學術產出-Theses
Article View/Open
Publication Export
-
題名 Open banking 涉及之個人資料保護問題
Personal Data Protection Issues among Open Banking作者 林旻
Lin, Angela貢獻者 宋皇志
Sung, Huang-Chih
林旻
Lin, Angela關鍵詞 金融科技
開放銀行
開放API
個人資料保護
消費者資料權
FinTech,
Open banking
Open API
Personal Data Protection
Consumer Data Right
PSD2
GDPR日期 2020 上傳時間 2-Mar-2020 11:35:51 (UTC+8) 摘要 資訊科技的進步,令消費者個人資料之價值由於資料得以被運用在各式各樣的 金融科技而大幅提高,過去視客戶資料為商業機密之銀行,也逐漸願意、或者被迫開 放其持有之資料,成為開放銀行(Open banking)生態系統中的一員。即便開放銀行 目前在大部份的司法管轄區仍處於起步階段,其已經成為全球銀行業的趨勢。Open banking的出現是銀行的機會,同時也是銀行的挑戰:其帶來更多創新產 品服務的可能,同時,銀行在個人資料保護以及資訊安全基礎設施上亦須投入大量成 本,避免在未經消費者同意利用其個人資料或是大規模消費者個人資料洩漏之情形, 造成不可回復之損害。不論是消費者害怕個人資料保護不夠周全,抑或是銀行與TPP 間之責任歸屬未明確釐清,都將有礙此種的新型態生態系統持續發展。本論文聚焦於銀行利用API分享資料給第三方服務提供商的Open banking商業 模式,個人資料保護之部分則以歐盟之GDPR為重點,探討Open banking法制以及 GDPR兩者重疊之處如何調和,以及Open banking實際運作上,銀行及TPP應採取何種 適當手段以符合個人資料保護法。並藉由回顧奧地利ING-DiBa Direktbank以及德國銀 行產業委員會的兩個案例,探討Open banking概念發展歷程中,對於金融業產品服務 創新以及個人資料保護取得平衡的兩難。最後,本論文以國外Open banking政策及法 制為借鏡,針對我國正在發展的Open banking制度提供建議,使我國銀行與TPP在發 生Open banking相關個人資料保護爭議時,有兼顧消費者保障及責任分擔明確之治理 模式得以遵循。
As information technology develops rapidly, the applications of consumers’ personal data on financial technologies diversify significantly. This has given rise to the value of consumers’ personal data. Banks that used to see their clients’ financial data as classified trade secrets, whether it’s due to regulations or as a result of their business strategies, have also become more willing to share data with third party service providers in order to become a member of the Open banking system. Though Open banking is still in an embryonic stage in most jurisdictions, it has become an emerging global trend in recent years within the Banking industry.For traditional banks, Open banking brings opportunities for financial innovation, but it also brings about challenges regarding data protection. Open banking introduces more possibilities for innovation of financial products and services. However, this also indicates that banks shall devote themselves to establish information security infrastructure to avoid processing of personal data without client consent or to prevent personal data leakage. These are both problems that may cause irreversible damage to consumers. Customers’ growing awareness of data protection and unclarified responsibilities between banks and TPPs will also hinder the development of the Open banking ecosystem.The object of this study is to provide strategies given current circumstances that comply with personal data protection law for banks and TPPs. Furthermore, this dissertation also proposes some advice related to personal data protection for the Taiwanese government during the development of Open banking. By reviewing the regulations and the reconciling PSD2 and GDPR, some strategies are made to help clarify the responsibility between banks and TPPs, at the same time enhancing protection of consumers’ data.參考文獻 一、中文文獻(一)期刊1.李智仁(2005),日本金融隱私權保障規範之發展--兼論我國面臨之問題與對策,國立中正大學法學集刊,第19期,頁1-70。2.臧正運(2019),從國際發展趨勢論我國推動開放銀行應有之思考,金融聯合徵信,第34期,2019年6月,頁4-12。(二)網路資源1.HKMA,香港銀行業開放API的實施階段,https://www.hkma.gov.hk/chi/key-functions/international-financial-centre/fintech/open-application-programming-interface-api-for-the-banking-sector/phase-approach/ (最後瀏覽日:2019年11月19日)。2.王宏仁,2019年,「臺灣Open Banking銀行實例:華南銀行」數位轉型從開放銀行做起華南要靠開放API擴大異業結盟,iThome,https://www.ithome.com.tw/news/133685。3.王宏仁,2019年,【開放銀行特別報導】跨海專訪英國Open Banking推手:英國開放銀行有成,API呼叫破億次觸及99%全英金融市場,iThome, https://www.ithome.com.tw/news/133675。4.周霈翎,2019年,揭開開放銀行面紗,聯合新聞網, https://udn.com/news/story/6877/3864429。5.麻布記帳,2019年,首家與20家銀行串接API的金融帳務整合服務誕生,「Moneybook麻布記帳」成功與20家銀行串接API, https://blog.moneybook.com.tw/2019/10/16/%e9%a6%96%e5%ae%b6%e8%88%8720%e5%ae%b6%e9%8a%80%e8%a1%8c%e4%b8%b2%e6%8e%a5api%e7%9a%84%e9%87%91%e8%9e%8d%e5%b8%b3%e5%8b%99%e6%95%b4%e5%90%88%e6%9c%8d%e5%8b%99%e8%aa%95%e7%94%9f%ef%bc%8c%e3%80%8cmoneyb/ 。二、外文文獻(一)書籍與專書論文1.Jelena Madir, 2019. FinTech: Law and Regulation, Cheltenham: Edward Elgar Publishing Limitred.2.Anna Omarini, 2015. Retail Banking: Business Transformation and Competitive Strategies for the Future. London: Palgrave MacMillan Publishers.3.Blakstad S. and Allen R., 2018, New Standard Models for Banking. Pp 147- 166 in: FinTech Revolution, edited by Blakstad S. and Allen R., Cham: Palgrave MacMillan Publishers.4.Ryan Mitchell, 2015, Web Scraping with Python: collecting data from the modern web. CA: O`Reilly Media.