| dc.contributor | 法學評論 | |
| dc.creator (作者) | 郭戎晉 | |
| dc.date (日期) | 2020-06 | |
| dc.date.accessioned | 8-Apr-2022 10:12:56 (UTC+8) | - |
| dc.date.available | 8-Apr-2022 10:12:56 (UTC+8) | - |
| dc.date.issued (上傳時間) | 8-Apr-2022 10:12:56 (UTC+8) | - |
| dc.identifier.uri (URI) | http://nccur.lib.nccu.edu.tw/handle/140.119/139594 | - |
| dc.description.abstract (摘要) | 為強化對於歐盟境內資料當事人的保護,一九九五年資料保護指令及現行的一般資料保護規則(GDPR)均設置了域外效力條款,使其適用範疇並不以歐盟所轄地域為限。指令第4條規定的設立機構及設備使用兩款適用情形,凸顯歐盟擬透過域外效力條款因應個人資料數位化及全球流通趨勢。面對急劇變化的網路應用環境,GDPR持續採納域外效力設計,第3條除原已存在的設立機構,新增兩款過去未見的適用情形:鎖定歐盟境內資料當事人提供商品或服務 ; 及針對歐盟境內資料當事人的行為進行監測,儘管嘗試解決固有問題,新制仍面臨適用上之爭議。本文分析歐盟歷來法制規範 ; 官方指引及重要實務案例,具體指出歐盟個人資料保護立法域外效力規定存在的問題點,同時進行國內立法之對照觀察並提出適用建言。 | |
| dc.description.abstract (摘要) | Currently there has been an unprecedented number of data privacy laws being enacted or revised around the world with most of them being affected by the European Union’s data protection regulations. The EU has had regulations pertaining to data protection since 1995, and the newest legislation, the General Data Protection Regulation (GDPR), went into effect on May 25, 2018. The GDPR not only applies to data processing activities conducted by organizations established in the EU but also extends to its territorial reach with two types of business activities: offering of goods or services to data subjects situated in the EU and monitoring of the behaviour of such data subjects. Given the extensive obligations and stiff penalties imposed by the GDPR, global organizations have been rightly focused on how their own data processing activities may fit within the scope of extraterritorial effect of GDPR. But to date, there has been a degree of uncertainty for organizations regarding the scope of the GDPR’s application outside of the EU. Although Article 3 of the GDPR represents a significant expansion of the territorial reach of an EU Regulation, a global approach to the protection of individuals’ rights is still necessary--especially in the case of the online world, as it does not respect physical or geographical boundaries and thus often gives rise to the question of which law is applicable in the case of online activities. As regulatory changes can prove to be both an opportunity and a challenge, this article aims to examine the extraterritoriality of prior and current EU data privacy law, discuss the key concepts of the provision for applicability of EU data protection laws to non-EU data controller or processor, point out the differences and related questions about the application of extraterritorial effect provisions between Directive and GDPR, and-- finally--provide suggestions toward domestic legislation. | |
| dc.format.extent | 2368802 bytes | - |
| dc.format.mimetype | application/pdf | - |
| dc.relation (關聯) | 法學評論, 161, 1-70 | |
| dc.subject (關鍵詞) | 歐盟 ; 個人資料 ; 資料保護指令 ; 一般資料保護規則 ; 域外效力 ; 設立機構 ; 商品服務提供行為 ; 監測行為 ; 鎖定 | |
| dc.subject (關鍵詞) | European Union ; Personal Data ; Data Protection Directive ; General Data Protection Regulation (GDPR) ; Extraterritorial Effect ; Establishment ; Offering of Goods or Services ; Monitoring ; Targeting | |
| dc.title (題名) | 論歐盟個人資料保護立法域外效力規定暨其適用問題 | |
| dc.title (題名) | Legal Study on Extraterritorial Effect of European Union’s Data Protection Regulations | |
| dc.type (資料類型) | article | |
| dc.identifier.doi (DOI) | 10.3966/102398202020060161001 | |
| dc.doi.uri (DOI) | https://doi.org/10.3966/102398202020060161001 | |
