To establish a trusted foundation for sports data compliance, the Sports Data Altruism Service releases the Sports Data Altruism Service Personal Data Assessment Legal Compliance Handbook

1. Organization Framework In the organization framework of critical infrastructure protection, there are mainly the public departments and the PPP organizations. The functions and task description of relevant organizations are as follows. (1) Department of Homeland Security After the September 11 attacks in America, the Homeland Security Act was passed in November 2002, and based on this act, 23 federal organizations, plans and offices were integrated to establish the Department of Homeland Security (DHS) to take responsibility for homeland security in America. The tasks include: (1) to analyze intelligence data collected from various departments such as the Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI) so that any threats to security can be discovered in time, (2) to protect and defend critical infrastructure, (3) to coordinate and lead America to prevent and respond to the attacks from nuclear weapons, biochemical weapons and other and (4) to coordinate the tasks of the federal government, including emergency and rescue. For the task regarding critical infrastructure and critical information infrastructure protection, the main units in charge are the Office of Infrastructure Protection (OIP) and the Office of Cybersecurity and Communications (CS&C) subordinate to National Protection and Programs Directorate (NPPD), Department of Homeland Security (DHS), to reduce the risk in both physical and cyber security to maintain national security1 (2) Congress Relevant units and committees are established both in the Senate and the House of Representatives to be responsible for protection and making policies pertinent to important critical infrastructure and critical information infrastructure. (3) Computer Crime and Intellectual Property Section In 1991, the Department of Justice (DOS) established the Computer Crime and Intellectual Property Section (CCIPS), a section of the Criminal Division, to be responsible for all crime combating computer and intellectual property. Computer crime is referred to cases which include electronic penetrations, data thefts, and cyber attacks to the important critical infrastructure. CCIPS also prevents, investigates, and prosecutes computer crimes by working with other government agencies, the private sector, academic institutions, and foreign counterparts. (4) Other Relevant PPP Organizations 2The Information Sharing and Analysis Center (ISAC) is responsible for the information security message sharing among the industries of each critical infrastructure to ensure the liaison and cooperation among industries. Finally, for the issue on critical information infrastructure, especially cyber crimes, both the National Cyber Security Alliance (NCSA) and the Cross Sector Cyber Security Working Group (CSCSWG) are designated to serve as crucial roles in governmental and non-governmental internet security prevention to be responsible for techniques and education. 2. Notification System (1)Computer Emergency Response Team Coordination Center The Computer Emergency Response Team Coordination Center (CERT/CC) run by Carnegie Mellon University is the oldest and most important early-warning organization for information security in the USA. With its experts studying internet vulnerabilities and risk assessment released regularly, it reminds people of the possible dangers which exist in the information age and the need to improve internet security. (2)US Computer Emergency Readiness Team The US Computer Emergency Readiness Team (US-CERT) was established in 2003. It is responsible for protecting the infrastructure of the internet in America and for coordinating and providing response support and defense against national cyber attacks. It interacts with federal agencies, industry, the research community, state government, and others to disseminate reasoned and actionable cyber security information to the public. (3)Federal Bureau of Investigation The Federal Bureau of Investigation (FBI), the first early warning center of critical infrastructure at the national level, is responsible for providing the information pertinent to legal execution presently and also taking responsibility for the investigation of cyber crime. (4)Information Sharing and Analysis Centers Currently, industry in America, including finance, telecommunications, energy, traffic, water resources, together established individual Information Sharing and Analysis Centers (ISACs) based on the policy made in PDD-63. The ISAC of the financial system established in October 1999 being the first established center. These ISACs further work together to form an ISAC Council to integrate the information from each of them and improve their interaction and information sharing. 3. Legal Norms In reference to the laws and regulations of critical infrastructure protection, America has aimed at critical infrastructure protection and computer crime to formulate the following regulations. (1) Federal Advisory Committee Act of 1972 According to the Federal Advisory Committee Act (FACA), the advisory committee can be established in every federal agency to provide the public, along with received open advice, with relevant objectives, and to prevent the public from being inappropriately influenced by the policies made by the government. However, to keep the private institutions which run the critical infrastructures from worrying the inappropriate leak of the sensitive information provided and consulted by them, Critical Infrastructure Partnership Advisory Council was established so that the Secretary of Homeland Security has the right to disregard the regulations of FACA and establish an independent advisory committee. (2) Computer Fraud and Abuse Act of 19863 The Computer Fraud and Abuse Act (CFAA) was enacted and implemented in 1986. It mainly regulates computer fraud and abuse. The Act states that it is against the law for anyone to access a protected computer without authorization. However, it also recognizes the fact that accessing a computer system of electronic and magnetic records does not mean a violation of the law. According to the CFAA, what is needed is one of the following requirements to be the wrongful conduct regulated in the Act: (1) whoever intentionally accesses a computer to obtain specific information inside the government or whoever has influenced the transmission function of the computer system; (2) whoever