunications Law. If he fails to remedy the situation within the specified time limit, his license may be revoked. III. The Legal Framework for Personal Data Protection titlehough, as outlined above, some revisions have already been made to the legal framework governing information security, there are still many areas which need to be reviewed. One of the most important is the protection of personal information. Following the explosive growth of the Internet, customer-related information is being processed by computers on a large scale in many different industries. With so many companies collaborating with other firms or adopting new marketing methods, the value and importance of personal information is being reassessed. The dramatic increase in the number of online scams in Taiwan in recent years has made the protection of privacy a focus of attention. The existing Computer-processed Personal Data Protection Law, drawn up to target specific industries, does not really provide adequate protection. A new Personal Data Protection Act, drawn up with reference to the European Union’s Directive (95/46/EC) on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of Such Data and the personal information protection legislation adopted in the USA and Japan, has already been submitted to the Legislative Yuan for deliberation. The key differences between this new Act and the existing Computer-processed Personal Data Protection Law are as follows. Protection is no longer industry-specific, it now applies to both natural and juristic persons and to both public and private agencies. The scope of protection has been expanded to include hard copies of documents containing personal information, and five new types of "sensitive information" – information relating to criminal records, medical examinations, medical records, sexual history and genetic information – have been added. Special restrictions apply to the collection and processing of these types of data. The Personal Data Protection Act also imposes stricter requirements on public and private agencies with regard to the protection of individuals' personal data. For example, agencies must formulate personal data protection plans and measures for dealing with personal data once those data are no longer needed for business purposes. If an agency discovers that an individual's personal data have been stolen, leaked, titleered or violated in any way, they are required to notify by telephone or letter the agency responsible for notifying the individual concerned as soon as possible. If these provisions are violated, the agency's responsible person will be liable for administrative punishment. The new Act also gives regulatory authorities greater powers to undertaking auditing in this area, makes provision for class action suits and increases the amount of compensation to be paid to victims. It is expected that these mechanisms will help boost awareness of the importance of information security in all sectors, thereby helping to ensure better protection for the public's personal information. IV. Management of Unsolicited Commercial E-Mail The widespread utilization of e-mail has created a brand new marketing channel, so that e-mail can fairly be described as one of the most important "killer applications" to which the Internet has given rise. Today, spamming is causing serious problems for both e-mail users and ISPs. E-mail users are concerned about their privacy being violated and about having their e-mail box stuffed full of junk e-mail. Spamming also ties up bandwidth which could be used for other purposes, and Distributed Denial of Service Attacks (DDOS) can make it difficult for ISPs to provide normal service to their customers. Governments throughout the world have begun to consider whether anti-spamming legislation may be necessary. In Taiwan draft legislation of this type has already been submitted to the Legislative Yuan. Taiwan's Anti-SPAM Act was drawn up with reference to the USA's CAN-SPAM Act of 2003, Japan's Law on Regulation of Transmission of Specified Electronic Mail, Australia's SPAM Act and the UK's Privacy and Electronic Communications (EC Directive) Regulations 2003. The draft SPAM Act contains 13 articles, with an emphasis on self-regulation, technology filtering and provision for seeking compensation through civil action. The Act provides for the use of an "opt-out" mechanism to regulate the behavior of e-mail senders, with the following obligations to be imposed on them. (1) The sender must specify in the "Subject" field of the e-mail whether it is a "business communication" or "advertising" to facilitate filtering by ISPs and to make clear to the recipient what type it is. (2) The sender must provide accurate information, including header, information on the sender's identity and the sender's e-mail address. (3) E-mails may not be sent if the sender knows or could be expected to know that the intended recipient has already expressed a wish not to receive e-mail from this source. E-mails may also not be sent if the sender knows or could be expected to know that the information in the "Subject" field is inaccurate or misleading. If the sender continues to send e-mails after the recipient has expressed a clear wish not to receive any more from the sender or if the sender falsifies the "Subject" or header information, then the sender may be required to pay compensation to the recipient at a rate of NT$500–2,000 per person per e-mail. With regard to the widespread practice whereby companies or advertising agencies commission third parties to send junk e-mail on their behalf, in cases where the commissioning party knows or could be expected to know that e-mail is being sent in violation of the above regulations, the commissioning party shall