1. NCCU Academic Hub
  2. 學術產出
  3. College of Commerce
  4. Theses
  5. Item

學術產出-Theses

Article View/Open

Publication Export

Google ScholarTM

政大圖書館

Citation Infomation

題名 車聯網時代下個人資料保護之因應
Regulating Personal Data Use in the Era of Connected Vehicles
作者 鄢代航
Yen, Tai-Hang
貢獻者 鄭菀瓊
Cheng, Wan-Chiung
鄢代航
Yen, Tai-Hang
關鍵詞 車聯網
個人資料保護
車載資通訊系統
隱私權
一般資料保護規則
Connected Vehicles
Personal Data Protection
Telematics
Privacy
General Data Protection Regulation (GDPR)
日期 2022
上傳時間 1-Aug-2022 18:51:25 (UTC+8)
摘要 在車輛結合網路服務的車聯網時代,車輛藉由感測器蒐集並處理駕駛及乘客數量龐大、種類繁多之個人資料,並將該些數據透過建立數據流、傳輸給更多接收者以完成使用者所需之服務,使得便捷之車聯網服務同時亦存在許多隱私疑義。

為避免車聯網毫無限制的侵犯使用者之隱私,確保符合車聯網特性之個人資料保護方式至關重要。國際組織以及各國政府機關對於車聯網個人資料保護於近年多有作出相關因應,包括發佈研究報告、行政指引或法律規定等,特別是坐擁龐大汽車市場之國家法域。

本文透過研究車聯網技術相關之法律規範、學術文獻、研究報告、官方文件等,瞭解車聯網所涉及之數據、服務、參與主體,彙整及探討車聯網之特性,並進一步透過分析世界車輛法規協調論壇(World Forum for Harmonization of Vehicle Regulations)、個人資料與隱私保護委員國際研討會(International Conference of Data Protection and Privacy Commissioners)、國際電信個人資料保護工作小組(International Working Group on Data Protection in Telecommunications)等國際組織,以及英國、美國、中國、歐盟之政府機關及法院,針對車聯網個人資料保護作出之因應,梳理出行車安全原則、告知及同意原則、個人資料層級化原則、車內處理原則等,作為車聯網個人資料保護之原則,並於文末針對車聯網開發、運營或使用等參與主體提出具體之個人資料保護建議,進而降低相關法令遵循之風險。
In the era of connected vehicles where vehicles are combined with internet services, vehicles use sensors to collect and process a large number and a wide variety of personal data of drivers and passengers, and transmit these data to multiple recipients by creating data streams to complete the services required by users, making the convenient connected vehicle services entail many privacy concerns.

In order to avoid the unrestricted infringement of users` privacy, it is of crtical importance to ensure the protection of personal data in accordance with the characteristics of the connected vehicles. In recent years, international organizations and government agencies of various countries have made relevant responses to the protection of personal data regarding connected vehicles, including published research reports, administrative guidelines or legal regulations, especially in countries or jurisdictions possessing large automobile markets.

This study will conduct research into the laws and regulations, literatures, reports and governmental documents related to connected vehicle technology, inquire about the data, services and participants regarding connected vehicles, summarize and discuss the characteristics of connected vehicles. And this study will further analyze the responses to the protection of personal data regarding connected vehicles by international organizations such as the World Forum for Harmonization of Vehicle Regulations, the International Conference of Data Protection and Privacy Commissioners, the International Working Group on Data Protection in Telecommunications, and government agencies and courts in the United Kingdom, the United States, China, and the the European Union, summarize principle of safety, principle of information and consent, principle of catergorization of personal data, principle of local processing as the principles of personal data protection regarding connected vehicles, and further seek to provide specific recommendations on personal data protection to the participants in the context of connected vehicles.
參考文獻 一、 專書
1. Alonso Raposo M., et al., AN ANALYSIS OF POSSIBLE SOCIO-ECONOMIC EFFECTS OF A COOPERATIVE, CONNECTED AND AUTOMATED MOBILITY (CCAM) IN EUROPE - EFFECTS OF AUTOMATED DRIVING ON THE ECONOMY, EMPLOYMENT AND SKILLS (2018).
2. European Data Protection Supervisor, TECHDISPATCH CONNECTED CARS (2019).
3. Mark Enthoven, IOT COMPONENTS IN CONNECTED AND AUTONOMOUS VEHICLES (2020).
4. Paul Voigt & Axel von dem Bussche, THE EU GENERAL DATA PROTECTION REGULATION (GDPR) A PRACTICAL GUIDE (2017).
5. Philippa Lawson, et al., THE CONNECTED CAR: WHO IS IN THE DRIVER’S SEAT? (2015).