(二)期刊論文1.Anjan V. Thakor, 2019, Fintech and Banking: What Do We Know, Journal of Financial Intermediation. https://doi.org/10.1016/j.jfi.2019.1008332.Anna Omarini, 2018, Banks and Fintechs: How to Develop a Digital Open Banking Approach for the Bank’s Future, International Business Research 11(9):23-36.3.Arner, D. W., Barberis, J., & Buckley, R. P, 2015, The evolution of Fintech: A new post-crisis paradigm, Georgetown Journal of International Law 47:1271-1320.4.Cortet Mounaim, Rijks Tom & Nijland Shikko, 2016, PSD2: The digital transformation accelerator for banks, Journal of Payments Strategy & Systems 10(1):13-27.5.Hallam Stevens, 2019, Open data, closed government: Unpacking data.gov.sg, First Monday 24(4).6.Jeffrey Kenneth Hirschey, 2014, Symbiotic Relationships: Pragmatic Acceptance of Data Scraping, Berkeley Technology Law Journal 29:897-928.7.Neyer Gene, 2017, ‘Mobile First’ will become ‘API First’ — PSD2: Changing banking as we know it, Journal of Digital Banking 2(2):171-178.(三)研究報告1.Basel Committee on Banking Supervision, 2018, Bank for International Settlements, Sound Practices: Implications of Fintech Developments for Banks and Bank Supervisors.2.Basel Committee on Banking Supervision, 2019, Report on open banking and application programming interfaces.3.Capgemini & Efma, 2019, World Fintech Report 2019. Retrieve from https://www.capgemini.com/es-es/wp-content/uploads/sites/16/2019/06/World-FinTech-Report-WFTR-2019_Web.pdf4.Consumers International, 2017, Banking on the Future: An Exploration of Fintech and the Consumer Interest.5.Financial Stability Board, 2017, Financial Stability Implications from FinTech, Supervisory and Regulatory Issues that Merit Authorities’ Attention.6.KPMG, 2019, PSD2 and Open Banking: Revolution or evolution.7.KPMG, 2019, The future of banking Hong Kong Banking Report 2019.8.PwC, 2018, The future of banking is open - how to seize the Open Banking opportunity.9.PwC, 2018, What is Fintech.10.Thomas I. Palley, 2007. Financialization: What It Is and Why It Matters Working Papers wp153, Political Economy Research Institute, University of Massachusetts at Amherst.(四)司法裁判1.Case C‑191/17 Bundeskammer für Arbeiter und Angestellte v ING-DiBa Direktbank Austria Niederlassung der ING-DiBa AG, ECLI:EU:C:2018:809.2.Case C-41/90 Höfner and Elser v Macrotron, ECLI:EU:C:1991:161.3.Joined Cases C-293/12 and C-594/12 Digital Rights Ireland and Seitlinger and Others, ECLI:EU:C:2014:238.4.Joined Cases C-203/15 and C-698/15 Tele2 Sverige AB and Secretary of State for the Home Department, ECLI:EU:C:2016:970.(五)政府機關文獻1.ACCC, 2018, CDR Rules Outline.2.ACCC, 2019, Consumer Data Right Supplementary accreditation guidelines: insurance.3.ACCC, 2019, CDR draft accreditation guidelines.4.Article 29 Data Protection Working Party, Guidelines on Consent under Regulation 2016/679.5.Consumer Financial Protection Bureau, 2017, Consumer Protection Principles: Consumer-Authorized Financial Data Sharing and Aggregation.6.Council of the European Union, 2019, Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications). Retrieve from https://data.consilium.europa.eu/doc/document/ST-12633-2019-INIT/en/pdf.7.EBA Working Group on Electronic Alternative Payments, 2016, Understanding the business relevance of Open APIs and Open Banking for banks. Retrieve from https://www.abe-eba.eu/media/azure/production/1522/business-relevance-of-open-apis-and-open-banking-for-banks.pdf8.European Banking Authority, 2017, Guidelines on the criteria on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee under Article 5(4) of Directive (EU) 2015/2366 (PSD2).9.European Banking Authority, 2018, Opinion of the European Banking Authority on the implementation of the RTS on SCA and CSC.10.ECN SUBGROUP Banking and Payments, 2012, INFORMATION PAPER ON COMPETITION ENFORCEMENT IN THE PAYMENTS SECTOR. Retrieve from https://ec.europa.eu/competition/sectors/financial_services/information_paper_payments_en.pdf (last visited:2019/11/26).11.European Banking Authority, 2019, Opinion of the European Banking Authority on the elements of strong customer authentication under PSD2.12.European Commission, 2013, Proposal for a directive of the European parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/UE and 2009/110/EC and repealing Directive 2007/64/EC and Proposal for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions. Retrieve from: https://eur-lex.europa.eu/resource.html?uri=cellar:906ed6d3-f509-11e2-a22e-01aa75ed71a1.0001.04/DOC_2&format=PDF (last visited: 2019/11/27).13.European Commission, 2019, Frequently Asked Questions: Making electronic payments and online banking safer and easier for consumers.14.European Data Protection Board, 2018, PSD2 Letter. Retrieve from https://edpb.europa.eu/sites/edpb/files/files/news/psd2_letter_en.pdf (last visited: 2019/11/18).15.European Data