intentionally accesses a computer to obtain a protected database (including the information contained in a financial record of a financial institution or of a card issuer, or the information contained in a file of a consumer reporting agency on a consumer, or the information from any department of agency of the United States, or the conduct involving an interstate transaction); (3) whoever intentionally accesses any nonpublic computer of a department or agency of the United States, and causes damage. In addition, the Act also prohibits conduct such as transmitting malicious software, and defrauding traffic in any password or similar information. For any person who suffers damage or loss by reason of a violation of the law, he/she may maintain a civil action to obtain compensatory damages and injunctive relief or other equitable relief. However, the Computer Abuse Amendment Act (1994) expands the above Act, planning to include the conduct of transmitting viruses and malicious program into the norms whose regulatory measures were adopted by the USA Patriot Act enacted in October 20014 (3) Homeland Security Act of 20025 The Homeland Security Act provides the legal basis for the establishment of the Department of Homeland Security and integrates relevant federal agencies into it. The Act also puts information analysis and measures of critical infrastructure protection into the norm. And, the norm in which private institutions are encouraged to voluntarily share with DHS the information security message of important critical infrastructure is regulated in the Critical Infrastructure Information Act: Procedures for Handling Critical Infrastructure Information. According to the Act, the DHS should have the obligation to keep the information provided by private institutions confidential, and this information is exempted from disclosure by the Freedom of Information Act. (4) Freedom of Information Act Many critical infrastructures in America are regulated by governmental laws, yet they are run by private institutions. Therefore, they should obey the law and provide the government with the operation report and the sensitive information related with critical infrastructure. However, knowing that people can file a request at will to review relevant data from the government agencies based on the Freedom of Information Act (FOIA), then the security of national critical infrastructure may be exposed to the danger of being attacked. Therefore, the critical infrastructure, especially the information regarding the safety system, early warning, and interdependent units, are all exempted by the Freedom of Information Act. (5) Terrorism Risk Insurance Act of 20026 After the 911 Incident, Congress in America passed the Terrorism Risk Insurance Act to establish the mechanism to underwrite terrorism risk insurance, in which insurance companies are required to provide terrorism attack risk insurance and the federal government will also cover part of loss for severe attacks. 1.http://www.dhs.gov/xabout/structure/editorial_0794. shtm (last accessed at 21. 07. 2009). 2.http://www.thei3p.org/ (last accessed at 21. 07. 2009). 3.http://www.panix.com/~eck/computer-fraud-act. html (last accessed at 21. 07. 2009). 4.Mark G. Milone, Hacktivism：Securing the National Infrastructure, 58 Bus. Law, 389-390, 2002. 5.http://www.dhs.gov/xlibrary/assets/hr_5005_enr.pdf (last accessed at 21. 07. 2009). 6.http://www.ustreas.gov/offices/domestic-finance/financial-institution/terrorism-insurance/pdf/hr3210.pdf (last accessed at 21. 07. 2009).

With digital music industry rising and flourishing these years, in 1995 the US Congress amended the compulsory licensing regulations in the US Copyright Act to include digital music service in the scope of compulsory licensing. By doing so,it tries to save the industry from deprivation in copyright negotiations and to prevent detrimental effects on music circulation. By introducing the compulsory licensing regulations for music copyrights in the US Copyright Act, this paper wishes to provide a reference for the Taiwanese government to amend Taiwan’s copyright act to promote the development of the digital music industry. I. Exclusive rights in digital music copyright According to the US Copyright, the copyright owner has the exclusive rights to do and to authorize any of the following1: To reproduce the copyrighted work in copies or phonorecords; To prepare derivative works based upon the copyrighted work; To distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending; In the case of literary, musical, dramatic, and choreographic works, pantomimes, and motion pictures and other audiovisual works, to perform the copyrighted work publicly; In the case of literary, musical, dramatic, and choreographic works, pantomimes, and pictorial, graphic, or sculptural works, including the individual images of a motion picture or other audiovisual work, to display the copyrighted work publicly; and In case of sound recordings, to perform the copyrighted work publicly by means of digital music transfer. If it is to be enforced by law that musical works can only be provided after the approval and authorization of the copyright owner, this will be unfavorable for the circulation of musical works. In terms of users, this may mean additional difficulties in providing musical works. Therefore, in addition to negotiating with the copyright owner of the licensing affairs, the US Copyright Act prescribes the compulsory licensing system. As long as the form of use does not violate any terms specified in the Copyright Act, service providers may obtain a license by means of compulsory licensing in order to lawfully “distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.2” 1. Scope of compulsory license According to Section 115 of the US Copyright Act, limitation on compulsory licensing comprises two sections3: (1) The scope of compulsory licensing is limited to the “exclusive rights provided by clauses (1) and (3) of section 106”; i.e. “to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.” (2) A compulsory license can only be applied for unless the copyrighted works are Non-dramatic musical works; phonorecords of a non-dramatic musical work which have been distributed to the public in the United States under the authority of the copyright owner; and phonorecords made by a person whose primary purpose is to distribute them to the public for private use. (1) The scope of compulsory licensing is limited to the “exclusive rights provided by clauses (1) and (3) of section 