二、 期刊論文
1. Alexandra Green, The SELF DRIVE Act: An Opportunity to Re-Legislate a Minimum Cybersecurity Federal Framework for Autonomous Vehicles, 60 Santa Clara Law Review 217 (2020).
2. Lorenzo Dalla Corte, Scoping personal data: Towards a nuanced interpretation of the material scope of EU data protecton law, 10(1) European Journal of Law and Technology 1 (2019).
3. Simon Elliott, et al., The EDPB gives its view on connected car technology — but will it reach the chequered flag?, 38(3) Westlaw Journal Computer & Internet 1 (2020).

三、 官方文件
1. Article 29 Working Party, Guidelines on the right to data portability under Regulation 2016/676, WP242 rev.01 (Oct. 27, 2017).
2. Article 29 Working Party, Guidelines on Transparency under Regulation 2016/679, WP260 rev.01 (April 11, 2018).
3. Article 29 Working Party, Opinion 03/2017 on Processing personal data in the context of Cooperative Intelligent Transport Systems (C-ITS), WP249 (Oct. 4, 2017).
4. Article 29 Working Party, Opinion 05/2014 on Anonymisation Techniques, WP216 (April 4, 2014).
5. Article 29 Working Party, Opinion 2/2017 on data processing at work, WP249 (June 8, 2017).
6. Article 29 Working Party, Opinion 5/2012 on Cloud Computing, WP196 (July 1, 2012).
7. Conference of the German Federal and State Data Protection Authorities and the German Association of the Automotive Industry (VDA), Data protection aspects of using connected and non-connected vehicles (2016).
8. European Commission, The race for automotive data (2017).
9. European Data Protection Board, Guidelines 01/2020 on processing personal data in the context of connected vehicles and mobility related applications (January 28, 2021).
10. European Data Protection Board, Guidelines 01/2020 on processing personal data in the context of connected vehicles and mobility related applications, Version 2.0 (March 9, 2021).
11. European Data Protection Board, Guidelines 05/2020 on consent under Regulation 2016/679 Version 1.1 (May 4, 2020).
12. European Data Protection Board, Opinion 5/2019 on the interplay between the ePrivacy Directive and the GDPR, in particular regarding the competence, tasks and powers of data protection authorities (Mar. 12, 2019).
13. European Union Agency for Cybersecurity, Cybersecurity Stocktaking in the CAM (2020).
14. European Union Agency for Cybersecurity, Pseudonymisation techniques and best practices (2019).
15. Federal Trade Commission, The Connected Cars Workshop: The Federal Trade Commission Staff Perspective (2018).
16. Information Commissioner’s Office, The Information Commissioner’s response to the Centre for Connected and Autonomous Vehicles consultation“Pathway to Driverless Cars” (2016).
17. Information Commissioner’s Office, The Information Commissioner’s Office (ICO) response to the joint consultation from the Law Commission and Scottish Law Commission entitled ‘Automated Vehicles: Consultation Paper 3 – a regulatory framework for automated vehicles’ (2021).
18. International Conference of Data Protection and Privacy Commissioners, Resolution on data protection in automated and connected vehicles (2017).
19. International Working Group on Data Protection in Telecommunications, Working Paper: Connected Vehicles (2018).
20. Law Commission & Scottish Law Commission, Automated Vehicles: Consultation Paper 3 – A regulatory framework for automated vehicles (2020).
21. National Commission on Informatics and Liberty, Compliance package for a responsible use of data in connected cars (2017).
22. United Nations Economic Commission for Europe, Consolidated Resolution on the Construction of Vehicles (R.E.3) (2017).

四、 研究報告
1. Bertin Martens & Frank Mueller-Langer, Access to digital car data and competition in aftersales services (2018).
2. Groupe Speciale Mobile Association, Connected Cars: Business Model Innovation (2012).
3. McKinsey & Company, Car data: paving the way to value-creating mobility (2016).
4. Otonomo, A Privacy Playbook for Connected Car Data (2019).