Protection Supervisory, 2014, Guidelines on Data Protection in EU Financial Services Regulation, at 15.16.HKMA, 2018, Open API Framework for the Hong Kong Banking Sector.17.JBA Review Committee on Open APIs, 2017, Report of Review Committee on Open APIs: Promoting Open Innovation. Retrieve from : https://www.zenginkyo.or.jp/fileadmin/res/news/news290713_3.pdf (last visited: 2019/11/18 ).18.MAS &ABS, 2016, Finance-as-a-Service: API Playbook.19.Murray, 2014, Financial System Inquiry Final Report.20.OBWG, 2016, Open Banking Standard.21.ODI & Fingleton Associates, 2014, Data Sharing and Open Data for Banks A report for HM Treasury and Cabinet Office.22.Open Banking Ltd, 2018, Open Banking Guidelines for Open Data Participants.23.Open Banking Ltd, 2018, Open Banking Guidelines for Read/Write Participant24.Open Data Institute, 2016, Introducing the Open Banking Standard: Helping customers, banks and regulators take banking into a truly 21st-century, connected digital economy.25.Open Data Institute & Fingleton, 2019, Open Banking Preparing for lift off.26.Productivity Commission, 2017, Data Availability and Use.27.Professor ian Harper, Peter Anderson, Su Mccluskey & Michael o’Bryan Qc, 2015, Competition Policy Review Final Report.28.The European Banking Federation, 2016, Guidance for implementation of the revised Payment Services Directive.29.The parliament of the commonwealth of Australia, 2019, Explanatory memorandum of Treasury Laws Amendment (Consumer Data Right) Bill 2019.30.The Treasury of Australian government, 2019, Consumer Data Right Overview.31.The Treasury of Australian government, 2019, Explanatory materials of Treasury Laws Amendment (Consumer Data Right) Bill 2019. Retrieve from https://treasury.gov.au/sites/default/files/2019-06/t364234-explanatory-materials.docx (last visited: 2019/11/20).32.日本金融庁,2019年,電子決済等代行業者の登録申請時の留意事項等。33.金融審議会,2016年,金融制度ワーキング・グループ報告 ―オープン・イノベーションに向けた制度整備について―。34.首相官邸,2019年,産官協議会「FinTech/キャッシュレス化」第1回議事要旨。搜尋自:http://www.kantei.go.jp/jp/singi/keizaisaisei/miraitoshikaigi/sankankyougikai2019/fintech/dai1/gijiyousi.pdf(最後瀏覽日:2019/12/1)。(六)網路資料1.Alberto Di Felice, 2019, Study of proposal for an ePrivacy Regulation, https://www.digitaleurope.org/resources/study-of-proposal-for-an-eprivacy-regulation/.2.Arpan, 2012, Data Scraping vs. Data Crawling, PROMPT CLOUD, https://www.promptcloud.com/blog/data-scraping-vs-data-crawling/.3.Bird & Bird, 2018, The CJEU provides clarity on the definition of a "payment account", https://www.twobirds.com/en/news/articles/2018/global/the-cjeu-provides-clarity-on-the-definition-of-a-payment-account.4.Bundeskartellamt, 2016, Restriction of online payment services by German banking industry in violation of competition law, https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2016/05_07_2016_Sofort%C3%BCberweisung.html.5.CMA, 2014, Personal current account and small business banking face full competition investigation, https://www.gov.uk/government/news/personal-current-account-and-small-business-banking-face-full-competition-investigation.6.CMA, 2016, Retail banking market investigation: overview, https://www.gov.uk/government/publications/retail-banking-market-investigation-overview.7.Data.gov.sg, https://data.gov.sg/about.8.DBS, 2017, Reimagining banking, DBS launches world’s largest banking API developer platform, https://www.dbs.com/newsroom/Reimagining_banking_DBS_launches_worlds_largest_banking_API_developer_platform9.Deloitte, PSD2 and GDPR – Harmony or Dissonance?, https://www2.deloitte.com/cz/en/pages/legal/articles/psd2-a-gdpr-harmonie-ci-disonance.html (last visited: 2019/11/18).10.EBA, 2018, Consent for the provision of PIS and AIS, https://eba.europa.eu/single-rule-book-qa/-/qna/view/publicId/2018_4309.11.EBA, 2019, EBA goes live with its central register of payment and electronic money institutions under PSD2, https://eba.europa.eu/eba-goes-live-with-its-central-register-of-payment-and-electronic-money-institutions-under-psd2.12.Eileen Yu, 2017, Singapore government assures SingPass-MyInfo will stay secure, https://www.zdnet.com/article/singapore-government-assures-singpass-myinfo-will-stay-secure/.13.European Data Protection Supervisory, The History of the General Data Protection Regulation, https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en# (last visited:2019/11/27).14.FCA, Account Information & Payment Initiation Service Providers, https://register.fca.org.uk/shpo_searchresultspage?preDefined=AIPISP&TOKEN=3wq1nht7eg7tr (last visited: 2019/11/27).15.Finextra, 2019, Open Banking vs. Screen Scraping: looking ahead in 