106”; i.e. “to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.” (2) A compulsory license can only be applied for unless the copyrighted works are Non-dramatic musical works; phonorecords of a non-dramatic musical work which have been distributed to the public in the United States under the authority of the copyright owner; and phonorecords made by a person whose primary purpose is to distribute them to the public for private use. (1) The scope of compulsory licensing is limited to the “exclusive rights provided by clauses (1) and (3) of section 106”; i.e. “to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending.” (2) A compulsory license can only be applied for unless the copyrighted works are Non-dramatic musical works; phonorecords of a non-dramatic musical work which have been distributed to the public in the United States under the authority of the copyright owner; and phonorecords made by a person whose primary purpose is to distribute them to the public for private use. Later on, to facilitate the application of the emerging digital sound delivery technology and the development of the digital music industry, in 1995 the US Congress passed the Digital Performance Right in Sound Recording Act of 1995 (DPRA) by which Section 115 of the Copyright Act was amended and the Digital Phonorecord Deliveries (DPD) was added. Based on these, the DPD can enjoy compulsory licensing to deliver digital music service. 2. Entitlement of compulsory license Any person who wishes to obtain a compulsory license shall, before or within thirty days after making the recording, and before distributing any phonorecords of the work, serve notice of intention to do so on the copyright owner. The notice shall comply, in form, content, and manner of service, with the requirements that the Register of Copyrights shall prescribe by regulation. If the registration or other public records of the Copyright Office do not identify the copyright owner and include an address at which the notice can be served, it shall be sufficient to file the notice of intention in the Copyright Office4. After obtaining the compulsory license, service providers shall deliver to the copyright owner or its designated collecting agent the information relating to the royalty of the month and the successes or failures of downloading within twenty days from the end of every month5. If service owners are unable to identify how to deliver the royalty to the copyright owner, the collecting agent shall keep the royalties for the compulsorily licensed nondramatic musical works for three years in an independent trust account. The collecting agent shall assume no responsibility for the safekeeping of such royalties if the copyright owner is unreachable within three years6. 3. Royalty for compulsory license The criteria for calculating the royalty of compulsory license are established by the Copyright Arbitration Royalty Panel formed by the Librarian of Congress. This panel updates the calculation criteria on a biennial basis. The calculation can be done by minute or by work. Applicants must pay the highest royalty calculated with either of the schemes7. 4. Limitation of compulsory license A compulsory licensee shall only reproduce or distribute specific sound recordings and shall not use the work in the making of phonorecords duplicating a sound recording fixed by another; unless the making of the phonorecords was authorized by the owner of the copyright in the sound recording or such sound recording was fixed lawfully.8 II. Conclusions Though compulsory licensing terms have been specified in the Copyright Law of Taiwan, users only need to apply for a compulsory license for sound recordings published for a full six months and the sound recording is used in the making of other musical works for sale9. In this case, the digital music industry will be unable to obtain a compulsory license to deliver lawful services, and negotiation with the copyright owner has thus become a prerequisite for service providers to deliver lawful services. As a result, service providers often become the weaker side of the negotiation and must pay the copyright owner a very substantial royalty. Consequently, the cost of the services will increase. In the future, if the government can amend the copyright law to include the reproduction and delivery of digital music in the scope of compulsory license of sound recordings with reference to the compulsory license terms for sound recordings in the US Copyright Act, service providers can have other access to obtain a license for sound recordings to deliver lawful digital music service other than negotiations with the copyright owner. It is believed that this will promote the fair royalties of sound recording licensing in Taiwan and the development of digital music application service industry in Taiwan. 17 U.S.C.A. §§ 106 17 U.S.C.A. §§ 115 17 U.S.C.A. §§ 115(a)(1). 17 U.S.C.A. §§ 115(b)(1). 17 U.S.C.A. §§ 115(c)(5). 68 FR 57815 See the following for details of royalty criteria for compulsory license: U.S. Copyright Office, Mechanical License Rates-Copyright Royalty Rates Section 115, the Mechanical License, available at http://www.copyright.gov/carp/m200a.html (last visited 2007/8/17) 17 U.S.C.A. §§ 115(a)(1). Article 69, Copyright Law.

1. Prologue Flexible and collective usage of spectrum is the mainstream in the modern times. Julius Genachowski, chairman of the Federal Communications Commission, delivered the keynote address to the CTIA-Wireless Association convention on Oct. 7, 20091. He said the U.S. government has been tripling the amount of spectrum available for commercial uses. The problem is that many industry experts predict wireless traffic will increase 30 times because of online video and other bandwidth-heavy applications. Accordingly, he warned that the shortage of spectrum would be a crisis for the on-going evolution of mobile broadband communication. Therefore, it’s critical for using precious spectrum effectively. Now, with the breakthrough of ICT, there is an alternative solution to this crisis: "application of interleaved/white space". 