五、 網路資料
1. 国家互联网信息办公室关于《汽车数据安全管理若干规定(征求意见稿)》公开征求意见的通知,中华人民共和国国家互联网信息办公室(2021年5月12日),http://www.cac.gov.cn/2021-05/12/c_1622400511898266.htm。
2. 智慧運輸系統發展建設計畫—改變未來交通移動力,行政院(2020年8月12日),https://www.ey.gov.tw/Page/5A8A0CB5B41DA11E/2ae9fc87-fd14-424b-97ab-c71e6440410d。
3. 汽车数据安全管理若干规定(试行),中华人民共和国国家互联网信息办公室(2021年8月20日),http://www.cac.gov.cn/2021-08/20/c_1631049984897667.htm。
4. 国家互联网信息办公室有关负责人就《汽车数据安全管理若干规定(试行)》答记者问,中华人民共和国中央人民政府(2021年8月20日),http://www.gov.cn/zhengce/2021-08/20/content_5632437.htm。
5. 5G智慧交通數位神經中樞計畫,交通部運輸研究所(2021年9月23日),https://www.iot.gov.tw/cp-2308-206655-4f596-1.html。
6. 彭禎伶、魏喬怡,四危險肇事 強制險加費無上限,工商時報(2022年4月15日),https://ctee.com.tw/news/insurance/627375.html。
7. 5G, European Commission, https://digital-strategy.ec.europa.eu/en/policies/5g (last visited March 18, 2021).
8. About the ICO, Information Commissioner’s Office, https://ico.org.uk/about-the-ico/ (last visited August 7, 2021).
9. Accountability Framework, Information Commissioner’s Office, https://ico.org.uk/for-organisations/accountability-framework/ (last visited September 14, 2021).
10. Automated driving system entity (ADSE), BSI, https://www.bsigroup.com/en-GB/CAV/cav-vocabulary/automated-driving-system-entity/ (last visited September 13, 2021).
11. Berlin-Group, Datenschutz, https://www.datenschutz-berlin.de/datenschutz/zusammenarbeit-und-gremien/ (last visited June 7, 2021).
12. Big Data, European Commission, https://digital-strategy.ec.europa.eu/en/policies/big-data (last visited March 18, 2021).
13. Codes of conduct, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/codes-of-conduct-detailed-guidance/ (last visited September 14, 2021).
14. Connected and automated mobility, European Commission, https://digital-strategy.ec.europa.eu/en/policies/connected-and-automated-mobility (last visited May 3, 2022).
15. Controllers and processors, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/controllers-and-processors/ (last visited September 14, 2021).
16. Cookies and similar technologies, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ (last visited September 14, 2021).
17. Data sharing: a code of practice, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/ico-codes-of-practice/data-sharing-a-code-of-practice/ (last visited September 14, 2021).
18. DSRC vs. C-V2X for Safety Applications, https://auto-talks.com/technology/dsrc-vs-c-v2x/ (last visited May 3, 2022).
19. eCall 112-based emergency assistance from your vehicle, Your Europe (last updated Oct. 29, 2020), https://europa.eu/youreurope/citizens/travel/security-and-emergencies/emergency-assistance-vehicles-ecall/index_en.htm.
20. Endorsed WP29 Guidelines, European Data Protection Board (May 25, 2018), https://edpb.europa.eu/our-work-tools/general-guidance/endorsed-wp29-guidelines_en.
21. Eric Lambert, Are IP and MAC Addresses Personal Information?, Linkedin, https://www.linkedin.com/pulse/ip-mac-addresses-personal-information-eric-lambert/ (last visited June 1, 2021).
22. Europe`s Internet of Things Policy, European Commission, https://digital-strategy.ec.europa.eu/en/policies/iot-policy (last visited March 18, 2021).
23. Examples of processing ‘likely to result in high risk’, ICO, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/data-protection-impact-assessments-dpias/examples-of-processing-likely-to-result-in-high-risk/ (last visited September 13, 2021).
24. Guide to Law Enforcement Processing, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-law-enforcement-processing/ (last visited September 14, 2021).
25. Guide to Privacy and Electronic Communications Regulations, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-pecr/ (last visited September 14, 2021).
26. Individual rights, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ (last visited September 14, 2021).
27. Intelligent transport systems, European Commission, https://ec.europa.eu/transport/themes/its_en (last visited March 18, 2021).
