個人資料保護法之刑罰規定 / 律師吳英志 @ 眾律國際法律事務所

最新二十篇文章公告：判決與法律命令之解析、契約與商業模式之範例

提供企業從事國內外商務交易上，所須知的各種法律規定及其風險的預防控管，而就各種法律規定、各項商業模式、各別法院判決與常用契約範本而寫的參考文章。本部落格之文章可讀性高、內容廣泛，從日常生活常見的買賣、租賃、公寓大廈管理到公司經營常見的產業模式、新創募資、合夥協議、投資併購、盡職調查、勞資關係、公司治理、上市上櫃、證券交易、技術移轉、經銷代理、國際商品買賣、供應鏈協議（OBM、ODM、OEM）、專利、商標、著作權、營業秘密保護相關之題目都有。本部落格的文章及其回覆，不代表本所的正式法律意見。如需進行各種商業交易的合法審查、各國商務契約的草擬談判、提起訴訟或應訊應訴、專利商標著作權之申請、授權及訴訟。請就近聯繫請聯繫新竹所03-668-2582 E-mail:info@zoomlaw.net 本所詳細資訊請自行參閱：http://www.zoomlaw.net 所長法學博士范國華律師敬啟

Jan 13 Wed 2016 18:45
個人資料保護法之刑罰規定 / 律師吳英志

個人資料保護法之刑罰規定 / 律師吳英志總編輯法學博士范國華主持律師

關於個人資料保護法刑罰條款之規定，見於該法第41條、第42條、第43條、第44條、第45條及第46條，一一臚列如下：

第41條（刑罰）

意圖為自己或第三人不法之利益或損害他人之利益，而違反第六條第一項、第十五條、第十六條、第十九條、第二十條第一項規定，或中央目的事業主管機關依第二十一條限制國際傳輸之命令或處分，足生損害於他人者，處五年以下有期徒刑，得併科新臺幣一百萬元以下罰金。

A violation to Paragraph 1 of Article 6, Articles 15, 16, 17, 19 and Paragraph 1 of Article 20, or an order or disciplinary action of the limitation on international transmission made by the government authority in charge of subject industry at the central government level in accordance with Article 21 which may harm other people’s rights should be imposed of a sentence or custody of no more than 2 years, or a fine of no more than NT$200,000, or both.

A person who intends to commit the crime in the preceding Paragraph should be imposed of a sentence of no more than 5 years and a fine of no more than NT$1,000,000.

第42條（刑罰）

意圖為自己或第三人不法之利益或損害他人之利益，而對於個人資料檔案為非法變更、刪除或以其他非法方法，致妨害個人資料檔案之正確而足生損害於他人者，處五年以下有期徒刑、拘役或科或併科新臺幣一百萬元以下罰金。

A person who intends to make unlawful profits for himself or for a third party, or intends to infringe upon the interests of others by illegally changing or deleting personal information files, or by other illegal means and has impeded the accuracy of other people’s personal information files and caused damages to others should be imposed of an imprisonment or custody of no more than 5 years, or a fine of no more than NT$1,000,000, or both.

第43條（國外犯罪之適用－屬人原則）

中華民國人民在中華民國領域外對中華民國人民犯前二條之罪者，亦適用之。

The above two Articles may be applicable to a citizen of the Republic of China who commits those crimes to citizens of the Republic of China outside the territory of the Country.

第44條（不純正瀆職罪）

公務員假借職務上之權力、機會或方法，犯本章之罪者，加重其刑至二分之一。

A government official who takes advantage of his position, or opportunity or means available to him to commit the offenses prescribed in this Chapter should be subject to punishments half as severe as those enumerated above.

第45條（告訴乃論）

本章之罪，須告訴乃論。但犯第四十一條之罪者，或對公務機關犯第四十二條之罪者，不在此限。

The offenses referred to in this Chapter should be instituted only upon a complaint. However, the commission of the crime provided for pursuant to Paragraph 2 of Article 41, or the crime against the government agency pursuant to Article 42 is excluded from that.