2. The cure for shortage of the spectrum To solve the shortage and ineffective use of scarce spectrum, developed countries have innovated technology to overcome the dilemma. Accordingly, the cognitive radio (CR) network with OFDMA (Orthogonal Frequency Division Multiple Access)2 systems, namely "spectrum sensing", to use the interleaved/white space is the therapy nowadays, especially after digital switchover (DSO). CEPT (European Conference of Postal and Telecommunications Administrations) identified "white space" as a part of the spectrum, which is available for a radio-communication application (service, system) at a given time in a given geographical area on a non-interfering / non-protected basis with regard to primary services and other services with a higher priority on a national basis. Specified clearly, the wording of "White Spots" or "White Spaces" or "Interleaved Spectrum" applied by CEPT has been used to introduce a concept of frequency spectrum which is potentially available at a given time for further utilization within frequency spectrum originally planned for broadcasting in GE063. The current CEPT view is that any new white space applications should be used on a non protected non interfering basis. Further studies are required into the framework needed to enable the use of CR devices within white space spectrum. Meanwhile, Millions more — both rural and urban — couldn’t afford computers and internet access in the United States. Yet big telephone and cable companies won’t bring broadband internet to rural America. Therefore, U.S. administration takes it seriously and considers to bridge the "digital gap" via CR networks for using white space to high-speed wireless internet access in rural area. Moreover, innovative way to use the spectrum after DSO could also satisfy the demand of band immediately with National Broadband Plan which proposed by President Barack Obama. 3. The definition and function of "white/interleaved space" In a word, the spectrum licensed to commercial use or public safety is not always occupied totally all the time. Accordingly, some bands are vacant just like "white" or "interleaved". If communicators use these interleaved and fragmented bands temporally, the spectrum-usage will be more effective and the cost of the spectrum now we used will be much lower. Not only U.S but also UK regulator Ofcom has published a discussion document to explore the possibility of using interleaved spectrum to wirelessly link up different devices and offer enhanced broadband access in rural areas. The idea is based on the development of technology that could search for unoccupied radio waves between TV channels to transmit and receive wireless spectrum. Take DSO in U.S. for example, when TV goes digital in June, 2009, TV broadcasters will use only a small portion of the public airwaves they are allocated.4 This is because digital transmissions can be packed into adjacent channels, while analog ones cannot. This means that the band can be "compressed" into fewer channels, while still allowing for more transmissions, which could result in a kind of "white space" (or so-called digital dividend) mentioned above. In most rural areas, 60 to 70 percent of these digital airwaves will be vacant. It goes without saying that those bands will be idle, which will also increase the cost the spectrum-usage. However, the TV band can carry a broadband signal that penetrates buildings, travels great distances, and penetrates heavy foliage. If people could search the "spectrum hole", off course, with CR or DSA (Dynamic Spectrum Sensing), and then link up those unoccupied band for wireless communication, the compelling needs of spectrum will be eased. Most important of all, this innovative way fits the trend of collective and flexible spectrum usage in 3G/4G era. 4. The key to open "white space" Undoubtedly, the WSD (White Space Devices) is the key to open the new gate. FCC issues some R&O to test WSD for welcoming white space. On October 5, 2007, OET (the Office of Engineering and Technology) of FCC issued a public notice inviting submittal of additional prototype devices for further tests (Phase II). On February 24, 2010, OET selected Wilmington, North Carolina, for the test market for the DTV transition, and unveiled a new municipal Wi-Fi network, after a month of testing. OET permitted that TV Band has an 18-month experimental license.5 For the goal of "smart city", the network has used the white space made available by the end of analog TV transmission. Spectrum Bridge (a famous company devoted to working out WSD and solution to white space)6 has worked to make sure TV stations in the market do not receive interference (no interference issues have been reported), and the company hopes to do the same if similar service becomes nationwide. The "smart city" network will not compete with cell phone companies but will instead be used for "national purposes", including government and energy monitoring (i.e. Smart Grid). TV Band Network, made up of private investors, has put up cameras in parks, and along highways to show traffic. Other uses include water level and quality, turning off lights in ball parks, and public Wi-Fi in certain areas.7 This success has promptly encouraged those have eyed unlicensed band/devices for wireless broadband internet access, especially the White Spaces Coalition8. The White Spaces Coalition consists of eight large technology companies that originally planned to deliver high speed broadband internet access beginning in June 2009 to United States consumers via existing white space in unused television frequencies between 54-698 MHz (TV Channels 2-51). The coalition expects speeds of 80 Mbps and above, and 400 to 800 Mbps for white space short-range networking9. Therefore, the Coalition hasn’t only pushed FCC to free up the band, namely unlicensed-band approach, but also eagerly innovated the WSD and advanced IT technology (i.e. Geo-Location, CR, DSA, OFDMA and IEEE 802.2210 …etc. ) to promote the awareness of white space. 5. How to use the key to unlock the door ? First of all, Geo-Location technology is the threshold to use the white space. Geo-Location is the identification of the real-world geographic location of Internet-connected computers, mobile devices, website visitors or others. In avoidance of band-interference and public safety communication, users mustn’t interfere with the prior ones, or s/he couldn’t access the band via WSD. Thus, Geo-Location can assist WSD users, just like a beacon, to avoid the occupied band and keep them away from nearby transmissions. Second, a spectrum database that contains Geo-Location information about devices using the free channels in the radio spectrum and some strong database managers are needed. Frankly speaking, the original idea was that WSD would detect existing users and switch frequencies to avoid them, but that's technically dubious and hasn't been demonstrated to FCC's satisfaction. So the proposed solution requires devices to locate themselves then connect to a database which