According to Taiwan's de minimis rule, goods not exceeding 50 SDR / 2000 TWD / 72 USD of value are exempted from taxes and duties collected by customs. This has been reduced from 3,000 TWD which applied before 2018.

Taiwan did not sign the UN Convention on Electronic Communications.

Under the Commodity Inspection Act, commodities inspection is conducted in four schemes: batch-by-batch inspection, monitoring inspection, registration of product certification, and declaration of conformity. The declaration of conformity (DoC) is considered to be the least-trade-restrictive conformity assessment procedure and it is applied only to low-risk products with stable manufacturing technology and few concerns of risk or danger. Under the DoC, manufacturers may have testing done by the Bureau of Standards, Metrology and Inspection (BSMI)-designated laboratories, prepare their own technical documents, and draft the DoC form themselves.
The Bureau of Standards, Metrology, and Inspection recognize the designated testing laboratories to conduct the testing of commodities subject to inspection.

The National Communications Commission (NCC) is an independent Taiwanese Statutory agency created for the purpose of regulating information, communications standards, licensing, radio frequency, spectrum and broadcasting. The Compliance Approval Regulations on Controlled Telecommunications Radio-Frequency Devices, promulgated in 1997 and recently amended in 2017, stipulates that radio transmission and telecom equipment must get NCC Radio Type Approval in order to be marketed in Taiwan. NCC is responsible for Taiwan’s radio frequency management and requires mandatory testing either through local recognised laboratories or through foreign laboratories recognized by NCC (MRA Countries only). It is advisable to perform testing through a locally recognised laboratory as it will significantly simplify the process.

Under the Second Category of Telecommunications Business Management Rules, promulgated pursuant to Article 17 of Telecommunications Management Act, the country has implemented mandatory SIM card registration requirements. In 2017, the National Communications Commission stated that when applying for a house number or prepaid card, people should apply for dual certificates, and telecommunications businesses (including their resellers) should verify and log in user information. The rules were promulgated in August 2014.

In August 2020, the Ministry of Economics announced that Taiwanese companies could not provide video streaming-related services originating with Chinese companies or people, particularly iQIYI or Tencent, starting from September 2020. The rule updated Article 35 of the Act Governing Relations between the People of the Taiwan Area and the Mainland Area, and formally prohibited companies and individuals in Taiwan to be the agents or distributors of any Chinese over-the-top services (OTT) via television or other broadcast, including the digital-television channel service Media on Demand.

Under Article 21 of the Personal Data Protection Act (1995), the government may impose restrictions on a cross-border transfer of personal data by a non-government agency if (a) major national interests are involved, (b) an international treaty or agreement so stipulates, (c) the country receiving the data lacks proper regulations on protection of personal data and the data subjects' rights and interests may be consequently harmed, or (d) the transfer to a third country is carried out to circumvent the Act.

Article 18 of the Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation (Regulations) (promulated in 2006) deals with conditions upon which a financial institution may outsource its operations to overseas service providers. The financial institution must obtain a confirmation letter from the financial authority of the country where the outsourced services are conducted agreeing to the outsourcing operations. A foreign bank branch in Taiwan, on top of the confirmation letter, shall obtain the letter of consent authorized by its head office or regional head office to the obtainment and use on data, security control and cooperation with the supervisory requirements in Taiwan.
If the financial institution cannot obtain the letter of confirmation from the foreign financial authority, it must submit the following documents to the Financial Supervisory Commission:
- A letter of consent from the service provider, agreeing that where necessary, a person designated by the financial institution may examine the outsourced items. The aforesaid designated person may also be assigned by the competent authority at the expense of the financial institution;
- The evaluation on internal control principles and operating procedure of the service provider;
- The legal opinion indicates the protection of customer data where the service provider is located is not below the condition in Taiwan;
- The financial statements of service provider audited and attested by a CPA for the most recent fiscal year;
- A statement issued by the service provider certifying that no violation on customer interests, personnel malpractice, information and technology security and other occurrences that impact sound business operation in the last three years.

Taiwan has not joined any agreement with binding commitments to open transfers of data across borders.

Article 9 of the Telecommunications Management Act (2020) requires telecom enterprises to retain communications records such as the numbers of the sender and the recipient, time of communication, address, service type, mailbox or location information.

Under Article 4 of the Regulations on Users of Telecommunications Businesses Inquiring Communication and Account Records (2020), telecommunications enterprises must retain communication records and accounting records at least for one year.

Under Article 22 of the Personal Data Protection Act (1995), the government may, when they deem necessary or suspect any possible violation of the Act, (a) inspect compliance with the security control measures, the guidelines on disposing personal data upon business termination, and the restrictions on cross-border transfers, or (b) conduct any other routine inspections by having their staff enter non-government agencies' premises upon presentation of their official identification documents and order relevant personnel at the non-government agencies.
In doing so, the government may retain or make duplications of the personal data or the files thereof that can be confiscated or be admitted as evidence. The owner, holder or keeper of such data or files that shall be confiscated or copied shall submit them to the authorities upon request. If the non-government agency refuses to submit or deliver the requested data or files or rejects the confiscation or duplication thereof without any legitimate reason, a compulsory enforcement that will do the least harm to the rights and interests of the non-government agency may be applied.

Fo law enforcement agencies to access the content of communications, they need either interception warrants or access warrants approved by a court. However, in urgent situations or for specific crimes, the agencies may access the communications without a warrant as long as they obtain it within 24 hours after the surveillance under the Communications Security and Surveillance Act (1999). According to a report of the Ministry of Justice, more than 90 percent of surveillance cases did not require the approval from a court. It is reported that the lack of judicial review over surveillance requests has been increasingly normalized.

It is reported that government units with certain investigative powers have gone directly to state agencies and private companies to request personal data without first receiving a court order or other oversight. For example, the Ministry of Economic Affairs between 2017 and 2018 had a 100 percent success rate in receiving information from the 1,112 requests it filed for personal information. Of these, 1,000 requests were to non-government agencies, including Chunghwa Telecom, Taiwan Mobile CO., and Yahoo! Taiwan Holdings Limited. Between 2015 and 2016, the Ministry of Finance submitted 350 requests with a 99.4 percent success rate. The Criminal Investigation Bureau also reportedly issued 565 requests to Facebook through this process, with a 52.9 percent success rate, between 2015 and 2016.

Chungwa Telecom, the largest network operator, used to be a state-owned enterprise but has been privatized in 2005. The government owns 35.29% of its shares. Taiwan Mobile is owned by private shareholders. For Far Eastone Telecommunications Co., Ltd, the government owns 3.24% of its shares. For Asia Pacific Telecom Co., Ltd., the government owns 6.86% of its shares.

There is no requirement for functional separation for operators with significant market power. The Telecommunications Management Act allows a telecommunications service provider to use the networks established by others but does not make structural and functional separation mandatory. However, accounting separation is required.