2019, https://www.finextra.com/blogposting/16494/open-banking-vs-screen-scraping-looking-ahead-in-2019.16.Finextra, 2019, Working with Technical Service Providers under PSD2, https://www.finextra.com/blogposting/17686/working-with-technical-service-providers-under-psd2.17.GDPR Enforcement Tracker, https://www.enforcementtracker.com/.18.GoCardless, 2017, Screen scraping 101: Who, What, Where, When?, https://openbankinghub.com/screen-scraping-101-who-what-where-when-f83c7bd96712.19.HKMA, 2019, Open API Framework for the Banking Sector: One year on, https://www.hkma.gov.hk/eng/news-and-media/press-releases/2019/07/20190731-3/#2.20.Innopay, PSD2 licensing: solving the puzzle of becoming a Third Party Provider, https://www.innopay.com/en/publications/psd2-becoming-a-third-party-provider(last visited: 2019/11/27).21.John Wagnon, 2013, Web Scraping-DataCollection or Ilegal Activity, DEVCENTRAL, https://devcentral.f5.com/s/articles/web-scraping-data-collection-or-illegal-activity.22.Kwok Quek Sin, 2019, Inside Singapore’s National Digital Identity programme, https://www.techradar.com/news/inside-singapores-national-digital-identity-programme.23.Lester Hio, 2017, MyInfo access extended to local businesses, https://www.straitstimes.com/singapore/myinfo-access-extended-to-local-businesses.24.MAS, Financial Industry API Register, https://www.mas.gov.sg/development/fintech/financial-industry-api-register (last visited:2019/11/19).25.MAS, Fintech and Innovation Group, https://www.mas.gov.sg/who-we-are/Organisation-Structure/Fintech-and-Innovation (last visited: 2019/11/12).26.Niels Vandezande, 2019, Reconciling Consent in PSD2 and GDPR, https://thepaypers.com/expert-opinion/reconciling-consent-in-psd2-and-gdpr/777976.27.Norman T.L. Chan, 2017, A New Era of Smart Banking, https://www.hkma.gov.hk/eng/news-and-media/speeches/2017/09/20170929-1.28.Open Banking Ltd, About us, https://www.openbanking.org.uk/about-us/ (last visited: 2019/11/5).29.Open Banking Ltd, Open Banking APIs Performance, https://www.openbanking.org.uk/providers/account-providers/api-performance/ (last visited: 2019/11/11).30.Open Banking Ltd, Website Glossary, https://www.openbanking.org.uk/about-us/glossary/ (last visited: 2019/11/11).31.Open Banking Ltd, What is Open Banking? , https://www.openbanking.org.uk/customers/what-is-open-banking/ (last visited: 2019/11/11).32.Open Data Institute, About the ODI, https://theodi.org/about-the-odi/ (last visited: 2019/11/5).33.Open Data Institute, Projects and services, https://theodi.org/project/open-banking-setting-a-standard-and-enabling-innovation/ (last visited: 2019/11/5).34.Orenstein D., 2000, Quick Study: Application Programming Interface (API). https://www.computerworld.com/article/2593623/application-programming-interface.html35.Sean Creehan and Paul Tierno, 2019, The Slow Introduction of Open Banking and APIs in Japan, https://www.frbsf.org/banking/asia-program/pacific-exchanges-podcast/open-banking-apis-japan/.36.Sing Pass, About us, https://www.singpass.gov.sg/singpass/common/aboutus.37.Smart Nation Singapore, 2014, Transcript of speech by speech by prime minister Lee Hsien Loong at smart nation launch, https://www.smartnation.sg/whats-new/speeches/smart-nation-launch/.38.STET, PSD2 API V1.4, https://www.stet.eu/en/psd2/.39.The Berlin Group, https://www.berlin-group.org/psd2-access-to-bank-accounts.40.The finance, 2017, 改正銀行法で何が変わる? オープンAPIとFinTechの推進, https://thefinance.jp/law/170906.41.The Treasury of Australian government, Consumer Data Right, https://treasury.gov.au/consumer-data-right.42.日本金融庁,2019,電子決済等代行業を営むみなさまへ,https://www.fsa.go.jp/common/shinsei/dendai/index.html。 描述 碩士
國立政治大學
科技管理與智慧財產研究所
106364218資料來源 http://thesis.lib.nccu.edu.tw/record/#G0106364218 資料類型 thesis dc.contributor.advisor 宋皇志 zh_TW dc.contributor.advisor Sung, Huang-Chih en_US dc.contributor.author (Authors) 林旻 zh_TW dc.contributor.author (Authors) Lin, Angela en_US dc.creator (作者) 林旻 zh_TW dc.creator (作者) Lin, Angela en_US dc.date (日期) 2020 en_US dc.date.accessioned 2-Mar-2020 11:35:51 (UTC+8) - dc.date.available 2-Mar-2020 11:35:51 (UTC+8) - dc.date.issued (上傳時間) 2-Mar-2020 11:35:51 (UTC+8) - dc.identifier (Other Identifiers) G0106364218 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/128981 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 科技管理與智慧財產研究所 zh_TW dc.description (描述) 106364218 zh_TW dc.description.abstract (摘要) 資訊科技的進步,令消費者個人資料之價值由於資料得以被運用在各式各樣的 金融科技而大幅提高,過去視客戶資料為商業機密之銀行,也逐漸願意、或者被迫開 放其持有之資料,成為開放銀行(Open banking)生態系統中的一員。即便開放銀行 目前在大部份的司法管轄區仍處於起步階段,其已經成為全球銀行業的趨勢。Open banking的出現是銀行的機會,同時也是銀行的挑戰:其帶來更多創新產 品服務的可能,同時,銀行在個人資料保護以及資訊安全基礎設施上亦須投入大量成 本,避免在未經消費者同意利用其個人資料或是大規模消費者個人資料洩漏之情形, 造成不可回復之損害。