Taiwan Announced the Biobanks Regulations and Management Practices

The use of automated facial recognition technology and supervision mechanism in UK I. Introduction 　　Automatic facial recognition (AFR) technology has developed rapidly in recent years, and it can identify target people in a short time. The UK Home Office announced the "Biometrics Strategy" on June 28, 2018, saying that AFR technology will be introduced in the law enforcement, and the Home Office will also actively cooperate with other agencies to establish a new oversight and advisory board in order to maintain public trust. AFR technology can improve law enforcement work, but its use will increase the risk of intruding into individual liberty and privacy. 　　This article focuses on the application of AFR technology proposed by the UK Home Office. The first part of this article describes the use of AFR technology by the police. The second part focuses on the supervision mechanism proposed by the Home Office in the Biometrics Strategy. However, because the use of AFR technology is still controversial, this article will sort out the key issues of follow-up development through the opinions of the public and private sectors. The overview of the discussion of AFR technology used by police agencies would be helpful for further policy formulation. II. Overview of the strategy of AFR technology used by the UK police 　　According to the Home Office’s Biometrics Strategy, the AFR technology will be used in law enforcement, passports and immigration and national security to protect the public and make these public services more efficient[1]. Since 2017 the UK police have worked with tech companies in testing the AFR technology, at public events like Notting Hill Carnival or big football matches[2]. 　　In practice, AFR technology is deployed with mobile or fixed camera systems. When a face image is captured through the camera, it is passed to the recognition software for identification in real time. Then, the AFR system will process if there is a ‘match’ and the alarm would solicit an operator’s attention to verify the match and execute the appropriate action[3]. For example, South Wales Police have used AFR system to compare images of people in crowds attending events with pre-determined watch lists of suspected mobile phone thieves[4]. In the future, the police may also compare potential suspects against images from closed-circuit television cameras (CCTV) or mobile phone footage for evidential and investigatory purposes[5]. 　　The AFR system may use as tools of crime prevention, more than as a form of crime detection[6]. However, the uses of AFR technology are seen as dangerous and intrusive by the UK public[7]. For one thing, it could cause serious harm to democracy and human rights if the police agency misuses AFR technology. For another, it could have a chilling effect on civil society and people may keep self-censoring lawful behavior under constant surveillance[8]. III. The supervision mechanism of AFR technology 　　To maintaining public trust, there must be a supervision mechanism to oversight the use of AFR technology in law enforcement. The UK Home Office indicates that the use of AFR technology is governed by a number of codes of practice including Police and Criminal Evidence Act 1984, Surveillance Camera Code of Practice and the Information Commissioner’s Office (ICO)’s Code of Practice for surveillance cameras[9]. (I) Police and Criminal Evidence Act 1984 　　The Police and Criminal Evidence Act (PACE) 1984 lays down police powers to obtain and use biometric data, such as collecting DNA and fingerprints from people arrested for a recordable offence. The PACE allows law enforcement agencies proceeding identification to find out people related to crime for criminal and national security purposes. Therefore, for the investigation, detection and prevention tasks related to crime and terrorist activities, the police can collect the facial image of the suspect, which can also be interpreted as the scope of authorization of the  PACE. (II) Surveillance Camera Code of Practice 　　The use of CCTV in public places has interfered with the rights of the people, so the Protection of Freedoms Act 2012 requires the establishment of an independent Surveillance Camera Commissioner (SCC) for supervision. The Surveillance Camera Code of Practice  proposed by the SCC sets out 12 principles for guiding the operation and use of surveillance camera systems. The 12 guiding principles are as follows[10]: A. Use of a surveillance camera system must always be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need. B. The use of a surveillance camera system must take into account its effect on individuals and their privacy, with regular reviews to ensure its use remains justified. C. There must be as much transparency in the use of a surveillance camera system as possible, including a published contact point for access to information and complaints. D. There must be clear responsibility and accountability for all surveillance camera system activities including images and information collected, held and used. E. Clear rules, policies and procedures must be in place before a surveillance camera system is used, and these must be communicated to all who need to comply with them. F. No more images and information should be stored than that which is strictly required for the stated purpose of a surveillance camera system, and such images and information should be deleted once their purposes have been discharged. G. Access to retained images and information should be restricted and there must be clearly defined rules on who can gain access and for what purpose such access is granted; the disclosure of images and information should only take place when it is necessary for such a purpose or for law enforcement purposes. H. Surveillance camera system operators should consider any approved operational, technical and competency standards relevant to a system and its purpose and work to meet and maintain those standards. I. Surveillance camera system images and information should be subject to appropriate