In September 2020, Taiwan government published the Science and Technology Investigation draft legislation, which include the rules providing police the authority to technology monitoring, GPS monitoring, mobile phone and personal communication App software monitoring (hereinafter as “Source Telecommunication Tapping”). The new legal basis of telecommunication investigation causes public discussion about the potential damage of individual privacy.
This paper will discuss Science and Technology Investigation draft legislation, especially the part of Source Telecommunication Tapping, from the perspective of law and information security technology. From the legal side, we will introduce the content of the relevant regulations and its influence on the investigation after it is in effective. Then we would move to personal privacy of mobile messengers, which includes the introduction of point-to-point encryption (end-to-end encryption, E2EE), as well as the protection of user content in Popular mobile messengers such as Whatsapp, Telegram, Facebook, LINE, clubhouse. The discussion would then point out the gap between “what the police hacking wants” and “what the police could really get in real world” from the technical perspective.
Joy Ho is a privacy counsel now working in a technical company in handling personal data infringement events and in legal compliance of Personal Information Protection Act. Joy is certified Internal Management Specialist, Internal Auditor & Certified Verification Professional – Lead Auditor of Taiwan Personal Information Protection & Administration System (TPIPAS), also Lead Auditor of ISO 27001.
Vic Huang is a member of UCCU Hacker.
He is interested in Web/Mobile/Blockchain Security and penetration testing.He has been focusing on Blockchain for over 3 years.
Vic shared his research on CODE BLUE 2020, HITB+cyberweek 2019, HITCON Pacific 2018 , AIS3, ISIP(Information Security Incubation Program),and so on.