不論是消費者害怕個人資料保護不夠周全,抑或是銀行與TPP 間之責任歸屬未明確釐清,都將有礙此種的新型態生態系統持續發展。本論文聚焦於銀行利用API分享資料給第三方服務提供商的Open banking商業 模式,個人資料保護之部分則以歐盟之GDPR為重點,探討Open banking法制以及 GDPR兩者重疊之處如何調和,以及Open banking實際運作上,銀行及TPP應採取何種 適當手段以符合個人資料保護法。並藉由回顧奧地利ING-DiBa Direktbank以及德國銀 行產業委員會的兩個案例,探討Open banking概念發展歷程中,對於金融業產品服務 創新以及個人資料保護取得平衡的兩難。最後,本論文以國外Open banking政策及法 制為借鏡,針對我國正在發展的Open banking制度提供建議,使我國銀行與TPP在發 生Open banking相關個人資料保護爭議時,有兼顧消費者保障及責任分擔明確之治理 模式得以遵循。 zh_TW dc.description.abstract (摘要) As information technology develops rapidly, the applications of consumers’ personal data on financial technologies diversify significantly. This has given rise to the value of consumers’ personal data. Banks that used to see their clients’ financial data as classified trade secrets, whether it’s due to regulations or as a result of their business strategies, have also become more willing to share data with third party service providers in order to become a member of the Open banking system. Though Open banking is still in an embryonic stage in most jurisdictions, it has become an emerging global trend in recent years within the Banking industry.For traditional banks, Open banking brings opportunities for financial innovation, but it also brings about challenges regarding data protection. Open banking introduces more possibilities for innovation of financial products and services. However, this also indicates that banks shall devote themselves to establish information security infrastructure to avoid processing of personal data without client consent or to prevent personal data leakage. These are both problems that may cause irreversible damage to consumers. Customers’ growing awareness of data protection and unclarified responsibilities between banks and TPPs will also hinder the development of the Open banking ecosystem.The object of this study is to provide strategies given current circumstances that comply with personal data protection law for banks and TPPs. Furthermore, this dissertation also proposes some advice related to personal data protection for the Taiwanese government during the development of Open banking. By reviewing the regulations and the reconciling PSD2 and GDPR, some strategies are made to help clarify the responsibility between banks and TPPs, at the same time enhancing protection of consumers’ data. en_US dc.description.tableofcontents 第一章 緒論 1第一節 研究動機與目的 1第二節 研究方法 2第三節 研究範圍與限制 3第四節 論文架構 4第二章 開放銀行(Open banking)概述 6第一節 金融科技崛起 6第一項 金融科技定義及其三個發展階段 6第二項 金融科技對銀行產業之影響 9第三項 Open banking 作為一種因應金融科技變革的手段? 11第二節 Open banking 簡介 12第一項 Open banking 概念及銀行分享資料之方式 12第二項 Open banking 生態系統之參與者 19第三項 Open banking 之機會與挑戰 20第三章 比較法分析:類型化各國 Open banking 25第一節 強制銀行開放資料 25第一項 歐盟 25第二項 英國 34第三項 小結 42第二節 強制開放:立法明定資料所有權屬於消費者 44第一項 澳洲 44第二項 小結 52第三節 業者自律模式 53第一項 新加坡 53第二項 香港 60第三項 日本 64第四節 本章結論 71第四章 Open banking 之個人資料保護 72第一節 金融資料保護之重要性 72第二節 歐盟個人資料保護架構 74第一項 GDPR 74第二項 其他與個人金融資料有關之資料保護規範 81第三項 小結 83第三節 Open banking 法制與資料保護法規之調和 85第一項 受規範資料之範圍 85第二項 同意 86第三項 個人資料的處理 89第四項 沉默方資料之處理(Silent Party Data Processing) 90第五項 小結 91第四節 Open banking 與個人資料問題相關案例 92第一項 付款帳戶之範圍——奧地利 ING-DiBa Direktbank 案 92第二項 分享 PIN 和 TAN 給第三方提供商——德國銀行產業委員會案 94第五章 結論與建議 97第一項 本文結論 97第二項 本文建議 98第六章 參考書目 101 zh_TW dc.format.extent 2419913 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0106364218 en_US dc.subject (關鍵詞) 金融科技 zh_TW dc.subject (關鍵詞) 開放銀行 zh_TW dc.subject (關鍵詞) 開放API zh_TW dc.subject (關鍵詞) 個人資料保護 zh_TW dc.subject (關鍵詞) 消費者資料權 zh_TW dc.subject (關鍵詞) FinTech, en_US dc.subject (關鍵詞) Open banking en_US dc.subject (關鍵詞) Open API en_US dc.subject (關鍵詞) Personal Data Protection en_US dc.subject (關鍵詞) Consumer Data Right en_US dc.subject (關鍵詞) PSD2 en_US dc.subject (關鍵詞) GDPR en_US dc.title (題名) Open banking 涉及之個人資料保護問題 zh_TW dc.title (題名) Personal Data Protection Issues among Open Banking en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) 一、中文文獻(一)期刊1.李智仁(2005),日本金融隱私權保障規範之發展--兼論我國面臨之問題與對策,國立中正大學法學集刊,第19期,頁1-70。2.臧正運(2019),從國際發展趨勢論我國推動開放銀行應有之思考,金融聯合徵信,第34期,2019年6月,頁4-12。(二)網路資源1.HKMA,香港銀行業開放API的實施階段,https://www.hkma.gov.hk/chi/key-functions/international-financial-centre/fintech/open-application-programming-interface-api-for-the-banking-sector/phase-approach/ (最後瀏覽日:2019年11月19日)。2.王宏仁,2019年,「臺灣Open Banking銀行實例:華南銀行」數位轉型從開放銀行做起華南要靠開放API擴大異業結盟,iThome,https://www.ithome.com.tw/news/133685。3.王宏仁,2019年,【開放銀行特別報導】跨海專訪英國Open Banking推手:英國開放銀行有成,API呼叫破億次觸及99%全英金融市場,iThome, https://www.ithome.com.tw/news/133675。4.周霈翎,2019年,揭開開放銀行面紗,聯合新聞網, https://udn.com/news/story/6877/3864429。5.