security measures to safeguard against unauthorised access and use. J. There should be effective review and audit mechanisms to ensure legal requirements, policies and standards are complied with in practice, and regular reports should be published. K. When the use of a surveillance camera system is in pursuit of a legitimate aim, and there is a pressing need for its use, it should then be used in the most effective way to support public safety and law enforcement with the aim of processing images and information of evidential value. L. Any information used to support a surveillance camera system which compares against a reference database for matching purposes should be accurate and kept up to date. (III) ICO’s Code of Practice for surveillance cameras 　　It must need to pay attention to the personal data and privacy protection during the use of surveillance camera systems and AFR technology. The ICO issued its Code of Practice for surveillance cameras under the Data Protection Act 1998 to explain the legal requirements operators of surveillance cameras. The key points of ICO’s Code of Practice for surveillance cameras are summarized as follows[11]: A. The use time of the surveillance camera systems should be carefully evaluated and adjusted. It is recommended to regularly evaluate whether it is necessary and proportionate to continue using it. B. A police force should ensure an effective administration of surveillance camera systems deciding who has responsibility for the control of personal information, what is to be recorded, how the information should be used and to whom it may be disclosed. C. Recorded material should be stored in a safe way to ensure that personal information can be used effectively for its intended purpose. In addition, the information may be considered to be encrypted if necessary. D. Disclosure of information from surveillance systems must be controlled and consistent with the purposes for which the system was established. E. Individuals whose information is recoded have a right to be provided with that information or view that information. The ICO recommends that information must be provided promptly and within no longer than 40 calendar days of receiving a request. F. The minimum and maximum retention periods of recoded material is not prescribed in the Data Protection Act 1998, but it should not be kept for longer than is necessary and should be the shortest period necessary to serve the purposes for which the system was established. (IV) A new oversight and advisory board 　　In addition to the aforementioned regulations and guidance, the UK Home Office mentioned that it will work closely with related authorities, including ICO, SCC, Biometrics Commissioner (BC), and Forensic Science Regulator (FSR) to establish a new oversight and advisory board to coordinate consideration of law enforcement’s use of facial images and facial recognition systems[12]. 　　To sum up, it is estimated that the use of AFR technology by law enforcement has been abided by existing regulations and guidance. Firstly, surveillance camera systems must be used on the purposes for which the system was established. Secondly, clear responsibility and accountability mechanisms should be ensured. Thirdly, individuals whose information is recoded have the right to request access to relevant information. In the future, the new oversight and advisory board will be asked to consider issues relating to law enforcement’s use of AFR technology with greater transparency. IV. Follow-up key issues for the use of AFR technology 　　Regarding to the UK Home Office’s Biometrics Strategy, members of independent agencies such as ICO, BC, SCC, as well as civil society, believe that there are still many deficiencies, the relevant discussions are summarized as follows: (I) The necessity of using AFR technology 　　Elizabeth Denham, ICO Commissioner, called for looking at the use of AFR technology carefully, because AFR is an intrusive technology and can increase the risk of intruding into our privacy. Therefore, for the use of AFR technology to be legal, the UK police must have clear evidence to demonstrate that the use of AFR technology in public space is effective in resolving the problem that it aims to address[13]. 　　The Home Office has pledged to undertake Data Protection Impact Assessments (DPIAs) before introducing AFR technology, including the purpose and legal basis, the framework applies to the organization using the biometrics, the necessity and proportionality and so on. (II)The limitations of using facial image data 　　The UK police can collect, process and use personal data based on the need for crime prevention, investigation and prosecution. In order to secure the use of biometric information, the BC was established under the Protection of Freedoms Act 2012. The mission of the BC is to regulate the use of biometric information, provide protection from disproportionate enforcement action, and limit the application of surveillance and counter-terrorism powers. 　　However, the BC’s powers do not presently extend to other forms of biometric information other than DNA or fingerprints[14]. The BC has expressed concern that while the use of biometric data may well be in the public interest for law enforcement purposes and to support other government functions, the public benefit must be balanced against loss of privacy. Hence, legislation should be carried to decide that crucial question, instead of depending on the BC’s case feedback[15]. 　　Because biometric data is especially sensitive and most intrusive of individual privacy, it seems that a governance framework should be required and will make decisions of the use of facial images by the police. (III) Database management and transparency 　　For the application of AFR technology, the scope of biometric database is a dispute issue in the UK. It is worth mentioning that the British people feel distrust of the criminal database held by the police. When someone is arrested and detained by the police, the police will take photos of the suspect’s face. However, unlike fingerprints and DNA, even if the person is not sued, their facial images are not automatically deleted from the police biometric database[16]. 　　