be held jointly liable with the party sending the e-mail. Through the implementation of this new law, the government hopes to establish a first-class Internet environment in Taiwan, putting an end to the current situation whereby large numbers of businesses are engaged in spamming. V. Conclusions Security is the biggest single factor affecting the implementation of e-government initiatives, e-business application adoption and Internet user confidence. Most people associate information security only with the purchasing of security hardware or software and the setting up of firewalls. While these products can indeed help to make the online environment more secure, Internet users should not allow themselves to be lulled into thinking that buying these products will in and of itself be sufficient to ensure security. "Security" is a fluid concept. Over time, the level of security that even a high-end product can provide will deteriorate; the fact that your system is secure now does not guarantee that it will remain secure in the future. Evidence that this is true is provided by the damage that is constantly being caused by viruses, by the need to constantly update security products and by the shift in emphasis away from virus prevention and firewalls towards preventing "backdoor" attacks and towards proactive intrusion detection. Furthermore, the information security risks that companies and organizations have to deal with are not limited to external threats; poor internal management may result in employees selling or leaking customer data or other company data, which can cause serious damage to the organization. Examination of information security theory and practice in Taiwan and overseas suggests that the establishment of effective information security measures embraces four main areas: the detection of cyber-crime, development of new information security technologies and formulation of standards, education and management of computer users and regulatory and policy issues. The most important of these is the education and management of computer users. Detection of cyber-crime is the next most important, while development of new technologies and standard setting and the regulatory and policy aspects play a supporting role. To create a genuinely secure online environment, attention must be paid to all of these. Today governments throughout the world are formulating new legislation to plug the gaps in the regulatory framework governing the online environment. Given the need to let the market mechanism operate freely and to refrain from measures that might retard industrial development, government interference in the Internet, with the exception of crime prevention activity, has generally been viewed as a last resort. Currently the government in Taiwan is still focusing mainly on self-regulation by Internet service providers and other types of business enterprise, and the government's role is still largely confined to formulating standards and assisting with the development of new security products. The area on which both the government and the private sector will need to concentrate in the future is educating and ensuring effective management of computer users.

Introduction to the compulsory licensing mechanism of US music copyrights

With digital music industry rising and flourishing these years, in 1995 the US Congress amended the compulsory licensing regulations in the US Copyright Act to include digital music service in the scope of compulsory licensing. By doing so,it tries to save the industry from deprivation in copyright negotiations and to prevent detrimental effects on music circulation. By introducing the compulsory licensing regulations for music copyrights in the US Copyright Act, this paper wishes to provide a reference for the Taiwanese government to amend Taiwan’s copyright act to promote the development of the digital music industry. I. Exclusive rights in digital music copyright According to the US Copyright, the copyright owner has the exclusive rights to do and to authorize any of the following1: To reproduce the copyrighted work in copies or phonorecords; To prepare derivative works based upon the copyrighted work; To distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending; In the case of literary, musical, dramatic, and choreographic works, pantomimes, and motion pictures and other audiovisual works, to perform the copyrighted work publicly; In the case of literary, musical, dramatic, and choreographic works, pantomimes, and pictorial, graphic, or sculptural works, including the individual images of a motion picture or other audiovisual work, to display the copyrighted work publicly; and In case of sound recordings, to perform the copyrighted work publicly by means of digital music transfer. If it is to be enforced by law that musical works can only be provided after the approval and authorization of the copyright owner, this will be unfavorable for the circulation of musical works. In terms of users, this may mean additional difficulties in providing musical works. Therefore, in addition to negotiating with the copyright owner of the licensing affairs, the US Copyright Act prescribes the compulsory licensing system. As long as the form of use does not violate any terms specified in the Copyright Act, service providers may obtain a license by means of compulsory licensing in order to lawfully “distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.2” 1. Scope of compulsory license According to Section 115 of the US Copyright Act, limitation on compulsory licensing comprises two sections3: (1) The scope of compulsory licensing is limited to the “exclusive rights provided by clauses (1) and (3) of section 106”; i.e. “to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.” (2) A