麻布記帳,2019年,首家與20家銀行串接API的金融帳務整合服務誕生,「Moneybook麻布記帳」成功與20家銀行串接API, https://blog.moneybook.com.tw/2019/10/16/%e9%a6%96%e5%ae%b6%e8%88%8720%e5%ae%b6%e9%8a%80%e8%a1%8c%e4%b8%b2%e6%8e%a5api%e7%9a%84%e9%87%91%e8%9e%8d%e5%b8%b3%e5%8b%99%e6%95%b4%e5%90%88%e6%9c%8d%e5%8b%99%e8%aa%95%e7%94%9f%ef%bc%8c%e3%80%8cmoneyb/ 。二、外文文獻(一)書籍與專書論文1.Jelena Madir, 2019. FinTech: Law and Regulation, Cheltenham: Edward Elgar Publishing Limitred.2.Anna Omarini, 2015. Retail Banking: Business Transformation and Competitive Strategies for the Future. London: Palgrave MacMillan Publishers.3.Blakstad S. and Allen R., 2018, New Standard Models for Banking. Pp 147- 166 in: FinTech Revolution, edited by Blakstad S. and Allen R., Cham: Palgrave MacMillan Publishers.4.Ryan Mitchell, 2015, Web Scraping with Python: collecting data from the modern web. CA: O`Reilly Media.(二)期刊論文1.Anjan V. Thakor, 2019, Fintech and Banking: What Do We Know, Journal of Financial Intermediation. https://doi.org/10.1016/j.jfi.2019.1008332.Anna Omarini, 2018, Banks and Fintechs: How to Develop a Digital Open Banking Approach for the Bank’s Future, International Business Research 11(9):23-36.3.Arner, D. W., Barberis, J., & Buckley, R. P, 2015, The evolution of Fintech: A new post-crisis paradigm, Georgetown Journal of International Law 47:1271-1320.4.Cortet Mounaim, Rijks Tom & Nijland Shikko, 2016, PSD2: The digital transformation accelerator for banks, Journal of Payments Strategy & Systems 10(1):13-27.5.Hallam Stevens, 2019, Open data, closed government: Unpacking data.gov.sg, First Monday 24(4).6.Jeffrey Kenneth Hirschey, 2014, Symbiotic Relationships: Pragmatic Acceptance of Data Scraping, Berkeley Technology Law Journal 29:897-928.7.Neyer Gene, 2017, ‘Mobile First’ will become ‘API First’ — PSD2: Changing banking as we know it, Journal of Digital Banking 2(2):171-178.(三)研究報告1.Basel Committee on Banking Supervision, 2018, Bank for International Settlements, Sound Practices: Implications of Fintech Developments for Banks and Bank Supervisors.2.Basel Committee on Banking Supervision, 2019, Report on open banking and application programming interfaces.3.Capgemini & Efma, 2019, World Fintech Report 2019. Retrieve from https://www.capgemini.com/es-es/wp-content/uploads/sites/16/2019/06/World-FinTech-Report-WFTR-2019_Web.pdf4.Consumers International, 2017, Banking on the Future: An Exploration of Fintech and the Consumer Interest.5.Financial Stability Board, 2017, Financial Stability Implications from FinTech, Supervisory and Regulatory Issues that Merit Authorities’ Attention.6.KPMG, 2019, PSD2 and Open Banking: Revolution or evolution.7.KPMG, 2019, The future of banking Hong Kong Banking Report 2019.8.PwC, 2018, The future of banking is open - how to seize the Open Banking opportunity.9.PwC, 2018, What is Fintech.10.Thomas I. Palley, 2007. Financialization: What It Is and Why It Matters Working Papers wp153, Political Economy Research Institute, University of Massachusetts at Amherst.(四)司法裁判1.Case C‑191/17 Bundeskammer für Arbeiter und Angestellte v ING-DiBa Direktbank Austria Niederlassung der ING-DiBa AG, ECLI:EU:C:2018:809.2.Case C-41/90 Höfner and Elser v Macrotron, ECLI:EU:C:1991:161.3.Joined Cases C-293/12 and C-594/12 Digital Rights Ireland and Seitlinger and Others, ECLI:EU:C:2014:238.4.Joined Cases C-203/15 and C-698/15 Tele2 Sverige AB and Secretary of State for the Home Department, ECLI:EU:C:2016:970.(五)政府機關文獻1.ACCC, 2018, CDR Rules Outline.2.ACCC, 2019, Consumer Data Right Supplementary accreditation guidelines: insurance.3.ACCC, 2019, CDR draft accreditation guidelines.4.Article 29 Data Protection Working Party, Guidelines on Consent under Regulation 2016/679.5.Consumer Financial Protection Bureau, 2017, Consumer Protection Principles: Consumer-Authorized Financial Data Sharing and Aggregation.6.Council of the European Union, 2019, Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications). Retrieve from https://data.consilium.europa.eu/doc/document/ST-12633-2019-INIT/en/pdf.7.EBA Working Group on Electronic Alternative Payments, 2016, Understanding the business relevance of Open APIs and Open Banking for banks. Retrieve from https://www.abe-eba.eu/media/azure/production/1522/business-relevance-of-open-apis-and-open-banking-for-banks.pdf8.European Banking Authority, 2017, Guidelines on the criteria on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee under Article 5(4) of Directive (EU) 2015/2366 (PSD2).9.European Banking Authority, 2018, Opinion of the European Banking Authority on the implementation of the RTS on SCA and CSC.10.ECN SUBGROUP Banking and Payments, 2012, INFORMATION PAPER ON COMPETITION ENFORCEMENT IN THE PAYMENTS SECTOR. Retrieve from