South Wales Police have used AFR technology to compare facial images of people in crowds attending major public events with pre-determined watch lists of suspected mobile phone thieves in the AFR field test. Although the watch lists are created for time-limited and specific purposes, the inclusion of suspects who could possibly be innocent people still causes public panic. 　　Elizabeth Denham warned that there should be a transparency system about retaining facial images of those arrested but not charged for certain offences[17]. Therefore, in the future the UK Home Office may need to establish a transparent system of AFR biometric database and related supervision mechanism. (IV) Accuracy and identification errors 　　In addition to worrying about infringing personal privacy, the low accuracy of AFR technology is another reason many people oppose the use of AFR technology by police agencies. Silkie Carlo, director of Big Brother Watch, said the police must immediately stop using the AFR technology and avoid mistaking thousands of innocent citizens as criminals; Paul Wiles, Biometrics Commissioner, also called for legislation to manage AFR technology because of its accuracy is too low and the use of AFR technology should be tested and passed external peer review[18]. 　　In the Home Office’s Biometric Strategy, the scientific quality standards for AFR technology will be established jointly with the FSR, an independent agency under the Home Office. In other words, the Home Office plans to extend the existing forensics science regime to regulate AFR technology. 　　Therefore, the FSR has worked with the SCC to develop standards relevant to digital forensics. The UK government has not yet seen specific standards for regulating the accuracy of AFR technology at the present stage. V. Conclusion 　　From the discussion of the public and private sectors in the UK, we can summarize some rules for the use of AFR technology. Firstly, before the application of AFR technology, it is necessary to complete the pre-assessment to ensure the benefits to the whole society. Secondly, there is the possibility of identifying errors in AFR technology. Therefore, in order to maintain the confidence and trust of the people, the relevant scientific standards should be set up first to test the system accuracy. Thirdly, the AFR system should be regarded as an assisting tool for police enforcement in the initial stage. In other words, the information analyzed by the AFR system should still be judged by law enforcement officials, and the police officers should take the responsibilities. 　　In order to balance the protection of public interest and basic human rights, the use of biometric data in the AFR technology should be regulated by a special law other than the regulations of surveillance camera and data protection. The scope of the identification database is also a key point, and it may need legislators’ approval to collect and store the facial image data of innocent people. Last but not least, the use of the AFR system should be transparent and the victims of human rights violations can seek appeal. [1] UK Home Office, Biometrics Strategy, Jun. 28, 2018, https://www.gov.uk/government/publications/home-office-biometrics-strategy (last visited Aug. 09, 2018), at 7. [2] Big Brother Watch, FACE OFF CAMPAIGN: STOP THE MET POLICE USING AUTHORITARIAN FACIAL RECOGNITION CAMERAS, https://bigbrotherwatch.org.uk/all-campaigns/face-off-campaign/ (last visited Aug. 16, 2018). [3] Lucas Introna & David Wood, Picturing algorithmic surveillance: the politics of facial recognition systems, Surveillance & Society, 2(2/3), 177-198 (2004). [4] Supra note 1, at 12. [5] Id, at 25. [6] Michael Bromby, Computerised Facial Recognition Systems: The Surrounding Legal Problems (Sep. 2006)(LL.M Dissertation Faculty of Law University of Edinburgh), http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.197.7339&rep=rep1&type=pdf , at 3. [7] Owen Bowcott, Police face legal action over use of facial recognition cameras, The Guardian, Jun. 14, 2018, https://www.theguardian.com/technology/2018/jun/14/police-face-legal-action-over-use-of-facial-recognition-cameras (last visited Aug. 09, 2018). [8] Martha Spurrier, Facial recognition is not just useless. In police hands, it is dangerous, The Guardian, May 16, 2018, https://www.theguardian.com/commentisfree/2018/may/16/facial-recognition-useless-police-dangerous-met-inaccurate (last visited Aug. 17, 2018). [9] Supra note 1, at 12. [10] Surveillance Camera Commissioner, Surveillance camera code of practice, Oct. 28, 2014, https://www.gov.uk/government/publications/surveillance-camera-code-of-practice (last visited Aug. 17, 2018). [11] UK Information Commissioner’s Office, In the picture: A data protection code of practice for surveillance cameras and personal information, Jun. 09, 2017, https://ico.org.uk/for-organisations/guide-to-data-protection/encryption/scenarios/cctv/ (last visited Aug. 10, 2018). [12] Supra note 1, at 13. [13] Elizabeth Denham, Blog: facial recognition technology and law enforcement, Information Commissioner's Office, May 14, 2018, https://ico.org.uk/about-the-ico/news-and-events/blog-facial-recognition-technology-and-law-enforcement/ (last visited Aug. 14, 2018). [14] Monique Mann & Marcus Smith, Automated Facial Recognition Technology: Recent Developments and Approaches to Oversight, Automated Facial Recognition Technology, 10(1), 140 (2017). [15] Biometrics Commissioner, Biometrics Commissioner’s response to the Home Office Biometrics Strategy, Jun. 28, 2018, https://www.gov.uk/government/news/biometrics-commissioners-response-to-the-home-office-biometrics-strategy (last visited Aug. 15, 2018). [16] Supra note 2. [17] Supra note 13. [18] Jon Sharman, Metropolitan Police's facial recognition technology 98% inaccurate, figures show, INDEPENDENT, May 13, 2018, https://www.independent.co.uk/news/uk/home-news/met-police-facial-recognition-success-south-wales-trial-home-office-false-positive-a8345036.html (last visited Aug. 09, 2018).

