EU lauds Taiwan's efforts to push for talks on data transfer deal

  604
(Image/Pixabay)

(Image/Pixabay)

The European Union has praised Taiwan's efforts to bring its data protection laws more into line with EU standards to facilitate talks on bilateral data transfers, according to a letter issued earlier this month to Taiwan's Cabinet-level National Development Council (NDC).

Last year, the NDC filed a self-evaluation report as required under the EU General Data Protection Regulation (GDPR) to allow the EU to determine if Taiwan has an adequate level of data protection to allow the future free flow of personal data between Taiwan businesses and their counterparts in EU member states.

The GDPR, which went into force May 25, 2018, is a package of new laws enacted by the EU that outlines how and why personal data can be collected on individuals living in, or who are citizens of, any of the 28 EU member states.

The European Commission (EC) has the power to determine whether a country outside the EU offers an adequate level of data protection.

To seek an "adequacy decision" from the EC, the NDC set up a personal data protection coordination office July 4, 2018 to deal with relevant matters and filed an evaluation report required for GDPR adequacy status to the EC Directorate-General for Justice.

In response, Tiina Astola, the head of DG Justice, expressed gratitude to Taiwan for its interest in strengthening cooperation with the EU in personal data protection, which she said is of great importance in today's digital economy.

Astola said the agency is still analyzing Taiwan's report, which she said will be very useful for future dialogue.

The NDC said the government will adjust its regulations on data protection based on the process of bilateral dialogue and the development of domestic industries.

During the phase of holding meetings with the focus on technical issues, the EC will examine whether the level of data protection in Taiwan has reached the standards for the data adequacy status granted by the EC, according to an NDC official.

Taking Japan as an example, it was given an adequacy decision by the EC after two years of dialogue on technical issues, the official said.

Being responsible for coordinating inter-ministerial efforts in securing an adequacy decision from the EC on data transfers, the NDC has held several explanation meetings for government agencies and businesses on the matter and has posted GDPR-related information on its official website, according to the official.