Database

Browse Database

TAIWAN

Since March 1994, last amended in October 2023
Since June 2022, last amended in January 2024
Since January 2009, last amended in October 2024

Pillar Quantitative trade restrictions for ICT goods and online services  |  Indicator Other import restrictions, including non-transparent/discriminatory import procedures
Regulations Governing Export and Import Of Strategic High-tech Commodities (戰略性高科技貨品輸出入管理辦法)

Regulation Governing Types of Strategic High-Tech Commodities, Specific Strategic High-Tech Commodities and Exportation to Restricted Regions (戰略性高科技貨品種類 特定戰略性高科技貨品種類及 輸出管制地區)

Export Control List for Dual Use Items and Technology and Common Military List
According to Arts. 6 and 7 of the Regulations Governing the Export and Import of Strategic High-tech Commodities, importers of certain high-tech products are required to obtain either an international import certificate or a written assurance certificate from the International Trade Administration (TITA). As specified in Section I of the "Regulation Governing Types of Strategic High-Tech Commodities, Specific Strategic High-Tech Commodities and Exportation to Restricted Regions", this authorisation requirement applies to all strategic high-tech goods, including those listed in the Export Control List for Dual Use Items and Technology and the Common Military List. The latter includes, among other categories, equipment for the manufacturing of semiconductor devices or materials, as well as telecommunications systems, equipment, components, and accessories.
Coverage Strategic high-tech goods

TAIWAN

Since July 1997, last amended in November 2023
Since July 1993, last amended in July 2025

Pillar Quantitative trade restrictions for ICT goods and online services  |  Indicator Export restrictions on ICT goods or online services
Regulations Governing Export of Commodities (貨品輸出管理辦法)

List of Commodities Subject to Import Restriction
According to Art. 5 of the Regulations Governing Export of Commodities, the International Trade Administration (TITA) shall compile a “List of Commodities Subject to Export Restriction” in accordance with export regulations and commodity classifications as announced. Exporters of commodities included on this list must comply with the procedures established therein and obtain prior authorisation from TITA. Without such approval, export is prohibited.
According to the most recent version of the List of Commodities Subject to Export Restriction, several goods of particular relevance to the ICT sector require export authorisation. These include:
- Silicon and compound semiconductor wafers (e.g. CCC HS Codes 3818.00.10.15-7 to 3818.00.10.90-5), which serve as essential substrates in the manufacture of integrated circuits and electronic devices.
- Doped chemical elements and compounds for electronics (3818.00.90.00-7), used in the fabrication of semiconductors and microelectronic components.
- Gallium-based compounds such as gallium phosphide, gallium arsenide, and gallium aluminium arsenide (e.g. 2853.90.12.00-1, 2853.90.30.00-9, 2853.90.40.00-7), which are critical for high-speed electronics.
- Artificial graphite (3801.10.00.00-3), widely employed in lithium-ion batteries and thermal management systems for ICT hardware.
- Fluoropolymers, including polytetrafluoroethylene (PTFE) (3904.61.00.00-7 and 3904.69.00.00-9), are used in high-performance cable insulation, printed circuit boards, and protective coatings in electronic equipment.
Coverage Intermediary ICT goods

TAIWAN

Since February 1993, last amended in December 2019
Since July 1997, last amended in November 2023
Since June 2022, last amended in January 2024
Since March 1994, last amended in October 2023
Last amended in June 2025

Pillar Quantitative trade restrictions for ICT goods and online services  |  Indicator Export restrictions on ICT goods or online services
Foreign Trade Act (貿易法)

Regulations Governing Export of Commodities (貨品輸出管理辦法)

Regulation Governing Types of Strategic High-Tech Commodities, Specific Strategic High-Tech Commodities and Exportation to Restricted Regions (戰略性高科技貨品種類 特定戰略性高科技貨品種類及 輸出管制地區)

Regulations Governing Export and Import Of Strategic High-tech Commodities (戰略性高科技貨品輸出入管理辦法)