Innovative Practice of Israel's Government Procurement 　　Government procurement is an important pillar of government services. Because of the huge number of government purchases, government procurement management play an important role in promoting public sector efficiency and building citizenship. Well-designed government procurement systems also help to achieve policy such as environmental protection, innovation, start-ups and the development of small and medium-sized enterprises. 　　Nowadays, countries in the world, especially OECD countries, have been widely practiced with innovative procurement to stimulate innovation and start-ups, and call Innovation procurement can deliver solutions to challenges of public interest and ICTs can play a major role in this. However, in the OECD countries, in addition to the advanced countries that have been developed, many developing countries have also used government procurement to stimulate national R & D and innovation with remarkable results. Israel is one of the world's leading technology innovation centers, one of the most innovative economies in the world, continues to leverage its own strengths, support of technology entrepreneurship and unique environment, an international reputation in the high-tech industry, the spirit of technological innovation and novelty. 　　Government procurement is a core element of the activities of Israeli government, agreement with suppliers and compliance with the Mandatory Tenders Law. The main challenge is how to ensure efficiency and maintain government performance while ensuring an equitable and transparent procurement process. Israel’s Mandatory Tenders Law has shown the central role played by the Israeli Supreme Court in creating and developing this law, even in the absence of any procurement legislation, based instead on general principles of administrative law. Once the project of creating a detailed body of public tendering law had been completed, and the legislator was about to step in, the Supreme Court was prepared to step out and transferring the jurisdiction to lower courts. The Knesset passed the Mandatory Tenders Law, and based on it the Government issued the various tendering regulations. Besides, Israel's various international agreements on government procurement, mainly GPA and other bilateral international agreements such as free trade agreements with Mexico and Colombia and free trade agreements and memoranda of understanding with the United States. The practical significance of these commitments can only be understood on the backdrop of Israel’s domestic preference and offset policies. These policies were therefore discussed and analyzed as they apply when none of the international agreements applies. 　　The Challenge Tenders "How to solve the problem of overcrowding in the emergency department and the internal medicine department?" is the first of a series of "problem solicitations" released by the Israeli Ministry of Health which seeks to find a digital solution to the public health system problem, questions from the government while avoiding preconceived prejudices affect the nature of the solution, allowing multiple innovative ideas from different fields to enter the health system, make fair and transparent judgments about the ideal solution to the problem. In order to ensure transparency and integrity, equality, efficiency and competition in the decision-making process, the tender proposed by the Israeli Ministry of Health defines a two-stage tender process. The Ministry of Health of Israel, in order to improve the quality of medical care, shorten the waiting time for hospitalized patients, protect the dignity of patients and their families with patients as its center, and ensure their rights, while alleviating the burden of hospital staff, so as to pass the targeted treatment areas reduce the gap between various residential areas. The Israeli government deals with these issues through challenging tenders and offers a digital solution combined with innovative ideas. The initiative proposed through the development of public service projects can raise the level of public services in the country and help the government to reduce costs and achieve the purpose of promoting innovation with limited conceptual, technical and financial capabilities. In addition, due to the online operation of the challenging tender process throughout the entire process, fair and transparent procedures can be ensured, while public-private partnerships are encouraged to facilitate the implementation of the implementation plan.