compulsory license can only be applied for unless the copyrighted works are Non-dramatic musical works; phonorecords of a non-dramatic musical work which have been distributed to the public in the United States under the authority of the copyright owner; and phonorecords made by a person whose primary purpose is to distribute them to the public for private use. (1) The scope of compulsory licensing is limited to the “exclusive rights provided by clauses (1) and (3) of section 106”; i.e. “to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.” (2) A compulsory license can only be applied for unless the copyrighted works are Non-dramatic musical works; phonorecords of a non-dramatic musical work which have been distributed to the public in the United States under the authority of the copyright owner; and phonorecords made by a person whose primary purpose is to distribute them to the public for private use. (1) The scope of compulsory licensing is limited to the “exclusive rights provided by clauses (1) and (3) of section 106”; i.e. “to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.” (2) A compulsory license can only be applied for unless the copyrighted works are Non-dramatic musical works; phonorecords of a non-dramatic musical work which have been distributed to the public in the United States under the authority of the copyright owner; and phonorecords made by a person whose primary purpose is to distribute them to the public for private use. Later on, to facilitate the application of the emerging digital sound delivery technology and the development of the digital music industry, in 1995 the US Congress passed the Digital Performance Right in Sound Recording Act of 1995 (DPRA) by which Section 115 of the Copyright Act was amended and the Digital Phonorecord Deliveries (DPD) was added. Based on these, the DPD can enjoy compulsory licensing to deliver digital music service. 2. Entitlement of compulsory license Any person who wishes to obtain a compulsory license shall, before or within thirty days after making the recording, and before distributing any phonorecords of the work, serve notice of intention to do so on the copyright owner. The notice shall comply, in form, content, and manner of service, with the requirements that the Register of Copyrights shall prescribe by regulation. If the registration or other public records of the Copyright Office do not identify the copyright owner and include an address at which the notice can be served, it shall be sufficient to file the notice of intention in the Copyright Office4. After obtaining the compulsory license, service providers shall deliver to the copyright owner or its designated collecting agent the information relating to the royalty of the month and the successes or failures of downloading within twenty days from the end of every month5. If service owners are unable to identify how to deliver the royalty to the copyright owner, the collecting agent shall keep the royalties for the compulsorily licensed nondramatic musical works for three years in an independent trust account. The collecting agent shall assume no responsibility for the safekeeping of such royalties if the copyright owner is unreachable within three years6. 3. Royalty for compulsory license The criteria for calculating the royalty of compulsory license are established by the Copyright Arbitration Royalty Panel formed by the Librarian of Congress. This panel updates the calculation criteria on a biennial basis. The calculation can be done by minute or by work. Applicants must pay the highest royalty calculated with either of the schemes7. 4. Limitation of compulsory license A compulsory licensee shall only reproduce or distribute specific sound recordings and shall not use the work in the making of phonorecords duplicating a sound recording fixed by another; unless the making of the phonorecords was authorized by the owner of the copyright in the sound recording or such sound recording was fixed lawfully.8 II. Conclusions Though compulsory licensing terms have been specified in the Copyright Law of Taiwan, users only need to apply for a compulsory license for sound recordings published for a full six months and the sound recording is used in the making of other musical works for sale9. In this case, the digital music industry will be unable to obtain a compulsory license to deliver lawful services, and negotiation with the copyright owner has thus become a prerequisite for service providers to deliver lawful services. As a result, service providers often become the weaker side of the negotiation and must pay the copyright owner a very substantial royalty. Consequently, the cost of the services will increase. In the future, if the government can amend the copyright law to include the reproduction and delivery of digital music in the scope of compulsory license of sound recordings with reference to the compulsory license terms for sound recordings in the US Copyright Act, service providers can have other access to obtain a license for sound recordings to deliver lawful digital music service other than negotiations with the copyright owner. It is believed that this will promote the fair royalties of sound recording licensing in Taiwan and the development of digital music application service industry in Taiwan. 17 U.S.C.A. §§ 106 17 U.S.C.A. §§ 115 17 U.S.C.A. §§ 115(a)(1). 17 U.S.C.A. §§ 115(b)(1). 17 U.S.C.A. §§ 115(c)(5). 68 FR 57815 See the following for details of royalty criteria for compulsory license: U.S. Copyright Office, Mechanical License Rates-Copyright Royalty Rates Section 115, the Mechanical License, available at http://www.copyright.gov/carp/m200a.html (last visited 2007/8/17) 17 U.S.C.A. §§ 115(a)(1). Article 69, Copyright Law.