28. International Conferences, European Data Protection Supervisor, https://edps.europa.eu/data-protection/our-work/our-work-by-type/international-conferences_en (last visited June 7, 2021).
29. Jennifer Shuttleworth, Standards News: J3016 automated-driving graphic update, SAE (Jan. 7, 2019), https://www.sae.org/news/2019/01/sae-updates-j3016-automated-driving-graphic.
30. John Egan, Tesla Insurance Plans Surge Into Three New States, Forbes (last updated Mar. 11, 2021), https://www.forbes.com/advisor/car-insurance/tesla-insurance/.
31. Jonathan Matus, The Future of Car Insurance Is Behavior-Based, Forbes (Feb. 18, 2020), https://www.forbes.com/sites/forbestechcouncil/2020/02/18/the-future-of-car-insurance-is-behavior-based/?sh=52948fe048df.
32. Location data, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-pecr/communications-networks-and-services/location-data/ (last visited September 14, 2021).
33. Principle (b): Purpose limitation, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/purpose-limitation/ (last visited September 14, 2021).
34. Principle (c): Data minimisation, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/data-minimisation/ (last visited September 14, 2021).
35. Principle (e): Storage limitation, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/storage-limitation/ (last visited September 14, 2021).
36. Proposal for an ePrivacy Regulation, European Commission, https://digital-strategy.ec.europa.eu/en/policies/eprivacy-regulation (last visited May 10, 2021).
37. Special category data, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/ (last visited September 14, 2021).
38. The History of the General Data Protection Regulation, EDPS, https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en (last visited March 30, 2021).
39. The UK GDPR, Information Commissioner’s Office, https://ico.org.uk/for-organisations/dp-at-the-end-of-the-transition-period/data-protection-and-the-eu-in-detail/the-uk-gdpr/ (last visited August 25, 2021).
40. Vehicle Data Privacy, National Highway Traffic Safety Administration, https://www.nhtsa.gov/technology-innovation/vehicle-data-privacy (last visited September 17, 2021).
41. What is personal data, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/what-is-personal-data/ (last visited September 14, 2021).
42. What is the European Data Protection Board (EDPB)?, European Commission, https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/enforcement-and-sanctions/enforcement/what-european-data-protection-board-edpb_en (last visited May 1, 2021).
43. What privacy information should we provide?, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/the-right-to-be-informed/what-privacy-information-should-we-provide/ (last visited September 14, 2021).
44. WP29 World Forum for Harmonization of Vehicle Regulations (WP.29), United Nations Economic Commission for Europe, https://unece.org/transport/vehicle-regulations/wp29-world-forum-harmonization-vehicle-regulations-wp29 (last visited July 5, 2021).
描述 碩士
國立政治大學
科技管理與智慧財產研究所
107364203
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0107364203
資料類型 thesis
dc.contributor.advisor 鄭菀瓊zh_TW
dc.contributor.advisor Cheng, Wan-Chiungen_US
dc.contributor.author (Authors) 鄢代航zh_TW
dc.contributor.author (Authors) Yen, Tai-Hangen_US
dc.creator (作者) 鄢代航zh_TW
dc.creator (作者) Yen, Tai-Hangen_US
dc.date (日期) 2022en_US
dc.date.accessioned 1-Aug-2022 18:51:25 (UTC+8)-
dc.date.available 1-Aug-2022 18:51:25 (UTC+8)-
dc.date.issued (上傳時間) 1-Aug-2022 18:51:25 (UTC+8)-
dc.identifier (Other Identifiers) G0107364203en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/141356-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 科技管理與智慧財產研究所zh_TW
dc.description (描述) 107364203zh_TW
dc.description.abstract (摘要) 在車輛結合網路服務的車聯網時代,車輛藉由感測器蒐集並處理駕駛及乘客數量龐大、種類繁多之個人資料,並將該些數據透過建立數據流、傳輸給更多接收者以完成使用者所需之服務,使得便捷之車聯網服務同時亦存在許多隱私疑義。