The Institutionalization of the Taiwan Personal Data Protection Committee - Triumph of Digital Constitutionalism: A Legal Positivism Analysis 2023/07/13 The Legislative Yuan recently passed an amendment to the Taiwan Personal Data Protection Act, which resulted in the institutionalization of the Taiwan Personal Data Protection Commission (hereunder the “PDPC”)[1]. This article aims to analyze the significance of this institutionalization from three different perspectives: legal positivism, digital constitutionalism, and Millian liberalism. By examining these frameworks, we can better understand the constitutional essence of sovereignty, the power dynamics among individuals, businesses, and governments, and the paradox of freedom that the PDPC addresses through governance and trust. I.Three Layers of Significance 1.Legal Positivism The institutionalization of the PDPC fully demonstrates the constitutional essence of sovereignty in the hands of citizens. Legal positivism emphasizes the importance of recognizing and obeying (the sovereign, of which it is obeyed by all but does not itself obey to anyone else, as Austin claims) laws that are enacted by legitimate authorities[2]. In this context, the institutionalization of the PDPC signifies the recognition of citizens' rights to control their personal data and the acknowledgment of the sovereign in protecting their privacy. It underscores the idea that the power to govern personal data rests with the individuals themselves, reinforcing the principles of legal positivism regarding sovereign Moreover, legal positivism recognizes the authority of the state in creating and enforcing laws. The institutionalization of the PDPC as a specialized commission with the power to regulate and enforce personal data protection laws represents the state's recognition of the need to address the challenges posed by the digital age. By investing the PDPC with the authority to oversee the proper handling and use of personal data, the state acknowledges its responsibility to protect the rights and interests of its citizens. 2.Digital Constitutionalism The institutionalization of the PDPC also rebalances the power structure among individuals, businesses, and governments in the digital realm[3]. Digital constitutionalism refers to the principles and norms that govern the relationship between individuals and the digital sphere, ensuring the protection of rights and liberties[4]. With the rise of technology and the increasing collection and use of personal data, individuals often find themselves at a disadvantage compared to powerful entities such as corporations and governments[5]. However, the PDPC acts as a regulatory body that safeguards individuals' interests, rectifying the power imbalances and promoting digital constitutionalism. By establishing clear rules and regulations regarding the collection, use, and transfer of personal data, the PDPC may set a framework that ensures the protection of individuals' privacy and data rights. It may enforce accountability among businesses and governments, holding them responsible for their data practices and creating a level playing field where individuals have a say in how their personal data is handled. 3.Millian Liberalism The need for the institutionalization of the PDPC embodies the paradox of freedom, as raised in John Stuart Mill’s “On Liberty”[6], where Mill recognizes that absolute freedom can lead to the infringement of others' rights and well-being. In this context, the institutionalization of the PDPC acknowledges the necessity of governance to mitigate the risks associated with personal data protection. In the digital age, the vast amount of personal data collected and processed by various entities raises concerns about privacy, security, and potential misuse. The institutionalization of the PDPC represents a commitment to address these concerns through responsible governance. By setting up rules, regulations, and enforcement mechanisms, the PDPC ensures that individuals' freedoms are preserved without compromising the rights and privacy of others. It strikes a delicate balance between individual autonomy and the broader social interest, shedding light on the paradox of freedom. II.Legal Positivism: Function and Authority of the PDPC 1.John Austin's Concept of Legal Positivism: Sovereignty, Punishment, Order To understand the function and authority of the PDPC, we turn to John Austin's concept of legal positivism. Austin posited that laws are commands issued by a sovereign authority and backed by sanctions[7]. Sovereignty entails the power to make and enforce laws within a given jurisdiction. In the case of the PDPC, its institutionalization by the Legislative Yuan reflects the recognition of its authority to create and enforce regulations concerning personal data protection. The PDPC, as an independent and specialized committee, possesses the necessary jurisdiction and competence to ensure compliance with the law, administer punishments for violations, and maintain order in the realm of personal data protection. 2.Dire Need for the Institutionalization of the PDPC There has been a dire need for the establishment of the PDPC following the Constitutional Court's decision in August 2022, holding that the government needed to establish a specific agency in charge of personal data-related issues[8]. This need reflects John Austin's concept of legal positivism, as it highlights the demand for a legitimate and authoritative body to regulate and oversee personal data protection. The PDPC's institutionalization serves as a response to the growing concerns surrounding data privacy, security breaches, and the increasing reliance on digital platforms. It signifies the de facto recognition of the need for a dedicated institution to safeguard the individual’s personal data rights, reinforcing the principles of legal positivism. Furthermore, the institutionalization of the PDPC demonstrates the responsiveness of the legislative branch to the evolving challenges posed by the digital age. The amendment to the Taiwan Personal Data Protection Act and the subsequent institutionalization of the PDPC are the outcomes of a democratic process, reflecting the will of the people and their desire for enhanced data protection measures. It signifies a commitment to uphold the rule of law and ensure the protection of citizens' rights in the face of emerging technologies and their impact on privacy. 