Strategic High‑Tech Commodities (SHTC) Entity List
Under Art. 13 of the Foreign Trade Act, and Art. 5 of the Regulations Governing Export of Commodities, the export of certain high-tech commodities is prohibited unless authorised by the competent authority. As set out in Section I of the "Regulation Governing Types of Strategic High-Tech Commodities, Specific Strategic High-Tech Commodities and Exportation to Restricted Regions", the authorisation requirement applies to strategic high-tech goods, including equipment for the manufacturing of semiconductor devices or materials; telecommunications systems, equipment, components and accessories; among others. The procedures and documentation for such exports are further detailed in Chapter 3 of the Regulations Governing Export and Import of Strategic High-Tech Commodities.
According to Section III of the "Regulations Governing Types of Strategic High-Tech Commodities, Specific Strategic High-Tech Commodities, and Exportation to Restricted Regions", and in line with Art. 5 of the Regulations Governing Export of Commodities, exports to Iran, Iraq, North Korea, China, Sudan, and Syria are restricted. Examples of export prohibitions include:
- Iran: Controlled goods include electronic devices, mineral ores, semiconductors, integrated circuits, resistors, chips, photovoltaic components, battery cells, machinery parts, pumps, furnaces, and automobile motors.
- Russia and Belarus: Controlled goods include semiconductors, circuits, resistors, chips, machinery components, pumps, furnaces, and automobile motors.
- China: Export controls cover 12 categories of semiconductor manufacturing equipment, such as chemical mechanical polishers, photoresist strippers and developers, rapid thermal processors, deposition apparatuses, cleaning equipment, dryers, electron microscopes, etchers, ion implanters, photoresist coaters, and lithography equipment.
Taiwan also maintains a Strategic High‑Tech Commodities (SHTC) Entity List. Taiwanese firms are required to obtain approval from the International Trade Administration (ITA) prior to exporting any strategic tech goods to entities included on the list. A total of 10,844 organisations and individuals have been designated. In June 2025, Taiwan added a further 601 entities, among them the Chinese companies Huawei Technologies Co. and Semiconductor Manufacturing International Corporation (SMIC), as well as additional entities based in countries such as Pakistan, Iran, Myanmar, and China.
Coverage Strategic high-tech goods
Sources

TAIWAN

Last reported in 2025

Pillar Technical standards applied to ICT goods and online services  |  Indicator Self-certification for product safety
Supplier Declaration of Conformity allowed for foreign businesses
Self-certification is allowed in the country for radio transmission, electromagnetic interference (EMI) or electromagnetic compatibility (EMC). Taiwan allows foreign companies to self-certify that they comply with these standards, through a Supplier Declaration of Conformity (SDoC). The supplier or manufacturer of the equipment declares the equipment meets the technical and administrative requirements on the basis of test reports by a testing laboratory recognized by the regulator. No registration of the equipment with the regulator is required.
Coverage Electronic products

TAIWAN

Since May 2015, last amended in October 2024

Pillar Cross-border data policies  |  Indicator Ban to transfer and local processing requirement
Rules Governing the Administration of Electronic Payment Business (電子支付機構業務管理規則)
Art. 44 of the Rules Governing the Administration of Electronic Payment Business, as amended in July 2021, stipulates that the information system and security management operations of an electronic payment institution must be established within the territory of Taiwan. However, this requirement does not apply where the institution satisfies specific conditions and obtains approval from the competent authority. These conditions include ensuring that the competent authority can access relevant information immediately, directly, completely, and continuously. To obtain such approval, the institution must submit documentation, including a confirmation letter from the local government authority where the offshore service provider is located, an inspection report from an independent IT auditor, a contingency plan with a supporting assessment, a supervision plan detailing oversight mechanisms, and a cost-benefit evaluation approved by the board of directors. In addition, the institution must not have been sanctioned for financial regulatory violations in the preceding year, must have addressed any deficiencies identified by regulators, and must not have any unresolved major information security breaches.
Prior to the 2021 amendment, the Rules contained a similar provision in Art. 23, which required that the information system and its backup system for the electronic payment business of specialised electronic payment institutions be established within the territory of Taiwan.
Coverage Electronic payment institutions