為避免車聯網毫無限制的侵犯使用者之隱私,確保符合車聯網特性之個人資料保護方式至關重要。國際組織以及各國政府機關對於車聯網個人資料保護於近年多有作出相關因應,包括發佈研究報告、行政指引或法律規定等,特別是坐擁龐大汽車市場之國家法域。

本文透過研究車聯網技術相關之法律規範、學術文獻、研究報告、官方文件等,瞭解車聯網所涉及之數據、服務、參與主體,彙整及探討車聯網之特性,並進一步透過分析世界車輛法規協調論壇(World Forum for Harmonization of Vehicle Regulations)、個人資料與隱私保護委員國際研討會(International Conference of Data Protection and Privacy Commissioners)、國際電信個人資料保護工作小組(International Working Group on Data Protection in Telecommunications)等國際組織,以及英國、美國、中國、歐盟之政府機關及法院,針對車聯網個人資料保護作出之因應,梳理出行車安全原則、告知及同意原則、個人資料層級化原則、車內處理原則等,作為車聯網個人資料保護之原則,並於文末針對車聯網開發、運營或使用等參與主體提出具體之個人資料保護建議,進而降低相關法令遵循之風險。		zh_TW
dc.description.abstract (摘要) In the era of connected vehicles where vehicles are combined with internet services, vehicles use sensors to collect and process a large number and a wide variety of personal data of drivers and passengers, and transmit these data to multiple recipients by creating data streams to complete the services required by users, making the convenient connected vehicle services entail many privacy concerns.

In order to avoid the unrestricted infringement of users` privacy, it is of crtical importance to ensure the protection of personal data in accordance with the characteristics of the connected vehicles. In recent years, international organizations and government agencies of various countries have made relevant responses to the protection of personal data regarding connected vehicles, including published research reports, administrative guidelines or legal regulations, especially in countries or jurisdictions possessing large automobile markets.

This study will conduct research into the laws and regulations, literatures, reports and governmental documents related to connected vehicle technology, inquire about the data, services and participants regarding connected vehicles, summarize and discuss the characteristics of connected vehicles. And this study will further analyze the responses to the protection of personal data regarding connected vehicles by international organizations such as the World Forum for Harmonization of Vehicle Regulations, the International Conference of Data Protection and Privacy Commissioners, the International Working Group on Data Protection in Telecommunications, and government agencies and courts in the United Kingdom, the United States, China, and the the European Union, summarize principle of safety, principle of information and consent, principle of catergorization of personal data, principle of local processing as the principles of personal data protection regarding connected vehicles, and further seek to provide specific recommendations on personal data protection to the participants in the context of connected vehicles.		en_US
dc.description.tableofcontents 第一章 緒論 1
第一節 研究動機與目的 1
第二節 研究架構 3
第三節 研究範圍及限制 4
第二章 車聯網介紹及隱私疑義 5
第一節 車聯網之定義及發展背景 5
第一項 定義 5
第二項 發展背景 6
第二節 車聯網之數據類型及服務 9
第一項 數據類型 9
第二項 車聯網服務 12
第三節 車聯網之參與主體及數據流 20
第一項 參與主體 20
第二項 數據流 23
第四節 車聯網之隱私疑義 28
第一項 識別性 28
第二項 隱私風險 30
第三項 權利侵害 34
第五節 小結 35
第三章 車聯網個人資料保護之因應:從國際組織到英國、美國、中國規範 36
第一節 國際組織之因應 36
第一項 世界車輛法規協調論壇 36
第二項 個人資料與隱私保護委員國際研討會 38
第三項 國際電信個人資料保護工作小組 41
第二節 英國、美國及中國之因應 48
第一項 英國 48
第二項 美國 59
第三項 中國 64
第三節 小結 73
第四章 歐盟對車聯網個資保護之因應 79
第一節 個人資料保護法制及車聯網 79
第一項 個人資料保護法制 79
第二項 車聯網個人資料保護 83
第二節 車聯網個人資料保護指引 86
第一項 定義 86
第二項 適用範圍 89
第三項 合法性基礎 93
第四項 告知及同意 97
第五項 個人資料類別 102
第六項 設計及預設之隱私保護 105
第三節 模擬情境 112
第一項 UBI車險 112
第二項 車位預約 116
第三項 緊急求救 118
第四項 事故研究 121
第五項 竊盜追蹤 124
第四節 判決案例:清潔公司使用GPS車輛追蹤系統案 127
第一項 案件事實 127
第二項 法律爭點 128
第三項 判決分析 135
第五節 小結 140
第五章 研究結論與建議 145
第一節 車聯網個人資料保護之原則 145
第一項 行車安全原則 145
第二項 告知及同意原則 146
第三項 個人資料層級化原則 148
第四項 車內處理原則 149
第二節 建議 151
第一項 對車聯網參與主體之建議及要求 151
第二項 對未來研究之建議 153
參考文獻 155		zh_TW
dc.format.extent 4570198 bytes-
dc.format.mimetype application/pdf-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0107364203en_US
dc.subject (關鍵詞) 車聯網zh_TW
dc.subject (關鍵詞) 個人資料保護zh_TW
dc.subject (關鍵詞) 車載資通訊系統zh_TW
dc.subject (關鍵詞) 隱私權zh_TW
dc.subject (關鍵詞) 一般資料保護規則zh_TW
dc.subject (關鍵詞) Connected Vehiclesen_US
dc.subject (關鍵詞) Personal Data Protectionen_US
dc.subject (關鍵詞) Telematicsen_US
dc.subject (關鍵詞) Privacyen_US
dc.subject (關鍵詞) General Data Protection Regulation (GDPR)en_US
dc.title (題名) 車聯網時代下個人資料保護之因應zh_TW
dc.title (題名) Regulating Personal Data Use in the Era of Connected Vehiclesen_US
dc.type (資料類型) thesisen_US
dc.relation.reference (參考文獻) 一、 專書
1. Alonso Raposo M., et al., AN ANALYSIS OF POSSIBLE SOCIO-ECONOMIC EFFECTS OF A COOPERATIVE, CONNECTED AND AUTOMATED MOBILITY (CCAM) IN EUROPE - EFFECTS OF AUTOMATED DRIVING ON THE ECONOMY, EMPLOYMENT AND SKILLS (2018).
2. European Data Protection Supervisor, TECHDISPATCH CONNECTED CARS (2019).
3. Mark Enthoven, IOT COMPONENTS IN CONNECTED AND AUTONOMOUS VEHICLES (2020).
4. Paul Voigt & Axel von dem Bussche, THE EU GENERAL DATA PROTECTION REGULATION (GDPR) A PRACTICAL GUIDE (2017).
5. Philippa Lawson, et al., THE CONNECTED CAR: WHO IS IN THE DRIVER’S SEAT? (2015).