3.Authority to Define Cross-Border Transfer of Personal Data Upon the establishment of the PDPC, it's authority to define what constitutes a cross-border transfer of personal data under Article 21 of the Personal Data Protection Act will then align with John Austin's theory on order. According to Austin, laws bring about order by regulating behavior and ensuring predictability in society. By granting the PDPC the power to determine cross-border data transfers, the legal framework brings clarity and consistency to the process. This promotes order by establishing clear guidelines and standards, reducing uncertainty, and enhancing the protection of personal data in the context of international data transfers. The PDPC's authority in this regard reflects the recognition of the need to regulate and monitor the cross-border transfer of personal data to protect individuals' privacy and prevent unauthorized use or abuse of their information. It ensures that the transfer of personal data across borders adheres to legal and ethical standards, contributing to the institutionalization of a comprehensive framework for cross-border data transfer. III.Conclusion In conclusion, the institutionalization of the Taiwan Personal Data Protection Committee represents the convergence of legal positivism, digital constitutionalism, and Millian liberalism. It signifies the recognition of citizens' sovereignty over their personal data, rebalances power dynamics in the digital realm, and addresses the paradox of freedom through responsible governance. By analyzing the PDPC's function and authority in the context of legal positivism, we understand its role as a regulatory body to maintain order and uphold the principles of legal positivism. The institutionalization of the PDPC serves as a milestone in Taiwan's commitment to protect individuals' personal data and safeguard the digital rights. In essence, the institutionalization of the Taiwan Personal Data Protection Committee represents a triumph of digital constitutionalism, where individuals' rights and interests are safeguarded, and power imbalances are rectified. It also embodies the recognition of the paradox of freedom and the need for responsible governance in the digital age in Taiwan. [1] Lin Ching-yin & Evelyn Yang, Bill to establish data protection agency clears legislative floor, CNA English News, FOCUS TAIWAN, May 16, 2023, https://focustaiwan.tw/society/202305160014 (last visited, July 13, 2023). [2] Legal positivism, Stanford Encyclopedia of Philosophy, https://plato.stanford.edu/entries/legal-positivism/?utm_source=fbia (last visited July 13, 2023). [3] Edoardo Celeste, Digital constitutionalism: how fundamental rights are turning digital, (2023): 13-36, https://doras.dcu.ie/28151/1/2023_Celeste_DIGITAL%20CONSTITUTIONALISM_%20HOW%20FUNDAMENTAL%20RIGHTS%20ARE%20TURNING%20DIGITAL.pdf (last visited July 3, 2023). [4] GIOVANNI DE GREGORIO, DIGITAL CONSTITUTIONALISM IN EUROPE: REFRAMING RIGHTS AND POWERS IN THE ALGORITHMIC SOCIETY 218 (2022). [5] Celeste Edoardo, Digital constitutionalism: how fundamental rights are turning digital (2023), https://doras.dcu.ie/28151/1/2023_Celeste_DIGITAL%20CONSTITUTIONALISM_%20HOW%20FUNDAMENTAL%20RIGHTS%20ARE%20TURNING%20DIGITAL.pdf (last visited July 13, 2023). [6]JOHN STUART MILL,On Liberty (1859), https://openlibrary-repo.ecampusontario.ca/jspui/bitstream/123456789/1310/1/On-Liberty-1645644599.pdf (last visited July 13, 2023). [7] Legal positivism, Stanford Encyclopedia of Philosophy, https://plato.stanford.edu/entries/legal-positivism/?utm_source=fbia (last visited July 13, 2023). [8] Lin Ching-yin & Evelyn Yang, Bill to establish data protection agency clears legislative floor, CNA English News, FOCUS TAIWAN, May 16, 2023, https://focustaiwan.tw/society/202305160014 (last visited, July 13, 2023).

Taiwan Government passed The「Act for the Development of Biotech and New Pharmaceuticals Industry」for supporting the biopharmaceutical industry. The purpose of the Act is solely for biopharmaceutical industry, and building the leading economic force in Taiwan. To fulfill this goal, the Act has enacted regulations concerning funding, taxation and recruitment especially for the biopharmaceutical industry. The Act has been seen as the recent important law in the arena of upgrading industry regulation on the island. It is also a rare case where single legislation took place for particular industry. After the Act came into force, the government has promulgated further regulations to supplement the Act, including Guidance for MOEA-Approved Biotech and New Pharmaceuticals Company Issuing Stock Certificate, Deductions on Investments in R&D and Personnel Training of Biotech and New Pharmaceuticals Company, Guidance for Deduction Applicable to Shareholders of Profit-Seeking Enterprises -Biotech and New Pharmaceuticals Company etc. The following discussions are going to introduce the Act along with related incentive measures from an integrated standpoint. 1 、 Scope of Application According to Article 3 of the Act, 「Biotech and New Pharmaceuticals Industry」 refers to the industry that deals in New Rugs and High-risk Medical devices used by human beings, animals, and plants; 「Biotech and New Pharmaceuticals Company」 refers to a company in the Biotech and New Pharmaceuticals Industry that is organized and incorporated in accordance with the Company Act and engages in the research, development, and manufacture of new drugs and high-risk medical devices. Thus, the Act applies to company that conducts research and manufacture product in new drug or high-risk medical devices for human and animal use. Furthermore, to become a Biotech and New Pharmaceuticals Company stipulated in the Act, the Company must receive letter of approval to establish as a Biotech and New Pharmaceuticals Company valid for five years. Consequently, company must submit application to the authority for approval by meeting the following requirements: (1) Companies that conduct any R&D