TAIWAN

Since September 2006, last amended in August 2023

Pillar Cross-border data policies  |  Indicator Ban to transfer and local processing requirement
Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation (金融機構作業委託他人處理內部作業制度及程序辦法)
Art. 17 of the "Regulations Governing Internal Operating Systems and Procedures for the Outsourcing of Financial Institution Operation" obliges financial institutions outsourcing to overseas service providers to ensure that customer data is used strictly within the scope of the outsourced operations, kept separate from the data of the service provider and other institutions, and is accessible to the competent authority. Art. 18 mandates prior approval for outsourcing “material” retail financial business information systems abroad, requiring detailed documentation on data protection, risk management, and audit mechanisms. The term “material” refers to outsourced operations that, if disrupted or compromised, could significantly affect the financial institution’s operations or customer interests. Art. 19, which specifically addresses cloud-based services, stipulates that customer data from material retail financial systems shall, in principle, be stored within the territory of Taiwan, and if stored offshore, backups of important customer data must be retained domestically unless otherwise approved by the competent authority.
Coverage Financial sector

TAIWAN

N/A

Pillar Cross-border data policies  |  Indicator Participation in trade agreements committing to open cross-border data flows
Lack of participation in agreements with binding commitments on data flows
Taiwan has not joined any agreement with binding commitments to open transfers of data across borders.
Coverage Horizontal

TAIWAN

Since August 1995, last amended in May 2023

Pillar Domestic data policies  |  Indicator Framework for data protection
Personal Data Protection Act (個人資料保護法)
The Personal Data Protection Act (PDPA) establishes a comprehensive framework for data protection in Taiwan. Initially introduced in 1995, the Act underwent significant amendments in 2010, with the revised version coming into force in 2012. The Enforcement Rules of the Personal Data Protection Act provide further guidelines for the interpretation and implementation of the Act. The enforcement of the PDPA is carried out by ministries, commissions, and local governments. As mandated by the Constitutional Court's 111-Shien-Pan-13 judgement, the Legislative Yuan passed amendments to the Act in May 2023 to establish an independent supervisory mechanism for data protection. Article 1-1 of the amended PDPA specifies that the Personal Data Protection Commission (PDPC) will serve as the competent authority for the Act, consolidating enforcement powers previously dispersed among ministries, commissions, and local governments. The Preparatory Office of the PDPC was established in December 2023, assuming responsibility for interpreting the Act from the National Development Council as of January 2024.
Coverage Horizontal

TAIWAN

Since June 2019, last amended in June 2023
Since July 2020

Pillar Domestic data policies  |  Indicator Minimum period for data retention
Telecommunications Management Act (電信管理法)

Regulations on Users of Telecommunications Businesses Inquiring Communication and Account Records (電信事業用戶查詢通信紀錄及帳務紀錄作業辦法)
Art. 9 of the Telecommunications Management Act requires telecom enterprises to retain communications records such as the numbers of the sender and the recipient, time of communication, address, service type, mailbox or location information. The "Regulations on Users of Telecommunications Businesses Inquiring Communication and Account Records" were established in accordance with the stipulations of Art. 9 of the Telecommunications Management Act. Under Art. 4 of the Regulations, telecommunications enterprises must retain communication records and accounting records for at least one year.
Coverage Telecommunications sector

TAIWAN

Since July 1999, last amended in July 2024

Pillar Domestic data policies  |  Indicator Requirement to allow the government to access personal data collected
Communications Security and Surveillance Act (通訊保障及監察法)
For law enforcement agencies to access the content of communications, they need either interception warrants or access warrants approved by a court. However, in urgent situations or for specific crimes, Art. 11.1 of the Communications Security and Surveillance Act provides that the agencies may access the communications without a warrant as long as they obtain it within 24 hours after the surveillance. It is reported that the lack of judicial review over surveillance requests has been increasingly normalised. More generally, it is reported that government units with certain investigative powers have gone directly to state agencies and private companies to request personal data without first receiving a court order or other oversight. For example, the Ministry of Economic Affairs, between 2017 and 2018, had a 100% success rate in receiving information from the 1,112 requests it filed for personal information. Of these, 1,000 requests were to non-government agencies, including Chunghwa Telecom, Taiwan Mobile CO., and Yahoo! Taiwan Holdings Limited. Between 2015 and 2016, the Ministry of Finance submitted 350 requests with a 99.4% success rate. The Criminal Investigation Bureau also reportedly issued 565 requests to Facebook through this process, with a 52.9% success rate, between 2015 and 2016.
Coverage Horizontal