will allocate a frequency along with a timeout, after which the device will have to repeat its request. For example, the followings are the necessary information in the TV database. • Transmitter coordinates (latitude and longitude), • Effective radiated power (ERP), • Height above average terrain of the transmitter (HAAT), • Horizontal transmit antenna pattern (if the antenna is directional), • channel number, • Station call sign. In a word, in order to protect existing broadcasters, FCC mandated the creation of a Geo-Location database that details what spectrum is in use and where. Furthermore, the idea is that unlicensed broadband devices will tap this database before sending or receiving data, using the info in tandem with spectrum sensing technologies to avoid interference. Accordingly, White Spaces Database (WSDB) was introduced, a DB which would permit public access to register and discover devices and the frequencies used based on their location11. This database would be used in conjunction with local device discovery to avoid contention between devices. FCC has worried about that no one has ever run a radio system like this, so no one can really claim experience in the area (though most of the proposals try). The FCC commissioner Robert McDowell has raised an eyebrow at Google's request to serve as an administrator of a national database detailing the use of white-space spectrum. Google proposes the operation of a WSDB for at least five years, promising to "transfer to a successor entity the Database, the IP addresses and URLs used to access the Database, and the list of registered Fixed WSD" in case they cannot live up to it. Google does not plan to "implement per-query fees"12 , but they are considering a per-device fee. No decision has been made yet, but the FCC allows a WSDB administrator to charge such fees.13 Finally but innovating initially, it’s the Cognitive Radio system (CR). There are various definitions of CR. Herewith the paragraph 10 of the FCC 03-322 NPRM, the definition of Cognitive Radio could be specified as a radio that can change its transmitter parameters based on interaction with the environment in which it operates. The following figure shows how the Cognitive Radio System does work. Figure 1.Cognitive Radio System Let’s explain it more clearly and vividly. Imagine a radio which autonomously detects and exploits empty spectrum to increase your file transfer rate. Suppose this same radio could remember the locations where your calls tend to drop and arrange for your call to be serviced by a different carrier for those locations. These are some of the ideas motivating the development of cognitive radio. In effect, a cognitive radio is a software radio whose control processes leverage situational knowledge and intelligent processing to work towards achieving some goal related to the needs of the user, application, and network. Although cognitive radio was initially thought of as a software-defined radio extension (Full Cognitive Radio), most of the research work is currently focusing on Spectrum Sensing Cognitive Radio. In other words, the focus on CR has been switched into "DSA" (Dynamic Spectrum Access) nowadays.14 Therefore, some fellows replace Cognitive Radio with "Cognitive Systems" for accurate description.15 The following is the figure to show the function of DSA to detect "spectrum hole" that could be used as TV white space.16 Figure 2.The sensing of the spectrum hole "Digital dividend", one kind of interleaved/white space, has been viewed as precious band in Unite Kingdom, too. In U.K., its regulatory body, Ofcom, has also published a discussion document to explore the possibility of using these "dividend" to wirelessly link up different devices and offer enhanced broadband access in rural areas. Ofcom has predicted that could enable the use of the spectrum in this way would take at least three years to develop. Possible applications include mobile broadband, the transmission of home media such as photos from cameras to a computer wirelessly and the ability to control appliances in the home. Moreover, Ofcom firmly contended that if there was evidence that interference could be avoided, it would allow the use of interleaved spectrum without the need for individual licenses, the same as the FCC’s policy. However, local TV coalition United for Local Television (ULTV)17 has strongly criticized the Ofcom’s current proposal to appoint a band manager to "control" interleaved spectrum (and make it available to applications such as wireless microphones for special events) and to ensure that the spectrum is made available to local TV groups on fair, reasonable and non-discriminatory terms. According to current proposals, Ofcom’s "band manager" would be required to allocate spectrum to special event organizers on fair and non-discriminatory terms but not to local TV groups. ULTV has protested this unfair condition. In contrast, FCC has clearly issued the "2nd report" to mandate the bidder of upper 700 MHz D block should apply to fair and non-discriminatory terms. 6. Technological challenges for accessing white space In November 2008 the FCC issued an R&O on the unlicensed use of TV white space.18 The FCC regulated some vital requirements to rule the usage of TVWS in this document. These requirements impose technical challenges for the design of devices operating in TV white space spectrum, which brings new tough task for the innovation and production of WSD.19 These new rules provide an opportunity but they also introduce a number of technical challenges. The challenges require development of cognitive radio technologies like spectrum sensing as well as new wireless PHY and MAC layer designs. For example, the development of spectrum sensing techniques involves RF (Radio Frequency) design, robust signal processing, pattern recognition and networking protocols… etc. The choice of RF architecture is no longer merely a hardware issue, but will directly affect the upper layer performance. Furthermore, these challenges include spectrum sensing of both TV signals and wireless microphone ones, frequency agile operation, geo-location, stringent spectral mask requirements, and of course the ability to provide reliable service in unlicensed and dynamically changing spectrum.20 In addition, the FCC has strict out-of-band emission (OOBE) requirements to prevent interference with licensed transmissions in other channels. A detailed description of these out-of-band emission requirements and their impact on the transmission spectral mask for WSD is provided in