第46條（法規競合）

犯本章之罪，其他法律有較重處罰規定者，從其規定。

In the event where a more severe punishment is provided for in other laws with respect to the offenses outlined in this Chapter, the more severe one should be applied.

前開犯罪構成要件之條文內容，摘錄如下，請自行參酌：

第六條第一項（不得蒐集、處理或利用之原則）

有關病歷、醫療、基因、性生活、健康檢查及犯罪前科之個人資料，不得蒐集、處理或利用。但有下列情形之一者，不在此限：

一、法律明文規定。

二、公務機關執行法定職務或非公務機關履行法定義務必要範圍內，且事前或事後有適當安全維護措施。

三、當事人自行公開或其他已合法公開之個人資料。

四、公務機關或學術研究機構基於醫療、衛生或犯罪預防之目的，為統計或學術研究而有必要，且資料經過提供者處理後或經蒐集者依其揭露方式無從識別特定之當事人。

五、為協助公務機關執行法定職務或非公務機關履行法定義務必要範圍內，且事前或事後有適當安全維護措施。

六、經當事人書面同意。但逾越特定目的之必要範圍或其他法律另有限制不得僅依當事人書面同意蒐集、處理或利用，或其同意違反其意願者，不在此限。

Personal information of medical treatment, genetic information, sexual life, health examination and criminal record should not be collected, processed or used. However, the following situations are not subject to the limits set in the preceding sentence:

1. when in accordance with law;

2. when it is necessary for the government agency to perform its duties or for the non- government agency to fulfill the legal obligation, and when there are proper security measures.

3. when the Party has disclosed such information by himself, or when the information concerned has been publicized legally;

4. when the personal information is collected, processed or used under certain methods by a government agency or an academic research institution based on the purpose of medical treatment, personal hygiene or crime prevention statistics and/or study.

The rules of the range, procedure and any other items to be followed concerning Item 4 of the preceding Paragraph should be set by the government authority in charge of subject industry at the central government level in conjunction with the Ministry of Justice.

第十五條（公務機關對個人資料蒐集或處理之原則）

公務機關對個人資料之蒐集或處理，除第六條第一項所規定資料外，應有特定目的，並符合下列情形之一者：

一、執行法定職務必要範圍內。

二、經當事人同意。

三、對當事人權益無侵害。

Except the information stated in Paragraph 1 of Article 6, the government agency should not collect or process personal information unless there is a specific purpose and should comply with one of the following conditions:

1. it is within the scope of job functions provided by laws and regulations;

2. a written consent has been made by the Party; and

3. the rights and interests of the Party may not be harmed.

第十六條（公務機關對個人資料之利用原則及例外）

公務機關對個人資料之利用，除第六條第一項所規定資料外，應於執行法定職務必要範圍內為之，並與蒐集之特定目的相符。但有下列情形之一者，得為特定目的外之利用：

一、法律明文規定。

二、為維護國家安全或增進公共利益所必要。

三、為免除當事人之生命、身體、自由或財產上之危險。

四、為防止他人權益之重大危害。

五、公務機關或學術研究機構基於公共利益為統計或學術研究而有必要，且資料經過提供者處理後或經蒐集者依其揭露方式無從識別特定之當事人。

六、有利於當事人權益。

七、經當事人同意。

Except the information stated in Paragraph 1 of Article 6, the government agency should use the personal information in accordance with the scope of its job functions provided by laws and regulations, and in compliance with the specific purpose of collection. However, the information may be used outside the scope upon the occurrence of one of the following conditions:

1. Where in accordance with law;

2. Where it is for national security or to promote public interests;

3. Where it is to prevent harm on the life, body, freedom or property of the Party;

4. Where it is to prevent harm on the rights and interests of other people;

5. Where it is necessary for public interests on statistics or the purpose of academic research conducted by a government agency or an academic research institution, respectively. The information may not lead to the identification of a certain person after the treatment of the provider or the disclosure of the collector;