二、 期刊論文
1. Alexandra Green, The SELF DRIVE Act: An Opportunity to Re-Legislate a Minimum Cybersecurity Federal Framework for Autonomous Vehicles, 60 Santa Clara Law Review 217 (2020).
2. Lorenzo Dalla Corte, Scoping personal data: Towards a nuanced interpretation of the material scope of EU data protecton law, 10(1) European Journal of Law and Technology 1 (2019).
3. Simon Elliott, et al., The EDPB gives its view on connected car technology — but will it reach the chequered flag?, 38(3) Westlaw Journal Computer & Internet 1 (2020).

三、 官方文件
1. Article 29 Working Party, Guidelines on the right to data portability under Regulation 2016/676, WP242 rev.01 (Oct. 27, 2017).
2. Article 29 Working Party, Guidelines on Transparency under Regulation 2016/679, WP260 rev.01 (April 11, 2018).
3. Article 29 Working Party, Opinion 03/2017 on Processing personal data in the context of Cooperative Intelligent Transport Systems (C-ITS), WP249 (Oct. 4, 2017).
4. Article 29 Working Party, Opinion 05/2014 on Anonymisation Techniques, WP216 (April 4, 2014).
5. Article 29 Working Party, Opinion 2/2017 on data processing at work, WP249 (June 8, 2017).
6. Article 29 Working Party, Opinion 5/2012 on Cloud Computing, WP196 (July 1, 2012).
7. Conference of the German Federal and State Data Protection Authorities and the German Association of the Automotive Industry (VDA), Data protection aspects of using connected and non-connected vehicles (2016).
8. European Commission, The race for automotive data (2017).
9. European Data Protection Board, Guidelines 01/2020 on processing personal data in the context of connected vehicles and mobility related applications (January 28, 2021).
10. European Data Protection Board, Guidelines 01/2020 on processing personal data in the context of connected vehicles and mobility related applications, Version 2.0 (March 9, 2021).
11. European Data Protection Board, Guidelines 05/2020 on consent under Regulation 2016/679 Version 1.1 (May 4, 2020).
12. European Data Protection Board, Opinion 5/2019 on the interplay between the ePrivacy Directive and the GDPR, in particular regarding the competence, tasks and powers of data protection authorities (Mar. 12, 2019).
13. European Union Agency for Cybersecurity, Cybersecurity Stocktaking in the CAM (2020).
14. European Union Agency for Cybersecurity, Pseudonymisation techniques and best practices (2019).
15. Federal Trade Commission, The Connected Cars Workshop: The Federal Trade Commission Staff Perspective (2018).
16. Information Commissioner’s Office, The Information Commissioner’s response to the Centre for Connected and Autonomous Vehicles consultation“Pathway to Driverless Cars” (2016).
17. Information Commissioner’s Office, The Information Commissioner’s Office (ICO) response to the joint consultation from the Law Commission and Scottish Law Commission entitled ‘Automated Vehicles: Consultation Paper 3 – a regulatory framework for automated vehicles’ (2021).
18. International Conference of Data Protection and Privacy Commissioners, Resolution on data protection in automated and connected vehicles (2017).
19. International Working Group on Data Protection in Telecommunications, Working Paper: Connected Vehicles (2018).
20. Law Commission & Scottish Law Commission, Automated Vehicles: Consultation Paper 3 – A regulatory framework for automated vehicles (2020).
21. National Commission on Informatics and Liberty, Compliance package for a responsible use of data in connected cars (2017).
22. United Nations Economic Commission for Europe, Consolidated Resolution on the Construction of Vehicles (R.E.3) (2017).