Section VII of the R&O. Unfortunately, there are still other hurdles to be overcome. While the frequencies used by television stations do have a long reach and easily penetrate walls, it is important to remember that these signals are one-way communications, often broadcast from giant antennas at megawatts of power. For gadgets and computers, a much lower transmission power would be used, greatly decreasing the range of the White Space devices. So are we talking the Wi-Fi-like ranges here or 3G-like ranges? The National Association of Broadcasters has also questioned the ability of WSD to operate without interfering with television broadcasts. In addition, wireless microphones could be affected, although Google has proposed a "beacon" that could be utilized alongside existing wireless microphone equipment that would alert WSD not to operate on the same channel. Last but not least, how to ensure QoS of WSD users is implicit trouble. The Cognitive Radio system should provide that fast, robust, coordinated sensing and quite periods and to protect incumbents as well as provide QoS. It will be a dilemma faced by the regulatory bodies and ICT industry. Another real-world problem is that there are no WSD for consumers and even if someone comes out with a new product, it will likely be very expensive since it isn’t widely produced,21 although Spectrum Bridge has proven one example mentioned above. Nevertheless, some people still criticized what Spectrum Bridge has done probably could have used 5 GHz for the point-to-point backhaul connections. "The Smart City" is using Wi-Fi for the last mile rather than white spaces because there are no white space devices on the consumer end. Rick Rotondo, chief marketing officer for Spectrum Bridge argued Spectrum Bridge tried using Wi-Fi at 2.4GHz, 5GHz would never have made it; 2.4 didn’t make it. However, Spectrum Bridge did use Wi-Fi for the last hundred feet, not the last mile, but for the last hundred feet because there are Wi-Fi receivers built into laptops and smartphones and that’s who we wanted to be able to connect to this network. It sounds like a tautology. 7. What’s beyond the white space ? What kind of ICT could people apply to after getting the white/interleaved space? "Super Wi-Fi" is the first application connected with white space. As Larry Page, co-founder of Google, has described that white spaces are like "Wi-Fi on steroids" linked up wireless internet with much faster speeds, stronger signals and more affordable costs. Besides, there are other advanced ICT could function via white space, such as LTE, IPTV, MediaFLO, DVB-H, ISDB-T, MVNO, ITS (DSRC) and so on. 8. Vision: Legal challenges for accessing white space in Taiwan Although not mentioned above, FCC indeed allows the secondary-market of spectrum boosting in U.S. That’s an important reason, or motivation, to develop white space applications and regulations. In other words, the spectrum, not the license, could be auctioned, leased, retailed, weaved and so on. However, the regulatory mode of communication in Taiwan is "Vertical Regulatory Framework", which would be an obstacle to evolve the spectrum-usage in contrast to U.S and EU. Under the interpretation of Legal Positivism, Taiwan Budget Act Article 94 states, "Unless otherwise provided for by law, grant of quota, frequency, or other limited or fixed amount special licenses shall be conducted by open auction or public invitation to tender and the proceeds of which shall be turned in to the national treasury." Hereby, the administration could really fulfill the legal assignment via public invitation to tender or auction for the "license", not the band. Nevertheless, the administration does not apply auction process to issue the licenses, but approaches the frequency licenses with "Radio and Television Act" and "Administrative Regulations on Radio Waves" which is promulgated under the Telecommunications Act in accordance with the first paragraph of 48, Section 1 of said Act instead. Step closely, Radio and Television Act Article 4 firmly states, "The frequencies used by radio/television businesses are owned by the state and their allocation shall be planned by the MOTC in conjunction with the regulatory agency. The frequencies mentioned in the preceding paragraph may not be leased, loaned, or transferred. (emphasis added)". This article has resulted in inflexible use of spectrum, and dragged the collective use of spectrum, too. Undoubtedly, only we have to do is to amend the article for accessing white space in accordance with Legal Positivism. Second, according to Administrative Regulations on Radio Waves, the National Communications Commission shall be responsible for the overall coordination and regulation of radio waves including radio frequencies, power, emission method and radio station identification call sign etc., which shall not be used or altered without approval. Thus, under the justice of legal system, NCC should revise the spectrum policy/regulations in harmony with Administrative Regulations on Radio Waves. For example, the Article 6 and 10 separately regulates, "The radio equipment shall adopt the latest technical advances to limit the number of frequencies and the frequency bandwidth used to the minimum essential for the necessary services. The frequency assigned to a station of a given service shall be separated from the limits of the band allocated to this service in such a way that, taking account of the frequency band assigned to a station, no harmful interference is caused to services to which frequency bands immediately adjoining are allocated." Therefore, WSD indeed, even necessarily, should be applied to band management and revolution of ICT industry. Moreover, Central Regulation Standard Act Article 5 (embodied the principle of constitutional requirement of a specific enactment) also requires, "The following objects shall be stipulated by a statute: 1. It is required to stipulate by a statute as the Constitution or a statue expressly stipulated. 2. Stipulation concerns the rights or obligations of the people. 3. Stipulation concerns the organization of a government agency at national level. 4. Other objects with substantial importance shall be stipulated by a statute." The Legislative Yuan must consider to promote the status of Administrative Regulations on Radio Waves to Statue, which conforms to Constitutional requirement. To sum up, Taiwan administration should take white space seriously, or ICT in Taiwan will be doomed as if getting lost in "space". 