6. Where such use may benefit the Party; and

7. A written consent of the Party has been obtained.

第十九條（非公務機關對個人資料之蒐集或處理）

非公務機關對個人資料之蒐集或處理，除第六條第一項所規定資料外，應有特定目的，並符合下列情形之一者：

一、法律明文規定。

二、與當事人有契約或類似契約之關係，且已採取適當之安全措施。

三、當事人自行公開或其他已合法公開之個人資料。

四、學術研究機構基於公共利益為統計或學術研究而有必要，且資料經過提供者處理後或經蒐集者依其揭露方式無從識別特定之當事人。

五、經當事人同意。

六、為增進公共利益所必要。

七、個人資料取自於一般可得之來源。但當事人對該資料之禁止處理或利用，顯有更值得保護之重大利益者，不在此限。

八、對當事人權益無侵害。

蒐集或處理者知悉或經當事人通知依前項第七款但書規定禁止對該資料之處理或利用時，應主動或依當事人之請求，刪除、停止處理或利用該個人資料。

Except the information stated in Paragraph 1 of Article 6, the non-government agency should not collect or process personal information unless there is a specific purpose and should comply with one of the following conditions:

1. Where in accordance with law;

2. Where there is a contract or quasi-contract between the Party and the agency;

3. Where the Party has disclosed such information by himself or when the information has been publicized legally;

4. Where it is necessary for public interests on statistics or the purpose of academic research conducted by a research institution. The information may not lead to the identification of a certain person after the treatment of the provider or the disclosure of the collector;

5. Where a written consent has been made by the Party;

6. Where the public interest is involved; and

7. Where the personal information is obtained from publicly available resources. However, it is exempted if the information is limited by the Party on the processing or use and the interests of the Party should be protected.

By the time when the collector or processor realizes or has been notified of the provision in Item 7 of the preceding Paragraph by the Party, he should delete, stop processing or using the personal information, ex officio or upon the request of the Party.

第二十條第一項（非公務機關對個人資料利用之原則及例外）

非公務機關對個人資料之利用，除第六條第一項所規定資料外，應於蒐集之特定目的必要範圍內為之。但有下列情形之一者，得為特定目的外之利

用：

一、法律明文規定。

二、為增進公共利益所必要。

三、為免除當事人之生命、身體、自由或財產上之危險。

四、為防止他人權益之重大危害。

五、公務機關或學術研究機構基於公共利益為統計或學術研究而有必要，且資料經過提供者處理後或經蒐集者依其揭露方式無從識別特定之當事人。

六、經當事人同意。

七、有利於當事人權益。

Except the information stated in Paragraph 1 of Article 6, the non-government agency should use the personal information in accordance with the scope of the specific purpose of collection provided. However, the information may be used outside the scope upon the occurrence of one of the following conditions:

1. Where in accordance with law;

2. Where it is to promote public interests;

3. Where it is to prevent harm on the life, body, freedom or property of the Party;

4. Where it is to prevent harm on the rights and interests of other people;

6. Where a written consent of the Party has been obtained.

第二十一條（非公務機關對個人資料國際傳輸之限制）

非公務機關為國際傳輸個人資料，而有下列情形之一者，中央目的事業主

管機關得限制之：

一、涉及國家重大利益。

二、國際條約或協定有特別規定。

三、接受國對於個人資料之保護未有完善之法規，致有損當事人權益之虞。

四、以迂迴方法向第三國（地區）傳輸個人資料規避本法。

If one of the followings has occurred when the non-government agency transmits personal information internationally, the government authority in charge of subject industry may limit its action:

1. Where it involves major national interests;

2. Where national treaty or agreement specifies otherwise;

3. Where the country receiving personal information lacks of proper regulations towards the protection of personal information and it might harm the rights and interests of the Party:

4. Where international transmission of personal information is made through an indirect method in which the provisions of this Law may not be applicable.