四、 研究報告
1. Bertin Martens & Frank Mueller-Langer, Access to digital car data and competition in aftersales services (2018).
2. Groupe Speciale Mobile Association, Connected Cars: Business Model Innovation (2012).
3. McKinsey & Company, Car data: paving the way to value-creating mobility (2016).
4. Otonomo, A Privacy Playbook for Connected Car Data (2019).

五、 網路資料
1. 国家互联网信息办公室关于《汽车数据安全管理若干规定(征求意见稿)》公开征求意见的通知,中华人民共和国国家互联网信息办公室(2021年5月12日),http://www.cac.gov.cn/2021-05/12/c_1622400511898266.htm。
2. 智慧運輸系統發展建設計畫—改變未來交通移動力,行政院(2020年8月12日),https://www.ey.gov.tw/Page/5A8A0CB5B41DA11E/2ae9fc87-fd14-424b-97ab-c71e6440410d。
3. 汽车数据安全管理若干规定(试行),中华人民共和国国家互联网信息办公室(2021年8月20日),http://www.cac.gov.cn/2021-08/20/c_1631049984897667.htm。
4. 国家互联网信息办公室有关负责人就《汽车数据安全管理若干规定(试行)》答记者问,中华人民共和国中央人民政府(2021年8月20日),http://www.gov.cn/zhengce/2021-08/20/content_5632437.htm。
5. 5G智慧交通數位神經中樞計畫,交通部運輸研究所(2021年9月23日),https://www.iot.gov.tw/cp-2308-206655-4f596-1.html。
6. 彭禎伶、魏喬怡,四危險肇事 強制險加費無上限,工商時報(2022年4月15日),https://ctee.com.tw/news/insurance/627375.html。
7. 5G, European Commission, https://digital-strategy.ec.europa.eu/en/policies/5g (last visited March 18, 2021).
8. About the ICO, Information Commissioner’s Office, https://ico.org.uk/about-the-ico/ (last visited August 7, 2021).
9. Accountability Framework, Information Commissioner’s Office, https://ico.org.uk/for-organisations/accountability-framework/ (last visited September 14, 2021).
10. Automated driving system entity (ADSE), BSI, https://www.bsigroup.com/en-GB/CAV/cav-vocabulary/automated-driving-system-entity/ (last visited September 13, 2021).
11. Berlin-Group, Datenschutz, https://www.datenschutz-berlin.de/datenschutz/zusammenarbeit-und-gremien/ (last visited June 7, 2021).
12. Big Data, European Commission, https://digital-strategy.ec.europa.eu/en/policies/big-data (last visited March 18, 2021).
13. Codes of conduct, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/codes-of-conduct-detailed-guidance/ (last visited September 14, 2021).
14. Connected and automated mobility, European Commission, https://digital-strategy.ec.europa.eu/en/policies/connected-and-automated-mobility (last visited May 3, 2022).
15. Controllers and processors, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/controllers-and-processors/ (last visited September 14, 2021).
16. Cookies and similar technologies, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ (last visited September 14, 2021).
17. Data sharing: a code of practice, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/ico-codes-of-practice/data-sharing-a-code-of-practice/ (last visited September 14, 2021).
18. DSRC vs. C-V2X for Safety Applications, https://auto-talks.com/technology/dsrc-vs-c-v2x/ (last visited May 3, 2022).
19. eCall 112-based emergency assistance from your vehicle, Your Europe (last updated Oct. 29, 2020), https://europa.eu/youreurope/citizens/travel/security-and-emergencies/emergency-assistance-vehicles-ecall/index_en.htm.
20. Endorsed WP29 Guidelines, European Data Protection Board (May 25, 2018), https://edpb.europa.eu/our-work-tools/general-guidance/endorsed-wp29-guidelines_en.
21. Eric Lambert, Are IP and MAC Addresses Personal Information?, Linkedin, https://www.linkedin.com/pulse/ip-mac-addresses-personal-information-eric-lambert/ (last visited June 1, 2021).
22. Europe`s Internet of Things Policy, European Commission, https://digital-strategy.ec.europa.eu/en/policies/iot-policy (last visited March 18, 2021).
23. Examples of processing ‘likely to result in high risk’, ICO, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/data-protection-impact-assessments-dpias/examples-of-processing-likely-to-result-in-high-risk/ (last visited September 13, 2021).
