The newly added requirement in Taiwan’s Money Laundering Control Act to fully authenticate customers’ identity by regulated entities, particularly to reveal substantial beneficial owners, entails greater disclosure of customers’ private information. How to strike the balance between such disclosure and information privacy protection has not been mentioned yet in Taiwan. The goal of this research paper is to identify support measures, consisting of criteria, sub-criteria, and alternatives, for information privacy protection for future change. A questionnaire was developed through applying the modified Delphi method. This study also applied the analytic hierarchy process to the questionnaire to prioritize the importance of different criteria and sub-criteria and find the optimal alternative. The search results indicated that the criteria were (in order of importance) internal control in financial institutions, prior surveillance mechanisms, informed consent, and safe-harbor immunity. Further examination of the details for the sub-criteria indicated that the establishment of an external independent supervising mechanism and the adoption of a personal information impact assessment are increasingly prioritized for implementation. Moreover, Alternative 2 (“Public and private entities should implement criteria and sub-criteria simultaneously”) weighed 0.62 more in terms of importance compared with Alternative 1 (“Public entities should implement criteria and sub-criteria first”), which weighed 0.38.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited