Online Digital Content Protection issues in Taiwan

By
Ying-Hsi Chiu, Project Manager
Science and Technology Law Center
Institute for Information Industry
Taiwan , Republic of China
English Conference Paper of The 6 th PDMC International Seminar on Software and Digital Content IPR Protection in Digital Environment, Korea

In recent years, there is a phenomenon that governments in various countries launched different programs or action plans to stimulate the development and use of digital content, with the hope to boost a new economy based upon this promising industry. The rise of digital content signifies the shift of economy from manufacture of physical items to high value intangibles. However, the nature of digital content such as easy-copy, low-cost and high-quality, render the new industry even more vulnerable to piracy. Furthermore the threats to lose profits and even the future of the whole industry pose a severe challenge to governments. In order to support digital content industry to continue thriving in a healthy and sound environment, proper legal protection and stringent enforcement measures, especially for on-line digital content, will definitely have a profound impact in the long run.

Taiwan Government also put digital content as one of the most promising industries for the next generation. Human resources and financial supports have been allocated, and we have seen more and more talents and companies joining this industry. However, in the meanwhile, in addition to the continuous task on cracking down piracy, our Government has been working on amending relevant laws and regulations in order to provide a solid legal infrastructure for digital content industry. In this paper, I would like to introduce you the major achievements regarding our recent amendments of Copyright Law, Rating system for digital content and the draft of “Digital Content Industry Promotion Act”. Of course, two local peer to peer cases and other legislative proposals regarding ISP responsibility will also be discussed.

A. the Impact of Copyright Law amendments in 2003 and 2004 on Digital Content

With Taiwan 's accession to World Trade Organization, Taiwan is under the obligation to amend her domestic intellectual property laws to be in line with the minimum standards as required in TRIPs. Besides, the society of Taiwan , at the same time, is experiencing a knowledge-based revolution. Almost every kind of information is digitalized, but relevant laws offer little or inadequate legal protections which in turn arouse more piracy on internet and greatly reduce our confidence in internet creativity. Copyright Law is the existing law that has been confronted with the most impacts from the progress of scientific and technological development. Therefore, c opyright law has been amended successively in July 2003 and August 2004 so as to cope with the increasing application of digital science and technology. The key amendments that have profound impact on digital contents are summarized as follows:

a. The Right of Temporary Reproduction 1:

Whether “temporary reproduction” is a type of reproduction under copyright law has been a issue of discussion for years, and finally in 2003, the amendment gave an positive answer. Temporary reproduction of copyrighted works is deemed a type of reproduction, but is not protected under copyright law if the temporary reproduction is transient, incidental, an essential part of a technology process, and without independent economic significance, where solely for the purpose of lawful network relay transmission, or for the lawful use of a work. A “lawful network relay transmission” includes technically unavoidable phenomena of the computer or machine occurring in network browsing, caching, or other processes for enhancing transmission efficiency.

For the above amendment,, the definition of "reproduction" was also amended to include the "direct, indirect, permanent and/or temporary reproduction activities" 2.

b. The Right of Public Transmission 3

One of the most important amendments regarding the protection of digital content is the new article about “public transmission”. The term is defined as “to make available or communicate to the public the content of a work through sounds or images by wire or wireless network, or through other means of communication, including enabling the public to receive the content of such work by any of the above means at a time or place individually chosen by them.”

The act of public transmission is characterized in its mode of operation by means of interactive computerized or Internet transmission which is different from the mode of operation of transmitting the contents of copyrighted works in a unilateral manner such as public oral transmission, public broadcasting, or public performance etc.

To confer the new added definition of “public transmission” 4, the Article 3-1-7 regarding the definition of "public broadcast" 5 was also amended 6, so as to distinguish the operation modes of "public transmission" and "public broadcast" in order to avoid confusion while using these two different terms.

c. Protection of Electronic Rights Management Information

When copyright law confers the “public transmission” right to authors, the introduction of “Electronic Rights Management Information” will definitely facilitate the author to be easily accessed and encourage more exploitation of digital contents. The term " electronic rights management information" refers to the electronic information which is used to identify a copyrighted work, the title of the work, author, economic rights holder or person licensed thereby, and the period or conditions of exploitation of the work, including numbers or symbols that represent such information 7. Anyone who removes or alters the electronic rights management information without authorization shall be imposed civil liability for damages and criminal liability for sentence up to one year imprisonment, detention or fine.

d. Technology Protection Measures 8

The term "technology protection measures", that is, the "anti-circumvention measures", means the equipments, devices, components, technology or other technological means employed by copyright owners to prohibit or restrict, in effective manner, others from accessing or utilizing his/her work without prior authorization. Anyone who disarms, destroys or by any other means circumvents the technological protection measures employed by the copyright owner shall be subject to civil liability for damages.

The new amendment further specifies that any equipment, device, component, technology or information for disarming, destroying, or circumventing technological protection measures shall not, without legal authorization, be manufactured, imported, offered to the public for use, or offered in services to the public. Violation of this article shall be imposed criminal liability for sentence up to one year imprisonment, detention or fine.

e. Specific Punishment for Use of Pirated Software 9

Before the 2004 amendment, the use of pirated software for commercial purposes shall be deemed an infringement of copyright only if the user has “actual knowledge” that he is using pirated software for that purpose. The application of this article, however, was controversial because it was difficult to prove that the user did have “actual knowledge” of the contended facts. Hence in the 2004 amendment, the requirement of “actual knowledge” was deleted, and therefore, as long as there is the fact of using pirated software, the user shall have no excuse to running away form civil liability for damages and criminal liability for sentence of up to two years imprisonment or detention, or in lieu thereof or in addition thereto, a fine of no more than five hundred thousand New Taiwan Dollars (hereinafter called NT Dollars).

f. Increasing the magnitude of criminal liability for illegal optical disk copyright infringement

Owing to the massive harmful power on digital content by illegal optical disks, the amendment increases the magnitude of criminal liability for illegal optical disk copyright infringement. A person who infringes on the economic rights of another person by means of reproducing a work onto an optical disk shall be subject to imprisonment ranging from six months to five years, and in addition thereto, may be fined ranging from five hundred thousand to five million NT Dollars.

Besides, heavy criminal liability is also imposed on a person who distributes or with intent to distribute publicly displays or possesses a copy of optical disk knowing that it infringes on the economic rights shall be subject to imprisonment ranging from six months to three years and, in addition thereto, may be fined ranging from two hundred thousand to two million NT Dollars.

Both offenses are actionable not upon complaint.

B. Local P2P case analysis and possible solution

No matter we accept it or not, Internet has changes our life style in many ways . People find that many real-life activities could now find their counterparts “on line”, which bring us not only convenience and exciting experiences, but sometimes also raise problems. Downloading on-line music has drawn much attention during recent years. This newly flourishing business model provides music lovers a wide range of selections on-line, through peer to peer technology at relatively low cost. However, this new business did not receive supports from record companies and music right holders. On the contrary, these P2P companies were accused of the main cause for the sharp drop in profits for the past few years. Although it is difficult to prove the direct relationship between lost of profits and the downloading services, we have seen many copyright infringement cases were brought to courts in the United States (Napster/Groster cases), Holland /Australia (Kazaa case) and Japan (MMO case) and the judgments, even with similar facts, were opposite! This situation just reflects the complexity of the whole issue and arouses more discussion on this topic.

In August 2003, International Federation of the Phonographic Industry, Taiwan Branch (hereinafter referred to as IFPI Taiwan) brought complaints against two local P2P companies in Taipei and the courts also reached opposite judgments. It is the main purpose of this paper to discuss the two judgments and possible solution in the future.

Before we start to discuss the two cases, I would like to take this opportunity to briefly clarify our copyright law liability system. Unlike American legal system, where liability for violation of copyright law is civil liability in nature, the legal responsibility for copyright infringement in Taiwan is criminal liability, and therefore, courts in Taiwan will apply stricter standard in deciding whether violation of copyright is intentional.

a. ezPeer case

This is the first P2P case in Taiwan and Taipei Shihlin District Court found in June 2005 that the defendant, ezPeer company, is not guilty of copyright violation charges for the following reasons:

  1. In the indictment, the prosecutor claimed that ezPeer provides on-line music downloading services through a “centralized P2P framwork”, so it is reasonable to conclude that ezPeer has “actural knowledge” about the fact of copyright infringement by its members. With such knowledge in mind, ezPeer still provides file-exchange services, and therefore, ezPeer is suspecious of violating copyright of the record companies. The Court, however, held that ezPeer is in fact a “decentralized P2P framwork”, and further held that it is not important to decide the type of P2P framework in this case because the original structure of P2P was not designed for the purpose of violating copyright.
  2. The Court maintained that the downloading and transmission of musical files by individual member might satisfay fair-use circumstances or other requirements for legal exploitation of the works. From the evidences submitted by the prosecutor, the Court is not able to ascertain if ezPeer is able to distinguish the legality of conducts acted by its members. Under such circumstances, the Court helded that it is also impossible to conclude that ezPeer is an accomplice in this case.
  3. Under present relevant laws, ezPeer is under no legal obligation to take active actions to provide special devices or measures to filter off the downloading and transmission of musical files that are suspecious of violating copyright law.
Of course, ezPeer judement ignited another pro and con debate in Taiwan . It is interesting to note that the judgment of ezPeer case was rendered on the 30 th of June, 2005, only three days after the Groster judgment which was rendered on the 27 th of June 2005. We are not sure if the Groster judgment has any impact on the Kuro case, but as we will see below, the judgment of Kuro case is just totally opposite to ezPeer.
b. Kuro case

On the 9 th of September , 2005, Taipei District Court reached its judgment on Kuro case, and held that the defendant, providing unauthorized music downloading services for the purpose of making profits, is jointly responsible as conspiracy with its individual member for infringing plaintiff's copyright. The CEO and General Manager of Kuro were sentenced for three-years' imprisonment separately, and both were fined three million NT Dollars; the responsible person (chairman) of Kuro was sentenced for two-years' imprisonment and Kuro's member, Miss Chen, was also sentenced for four-months' imprisonment, which could be substituted by fine, and which also obtained a respite for three years.

In addition to criminal action, IFPI also filed a civil lawsuit claiming for compensation, and this case finally reached a peaceful settlement on the 15 th of September, 2006. Kuro promised to pay IFPI Taiwan 3 millions and 5 hundred thousand NTD as compensation. A new company /will be incorporated to continue the legal music platform business. The members' list, brand name and the employees of Kuro will be transferred to the new company under a license agreement. In the future, the new company will provide downloading services not with P2P technology, but with streaming model, and the member fee will have a jump from the present 99 NTD/month to 150 NTD/month.

A brief comparison can be made between the two local cases:

  1. Taipei Court found that when Kuro's server is under normal
    operation, and when Kuro's member would like to download a specific music file from another member, Kuro's server will provide IP address, route and establish connection in order to facilitate its member to conduct fast search and to download the music file; If the connection is interrupted during transmission, Kuro's server will automatically locate other member's IP to resume the transmission. The Court was convinced under these facts that Kuro was a “centralized P2P framework”.
  2. The Court further found that Kuro published a great deal of commercial advertisements on various media to increase its membership; Kuro also established “feed-back mechanism” on its own website to encourage the users to download music file. Given all these evidences, The court was convinced that Kuro, who had actual knowledge that the P2P technology it provided will be utilized by others as a tool to carry out criminal activities, should induce the general public to pay or buy its membership to infringe other's copyright in order to pursue its own commercial benefits. In doing so, the court held that Kuro has already foreseen that its member will use P2P technology to conduct unauthorized music downloading, the copyright holder's damages and the causation between the two, and the result of causing lost of profits on plaintiff is not against Kuro's intent. Therefore, Kuro must be responsible for violating copyright liability.

We found that the supporting evidences really play important roles in helping the Court to reach its final judgment and that is one major reason why we have two cases with similar facts but having opposite results. The P2P issue, with the settlement between Kuro and IFPI Taiwan, is at rest for the time being, but efforts trying to have legislative solution are just begun.

There was suggestion to amend Copyright Law to have a “compensation system” to solve the P2P problems. This proposal, however, did not receive much support among scholars and legislators. Recently another proposal was brought to our attention that our Copyright Law shall adopt a procedure similar to the one adopted in DMCA. This new proposal arouses another big issue: how should we regulate ISP? This issue has been in debate for years in Taiwan , and so far there is still no consensus on this point. As a matter of fact, ISP relates not only to copyright issues, privacy protection, anti-porn/violence for minors on internet are also important topics needed to address our concerns. So far, it is too early to comment the future of this new proposal, but we will keep close watch of its future development. From III's point of view, a single legislation encompassing all issues regarding ISP will be a better solution.

C. Rating system for digital contents

With the rapid advances of technology and the widespread use of computers, Internet has become an indispensable part in our daily lives. When we enjoy the convenience of having easy and quick access to almost all kinds of information, we are exposing ourselves, at the same time, to a world which is flooded with impoper or even indecent contents. Those contents deliver either wrongful or harmful messages to the viewers and sometimes cause negative impacts on their minds forever. This situation poses a quite serious problem especially for children and teenagers who are encouraged to acquaint themslves with the cyber space but do not equipped with proper knowledge and ability to distinguish healthy and useful contents from unhealthy and harmful ones. Hence, in addition to protectingof the right of digital content, while in the process of promoting digital content industry, setting clear rules to regulate content providers to protect minors are also very important. In order to insure the sound development of the physical and mental status of the minors, Article 27, Paragraph III of the “Children and Youth Welfare Act 10” requires that “the competent authority should publish rating regulations for publication 11, compouter software and internet content”. This is not to impose any restrictions on the freedom of speech on internet, but rather a protection measure by providing a basic reference for parents and the minors to decide which content is appropriate for them.

a.Regulations of Internet Content Rating

The “Regulations of Internet Content Rating” was first published by Government Information Office (hereinafter referred to as GIO) on the 26 th of April, 2004. The regulation provides a grace period of 18 months in order to avoid rushness and, therefore, the exact enforcement date was the 26 th of October, 2005. This Regulation was further amended in October 2005.

The most important spirit of the Regulation is “self discipline” principle. According to the amended regulation, content providers shall classify the contents either “restricted” or “non-restricted” by themselves. Restricted contents providers are required by the Regulation to put a “restricted” label on the homepage or relevant web pages in a conspicuous manner. Before the amendment, the rating system was classified as “common for all”, “protected” (which means the content is not suitable for children under 6), “parents guide” (which means that the content is not suitable for children under 12; for the youth between 12 to 18, parents guide is needed) and “restricted” (not suitable for people under 18). So under the present classification, Internet content that is not rated as “restricted” may be viewed by children under guidance or under the discretion of parents, guardians or others taking care of them 12.

In order to carry out the functions specified in the regulation, the “Taiwan Internet Content Rating Promotion Foundation 13” (hereinafter referred to as TICRF) was established by GIO on the 7 th of January, 2005 . This will facilitate the development of Internet-related industry while protecting freedom of speech online and regulate user behavior.

b. Regulations of Computer Software Rating

The “Regulations of Computer Software Rating” was published by Industry Development Bureau (hereinafter referred to as IDB) of Ministry of Economic affairs on the 6 th of July, 2006 and will be enforced on the 5 th of January of 2007. Following the Internet Content Rating Regulation, this regulation adopts the “self-discipline” principle, and “four tiers” rating classification. However, there a re some points to be noted:

1. The term “computer software” in this Regulation refers only to “computer games”, excluding other kinds of software like searching engine, data mining, tool or educational software.

2. Only the game software that can be played through “computer” shall be the subject under this regulation. Games played on other devices, such as mobile phone, PDA, television or other devices. As a result, video games do not fall within the definition of “computer game” under this regulation and, therefore, is not regulated so far.

3. The competent authority for the new Regulation is IDB. Not like GIO establishing a foundation under its donation, IDB will encourage the private sector to organize professional groups to provide consultation services regarding any question or misunderstanding arising from this regulation. Anyone who would like to challenge the rating label marked by the computer software providers, may also bring their cases to any of those professional groups for opinions.

5. The new Regulation requires that the computer software providers must put the label not only on the web page providing downloading services but also on the package in a conspicuous manner. It further requires that for “restricted” software, a warning sentence like “This software is intended for use for persons above 18” must be properly marked.

D. The “Digital Content Industry Promotional Act” (Draft)

a.To restore the copyright pledge recordation system

As we have pointed out that copyright and other intangible assets are playing a more and more important role in the knowledge based economy. Therefore, the purposes of copyright law are no longer limited in protecting the rights of the authors, but are extended to facilitate the maximum exploitation of these works in order to manifest their potential economic values. As we all know that the most valuable assets for digital content companies are their intangibles, such as patents, copyrights or trademarks. In the early stage, those start-up companies might rely heavily on government's financial supports. However, when digital content companies are becoming more mature and try to make use of their intellectual properties as collateral to reach a loan agreement with the banks, they will find that the banks are not willing to accept these intangibles as collateral 14. The situation for copyright is even worse in Taiwan since our copyright competent authority no longer provides copyright recordation services to the public 15, and therefore, the banks are even less interested in accepting copyright as collateral because they are not able to estimate their risks with accuracy in any particular case when those important information regarding the “intangible collateral” is not available from any trustworthy government agency or private organization.

In order to provide a formal channel of disclosure and to ignite the economic potential in intellectual properties in the future, our government is planning to restore the copyright pledge recordation system in the draft of “Digital Content Industry Promotional Act”, aiming that this will offer the digital content companies a better position to negotiate with the bank and other financial institutions for loan agreements.

b. Exploitation of Work Whose Authorship is Unknown

At a higher level of the panorama, Copyright Law encourages the exploitation of other's works in order to facilitate further idea exchange and culture development. However, such a privilege is granted by law only when the users obtain author's authorization in advance, except in some specified fair-use circumstances or using works which already in public domain. However, author's authorization is sometimes difficult or even impossible to obtain when the author's whereabouts is unknown 16. This is especially true in the internet environment when the flow of information is so fast and the amount of information is enormous. This situation undoubtedly creates a big hurdle for content users and impedes their willingness to continue creative activities on internet . In order to solve this problem and to reach full utilization of digital contents, our Government is planni ng to bring this licensing deadlock to an end by setting a procedure which allows the users to submit sufficient evidences to the copyright competent authority to prove that he/she has exhausted all possible means but still fail to locate the author. After reviewing all the documents and evidences, copyright competent authority will grant the authorization on a non-exclusive basis, and the user has to deposit the license fee as prescribed in the approval letter and then use the work in the manner as prescribed therein.

Taiwan Government is hoping that in the internet era, authors are urged to exercise their rights granted under Copyright Law in a much more positive manner by using “electronic rights management information” to enable others to share authors' wisdom and to help the whole society to benefit from the wisdom-sharing process.

Conclusion

The whole world is facing a new digital era that nobody has ever experienced before, especially the Internet world. Traditional legal system is no longer enough to deal with problems related to the creativities of intangible assets. Members of modern society, need to find the best solution to irrigate and protect these digital fruits, and, at the same time, to resolve or prevent problems or expected harm from the development of digital content industry. To set up a new legal system along with various industrial policies is deemed a good solution to build up sound environment for the growth of digital industry.

Challenges and hurdles will be confronting us every single day. They come to existence even faster than before. Their existences just send us clear messages that it is time to submit more proposals to promote digital industry, to create maximum profit to the digital society as a whole and to prevent harmful results from this trend of digital tide. We believe that Taiwan Government is now well prepared to face this new age and to overcome all the expected or unexpected challenges. Major changes of legal structure will be achieved step by step within the following years and it is expected that when cases relating to digital content are accumulated to certain amount , the consensus to solve those legal issues will become much clear. When we reach this point, our society will be more comfortable and confident in using and creating digital contents and the digital industry in Taiwan will be mature.


1. This amendment is made pursuant to Article 9 of the TRIPs which provides that every member of the WTO shall adhere to the provisions set out in Article 1 through Article 21 of the 1971 Berne Copyright Convention. Article 9 of the Berne Convention entitles the authors of the literary and art works protected by the Convention the exclusive right to licensing, in any manner or form, the reproduction of his/her copyrighted works.

2. The ROC Copyright Law Article 3-1-5

3. This amendment was made by making reference to Article 8 of the WCT and Article 10 and Article 14 of the "WPPT", and Article 2, and Article 2 –1 and 2-2 of the EU 2001 Copyright Directives

4. "Public transmission" means to make available or communicate to the public the of a work' content through sounds or images by wire or wireless network, or through other means of communication, including enabling the public to receive the content by any of the above means at a time or place individually chosen by them

5. "Public broadcast" means to communicate to the public the a work's content through sounds or images by means of transmission of information by a broadcasting system of wire, wireless, or other equipment, where such communication is for the purpose of direct listening reception or viewing reception by the public. This includes any communication, by transmission of information via a broadcasting system of wire, wireless, or other equipment, to the public of an original broadcast of sounds or images by any person other than the original broadcaster

6. The amendment was referenced to the provisions set out respectively in Article 8 of the WIPO Copyright Treaty (hereinafter referred to as "WCT") and Article 10 and Article 14 of "The WIPO Performance and Phonograms Treaty" (hereinafter referred to as "WPPT")

7. The ROC Copyright Law Article 3-1-17 , The definition of the term " electronic rights management information" was added with reference to the provisions set out respectively in Article 12 of the WCT, and Article 19 of the WPPT which requires all signatory countries to provide full protection and remedies to the integrity of electronic rights management information, Article 7 of the EU 2001 Copyright Directives, Article 1202 of the US Copyright Act, and Article 2-1-21 of the Japanese Copyright Law.

8. The ROC Copyright law Article 3-1-18 , this item was added in 2004 amendment. The definition of the term "technology protection measures" are added to the 2004 Copyright Law pursuant to in Article 11 of the WCT and Article 18 of the WPPT respectively, requiring the mandatory and adequate legal protection to the "anti-circumvention measures". And, the Article also makes reference to the relevant provisions provided in Article 6 of the EU 2001 Copyright Directives"; Article 1201 of the US Copyright Act; Article 20,1,20 of the Japanese Copyright Law; Article 18 of the "On-line Digital Contents Industry Development Act" and Article 30 of the "Computer Programs Protection Act" of Korea respectively.

9. The ROC Copyright Law Article 87-5 and 87-6

10. The Act was put in force on the 28th of May, 2003

11. ROC Government has already enacted rating regulations for publication (books, magazines, etc.) and movies/TV programs.

12. Many teachers and parents group are criticizing the new rating classification. They agree that it is sometimes difficult for the content providers to mark correct label for contents which are either “protected” or “parent guide”. However, they argue that it is irresponsible to shift the whole burden to parents who do not have enough profession or simply do not have time to do so.

13. For more detailed information, please visit TICRF's website at http://www.ticrf.org.tw/

14. The conservative attitude of the banks and other financial institutions are understandable. First of all, the market for intangibles as collateral is just not mature for the time being, and we do not have enough experiences in the area of intangible assets evaluation. Secondly, banks are more familiar with traditional collateral, like lands, houses, etc. In fact, they are quite confused about how to deal with all these intangible assets in their hands. Thirdly, an effective mechanism for the withdrawal of banks and financial institutions from the market is still lacking, which greatly increases the risks for banks, and in turn, will render banks more hesitated to reach any loan agreement with digital content companies from the very beginning.

15. The Copyright Law of Republic of China was first promulgated in 1928. At that time, copyright protection would be obtained only if the author fulfilled the strict “registration” process. In 1985, Copyright Law was undergoing an overall review, and an internationally accepted principle that “copyright protection will be automatically obtained upon completion of the work” was adopted. However, copyright registration system was still maintained for voluntary application for registration and the issuance of copyright registration certificate. In 1992, a more loose “copyright recordation system” was adopted to replace the “copyright registration system” to avoid any confusion. In 1998, after many years' debates, copyright recordation system was finally abolished for the following reasons:

1). The existence of “copyright recordation system” always delivers wrong information to the public that copyright law still requires registration for protection of a work. So it would be better to abolish the recordation system to avoid any misunderstanding in the future.

2). In a copyright lawsuit, the courts, instead of conducting substantial fact-finding procedure to ascertain who the copyright holder is, very often require the party claiming copyright protection to submit copyright registration certificate or recordation transcript to prove that he/she is the copyright holder. In doing so, the spirit of copyright law was led to such a distortion that would render the public even more confused about the true meaning of copyright law.

3). Due to limited manpower in our copyright competent authority, services for applications either for copyright registration or recordation will consume a lot of administrative resources , and the crowding-out effect would have negative influence on the allocation of resources to other pending copyright issues or basic researches at hand.

16. This is termed “orphan works” by Professor Lawrence Lessig.

※Online Digital Content Protection issues in Taiwan,STLI, https://stli.iii.org.tw/en/article-detail.aspx?no=105&tp=2&i=170&d=6121 (Date:2024/07/20)
Quote this paper
You may be interested
From the Expansion of WAGRI, Japan's Agricultural Data Collaboration Platform, into a Smart Food Chain to Discuss Smart Measures in Responding to the Pandemic

From the Expansion of WAGRI, Japan's Agricultural Data Collaboration Platform, into a Smart Food Chain to Discuss Smart Measures in Responding to the Pandemic Yu Yu Liu I. Introduction   For the past few years, Taiwan has been progressively developing smart agriculture. During this process, general agricultural enterprises and farmers are challenged with and discouraged by expensive equipment installations and maintenance costs. The creation of a new business model which facilitates the circulation and application of agricultural data may lower the threshold of intellectualization acquisition, and become the key to the popularization and implementation of smart agriculture. This article shall analyze the strategy of promoting the use of data circulation for smart agriculture in Japan, which has a similar agricultural paradigm as Taiwan, and provide a reference for the development of smart agriculture in Taiwan.   Japan is facing the same problems as Taiwan, in terms of the aging farmers and low birth rates, that lead to the lack of successors. The Japanese government proposed the concept of Society 5.0 in 2016, expecting to use information and communication technology (ICT) to drive the development of various fields of society[1]. In the agricultural field, the use of ICT in agriculture can facilitate the transmission of experience by turning the tacit knowledge of experienced farmers into externalized data.   At that time, there were many ICT system service technologies developed by private companies In Japan, but the system services provided by various companies were not compatible with each other due to the lack of collaboration, and the data formats and standards produced by ICT system providers were varied; furthermore, the data in the public sector (research and administrative agencies) was also divided and managed independently. To facilitate the integration, management, and circulation of agricultural data, the Japanese Agricultural Data Collaboration Platform (WAGRI[2]) was born. II. The Development of WAGRI 1. Japan's Prime Minister directed the construction of a data platform   The Japanese government held the 6th Future Investment Conference[3] on March 24, 2017, chaired by Prime Minister Shinzo Abe, who mentioned that in order to cultivate safe and tasty crops, the government and the private sector should provide each other with updated information on crop growth conditions, climate, maps, etc., and build an information collaboration platform that can be easily used by anyone by mid-2017, with all the necessary data fully disclosed. The project was handed over to the IT General Strategy Headquarters[4] to realize the above-mentioned platform.   At the 10th Future Investment Conference, held on June 9, 2017, the Future Investment Strategy 2017[5] was announced with the goal of realizing "Society 5.0". During the conference, it was mentioned that the "Japanese Agricultural Data Collaboration Platform (hereinafter referred to as WAGRI), which is based on publicly available information from the agriculture, forestry, and water industries, such as agricultural, topographical, and meteorological data held by the public sector, that can be shared and used for a variety of purposes, would be constructed in 2017. 2. The Trial Run of WAGRI   WAGRI is supported by the Cabinet Office's Phase 1 of the Strategic Innovation Promotion Program (SIP), under one of the 11 projects entitled "Next Generation Innovation Technologies for Agriculture, Forestry and Water Industries"17[6] (which is managed by The National Agriculture and Food Research Organization [NARO]17[7]). The platform was constructed by the SFC Research Institute of Keio University17[8] in collaboration with an alliance of 23 organizations that participate in SIP research, including agricultural production corporations, agricultural machinery manufacturers, ICT providers, universities, and research institutions (e.g., Japanese IT companies NTT - Nippon Telegraph and Telephone Corporation, Fujitsu Limited, major agricultural machinery manufacturer- Kubota Corporation, Yanmar Holdings Co., Ltd.)17[9]. WAGRI has three major functions: "cooperation" (breaking down the barriers between different systems so that data is compatible and interchangeable), "sharing" (data is shared in a way chosen by the providers, so as to facilitate the establishment of a business model for data exchange and use), and "provision" (soil and meteorological data are provided by public and private sectors to help facilitate data acquisition and subsequent circulation). During the trial run, there were practical cases that demonstrated that after the implementation of WAGRI, the costs of labor and time spent on data collection and utilization had been significantly reduced17[10]. 3. The Independent Operation of WAGRI   In April 2019, WAGRI, which was originally supported by the SIP program, was transferred to NARO to be the main operating body and officially start the operation.   With the updated use of the information required to operate the WAGRI platform independently, starting in April 2020, the original no-fee approach has been changed. Organizations wishing to use WAGRI are required to pay variable fees according to the following two methods of using the platform [11]: (1)Data users (those who use WAGRI data), data users-and-providers (those who use WAGRI data and provide data to WAGRI) ·Monthly fee of 50,000 yen for platform use. ·If fee-based data is accessed, a separate data usage fee must be paid. (2)Data providers (those who provide data to WAGRI) ·Monthly fee of 30,000 yen for platform use. ·Proviso: If the data provided is free of charge, in principle, there is no requirement to pay the platform utilization fee. III. Application of WAGRI’s Expansion in Response to the Pandemic   The Smart Food Chain Alliance[13], which is supported by one of the 12 projects of the SIP Phase 2 program - "Smart bio industry / basic agricultural technology[12]", will expand WAGRI, which was established with the support of the SIP Phase 1 program, to build a smart food chain platform (WAGRI-dev for short).The main mission of the Smart Food Chain Alliance is to build a smart food chain (commercialized services are expected to begin in 2025) that enables the interoperability of data related to food processing, distribution, sales, and exports, to serve as a basis for fresh food logistics in Japan. This platform is built on the framework of WAGRI, and expanded to WAGRI-dev.   In response to the pandemic, the Food and Agriculture Organization of the United Nations (FAO) and the World Health Organization (WHO) jointly issued the "Interim guidance for COVID-19 and Food Safety for competent authorities responsible for national food safety control systems[14]" on April 7, 2020. Based on these guidelines, the Smart Food Chain Alliance of the Japanese SIP program "Smart bio industry / basic agricultural technology" has developed "Guidelines for the Novel Coronavirus (COVID-19) Countermeasures". As part of the above-mentioned program, the "Japanese Food Guidelines Collaboration System (WAGRI.info, in short)"[15] developed countermeasure applications to respond to the pandemic.   WAGRI.info opened its website on July 13, 2020 to accept food safety registrations from food and agricultural product related companies. This registration is not limited to those who meet the COVID-19 countermeasure guidelines, but also those who meet the existing quality and safety management guidelines (e.g. Hazard Analysis and Critical Control Points (HACCP), etc.). It also provides a corporate search function for general public use.   WAGRI.info is a part of WAGRI-dev, and will add various data collaboration functions and measures in the future to prevent data manipulation and unauthorized access. The Japanese government originally expected to build the world's first smart food chain platform that includes data from production to processing, distribution, sales and exporting by expanding WAGRI; in response to the pandemic, related functions were added to create a food safety information network.   In Taiwan, there are also data platforms related to smart agriculture that provide OPEN DATA interface functions[16], and the development of food safety traceability integrated application systems to provide information on the flow of school lunch ingredients. In addition to Japan's WAGRI model of data integration and sharing that, can be used as a model for the development of smart agriculture in Taiwan, WAGRI.info's approach can also be used as a reference for domestic food safety policies, in response to the pandemic. [1]"The Science and Technology Basic Plan", Cabinet Office of Government of Japan website: https://www8.cao.go.jp/cstp/kihonkeikaku/index5.html (last viewed on 07/12/2021). [2]WAGRI is a data platform that consists of a variety of data and services connected to form a wheel that coordinates various communities and promotes "harmony", with the anticipation of leading innovation in the field of agriculture. The word is formed by the combination of WA + AGRI (WA is the Japanese word for harmony + AGRI for agriculture). WAGRI website, https://wagri.net/ja-jp/ (last visited on 07/12/2021). [3]As the command headquarters of the Japanese government for implementing economic policies and realizing growth strategies, the Headquarters for Japan’s Economic Revitalization has been holding a "Future Investment Conference" session approximately every month since 2016, to discuss growth strategies and accelerate social structural reforms, so as to expand future investment. "Headquarters for Japan’s Economic Revitalization", Prime Minister of Japan and His Cabinet website, http://www.kantei.go.jp/jp/singi/keizaisaisei/ (last visited on 07/12/2021). [4]The Japanese government has been actively promoting the use of IT as a means of helping to solve social issues in various fields. In 2000, the IT Basic Act (Basic Act on the Formation of an Advanced Information and Telecommunications Network Society) was enacted in Japan, and in the following year, the IT Strategy Headquarters (Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society) was established in accordance with the said laws. In 2013, in accordance with the Government Chief Information Officer (CIO) Act, the Cabinet Secretariat established the position of Deputy Chief Cabinet Secretary for Information Technology Policy (Government CIO, in short), and IT Strategic Headquarters was integrated with the GCIO to be the IT Comprehensive Strategy Headquarters (Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society, IT Comprehensive Strategy Headquarters) to rapidly promote the key policies for an advanced telecommunications network society, and to break the vertical gap of the ministries and departments, and to connect the entire government horizontally. "Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society" (IT Comprehensive Strategy Headquarters), Prime Minister of Japan and His Cabinet website, https://www.kantei.go.jp/jp/singi/it2/ (last visited on 07/12/2021). [5]Hsu, Yu-Ning, "The 10th Future Investment Conference, held at the Prime Minister's Residence of Japan, proposing Japan's "Future Investment Strategy 2017”, to realize "Society 5.0" as its goal", Science & Technology Law Institute website, https://stli.iii.org.tw/article-detail.aspx?no=64&tp=1&i=72&d=7844, (last visited on 07/12/2021). [6]Focusing on the important issues of "Society 5.0" in conjunction with the key areas of governance of the Future Investment Conference, the Cabinet Office set up an annual budget for science and technology to help create and promote the "Strategic Innovation Promotion Program (SIP)". The first phase of the SIP is a five-year program running from FY2014 to FY2018. "Strategic Innovation Promotion Program (SIP)", Cabinet Office website, https://www8.cao.go.jp/cstp/gaiyo/sip/index.html (last visited on 07/12/2021). Qiu, Jin-Tien (2017), "Technology Innovation Strategy for Realizing the Super Smart Society (Society 5.0) in Japan", National Applied Research Laboratories website, https://portal.stpi.narl.org.tw/index/article/10358 (last visited on 07/12/2021) [7]The National Agriculture and Food Research Organization, NARO in short, is a national research and development corporation for agricultural and food industry technology. [8]The SFC Research Institute, located on the Shonan-Fujisawa campus of Keio University, is a research institute affiliated with the Graduate School of Policy and Media Studies, the Department of General Policy, and the Department of Environmental Intelligence, and is an important research institute involved in the development of smart agriculture in Japan. Professor Atsushi Shinjo is the research director of WAGRI, and he is also the Deputy Government CIO of the Cabinet Secretariat and the Acting Director of the IT Strategy Office, contributing to the creation of the "Agricultural Information Creation and Distribution Promotion Strategy". He also serves as the President of the WAGRI Council and the Director of NARO's Agricultural Data Collaboration, and facilitates the coordination between WAGRI and Japan's smart agriculture empirical Project. He is a key player in the Japanese government's efforts to promote the flow of agricultural data, and is committed to promoting the development of smart agriculture in Japan. Keio Research Institute at SFC website, https://www.kri.sfc.keio.ac.jp/ (last visited on 07/12/2021). [9]IoTNEWS, Building an ‘Agricultural Data Collaboration Platform’ Using Microsoft Azure Through Industry-government-academia Collaboration to Realize Digital Agriculture" 05/15/2017, https://iotnews.jp/archives/56366 (last visited on 07/12/2021). [10]Shinjo, Atsushi, "ICT changes society: Development of agricultural data collaboration platform and future plans, Technology and Promotion : Journal of the National Council of Agricultural Promotion and Staff Council Organization, December, pp. 24-26 (2017); Technology Policy Office, Ministry of Agriculture, Forestry and Fisheries, "Construction of agricultural data collaboration platform", 2018/09,http://www.affrc.maff.go.jp/docs/smart_agri_pro/attach/pdf/smart_agri_pro-15.pdf .(last visited on 07/12/2021). [11]"The Use of the Agricultural Data Collaboration Platform (WAGRI) Since FY2019", NARO website https://www.naro.go.jp/project/results/juten_fukyu/2018/juten01.html (last visited on 07/12/2021). , NARO website https://www.naro.affrc.go.jp/laboratory/rcait/wagri (last visited on 07/12/2021). [12]Same as Note 6; The SIP Phase 2 plan runs for a total of approximately five years, from the end of FY2017 to FY2022. [13]The construction of a smart food chain is one of the main research topics of the project. The members of the Smart Food Chain Alliance include: the Cabinet Secretariat, the Cabinet Office, the Ministry of Agriculture, Forestry and Fisheries, and other government organizations as observers, and more than 70 organizations as participants, including local governments, academic and research institutions, agricultural production corporations, wholesale markets, mid-marketers, logistics industries, retail businesses, manufacturers, and ICT providers (The representative of the Alliance is the Keio Research Institute at SFC), reference Note 13. SIP vol. 2, [Symposium on "Smart Bio-industry and Agricultural Technology" 2020 - Aiming to build a new smart food chain] 03/10/2020, WAGRI website, https://wagri.net/ja-jp/News/generalnews/2020/20200310 (last visited on 07/12/2021). [14]See FOOD AND AGRICULTURE ORGANIZASTION OF THE UNITED NATIONS [FAO], COVID-19 and Food Safety: Guidance for Food Businesses: Interim guidance (Apr. 7, 2020), http://www.fao.org/family-farming/detail/en/c/1275311/ (last visited Oct. 8, 2020). Food and Agriculture Organization of the United Nations and World Health Organization jointly issued Interim guidance for COVID-19 and Food Safety for competent authorities responsible for national food safety control systems, Chinese Academy of Inspection and Quarantine, http://www.caiq.org.cn/kydt/902625.shtml (last visited 07/12/2021). [15]WAGRI.info Office, "WAGRI.info (Food Guideline Collaboration System) website launched and began accepting business registration", 07/13/2020, https://kyodonewsprwire.jp/release/202007131927 (last visited on 07/12/2021). Japanese Food Guideline Collaboration System WAGRI.info website, https://www.wagri.info/ (last visited on 07/12/2021). [16]Smart Agriculture Common Information Platform Website, https://agriinfo.tari.gov.tw/ (last visited 07/12/2021); "Smart Agriculture 4.0 Common Information Platform Construction (Phase II) Results Presentation", 12/12/2019, Smart Agriculture Website, https://www.intelligentagri.com.tw/xmdoc/cont?xsmsid=0J141518566276623429&sid=0J338358950611186512, (last visited on 07/12/2021).

On the development of cyber insurance market: a legal aspect

1.Introduction Cyber insurance is one of the effective tools to transfer cyber and IT security risk and minimize potential financial losses. Take the example of Sony’s personal information security breach, Sony made a cyber insurance claim to mitigate the losses. In Taiwan, the cyber insurance market demand was driven by Taiwan’s Personal Information Protection Act (PIPA) which was passed in April 2010 and implemented in Oct 2012. According to PIPA, a non-government agency including the natural persons, juridical persons, or group shall be liable for the damages caused by their illegal collection, processing or using of personal information or other ways of infringement on the rights of the individual whose personal information was collected, processed or used. The non-government agency may thus pay each individual NT$500 to NT$20,000 and the total compensation amount in each case may be up to NT $200 million if there is no evidence for actual damage amount. However, the cyber insurance market does not prosper as expected one hand because of the absence of incentives of insurance companies to develop and promote the cyber-insurance products and on the other hand because of the unaffordable price that deters many companies from buying the insurance. Some countries have tried to identify the incentives and barriers for the cyber insurance market and have taken some measurements to kick start its development. In this paper, the barriers for the cyber insurance market were addressed and how American government promoted this market was mentioned. Finally, suggestions on how to stimulate the cyber insurance market growth were proposed for reference. 2.What is cyber insurance? Insurance means the parties concerned agree that one party pays a premium to the other party, and the other party is liable for pecuniary indemnification for damage caused by unforeseeable events or force majeure1. Thus, the cyber insurance means the parties concerned agree that one party pays a premium to the other party, and the other party is liable pecuniary indemnification for damage caused by cyber security breach. The cyber insurance usually covers the insured's losses (or costs) and his liabilities to the third party. For example, the insured was to be liable for the damages caused by the unlawful disclosure of identifiable personal information belonging to the third party resulted from the insured's negligence. 2Typically, cyber insurance covers penalties or regulatory fines for data breaches, litigation costs and compensation arising from civil suits filed by those whose rights are infringed, direct costs to notify those whose personal data was illegal collected, processed or used and so on. 3 3.What are the barriers for cyber insurance market? Per the report made by European Network and Information Security Agency in2012, the following issues have significant influence on incentives of insurers to design and provide cyber –insurance products, including uncertainty about the extent of risk and lack of robust actuarial data, uncertainty about what risk is being insured, fast-paced nature of the use of technology, little visibility on what constitutes effective measures, absence of insurer of last resort to re-insure catastrophic risks, and perception that existing insurance already covers cyber-risks 4. In Taiwan, insurance companies face the same issues as mentioned above when they tried to develop and promote the cyber-insurance products. However, what discourages the insurance and re-insurance companies from investing in the cyber-insurance market most is the lack of accurate information to figure out the costs associated with different information security risk and thus to price the cyber insurance contract precisely. Several cases involving personal data breach did happened after Taiwan’s PIPA became effective on Oct 1th 2012, but few verdicts have been made. It is not easy to master the direct costs or losses resulting from violation of PIPA, including penalties or fines from regulator,, compensation to the parties of the civil suit who claim their personal data were unlawfully collected, processed or used, litigation costs and so on. Otherwise, indirect costs or losses such as media costs, costs to regain reputation or trust of consumers, costs of deployment of proper technical measures to prevent the data breach from happening again etc. are difficult to calculate. Therefore, it is not easy to identify the costs of information security risk and thus to calculate the premium the insured has to pay precisely. The rapid development of technology also has a negative impact on the ability of the insurers to master the types of the information security risk which shall be insured and its costs. Accompanied with the convenience and efficiency of applying new technologies into the working environment, security issues arise, too. For example, the loss or theft of mobile or portable devices may result in data breaches. In 2012, an unencrypted laptop computer with personal information and other sensitive information of one of NASA's employees was stolen from his locked vehicle and this led to thousands of NASA's workers and contractors at risk. 5And, per the report made by a NASA inspector, similar data breaches had been resulted from the lost or theft of 48 NASA laptops and mobile computing devices between April 2009 and April 2011. 6 There is no singe formula which could guarantee 100% security, but some international organizations have promulgated best practices for information security management, such as ISO 2700x standards. 7In Taiwan, Bureau of Standards, Metrology and Inspection (BSMI) which belongs to the Ministry of Economic also consulted ISO standards and announced Chinese National Standards on information security. For example, BSMI consulted ISO 27001 “Information technology – Security techniques – Information security management systems – Requirements” and then promulgated CNS27001. Theoretically, if the company who tries to buy cyber insurance policy that covers data breaches and damages to customers' data privacy can show that it has adopted and do implement the suite of security management standards well, the premium could properly be reduced because such company shall face less security risk. 8 However, it is still not easy to price the cyber insurance contract rightly because of no enough data or evidence which could approve what constitutes effective information security measures as well as no impartial, controversial or standard formula to value intangible assets like personal or sensitive information. 9 Finally, the availability of re-insurance programs plays an important role in the cyber insurance market because insurers would appeal to such program as a strategy of risk management. The lack of solid and actual data as mentioned above would discourage re-insurers from providing insurance policies that covers the insured’s losses and liabilities. Therefore, insurers may not be keen to develop and offer cyber insurance products. 4.The USA experience on developing cyber insurance market 4.1Current market status Due to the increase of the number of data breaches, cyber attacks, and civil suits filed by those whose data were illegal disclosed to third parties, more and more enterprises recognize the importance of cyber and privacy risks and turning to cyber insurance to minimize the potential finical losses. 10 However, the increased government focus on cyber security also contributed to the rapidly growth of the cyber insurance market. 11 For example, US Department of Homeland Security has been aware of the benefits of the cyber insurance, including encouraging better information security management, reducing the finical losses that a company has to face due to the data breach and so on. 12 Compared to other lines of insurance, cyber insurance market is not mature yet and is small in USA. For example, the gross premiums for medical malpractice insurance are more than 10% of that for cyber insurance market. However, the cyber insurance market certainly appears to grow rapidly. Per the survey made by Corporate Board Member & FTI Consulting, 48% of corporate directors and 55% of general counsel take highly of the issue of data security. 13And, per the report made by Marsh, there are more and more companies buying cyber insurance to cover financial losses due to the data breach or cyber attack, and the number of Marsh’s US clients purchasing cyber insurance increased 33% in 2012 over 2011. 14 4.2What contributed to the growth of the cyber insurance market in USA? Some measurements taken by the government or regulatory intervention had impacts on the incentives of companies to carry cyber insurance. CF Disclosure Guidance published by U.S. Securities and Exchange Commission in Oct 2011 mentioned that except the operation and financial risks, public companies shall disclose the cyber security risks and cyber incidents for such risks and incidents may result in severe finical losses and thus have a board impact on their financial statements. 15 And, according to the guidance, appropriate disclosures may includes risk factors and this potential costs and consequences, cyber incidents experienced or expected and theirs costs and consequences, undetected risks related to cyber incidents, and the relevant insurance coverage. 16 Such disclosure requirements triggered the demands for the cyber insurance products because cyber insurance as an effective tool to transfer financial losses or damages could be an evidence that firms are managing cyber security risks well and properly. 17 The demand for cyber-insurance products may be created by government by means of requiring government contractors and subcontractors to purchase cyber insurance under Federal Acquisition Regulations (FAR) which mentions that contractors are required by law and FAR to provide insurance for certain types of perils 18. Also, in order to sustain the covered critical infrastructure (CCI) designation, the owner of such infrastructure may need to carry cyber insurance, too. 19 On the other hand, referring to Support Anti-Terrorism by Fostering Effective Technologies Act of 2002 which requires those who provides Federal and non-Federal Government customers with a qualified/certificated anti-terrorism technologies shall obtain liability insurance of such types but the amount of such insurance shall be reasonable and will not distort the sales price of such technologies 20, the federal government tried to draw and enact legislation that provides limitations on cyber security liability 21. If it works, this could raise the incentive of insurers because amounts of potential financial losses which may be transferred to insurers are predictable. Besides, referring to Terrorism Risk Insurance Act of 2002 which established the terrorism insurance program to provide compensations to insurers who suffered the insured losses due to terrorist attacks 22, the federal government may increase the supply of cyber insurance products by means of providing compensations to insurers who suffered the insured losses due to cyber security breach or cyber attacks. 23 Otherwise, some experts and stakeholders did suggest the federal government implement reinsurance programs to develop cyber insurance programs. 24 Finally, to solve the problem of information asymmetry, the government tried to develop the legislation that could build a mechanism for information-sharing among private entities. 25 Also, it was recommended that the federal government may consider to allow insurance firms to establish an information-sharing database together so that insurers could accordingly develop better models to figure out cyber risks and price the cyber insurance contract accurately. 26 5.Suggestions and conclusion Compared to USA where 30-40 insurers offer cyber-insurance products and thus suggested that a more mature market exists 27, the cyber insurance market in Taiwan is still at the first stage of the product life cycle. Few insurers have introduced their cyber-insurance products covering the issues related to the personal information breach. Per the experience how US government developed the cyber insurance market, the following suggestion are made for reference. First, the government may consider requiring his contractors and subcontractors to carry cyber insurances. This could stimulate the demand for cyber insurance products as well as make cyber insurance prevail among private sector as an effective risk management tool. Second, the government may consider establishing re-insurance program to offer compensation to those who suffer the insured’s large losses and damages or impose limitations of the amount insured by law. However, it is undeniable that providing re-insurance program is not feasible as the government’s budget is not abundance. Finally, an information-sharing mechanism, including information on cyber attacks an cyber risks, may be helpful to solve the problem of information asymmetry. 1.Insurance Act §1 (R.O.C, 2012). 2.European Network and Information Security Agency, Incentives and barriers of the cyber insurance market in Europe , June 2012, at 8, http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/incentives-and-barriers-of-the-cyber-insurance-market-in-europe. 3.Ben Berkowitz, United States: insurance-cyber insurance, C.T.L.R. 2012, 18(7), N183. 4.Supra note2, at 19-25. 5.Mathew J. Schwartz, Stolen NASA laptop had unencrypted employee data , InformationWeek, November 15, 2012 11:17 AM, http://www.informationweek.com/security/attacks/stolen-nasa-laptop-had-unencrypted-emplo/240142160;Ben Weitzenkorn, Stolen NASA laptop prompts new security rules, TechNewsDaily , November 15 2012 11:35 AM, http://www.technewsdaily.com/15482-stolen-nasa-laptop.html. 6. Irene Klotz, Laptop with NASA workers' personal data is stolen, CAPE CANAVERAL, Nov 14, 2012 8:47pm, http://www.reuters.com/article/2012/11/15/us-space-nasa-security-idUSBRE8AE05F20121115. 7.The Government of the Hong Kong Special Administrative Region , An overview of information security standards, Feb 2008, at 2, http://www.infosec.gov.hk/english/technical/files/overview.pdf;Supra note2, at 21. 8.Supra note2, at 21-22. 9.Id. 10.Id. 11.Id. 12.U.S. Department of Homeland Security, Cyber security insurance workshop readout report, Nov 2012, at 1, http://www.dhs.gov/sites/default/files/publications/cybersecurity-insurance-read-out-report.pdf. 13.John E. Black Jr., Privacy liability and insurance developments in 2012, 16 No. 9 J. Internet L. 3, 12 (2013). 14.Marsh, Number of companies buying cyber insurance up by one-third in 2012, March 14, 2013, http://usa.marsh.com/NewsInsights/MarshPressReleases/ID/29878/Number-of-Companies-Buying-Cyber-Insurance-Up-by-One-Third-in-2012-Marsh.aspx. 15.U.S. Securities and Exchange Commission, CF Disclosure Guidance: Topic No. 2 Cybersecurity, October 13, 2011, http://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm. 16.Id. 17.Supra note2, at 6.(last visited Dec. 31, 2012) 18.Federal Acquisition Regulations §28.301. 19.E. Paul Kanefsky, Insuring against cyber risks: congress and president Obama weigh in, March 2012, http://www.edwardswildman.com/newsstand/detail.aspx?news=2812. 20.Support Anti-Terrorism by Fostering Effective Technologies Act of 2002 §864. 21.Supra note19. 22.Terrorism Risk Insurance Act of 2002 §103. 23.Supra note19. 24.Id. 25.Id. 26.Id. 27.Supra note2.

Japanese Virtual Currency Transaction Law System – with “Payment Services Act” as the Core

  In recent years, because of the uncertainty of the positing of virtual currency under law, the issues of transparency and security etc. arising out in connection therewith are emerging, and the incidents of money-laundering, terrorist attack and investor fraud involving therewith lead to concerns of various countries.   Therefore, the new change in Japanese legislations relating to virtual currency exchange service providers falls mainly in the effect of amended contents of “Payment Services Act” and “Act on Prevention of Transfer of Criminal Proceeds”. The reasons for amendment to the legislations are such that virtual currency transaction involves the exchange with statutory currency, and is the outlet/ inlet of the existing financial system; therefore it is necessary to have the virtual currency exchange service providers be supervised[1]. Essential points involving the amendments are stated as follows: 1. Payment Services Act   The keys to the amendment to Payment Services Act (hereinafter referred to as the “Act”) are the Act recognizes that virtual currency has the nature of property and inputs the registration system for the exchange service providers, and provides relevant supervisory regulations. (1) Definition of virtual currency   As defined in items 1 and 2 of Paragraph 5 of Article 2 of the amended Payment Services Act, virtual currency can be divided into two kinds, but is limited to that which is recorded on an electronic device or any other object by electronic means, and excludes the domestic (Japanese) currency, foreign currency and currency-denominated assets[2]. ① It has 3 elements as follows: It can be used in relation to unspecified persons for the purpose of payment consideration for the purchase or leasing of goods or the receipt of provision of services. It can be purchased from and sold to unspecified persons. Its property value can be transferred by means of an electronic data processing system. ② Its property value can be mutually exchanged with other virtual currency and can be transferred by means of an electronic data processing system.   In addition, some authors[3] consider that virtual currency is equivalent to the use of blockchain technology. However, according to the definition after the amendment to laws in Japan, the definition of virtual currency is based the judgment of the above elements rather than the use of blockchain technology. (2) Input of registration system for virtual currency exchange service providers   Pursuant to Paragraph 7 of Article 2 of the Payment Services Act, “Exchange Service” is defined as the operation of exchange, agency or management activities. No person may engage in the virtual currency exchange service unless the person is registered[4] with the competent authority (Article 63-2 of the Act). A person who has conducted the virtual currency exchange service without obtaining the registration is subject to imprisonment for not more than three years or a fine of not more than three million yen or both based on Subparagraphs 2, 5 of Article 107 of the Act. (3) Mechanism of users protection:   The purpose of the amendment is to take countermeasures for the risks generated from virtual currency exchange, such as pecuniary loss caused by insufficient information, the loss incurred in the custody of users’ property, and disclosure of personal information of users)[5]. Discussions are divided into 4 points. ① Information security management A virtual currency exchange service provider must take necessary measures for information security management (Article 63-8 of the Act) ② Measures for users protection A virtual currency exchange service provider must take relevant protective measures for users, including the provision of explanation for misunderstood transaction and information about contents of transaction (Article 63-10 of the Act) ③ Separate management of property A virtual currency exchange service provider must manage its own property separately from the money or virtual currency of the users, and must retain a certified public accountant or an audit corporation to periodically conduct the external financial audit (Article 63-11 of the Act) ④ Designated Dispute Resolution Organization Referring to financial ADR system, the complaint or dispute matter of users shall be concluded by the Designated Dispute Resolution Organization (Article 63-12 of the Act) (4) Supervision over virtual currency exchange service providers:   As regulated by Articles 63-13 ~ 63-20 of the new Payment Services Act, essential contents of supervisory requirements for virtual currency exchange service providers are stated below: ①The obligation to prepare and maintain books and documents ②Annual financial reports ③The authority of the Prime Minister to inspect relevant business ④The Prime Minister orders a virtual exchange service provider to conduct business improvement. ⑤The Prime Minister may revoke the registration of a virtual currency exchange service provider who has obtained the registration through illegal or wrongful means. (5) Penalty for violation of obligations   The existing penalties under articles 107~109 and articles 112~117 of the Payment Services Act also apply to virtual currency exchange service providers. The causes of violation of obligations and corresponding penalties are summarized as follows: ① Any person who has not obtained registration or has obtained registration through wrongful means or by use of other’s name is subject to imprisonment for not more than three years or a fine of not more than three million yen, or both (Article 107 of the Act) ② An exchange service provider who has violated the separate management of property or has violated the disposition of suspension of operation is subject to imprisonment for not more than two years or a fine of not more than three million yen, or both (Article 108 of the Act). ③ Any person who has failed to prepare or has falsely prepared books, reports, attachment and documents or has refused to answer the questions or has refused to accept or has hindered the business inspection is subject to imprisonment for not more than one years or a fine of not more than three million yen, or both (Article 109 of the Act) ④ A person who fails to take necessary measure for improving its operation is subject to a fine of not more than one million yen. 2. Act on Prevention of Transfer of Criminal Proceeds   In order to prevent from money-laundering, the legitimacy of fund sources must be assured. The amended “Act on Prevention of Transfer of Criminal Proceeds” (hereinafter referred to as the “Act”) incorporates the virtual currency exchange service providers as “specified business operators” and imposes them with the following main obligations: (1) The obligation to confirm user identification (Article 4 of the Act) (2) The obligation to confirm and preserve transaction records (Articles 6 & 7 of the Act) (3) The obligation to report suspicious transactions (Article 11 of the Act)   The above are major contents of the amendments to legislations in relation to virtual currency exchange service providers in Japan. The purposes of the amendment are to promote the innovation of virtual currency operators and the balanced development with consumer protection. Therefore, they are included in the Payment Services Act and are subject to similar supervision as with electronic bill and Funds Transfer Service[6]. The reorganization of virtual currency system in Japan has stepped forward. However, the application of actual operation needs continual follow-up and observation, so as to be used as reference for the relevant law system of our country. [1]Financial System Council, The Working Group on Payments and Transaction Banking of the Financial System Council, P27. [2]Currency-Denominated Assets, Assets denominated in currency refers to the “Currency-Denominated Assets” in Japanese and defined in the Payment Services Act: as used in this Act means assets which are denominated in the Japanese currency or a foreign currency, or for which performance of obligations, refund, or anything equivalent thereto (hereinafter referred to as "performance of obligations, etc." in this paragraph) is supposed to be made in the Japanese currency or a foreign currency. In this case, assets for which performance of obligations, etc. is supposed to be made by means of Currency-Denominated Assets are deemed to be Currency-Denominated Assets. [3] <Improvement System of Virtual Currency>, Daiwa Institute of Research, see website:, http://www.dir.co.jp/research/report/law-research/financial/20160520_010904.pdf#search=%27%E4%BB%AE%E6%83%B3%E9%80%9A%E8%B2%A8+%E8%B3%87%E9%87%91%E6%B1%BA%E6%B8%88%E3%81%AB%E9%96%A2%E3%81%99%E3%82%8B%E6%B3%95%E5%BE%8B+%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%83%81%E3%82%A7%E3%83%BC%E3%83%B3%27 (Last browse date: 12/07/2017) [4]Article 63-2 of the Payment Service Act provides the registration with the Prime Minister; however, in practical operation, the operators shall apply for registration with the local financial bureau. [5]Financial System Council, The Working Group on Payments and Transaction Banking of the Financial System Council, P29. [6]In the Payment Services Act of Japan, it is specified that the remittance business engaged by a non-banking provider was officially named as “Funds Transfer Service”, in which business contents aim at the third payment works. Financial Research Development Funds Management Committee, “Study of the industrial development and management between international non-financial institution payment services”, written by Kuo Chen-Chung and Hsu Shih-Chin, pp60~61(2015).

Legal Aspects and Liability Issues Concerning Autonomous Ships

Legal Aspects and Liability Issues Concerning Autonomous Ships   All sectors of business and industry are transforming into digital society, and maritime sector is not out of the case. But the new thing is the remote control ships or fully automatics ships are becoming a reality.   Remote control ships and autonomous ships will be a tool to reach safety, effectiveness, and economical goal. However, as it intends to take over human element in the maritime industry, the implement of remote control ships or autonomous ships brings new legal issues and liability considerations.   This study aims to highlight some critical legal issues of autonomous ships to reader, but will not try to solve them or give clear answers. I. The Approach of International Maritime Organization   In order to solve issues from the deployment of autonomous ship, International Maritime Organization Maritime Safety Committee (MSC) has taken first steps to address autonomous ships. In the meeting of MSC 100, the committee approved the process of assessing IMO instruments to see how they may apply to ships with various degrees of autonomy.   For each instrument related to maritime safety and security, and for each degree of autonomy, provisions will be identified when: apply to MASS and prevent MASS operations; or apply to MASS and do not prevent MASS operations and require no actions; or apply to MASS and do not prevent MASS operations but may need to be amended or clarified, and/or may contain gaps; or have no application to MASS operations.   The degrees of autonomy identified for the purpose of the scoping exercise are: Degree one: Ship with automated processes and decision support: Seafarers are on board to operate and control shipboard systems and functions. Some operations may be automated and at times be unsupervised but the seafarers on board are ready to take control. Degree two: Remotely controlled ship with seafarers on board: The ship is controlled and operated from another location. Seafarers are available on board to take control and to operate the shipboard systems and functions. Degree three: Remotely controlled ship without seafarers on board: The ship is controlled and operated from another location. There are no seafarers on board. Degree four: Fully autonomous ship: The operating system of the ship is able to make decisions and determine actions by itself.   The initial review of instruments under the purview of the Maritime Safety Committee will be conducted during the first half of 2019 by a number of volunteering Member States, with the support of interested international organizations. MSC working group is expected to meet in September 2019 to move forward with the process with the aim of completing the regulatory scoping exercise in 2020.   The list of instruments to be covered in the MSC’s scoping exercise for MASS includes those covering safety (International Convention for the Safety of Life at Sea, SOLAS); collision regulations (The International Regulations for Preventing Collisions at Sea, COLREG); loading and stability (International Convention on Load Lines, Load Lines); training of seafarers and fishers (International Convention on Standards of Training, Certification and Watchkeeping for Seafarers, STCW); search and rescue (International Convention on Maritime Search and Rescue, SAR); tonnage measurement (International Convention on Tonnage Measurement of Ships, Tonnage Convention); Safe Containers (International Convention for Safe Containers, CSC); and special trade passenger ship instruments (Special Trade Passenger Ships Agreement, STP).   IMO will also develop guidelines on MASS trial. The guideline include ensuring that such guidelines should be generic and goal-based, and taking a precautionary approach to ensuring the safe, secure and environmentally sound operation of MASS. Interested parties were invited to submit proposals to the next session of the Committee for the future development of the principles. II. Other Legal issues concerning Autonomous Ships   In March 2017, the (Comité Maritime International, CMI) Working Group on Unmanned Ships circulated a questionnaire. The questionnaire aimed to identify the nature and extent of potential obstacles in the current international legal framework to the introduction to (wholly or partly) unmanned ships. The questionnaire can be summarized into the following legal issues. The legal definition and registration of the remote control ship and autonomous ship The definition of remote control or autonomous ship is based on the purpose of each individual convention. Current international conventions regulating ships do not generally contain recognized definition of the “Ship” and “Vessel”. However, due to its geographical feature, countries tend to have different safety requirement for ships; therefore, even the definition of remote control or autonomous ships given by international regulations, may not be accepted by national register of ships. For example, according to the reply to the questionnaire from Argentina association of maritime law, Argentina Navigation Act prescribes that in order to register a ship in the Argentine Register, regulatory requirements regarding construction and seaworthiness must be fulfilled. However, there are no rules regarding the registration of remote control ships or autonomous ships, as current act are based on the existence of crew on board. The unmanned ships would not be registered by Argentina Registry of ships. At present, the fragmentation of the definition and registration of ships can affect the deployment and application of remote control ships or autonomous ships. Due to the feature of shipping, which is related to the global transportation network, the definition and registration issue had better be solved at international level by International Maritime Organization (IMO). Legal issue of the seafarer International Convention on Standard of Training Certification and Watchkeeping (STCW) 1978 sets minimum qualification standard for masters, officers and watch personnel on seagoing merchant ships and large yachts. In the sight of replacing human operator on board with machine, will the convention find no application to remotely controlled or autonomous unmanned ships? The research of CMI points out the maritime law associations of Finland, Panama and United State assume that the STCW convention would likely apply to shore-based personnel as well in excepted circumstances where there is no new specific legislation. And the British maritime law association states that regardless of whether STCW would apply to unmanned operation or not, it is clear that certain provisions on training and competence would not apply to shore-based controller and other personnel. Japanese maritime association also states that although the convention does not find application to a remotely controlled unmanned ship, certain rules requiring watchkeeping officers to be presented may nevertheless arguably be interpreted to render an unmanned ship in breach of STCW and to that extent be applicable to unmanned ships. Therefore the amendment of convention seems inevitable. Standing on the other side, the Institute of Marine Engineering Science & Technology recommended that pairing human with machine effectively to enhance human intelligence and performance rather than totally replacing human is an area that should not be overlooked. Even if the application of unmanned ships comes in reality, seafarer skill will still remain an essential component in the long term future of the shipping sector. The minimum qualification of masters, officers and watch personnel may not need to be changed. Human error has been used to create a blame culture towards the workforce at sea, and it also results from poor implementation/ introduction/ preparation for new technology. Many studies show that seafarers are worried about the impact of autonomous ships. If the development of autonomous ships means replacing all the human elements on ships, people who work in marine sector will not accept those novel technologies easily, and this won’t lead to a safer future of maritime industry. Safety requirement of the remote control ship and autonomous ship Rule 8 (a) and rule 5 of the international regulation for preventing collisions at sea, 1972(COLREGS) require the operation of ships to comply with the duty of “good seamanship”, “proper lookout”. These rules are based on the operation by human, thus, leading to the following two questions: (1) Would the operation of unmanned ship contrary to the duty of “good seamanship”? The duty of good seamanship emphasizes the importance of human experiences and judgments in the operation of a vessel, and the adaptability of responses provided by good seamanship. Whether an autonomous ship would be able to reach this level of adaptive judgment would depend on the sophistication of its autonomous system. According to CMI’s research, the maritime law associations of countries including Argentina, British, Canada, China, German, Japan and Panama emphasize the requirement that autonomous ship must be at least as safe as ships operated by a qualified crew. (2) Would the proper lookout sets in rule 5 satisfied by camera and aural censoring equipment? COLREG rule 5 has two vital elements. First, crew on the bridge should pay attention to everything, not just looking ahead out of the bridge windows but looking all around the vessel, using all senses and all personnel equipment. Second, use all information continuously to assess the situation your vessel is in and the risk of collision. In this context, if the sensors and transmission equipment are sufficient to enable an appraisal of the information received in a similar manner available as if the controller was on board, then Rule 5 should be considered satisfied. However, it is unlikely that fully autonomous ship could comply with rule 5. It depends on the sophistication of its autonomous system. If the technology is unlikely at present to provide as equivalent spatial awareness and appreciation of the vessel’s positon as there are human on board, then rule 5 would not be considered fulfilled. Liability Liability is an important issue which is frequently mentioned in the area of autonomous ship. According to the study of MUNIN in 2015, liability issue of autonomous ship might arise under the following situations: (1) Deviation Suppose a ship was navigating autonomously, and the deviation of the system caused collision damage, how might liability be apportioned between ship-owner and the manufacturers? According to the research of CMI, 10 maritime law associations stated that under its domestic law, the third party may have a claim against the manufactures. (British, Canada, China, Croatia, Dutch, French, Germany, Italy, Spain, Malta) They may do so in tort if negligence on the part of manufacturers can be proved and if this can be shown to be causative of the damage. In European Union, third parties may also claim under Council Directive 85/374/EEC of 25 July 1985 on the approximation of the laws, regulations and administrative provisions of the Member State concerning liability for defective products. (2) Limitation of liability Article 1 of the 1976 convention on limitation of liability of owner of ships provides that ship-owner may limit their liability to all claims arising from any incident. The size of limitation is based upon the tonnage of the ship. Within the convention, the term ship-owner is held to include the ship’s owner, charterer, manager or operator. International conventions dealing with limitation of liability are phrased in neutral terms with regard to the presence of a master or crew; therefore, circumstances in which a ship has no person on board do not appear to undermine the operation of those conventions. (3) Bill of lading Bill of lading is a written document signed on behalf of the owner of ship in which goods are embarked, and the ship-owner acknowledges the receipt of the goods, and undertakes to deliver them at the end of voyage. Typically, the shipper will sign the bill of lading along with the owner of the cargo at the point that shipper takes carriage of the cargo in question. The bill of the lading will then be signed by the cargo’s recipient once it has reached its destination. In other words, the document accompanies the cargo all the time, and is signed by the owner, shipper and recipient. It will generally describe the nature and quantity of goods being shipped. A question arises as in the absence of a master or any crew on board the ship, how will the bill of lading be signed by ship’s master? III. Conclusion   The shipping industry is a rich, highly complex and diverse industry, which has a history of both triumph and tragedy in its adoption of technology. In light of the potential for the remote and autonomous ship, and for the sake of contributing to the assurance of safe and efficient operation, it is better to understand the impact on the industry. The taxonomy of automation between human and machine is vast and complex, especially in the sector of law.   Therefore, before the system can reach fully autonomy and undertake independent, our law should be ready. IV. Reference [1] Comité Maritime International, Maritime Law for Umanned Ships, 2017, available at https://comitemaritime.org/work/unmanned-ships/ (last visited Dec. 25, 2018) [2] MUNIN, D9.3: Quantitative Assessment, Oct. 10, 2015, available at http://www.unmanned-ship.org/munin/news-information/downloads-information-material/munin-papers/ (last visited Dec. 25, 2018) [3] Martime Digitalisation & Communication, MSC 100 set to review MASS regulations, Oct. 23, 2018, available at https://www.marinemec.com/news/view,msc-100-set-to-review-mass-regulations_55609.htm (last visited Dec. 25, 2018) [4] IMAREST, Autonomous Shipping-Putting the human back in the headline, April. 2018, available at https://www.imarest.org/policy-news/institute-news/item/4446-imarest-releases-report-on-the-human-impact-of-autonomous-ships (last visited Dec. 25, 2018) [5] Danish Martime Authority, Analysis of regulatory barriers to the use of autonomous ships(Final Report), Dec. 2017, available at https://www.dma.dk/Documents/Publikationer/Analysis%20of%20Regulatory%20Barriers%20to%20the%20Use%20of%20Autonomous%20Ships.pdf (last visited Dec. 25, 2018)

TOP