Open Government Data in Taiwan

In the recent years, the tide of open movement has pushed vigorously from the open source software, open hardware and the recent open data. More and more countries have joined the global initiative of open government data in order to achieve the ultimate goal to promote the democratic governance. National government adopts open data policy to enhance the transparency, participation and collaboration of the citizen into the government operation. Meanwhile, fueled by the knowledge economy and the statistical analysis of the big data technology, open government data could work as the catalyst to individuals, industries and government agencies to transform data into potential knowledge-based services. Up to the end of 2013, there are around 77 countries have adopted the Open Government Data policy. Taiwanese government also declared to take part in the open data revolution. The government had officially launched the open data policy in 2012. In Resolution No. 3322, the Executive Yuan prescribes that open government data could enhance the transparency of the government; improve the quality of life of people; and meet the needs of the industry. Governmental agencies under the authority of the Executive Yuan shall to recognize the importance of the empowerment brought from open government data to the quality of the decision-making process and asked the agencies to implemented the policy from the perspectives of the user’s needs and applications, and also the consider to include machine readable format for the data. The Executive Yuan directed the Research, Development and Evaluation Commission (RDEC)(行政院研究發展考核委員會) to develop related principles and measures to support government agencies of the Executive Yuan to plan, execute and open up their data. At the same time, it also directed the Industrial Development Bureau(IDB), Ministry of Economic Affairs (MOEA) (經濟部工業局)to develop responsive strategies to cope with the industrial development. Pursuant to the Resolution No. 3322 of the Executive Yuan, RDEC worked through the open government data related laws and regulations, proclaimed the “Open Government Data Operating Principle for Agencies of the Executive Yuan”(行政院及所屬各級機關政府資料開放作業原則)and the “Essential Requirements for Administrate Open Government Data Datasets” (政府資料開放資料集管理要項)in the early 2013. All government agencies of the Executive Yuan have to adopted the following 3 open government data steps:"open up government data for public use”, “provide data free of charge subject to certain exemptions”, "automated systematic release and exchange data”, and work in with 4 open government focus strategies: “release data actively and by the priority in the field of daily necessity”, “develop the norm of open government data”, “promote the use of Data.gov.tw”, and “demonstrate and advocate open government data services”. Ministry of Economic Affairs (MOEA) (經濟部工業局)also provided grants ($9,200 NTD) to the open government data value-added applications and development. The open government data platform (data.gov.tw) was launched in July, 2013, as the official Taiwan government site providing public access and reuse of government data sets from 62 government agencies of the Executive Yuan, including the Ministry of Interior (MOI)(內政部), Ministry of Foreign Affairs (MOFA)(外交部), Ministry of Economic Affairs (MOEA)(經濟部), Council for Economic Planning and Development (CEPD)(行政院經濟建設發展委員會), Hakka Affairs Council (HAC)(客家委員會), Water Resources Agency, Ministry of Economic Affairs (WRA) (經濟部水利署), and 4 local governments. At the end of 2013, each government agency is required to release at least 55 data sets. In addition, the rising tide of private-sector (individual or enterprise) also aims to mine the gold in open government data. Act upon the National Information and Communication Initiative (NICI)(行政院國家資訊通信發展推動小組)in the consultation of the open government data policy, Taipei Computer Association (TCA)(台北市電腦同業工會)organized the “Open Data Alliance” (ODA)(Open Data聯盟)as a bridge between the information provide-side (public sectors) and the demand-side (private sectors), to communicate and coordinate the expectations and needs from communities (bottom-up) towards open government data. On Dec. 11, 2013, Taiwan took one more step in the global open data initiative. Open Data Alliance (ODA) and the Open Data Institute (ODI) in UK signed the memorandum of understanding (MOU) and announced the alliance established to promote and explore the potential opportunities of open data holds for the public, private and academic sectors. The engagement of ODA and ODI could bring another catalyst for the open movement in Taiwan to take one big step in the international community. According to a survey from ODA, the biggest challenge so far is the available data sets do not really meet the needs of the industry. And most of the feedback reflects the concerns in licensing, charge, frequency of updates, data formats and data quality. These voices echo the open government data issues encountered in many countries. There are still some obstacles with the applicable laws and regulations (for example, Charges and Fees Act, Personal Data Protection Act, Accoutability & Liability etc.) wait to be solved before both public and private sectors to go onto the next level of open data development.

TOP