9. ad hoc Conclusion :Do not lock the door of white space "Open access" is the most important canon in the usage of white space. In this meaning, there are two dimensions for open access. One is unlicensed band-usage, the other is unlicensed WSD which is also unlicensed and interlocks into different operators’ networks. The later is a big task in America. FCC’s decision was contested by the TV broadcasters who fear using the freed channels would interfered with TV signals and live singers who are using the same wave spaces.22 Larry Page also argued that unlicensed white spaces offer a way for the U.S. to catch up with the rest of the world in broadband access. Today, 10% of Americans still don't have access to DSL or cable broadband, according to consultancy Parks Associates. Fortunately, the first steps towards white space communications have already been taken and FCC has approved unlicensed use of the spectrum, but FCC requires a database of all known licensed users to be deployed in order to prevent from interfering with the existing broadcasts and devices already using the space, such as licensed TV broadcasts and some wireless microphones The second dimension is unlicensed WSD to compatible different network architecture. At first, the unlicensed devices must fit the criterion which could guarantee that they will not interfere with assigned broadcasts can use the empty white spaces in frequency spectrum. In order not to harm nearby transmission, the best way is to set a standard for WSD in one network built by certain operator. For example, if WSD users want to connect to Verizon Wireless’ network, s/he has to buy/use Verizon Wireless’ WSD. However, out of Verizon Wireless’ network, WSD users have to purchase/use another WSD. It will be inconvenient and raise the cost, but quench people’s desire to use WSD. As a result, FCC issued the R&O to prevent devices-locked, so-called "discriminatory QoS", from deploying the white space proposal. Accordingly, the mandatory rule indeed slows down the innovation of WSD. Obviously, unlicensed use of the vacant TV channels is an economic and social revival waiting to happen in rural areas. In addition, white/interleaved space will manage to fit the core principle of modern spectrum-development, "collective and effective use". There are so many merits to share the "dividend", but at this time, we are still far away the real "white space". The situation in Taiwan is much worse unfortunately. 1.See FCC official document,http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-293891A1.pdf (last visited 03/05/2010) 2.OFDMA is a multi-user version of the popular Orthogonal frequency-division multiplexing (OFDM) digital modulation scheme. Multiple access is achieved in OFDMA by assigning subsets of subcarriers to individual users. This allows simultaneous low data rate transmission from several users. 3.See Final Acts of the Regional Radio-communication Conference for planning of the digital terrestrial broadcasting service in parts of Regions 1 and 3, in the frequency bands 174-230 MHz and 470-862 MHz (RRC-06). 4.In the United States, the abandoned television frequencies are primarily in the upper UHF "700-megahertz" band, covering TV channels 52 to 69 (698 to 806 MHz). 5.See http://spectrumbridge.com/web/images/pdfs/smart_city-spectrumbridge.pdf visited on 2010/2/27. 6.http://spectrumbridge.com/web/ 7.See http://showmywhitespace.com/portals/1/Spectrum%20Bridge%20Launches%20White%20Spaces%20Network%20In%20Wilmington-New%20Hanover%20County.pdf visited on 2010/2/27. 8.The group includes Microsoft, Google, Dell, HP, Intel, Philips, Earthlink, and Samsung Electro-Mechanics. 10.The standardization is another crucial issue but will not be discussed in detail hereunder. 11.In February 2009, Google joined Comsearch, Dell, HP, Microsoft, Motorola, and Neustar to form the White Spaces Database Working Group (WSDG), an effort to build such a database.. 12.Actually, the database host will know where users are and the kit they're using, both of which are commercially valuable pieces of information. Google thinks that data will pay for the database, and Google is very good at extracting value from information; but even if it can't turn white space into gold, it will have five years to drive the competition out of business. 13.See generally Google’s proposal to FCC, http://www.scribd.com/doc/24784912/01-04-10-Google-White-Spaces-Database-Proposal visited on 2010/2/28. 14.Specifying clearly, the main mechanism of CR is including, but not limited to DSA. 15.Evolution of Cognitive Radio toward Cognitive Networks is under process, in which Cognitive Wireless Mesh Network (i.e. Cog-Mesh) is considered as one of the enabling candidates aiming at realizing this paradigm change. 16.Test conducted in the rural sector west of Ottawa, Canada. See C. R. Stevenson, G. Chouinard, W. Caldwell,Tutorial on the P802.22.2 PAR for :"Recommended Practice for the Installation and Deployment of IEEE 802.22 Systems," IEEE802, San Diego, CA, 7/17/06 http://grouper.ieee.org/groups/802/802_tutorials/july06/Rec-Practice_802.22_Tutorial.ppt. 17.United for Local Television ("ULTV") is a coalition of groups and campaigners who together lobby the government to recognize local TV as a public service. ULTV argues that all citizens should have access to local TV, no matter where they live, without having to subscribe to pay-TV or broadband. ULTV proposes that the government reserve capacity for local TV services on the most popular television platform in the UK today – digital terrestrial television (commonly known as "Freeview"). ULTV anticipates that local TV channels will provide local news and sport, together with a range of other local and networked programming. ULTV envisages local TV services would also provide local advertising, for the first time offering a cost-effective option for many local businesses seeking to advertise on terrestrial TV in their target market. 18.See Second Report and Order and Memorandum Opinion and Order In the Matter of Unlicensed Operation in the TV Broadcast Bands, Additional Spectrum for Unlicensed Devices Below 900 MHz and in the 3 GHz Band, Federal Communication Commission, Document 08-260, Nov. 14, 2008. 19.In detail, the FCC distinguished fixed WSD from portable one. There are different restrictions and requirements between them. 20.See http://ita.ucsd.edu/workshop/09/files/paper/paper_1500.pdf visited on 2010/2/20. 21.See http://www.digitalmediabuzz.com/2010/03/broadband-debate-white-space/ visited on 2010/3/17. 22.See http://lasarletter.net/docs/nabpet4review.pdf visited on 2010/2/25.