activities or clinical trials must receive permission, product registration, or proof of manufacture for such activities from a competent authority. However, for those conducted these activities outside the country will not apply. (2) When applied for funding for the previous year or in the same year, the expense on R&D in the previous year exceeds 5% of the total net revenue within the same year; or the expenses exceeds 10% of the total capital of the company. (3) Hired at least five R&D personnel majored in biotechnology. For New Drug and High-Risk Medical Device are confined in specific areas. New Drug provided in the Act refers to a drug that has a new ingredient, a new therapeutic effect or a new administration method as verified by the central competent authorities. And High-Risk Medical Device refers to a type of Class III medical devices implanted into human bodies as verified by the central competent authorities. Therefore, generic drug, raw materials, unimplanted medical device, and medical device are not qualified as type III, are all not within the scope of the Act and are not the subject matter the Act intends to reward. 2 、 Tax Benefits Article 5, 6 and 7 provided in the Act has followed the footsteps of Article 6 and 8 stipulated of the Statute, amending the rules tailored to the biopharmaceutical industry, and provided tax benefits to various entities as 「Biotech and New Pharmaceuticals Company」, 「Investors of Biotech and New Pharmaceuticals Industry」, 「Professionals and Technology Investors」. (1) Biotech and New Pharmaceuticals Company In an effort to advance the biopharmaceutical industry, alleviate financial burden of the companies and strengthen their R&D capacity. The Act has provided favorable incentive measures in the sector of R&D and personnel training. According to Article 5: 「For the purpose of promoting the Biotech and New Pharmaceuticals Industry, a Biotech and New Pharmaceuticals Company may, for a period of five years from the time it is subject to profit-seeking enterprise income tax payable, enjoy a reduction in its corporate income tax payable, for up to 35% of the total funds invested in research and development (R&D) and personnel training each year.」 Consequently, company could benefit through tax deduction and relieve from the stress of business operation. Moreover, in supporting Biotech and New Pharmaceutical Company to proceed in R&D and personnel training activities, the Act has set out rewards for those participate in ongoing R&D and training activities. As Article 5 provided that」 If the R&D expenditure of a particular year exceeds the average R&D expenditure of the previous two years, or if the personnel training expenditure of a particular year exceeds the average personnel training expenditure of the pervious two years, 50% of the exceed amount in excess of the average may be used to credit against the amount of profit-seeking enterprise income tax payable. 「However, the total amount of investment credited against by the payable corporate income tax in each year shall not exceed 50% of the amount of profit-seeking enterprise income tax payable by a Biotech and New Pharmaceuticals Company in a year, yet this restriction shall not apply to the amount to be offset in the last year of the aforementioned five-year period. Lastly, Article 5 of the Act shall not apply to Biotech and New Pharmaceutical Company that set up headquarters or branches outside of Taiwan. Therefore, to be qualified for tax deduction on R&D and personnel training, the headquarters or branches of the company must be located in Taiwan. (2) Investors of Biotech and New Pharmaceuticals Company To raise funding, expand business development, and attract investor continuing making investments, Article 6 of the Act has stated that 「In order to encourage the establishment or expansion of Biotech and New Pharmaceuticals Companies, a profit-seeking enterprise that subscribes for the stock issued by a Biotech and New Pharmaceuticals Company at the time of the latter's establishment or subsequent expansion; and has been a registered shareholder of the Biotech and New Pharmaceuticals Company for a period of 3 years or more, may, for a period of five years from the time it is subject to corporate income tax, enjoy a reduction in its profit-seeking enterprise income tax payable for up to 20% of the total amount of the price paid for the subscription of shares in such Biotech and New Pharmaceuticals Company.」 Yet 「If the afore-mentioned profit-seeking enterprise is a venture capital company (「VC」), such VC corporate shareholders may, for a period of five years from the fourth anniversary year of the date on which the VC becomes a registered shareholder of the subject Biotech and New Pharmaceuticals Company, enjoy a reduction in their profit-seeking enterprise income tax payable based on the total deductible amount enjoyed by the VC under Paragraph 1 hereof and the shareholders' respective shareholdings in the VC.」 The government enacted this regulation to encourage corporations and VC to invest in biotech and new pharmaceutical company, and thus provide corporate shareholders with 20% of profit-seeking enterprise income tax payable deduction, and provide VC corporate shareholders tax deduction that proportion to its shareholdings in the VC. (3) Top Executives and Technology Investors Top Executives refer to those with biotechnology background, and has experience in serving as officer of chief executive (CEO) or manager; Technology Investors refer to those acquire shares through exchange of technology. As biopharmaceutical industry possesses a unique business model that demands intensive technology, whether top executives and technology investors are willing to participate in a high risk business and satisfy the needs of industry becomes a critical issue. Consequently, Article 7 of the Act stated that 「In order to encourage top executives and technology investors to participate in the operation of Biotech and New Pharmaceuticals Companies and R&D activities, and to share their achievements, new shares issued by a Biotech and New Pharmaceuticals Company to top executives and technology investors (in return of their knowledge and technology) shall be excluded from the amount of their consolidated income or corporate income of the then current year for taxation purposes; provided, however, that if the title to the aforesaid shares is transferred with or without consideration, or distributed as estate, the total purchase price or the market value of the shares at the time of transfer as a gift or distribution as estate shall be deemed income generated in that tax year and such income less the acquisition cost shall be reported in the relevant income tax return.」 