NCC aims to boost data protection
By Queena Yen ,The China Post
August 16, 2014, 12:02 am TWN
TAIPEI, Taiwan -- An official of the National Communications Commission (NCC) stated yesterday that in order to secure citizens' personal data, it is considering establishing an authorization system to examine cellphone hardware as well as software, meaning that in the future cellphones may need to be approved by the government before entering the market.
As Chinese smartphone maker Xiaomi admitted that it gathered personal data without permission and apologized over the issue, the security of personal data on cellphones has come under the spotlight.
According to recent reports, some built-in smartphone applications are permitted to access personal data while other applications can directly link to a user's contact list, which makes downloading certain applications risky in terms of data security.
As an example, the camera of Samsung's Galaxy S5 can access text messages as well as the phone's contact list. The camera of Asus' PadFone Infinity can track users' positions via GPS. In addition, the recording application of Xiaomi's Redmi can also directly access users' contact lists.
In order to deal with this issue, the Executive Yuan is coordinating with the Industrial Development Bureau (IDB) and the NCC to launch a government verification system to confirm that applications meet national standards.
However, Li Chung-hsien (李忠憲), a professor of the Department of Electrical Engineering at National Cheng Kung University, said he believes that the authorization system may not work as effectively as the government thinks. He pointed out that most of the applications will need to be updated constantly. Yet, the proposed authorization can only guarantee the safety of the original program.
According to Li, most people are careless about personal data security when using cellphones. Rather than setting up an authorization system, the government should carry out an education program in order to teach citizens how to prevent the disclosure of personal data.
Responding to the issue, Taiwanese smartphone maker HTC Corp. (宏達電) and Asustek Computer Inc. (華碩) pointed out that they put serious emphasis in protecting customers' personal data. In addition, they also follow national regulations that are relevant to the issue.
Personal Data Crisis
As applications become more functional, many will ask for a user's permission to access personal data. According to Wei Hsiao-cheng (魏孝丞), an applications producer, gaining users' permission does not mean that an application will actually use the personal data. However, the permission to access contact lists, call records, messages, audio recordings and GPS can put users at risk of revealing important personal data.