https://ec.europa.eu/competition/sectors/financial_services/information_paper_payments_en.pdf (last visited:2019/11/26).11.European Banking Authority, 2019, Opinion of the European Banking Authority on the elements of strong customer authentication under PSD2.12.European Commission, 2013, Proposal for a directive of the European parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/UE and 2009/110/EC and repealing Directive 2007/64/EC and Proposal for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions. Retrieve from: https://eur-lex.europa.eu/resource.html?uri=cellar:906ed6d3-f509-11e2-a22e-01aa75ed71a1.0001.04/DOC_2&format=PDF (last visited: 2019/11/27).13.European Commission, 2019, Frequently Asked Questions: Making electronic payments and online banking safer and easier for consumers.14.European Data Protection Board, 2018, PSD2 Letter. Retrieve from https://edpb.europa.eu/sites/edpb/files/files/news/psd2_letter_en.pdf (last visited: 2019/11/18).15.European Data Protection Supervisory, 2014, Guidelines on Data Protection in EU Financial Services Regulation, at 15.16.HKMA, 2018, Open API Framework for the Hong Kong Banking Sector.17.JBA Review Committee on Open APIs, 2017, Report of Review Committee on Open APIs: Promoting Open Innovation. Retrieve from : https://www.zenginkyo.or.jp/fileadmin/res/news/news290713_3.pdf (last visited: 2019/11/18 ).18.MAS &ABS, 2016, Finance-as-a-Service: API Playbook.19.Murray, 2014, Financial System Inquiry Final Report.20.OBWG, 2016, Open Banking Standard.21.ODI & Fingleton Associates, 2014, Data Sharing and Open Data for Banks A report for HM Treasury and Cabinet Office.22.Open Banking Ltd, 2018, Open Banking Guidelines for Open Data Participants.23.Open Banking Ltd, 2018, Open Banking Guidelines for Read/Write Participant24.Open Data Institute, 2016, Introducing the Open Banking Standard: Helping customers, banks and regulators take banking into a truly 21st-century, connected digital economy.25.Open Data Institute & Fingleton, 2019, Open Banking Preparing for lift off.26.Productivity Commission, 2017, Data Availability and Use.27.Professor ian Harper, Peter Anderson, Su Mccluskey & Michael o’Bryan Qc, 2015, Competition Policy Review Final Report.28.The European Banking Federation, 2016, Guidance for implementation of the revised Payment Services Directive.29.The parliament of the commonwealth of Australia, 2019, Explanatory memorandum of Treasury Laws Amendment (Consumer Data Right) Bill 2019.30.The Treasury of Australian government, 2019, Consumer Data Right Overview.31.The Treasury of Australian government, 2019, Explanatory materials of Treasury Laws Amendment (Consumer Data Right) Bill 2019. Retrieve from https://treasury.gov.au/sites/default/files/2019-06/t364234-explanatory-materials.docx (last visited: 2019/11/20).32.日本金融庁,2019年,電子決済等代行業者の登録申請時の留意事項等。33.金融審議会,2016年,金融制度ワーキング・グループ報告 ―オープン・イノベーションに向けた制度整備について―。34.首相官邸,2019年,産官協議会「FinTech/キャッシュレス化」第1回議事要旨。搜尋自:http://www.kantei.go.jp/jp/singi/keizaisaisei/miraitoshikaigi/sankankyougikai2019/fintech/dai1/gijiyousi.pdf(最後瀏覽日:2019/12/1)。(六)網路資料1.Alberto Di Felice, 2019, Study of proposal for an ePrivacy Regulation, https://www.digitaleurope.org/resources/study-of-proposal-for-an-eprivacy-regulation/.2.Arpan, 2012, Data Scraping vs. Data Crawling, PROMPT CLOUD, https://www.promptcloud.com/blog/data-scraping-vs-data-crawling/.3.Bird & Bird, 2018, The CJEU provides clarity on the definition of a "payment account", https://www.twobirds.com/en/news/articles/2018/global/the-cjeu-provides-clarity-on-the-definition-of-a-payment-account.4.Bundeskartellamt, 2016, Restriction of online payment services by German banking industry in violation of competition law, https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2016/05_07_2016_Sofort%C3%BCberweisung.html.5.CMA, 2014, Personal current account and small business banking face full competition investigation, https://www.gov.uk/government/news/personal-current-account-and-small-business-banking-face-full-competition-investigation.6.CMA, 2016, Retail banking market investigation: overview, https://www.gov.uk/government/publications/retail-banking-market-investigation-overview.7.Data.gov.sg, https://data.gov.sg/about.8.DBS, 2017, Reimagining banking, DBS launches world’s largest banking API developer platform, https://www.dbs.com/newsroom/Reimagining_banking_DBS_launches_worlds_largest_banking_API_developer_platform9.Deloitte, PSD2 and GDPR – Harmony or Dissonance?, https://www2.deloitte.com/cz/en/pages/legal/articles/psd2-a-gdpr-harmonie-ci-disonance.html (last visited: 2019/11/18).10.EBA, 2018, Consent for the provision of PIS and