Additionally, 「For the title transfer of shares under the preceding paragraph, the Biotech and New Pharmaceuticals Company concerned shall file a report with the local tax authorities within thirty 30 days from the following day of the title transfer.」 Purpose of this regulation is to attract top executives and technology personnel for the company in long-term through defer taxation. Moreover, the Biotech and New Pharmaceutical Company usually caught in a prolong period of losses, and has trouble financing through issuing new shares, as stipulated par value of each share cannot be less than NTD $10.Thus, in order to offer top executive and technology investors incentives and benefits under such circumstances, Article 8 has further provided that」Biotech and New Pharmaceutical Companies may issue subscription warrants to its top executives and technology investors, provided that the proposal for the issuance of the aforesaid subscription warrants shall pass resolution adopted by a majority votes of directors attended by at least two-thirds (2/3) of all the directors of the company; and be approved by the competent authorities. Holders of the subscription warrants may subscribe a specific number of shares at the stipulated price. The amount of stipulated price shall not be subject to the minimum requirement, i.e. par value of the shares, as prescribed under Article 140 of the Company Act. Subscription of the shares by exercising the subscription warrant shall be subject to income tax in accordance with Article 7 hereof. if a Biotech and New Pharmaceutical Company issue new shares pursuant to Article 7 hereof, Article 267 of the Company Act shall not apply. The top executives and technology investors shall not transfer the subscription warrant acquired to pursuant to this Article.」 These three types of tax benefits are detailed incentive measures tailor to the biopharmaceutical industry. However, what is noteworthy is the start date of the benefits provided in the Act. Different from the Statue, the Act allows company to enjoy these benefits when it begins to generate profits, while the Statute provides company tax benefits once the authority approved its application in the current year. Thus, Biotech and New Pharmaceuticals Company enjoys tax benefits as the company starts to make profit. Such approach reflects the actual business operation of the industry, and resolves the issue of tax benefits provided in the Statue is inapplicable to the biopharmaceutical industry. 3 、 Technical Assistance and Capital Investment Due to the R&D capacity and research personnel largely remains in the academic circle, in order to encourage these researchers to convert R&D efforts into commercial practice, the government intends to enhance the collaboration among industrial players, public institutions, and the research and academic sectors, to bolster the development of Biotech and New Pharmaceuticals Company. However, Article 13 of Civil Servants Service Act prohibits officials from engaging in business operation, the Act lifts the restriction on civil servants. According to Article 10 of the Act provided that」For a newly established Biotech and New Pharmaceuticals Company, if the person providing a major technology is a research member of the government research organization, such person may, with the consent of the government research organization, acquired 10% or more of the shares in the Biotech and New Pharmaceuticals Company at the time of its establishment, and act as founder, director, or technical adviser thereof. In such case, Article 13 of the Civil Servants Service Act shall not apply. And the research organization and research member referred to thereof shall be defined and identified by the Executive Yuan, in consultation with the Examination Yuan.」 This regulation was enacted because of the Civil Servants Services Act provided that public officials are not allowed to be corporate shareholders. However, under certain regulations, civil servants are allowed to be corporate shareholders in the sector of agriculture, mining, transportation or publication, as value of the shares cannot exceed 10% of the total value of the company, and the civil servant does not served in the institution. In Taiwan, official and unofficial research institution encompasses most of the biotechnology R&D capacity and research personnel. If a researcher is working for a government research institution, he would be qualified as a public servant and shall be governed by the Civil Servants Service Act. As a result of such restriction, the Act has lifted the restriction and encouraged these researchers to infuse new technologies into the industry. At last, for advancing the development of the industry, Article 11 also provided that 」R&D personnel of the academic and research sectors may, subject to the consent of their employers, served as advisors or consultants for a Biotech and New Pharmaceuticals Company.」 4 、 Other Regulations For introducing and transferring advanced technology in support of the biopharmaceutical industry, Article 9 stated that 「Organization formed with government funds to provide technical assistance shall provide appropriate technical assistance as may be necessary.」 Besides technical assistance, government streamlines the review process taken by various regulatory authorities, in order to achieve an improved product launch process result in faster time-to-market and time-to profit. As Article 12 provided that 「the review and approval of field test, clinical trials, product registration, and others, the central competent authorities shall establish an open and transparent procedure that unifies the review system.」