隱私權是極為複雜,範圍界定又不清的議題。其中的個資,在科技催化下,因處於數位化和網路化的情境中,再加上開放資料的需求,讓個資保護的挑戰更加嚴苛。數位化和網路化,讓大部分的人口都暴露在個資洩漏的風險中。很多國家於是祭出法規和標準來保護個資。眾多企業在受益於資料開放的同時,亟需尋求法遵的策略。以電子商務為主的中小企業,在個資法衝擊下,跨境交易之個資保護,需因應各國的法規和標準。而處於法規要求和處理標準的框架下,如何達成法遵的目標變成中小企業最大的挑戰。在各種技術中,去識別化是其中之一。本研究將從學術研究單位的技術清單中分離出商業性及醫療工具,另整理出去識別化之開源工具。依據此包含十三項的工具清單中,經過實際操作,排除不易操作,格式不適合,還有缺乏支援的工具,透析出適於跨境電子商務企業可以遵循標準作業程序和應用的工具。
Privacy is often considered as a part of human rights, accepted by the world as a collective value. Nevertheless, the subject is complicated and the boundary often unclear, in particularly subsequent to the uprising internet and digitalization. The digitalization and connectivity of the cyber world indeed have revolutionized the context of the everyday lives of modern societies. Convenience as it may be, it also poses a high risk for privacy breaching, in specific to Personal Identifiable Information.
Given this dilemma, regulations and standards are constituted in responding to the call for PII protection. While the regulations become mandatory, organizations who would be collecting/processing, or storing any personal data will now oblige to take measure for compliance with laws. De-identification as one of the measures to PII protection is essential for organizations specifically to those with sensitive data.
This thesis will address PII protection issue from the scope of de-identification open source tools. In mapping the standards and regulations from various entities, a set of SOP practice, whereas businesses would then be equipped with directions for laws compliance. The tool recommendations would further enhance enterprises with the ability to PII protection without resulting in third-party services.
Sorting through various de-identification tools and filter out the commercial ones, there leave thirteen tools for preview. From there, derives a selected few. which Organizations with different agenda and status quo could find measures that they see fits. Data sharing plays a key role in revolutionizing the world nowadays and will continue to be so. Balancing PII protection with the call for data sharing is the driving force behind this research. Whereas the aim to resolve dilemma of small to medium sized online companies in facing laws constraints is the backbone of this paper. And expectantly, the study could then fill in the gaps between PII protection and data sharing.