TAIWAN

Since May 1928, as amended in May 2009, last amended in June 2022

Pillar Intermediary liability  |  Indicator Safe harbour for intermediaries for copyright infringement
Copyright Act (著作權法)
The Copyright Act, as amended in 2009 with the introduction of Arts. 90-4 to 90-12, establishes a safe harbour regime for intermediaries for copyright infringements. They largely follow the framework of the US Digital Millennium Copyright Act (DMCA). Internet service providers are divided into four categories with different conditions of eligibility of limitation on liability: connection service providers, caching service providers, information storage service providers, and search service providers.
Coverage Internet intermediaries

TAIWAN

N/A

Pillar Intermediary liability  |  Indicator Safe harbour for intermediaries for any activity other than copyright infringement
Lack of intermediary liability framework in place beyond copyright infringement
A basic legal framework on intermediary liability beyond copyright infringement is absent in Taiwan's law and jurisprudence.
Coverage Internet intermediaries

TAIWAN

Since August 2014

Pillar Intermediary liability  |  Indicator User identity requirement
Second Category of Telecommunications Business Management Rules
Under the "Second Category of Telecommunications Business Management Rules" promulgated in August 2014, and pursuant to Art. 17 of the Telecommunications Management Act, the country has implemented mandatory SIM card registration requirements. In 2017, the National Communications Commission also stated that, when applying for a house number or prepaid card, people should apply for dual certificates, and telecommunications businesses should verify and login user information.
Coverage Telecommunications sector

TAIWAN

Since July 1992, as amended September 2020, last amended in June 2022

Pillar Content access  |  Indicator Blocking or filtering of commercial web content
Act Governing Relations between the People of the Taiwan Area and the Mainland Area (臺灣地區與大陸地區人民關係條例)
In August 2020, the Ministry of Economics, through an amendment to Art. 35 of the Act Governing Relations between the People of the Taiwan Area and the Mainland Area, announced that Taiwanese companies would be prohibited from providing video streaming services originating from Chinese companies or individuals, specifically targeting iQIYI and Tencent, starting from September 2020. The regulation formally banned Taiwanese companies and individuals from acting as agents or distributors for any Chinese over-the-top (OTT) services, including television or other broadcast platforms, such as the digital television channel service Media on Demand.
Coverage Streaming services

TAIWAN

Since July 2024

Pillar Content access  |  Indicator Restrictions on online advertising
Fraud Crime Hazard Prevention Act (詐欺犯罪危害防制條例)
According to Art. 29 of the Fraud Crime Hazard Prevention Act of Taiwan, online advertising platform operators that provide services within Taiwan but do not maintain a physical presence, residence, or established branch in the territory are legally required to appoint a legal representative located in Taiwan. This representative must be either a Taiwanese national, a legally registered corporation, or a non-corporate entity with a representative or manager domiciled in Taiwan. The operator must report the full contact details of the appointed representative to the competent authority responsible for industries related to the digital economy. The representative must be authorised to receive legal documents, assist in compliance with fraud prevention regulations, and carry out other statutory duties.
Under Art. 2.5, the term "online advertising platform operators" refers to final-stage platform operators that provide services for posting or disseminating advertisements, collect remuneration, and engage with citizens through online platforms or spaces. It is reported that this provision applies to both domestic and foreign internet platforms, including those related to social media, search engines, news, education or knowledge, dating, video, or similar services, provided they present, post, or deliver advertisements within Taiwan in quantities that meet the thresholds set by the Ministry of Digital Affairs (MoDA). At present, MoDA has designated Google, YouTube, Line, Facebook, Instagram and TikTok as regulated internet platforms. The companies operating these platforms are therefore required to comply with the legal representative appointment requirement in Taiwan.
Coverage Online advertising platform operators

Report issue     Report new measure