24. Guide to Law Enforcement Processing, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-law-enforcement-processing/ (last visited September 14, 2021).
25. Guide to Privacy and Electronic Communications Regulations, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-pecr/ (last visited September 14, 2021).
26. Individual rights, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ (last visited September 14, 2021).
27. Intelligent transport systems, European Commission, https://ec.europa.eu/transport/themes/its_en (last visited March 18, 2021).
28. International Conferences, European Data Protection Supervisor, https://edps.europa.eu/data-protection/our-work/our-work-by-type/international-conferences_en (last visited June 7, 2021).
29. Jennifer Shuttleworth, Standards News: J3016 automated-driving graphic update, SAE (Jan. 7, 2019), https://www.sae.org/news/2019/01/sae-updates-j3016-automated-driving-graphic.
30. John Egan, Tesla Insurance Plans Surge Into Three New States, Forbes (last updated Mar. 11, 2021), https://www.forbes.com/advisor/car-insurance/tesla-insurance/.
31. Jonathan Matus, The Future of Car Insurance Is Behavior-Based, Forbes (Feb. 18, 2020), https://www.forbes.com/sites/forbestechcouncil/2020/02/18/the-future-of-car-insurance-is-behavior-based/?sh=52948fe048df.
32. Location data, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-pecr/communications-networks-and-services/location-data/ (last visited September 14, 2021).
33. Principle (b): Purpose limitation, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/purpose-limitation/ (last visited September 14, 2021).
34. Principle (c): Data minimisation, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/data-minimisation/ (last visited September 14, 2021).
35. Principle (e): Storage limitation, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/storage-limitation/ (last visited September 14, 2021).
36. Proposal for an ePrivacy Regulation, European Commission, https://digital-strategy.ec.europa.eu/en/policies/eprivacy-regulation (last visited May 10, 2021).
37. Special category data, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/ (last visited September 14, 2021).
38. The History of the General Data Protection Regulation, EDPS, https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en (last visited March 30, 2021).
39. The UK GDPR, Information Commissioner’s Office, https://ico.org.uk/for-organisations/dp-at-the-end-of-the-transition-period/data-protection-and-the-eu-in-detail/the-uk-gdpr/ (last visited August 25, 2021).
40. Vehicle Data Privacy, National Highway Traffic Safety Administration, https://www.nhtsa.gov/technology-innovation/vehicle-data-privacy (last visited September 17, 2021).
41. What is personal data, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/what-is-personal-data/ (last visited September 14, 2021).
42. What is the European Data Protection Board (EDPB)?, European Commission, https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/enforcement-and-sanctions/enforcement/what-european-data-protection-board-edpb_en (last visited May 1, 2021).
43. What privacy information should we provide?, Information Commissioner’s Office, https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/the-right-to-be-informed/what-privacy-information-should-we-provide/ (last visited September 14, 2021).
44. WP29 World Forum for Harmonization of Vehicle Regulations (WP.29), United Nations Economic Commission for Europe, https://unece.org/transport/vehicle-regulations/wp29-world-forum-harmonization-vehicle-regulations-wp29 (last visited July 5, 2021).		zh_TW
dc.identifier.doi (DOI) 10.6814/NCCU202200855en_US