AIS, https://eba.europa.eu/single-rule-book-qa/-/qna/view/publicId/2018_4309.11.EBA, 2019, EBA goes live with its central register of payment and electronic money institutions under PSD2, https://eba.europa.eu/eba-goes-live-with-its-central-register-of-payment-and-electronic-money-institutions-under-psd2.12.Eileen Yu, 2017, Singapore government assures SingPass-MyInfo will stay secure, https://www.zdnet.com/article/singapore-government-assures-singpass-myinfo-will-stay-secure/.13.European Data Protection Supervisory, The History of the General Data Protection Regulation, https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en# (last visited:2019/11/27).14.FCA, Account Information & Payment Initiation Service Providers, https://register.fca.org.uk/shpo_searchresultspage?preDefined=AIPISP&TOKEN=3wq1nht7eg7tr (last visited: 2019/11/27).15.Finextra, 2019, Open Banking vs. Screen Scraping: looking ahead in 2019, https://www.finextra.com/blogposting/16494/open-banking-vs-screen-scraping-looking-ahead-in-2019.16.Finextra, 2019, Working with Technical Service Providers under PSD2, https://www.finextra.com/blogposting/17686/working-with-technical-service-providers-under-psd2.17.GDPR Enforcement Tracker, https://www.enforcementtracker.com/.18.GoCardless, 2017, Screen scraping 101: Who, What, Where, When?, https://openbankinghub.com/screen-scraping-101-who-what-where-when-f83c7bd96712.19.HKMA, 2019, Open API Framework for the Banking Sector: One year on, https://www.hkma.gov.hk/eng/news-and-media/press-releases/2019/07/20190731-3/#2.20.Innopay, PSD2 licensing: solving the puzzle of becoming a Third Party Provider, https://www.innopay.com/en/publications/psd2-becoming-a-third-party-provider(last visited: 2019/11/27).21.John Wagnon, 2013, Web Scraping-DataCollection or Ilegal Activity, DEVCENTRAL, https://devcentral.f5.com/s/articles/web-scraping-data-collection-or-illegal-activity.22.Kwok Quek Sin, 2019, Inside Singapore’s National Digital Identity programme, https://www.techradar.com/news/inside-singapores-national-digital-identity-programme.23.Lester Hio, 2017, MyInfo access extended to local businesses, https://www.straitstimes.com/singapore/myinfo-access-extended-to-local-businesses.24.MAS, Financial Industry API Register, https://www.mas.gov.sg/development/fintech/financial-industry-api-register (last visited:2019/11/19).25.MAS, Fintech and Innovation Group, https://www.mas.gov.sg/who-we-are/Organisation-Structure/Fintech-and-Innovation (last visited: 2019/11/12).26.Niels Vandezande, 2019, Reconciling Consent in PSD2 and GDPR, https://thepaypers.com/expert-opinion/reconciling-consent-in-psd2-and-gdpr/777976.27.Norman T.L. Chan, 2017, A New Era of Smart Banking, https://www.hkma.gov.hk/eng/news-and-media/speeches/2017/09/20170929-1.28.Open Banking Ltd, About us, https://www.openbanking.org.uk/about-us/ (last visited: 2019/11/5).29.Open Banking Ltd, Open Banking APIs Performance, https://www.openbanking.org.uk/providers/account-providers/api-performance/ (last visited: 2019/11/11).30.Open Banking Ltd, Website Glossary, https://www.openbanking.org.uk/about-us/glossary/ (last visited: 2019/11/11).31.Open Banking Ltd, What is Open Banking? , https://www.openbanking.org.uk/customers/what-is-open-banking/ (last visited: 2019/11/11).32.Open Data Institute, About the ODI, https://theodi.org/about-the-odi/ (last visited: 2019/11/5).33.Open Data Institute, Projects and services, https://theodi.org/project/open-banking-setting-a-standard-and-enabling-innovation/ (last visited: 2019/11/5).34.Orenstein D., 2000, Quick Study: Application Programming Interface (API). https://www.computerworld.com/article/2593623/application-programming-interface.html35.Sean Creehan and Paul Tierno, 2019, The Slow Introduction of Open Banking and APIs in Japan, https://www.frbsf.org/banking/asia-program/pacific-exchanges-podcast/open-banking-apis-japan/.36.Sing Pass, About us, https://www.singpass.gov.sg/singpass/common/aboutus.37.Smart Nation Singapore, 2014, Transcript of speech by speech by prime minister Lee Hsien Loong at smart nation launch, https://www.smartnation.sg/whats-new/speeches/smart-nation-launch/.38.STET, PSD2 API V1.4, https://www.stet.eu/en/psd2/.39.The Berlin Group, https://www.berlin-group.org/psd2-access-to-bank-accounts.40.The finance, 2017, 改正銀行法で何が変わる? オープンAPIとFinTechの推進, https://thefinance.jp/law/170906.41.The Treasury of Australian government, Consumer Data Right, https://treasury.gov.au/consumer-data-right.42.日本金融庁,2019,電子決済等代行業を営むみなさまへ,https://www.fsa.go.jp/common/shinsei/dendai/index.html。 zh_TW dc.identifier.doi (DOI) 10.6814/NCCU202000212 en_US