A Survey of Taiwanese Citizens' Awareness of Personal Data 2025/05/14 I.Preface Recent discussions have centered on personal data issues, such as corporate data breaches and recurring incidents of fraud. As a result, the security of personal data has received growing emphasis, prompting relevant authorities to issue public statements and advocate for legislative responses. To facilitate a deeper understanding of personal data awareness among the citizens of our nation, this study employed a questionnaire survey to assess basic knowledge of the Personal Data Protection Act and privacy regulations. It also examined levels of trust in entities that may hold personal data, including their types and usage contexts. The objective is to explore public attitudes toward such entities and to analyze the demographic factors influencing personal data awareness, thereby providing a reference for the future development of mechanisms to strengthen data literacy and enhance public trust. II.Research Objectives and Methodology By identifying demographic groups with lower awareness of personal data issues and helping them clarify relevant concepts, and promoting personal data certification for entities with lower levels of public trust, this study aims to reduce public concerns and build greater confidence. It also examines the characteristics of entities that positively influence individuals’ willingness to share personal data, with the goal of guiding such organizations in strengthening their data protection practices. Ultimately, these improvements are expected to enhance public trust and support the effective enforcement of personal data protection. The study employed a stratified random sampling method, with data collected via phone interviews. A total of 1,180 valid responses were obtained. The following sections present the key findings and offer recommendations based on the analysis. III.Raising Awareness and Clarifying Personal Data Concepts When assessing public understanding of basic personal data issues, responses showed a clear divide. While around 90% correctly answered questions about email account handling and the legal responsibilities of public sector agencies under the Personal Data Protection Act (PDPA), accuracy fell to around 10% for more complex scenarios. For example, many were unsure whether journalists covering car accidents need to notify involved individuals or whether telecom operators can transfer data to countries lacking equivalent PDPA protection. These results suggest that while some concepts are well understood, overall knowledge of the PDPA remains limited. Public understanding of sensitive personal data was also generally low. Except for medical records, recognition rates for other sensitive data types remained below 10%. On the other hand, many respondents mistakenly labeled general personal data as sensitive, showing both a lack of familiarity and a heightened sense of caution about data privacy among certain groups. Further analysis found elders, people with lower education and income, and those working in manual or domestic roles had a weaker grasp of what constitutes sensitive personal data. In contrast, individuals with higher education levels or professional roles tended to misclassify general data as sensitive, indicating stronger personal data protection awareness but also some confusion. Based on these findings, targeted awareness campaigns are recommended for groups with lower levels of understanding. These should not only clarify the definition of sensitive personal data but also address common misconceptions to help people develop a clearer and more accurate view of personal data protections under the PDPA. The study also found that people's answers could be used to identify patterns in their awareness. Correct answers indicated familiarity with personal data concepts, while incorrect ones often stemmed either from a lack of knowledge or from a more cautious and security-conscious mindset. Future research might explore this divide further to provide more specific policy recommendations. IV.Addressing Trust Gaps: Promoting Certification for Less-Trusted Entities In terms of public trust in different types of entities, medical institutions emerged as the most trusted. Trust levels varied by demographic group—women and elders, for example, had more confidence in academic institutions; people with lower incomes trusted health management centers or long-term care facilities more; and manual laborers and service workers were more likely to trust government agencies. In contrast, the least trusted entities were online shopping platforms, wearable device manufacturers, and health management tool providers. Even though online shopping is common, people still worry about how these platforms handle personal data. Similarly, despite the growing popularity of wearable health devices, skepticism about how these companies use data remains high. People aged 30–49, those with higher levels of education, and higher incomes were less likely to trust these companies. This supports earlier findings showing that these groups are more aware of personal data security issues. Therefore, efforts to improve trust should focus on less trusted entities and promote the adoption of personal data protection certifications. V.Building Trust through Personal Information Management System The study also looked at what specific organizational features increase public trust. These can be grouped into three categories: certification, type of entity, and size. The certification of personal data protection standards played a key role. Many people expressed more trust in entities that have earned formal personal data protection certifications, especially those bearing nationally recognized seals or certifications. Younger people, those with higher levels of education or income, professionals and students were especially likely to view certification as important. As for type of entity, most respondents expressed greater trust in domestic Taiwanese enterprises, and this preference was more pronounced among people with higher education. Meanwhile, companies linked to China or with Chinese investment backgrounds tended to be viewed with less trust. Interestingly, older respondents were less affected by organizational origin in their willingness to share personal data. When it came to size of the entity, over half of the respondents indicated they were more likely to trust larger companies. Younger, more educated, and higher-income individuals were especially inclined to trust larger entities. Occupations such as students, technical workers, administrative staff, and service workers also showed a similar tendency. To summarize, entities that are certified in personal data protection, are based in Taiwan, and are relatively large tend to earn greater public trust. Since an entity's type and size are often fixed, it is recommended that efforts focus on obtaining recognized personal data protection certifications. For entities currently lacking public trust or facing scrutiny, adopting standards like the Taiwan Personal Information Protection and Administration System (TPIPAS) and running public education campaigns may help to improve trust and meet the goals of personal data security and protection.