月旦知識庫
 
  1. 熱門:
 
首頁 臺灣期刊   法律   公行政治   醫事相關   財經   社會學   教育   其他 大陸期刊   核心   重要期刊 DOI文章
篇名
論歐盟個人資料保護立法域外效力規定暨其適用問題
並列篇名
Legal Study on Extraterritorial Effect of European Union’s Data Protection Regulations
作者 郭戎晉
中文摘要 為強化對於歐盟境內資料當事人的保護,一九九五年資料保護指令及現行的一般資料保護規則(GDPR)均設置了域外效力條款,使其適用範疇並不以歐盟所轄地域為限。指令第4條規定的設立機構及設備使用兩款適用情形,凸顯歐盟擬透過域外效力條款因應個人資料數位化及全球流通趨勢。面對急劇變化的網路應用環境,GDPR持續採納域外效力設計,第3條除原已存在的設立機構,新增兩款過去未見的適用情形:鎖定歐盟境內資料當事人提供商品或服務;及針對歐盟境內資料當事人的行為進行監測,儘管嘗試解決固有問題,新制仍面臨適用上之爭議。本文分析歐盟歷來法制規範、官方指引及重要實務案例,具體指出歐盟個人資料保護立法域外效力規定存在的問題點,同時進行國內立法之對照觀察並提出適用建言。
英文摘要 Currently there has been an unprecedented number of data privacy laws being enacted or revised around the world with most of them being affected by the European Union’s data protection regulations. The EU has had regulations pertaining to data protection since 1995, and the newest legislation, the General Data Protection Regulation (GDPR), went into effect on May 25, 2018. The GDPR not only applies to data processing activities conducted by organizations established in the EU but also extends to its territorial reach with two types of business activities: offering of goods or services to data subjects situated in the EU and monitoring of the behaviour of such data subjects. Given the extensive obligations and stiff penalties imposed by the GDPR, global organizations have been rightly focused on how their own data processing activities may fit within the scope of extraterritorial effect of GDPR. But to date, there has been a degree of uncertainty for organizations regarding the scope of the GDPR’s application outside of the EU. Although Article 3 of the GDPR represents a significant expansion of the territorial reach of an EU Regulation, a global approach to the protection of individuals’ rights is still necessary--especially in the case of the online world, as it does not respect physical or geographical boundaries and thus often gives rise to the question of which law is applicable in the case of online activities. As regulatory changes can prove to be both an opportunity and a challenge, this article aims to examine the extraterritoriality of prior and current EU data privacy law, discuss the key concepts of the provision for applicability of EU data protection laws to non-EU data controller or processor, point out the differences and related questions about the application of extraterritorial effect provisions between Directive and GDPR, and-- finally--provide suggestions toward domestic legislation.
起訖頁 1-70
關鍵詞 歐盟個人資料資料保護指令一般資料保護規則域外效力設立機構商品服務提供行為監測行為鎖定European UnionPersonal DataData Protection DirectiveGeneral Data Protection Regulation (GDPR)Extraterritorial EffectEstablishmentOffering of Goods or ServicesMonitoringTargeting
刊名 政大法學評論
出版單位 國立政治大學法律學系
期數 202006 (161期)
DOI 10.3966/102398202020060161001  複製DOI  DOI申請
QRCode
 



讀者服務專線:+886-2-23756688 傳真:+886-2-23318496
地址:臺北市館前路28 號 7 樓 客服信箱
Copyright © 元照出版 All rights reserved. 版權所有,禁止轉貼節錄