"Building a digital world consumers can trust" is the major theme for activities to be held in 2017 by Consumers International (hereafter referred to as CI). In collaboration with this theme, Taiwan will focus on promoting peace of mind for consumers conducting Internet transactions. For the effective promotion of online transaction security, on November 4, 2016, the Department of Consumer Protection, Executive Yuan (hereafter referred to as the DCP) tasked scholars and experts on law and information as well as relevant central authorities to jointly research and reach a consensus on legal issues regarding apps for non-governmental agencies. They started by dealing with four major types of Apps for non-governmental agencies concerning people's livelihood which collect personal information(apps for convenience stores, hypermarkets, mobile banking and communications services), and invited relevant authorities to review these apps and help business operators to improve their practices in this field.

Mobile devices have become an indispensable part of everyday life for most people. Consumers download Apps for the convenience they allow in activities related to food and clothing, lodging, transportation, education and entertainment. However, when consumers use a personal computer or an App to find information, their personal privacy needs to be consistently safeguarded. It is inappropriate that protection policies and methods should differ depending on the tools consumers use. Moreover, according to Articles 19 and 20 of the Personal Information Protection Act (hereafter referred to as the PIPA), when an App collects personal information, if it has been involved in the collection of "non-essential information" defined by the PIPA, the App should make this clear to consumers and provide consumers with the choice of whether or not such data should be collected.

In order to protect the privacy of consumers, the central authorities (the Ministry of Economic Affairs, Financial Supervisory Commission and National Communications Commission) dealt with such Apps in a very active way. At this point, initial results have already been obtained, and the relevant companies have agreed to cooperate in fixing the relevant apps as soon as possible. For the small number of businesses who have not yet established a mechanism to obtain the consent of consumers, or who have not indicated whether the businesses should establish different mechanisms for consumers to make choices, the central authorities will continue to communicate with them, and advise businesses on how to improve their services (details listed below).

In addition, the central authorities demand that businesses establish a self-regulation mechanism and complete any relevant management rule as soon as possible; before releasing an App to the public, businesses are urged to inspect whether the product's requisite limits of authority are comparable to its provision of services. This will facilitate a comprehensive assessment of compliance with the PIPA disclosure obligation and strengthen the consumer protection of personal data.

The DCP appeals to consumers to pay heed to the importance of protecting personal information. In addition, consumers are reminded that they should carefully make their own selections before downloading an App via a mobile device. Particular attention should be paid to the protection of personal data in order to prevent malicious attacks that lead to personal information being leaked.