|
Article 3
|
The terms under the Act are defined as follows:<br/>1.Information and Communication Systems: refers to any system used for collecting, controlling, transmitting, storing, circulating, or deleting information, or for otherwise processing, using, or sharing information.<br/>2.Information and Communication Services: refers to any services relating to the collection, control, transmission, storage, circulation, deletion, other processing, use, or sharing of information.<br/>3.Cyber Security: refers to the prevention of unauthorized access to, use of, control over, disclosure of, damage to, alteration of, destruction of information or information and communication systems, or any other circumstances affecting the confidentiality, integrity, or availability of information or information and communication systems.<br/>4.Cyber Security Incident: refers to any event where the status of a system, service, or network is identified as having a potential violation of the cyber security policy or a failure of protective measures, which affects the functionality of the information and communication system.<br/>5.Government Agency: refers to a central, local government agency (organization), or public juristic person that exercises public power according to law, but excluding military and intelligence agencies.<br/>6.Specific Non-Government Agency: refers to a critical infrastructure provider, a government-owned enterprise, a designated foundation, or any enterprise, organization, or institution under control of the government.<br/>7.Critical Infrastructure: refers to physical or virtual assets, systems, or networks, the functions of which, once they cease to operate or their performance is reduced, may have a significant impact on national security, social and public interests, people's lives, or economic activities, and which are subject to periodic review and designation by the Executive Yuan.<br/>8.Critical Infrastructure Provider: refers to any entity that maintains, operates or provides, in whole or in part, critical infrastructure as designated by the the central competent authority in charge of the relevant sector, which shall be submitted to the Executive Yuan for approval.<br/>9.Designated Foundation: refers to foundations that fall within the scope of Article 2, Paragraph 2 or 3, or Article 63, Paragraph 1 or 4 of the Foundations Act, and that qualify as nationwide foundations as defined in Article 2, Paragraph 8 of the same Act.<br/>10.Enterprises, Organizations, or Institutions Controlled by Government: refers to enterprises, organizations, institutions publicly announced by the Ministry of Civil Service pursuant to Article 77, Paragraph 1, Subparagraph 2, Item 3 and 4 of the Public Service Pension, Severance and Compensation Act, that are of importance to cyber security, as designated by the central competent authority in charge of the relevant sector and approved by the competent authority; for those controlled by local governments, approval by the competent authority shall be granted only upon the consent of the relevant local competent authority.<br/>11.Products Harmful to National Cyber Security: refers to information and communication systems, services, or products determined by the competent authority to pose a direct or indirect risk of harm to national cyber security, thereby affecting government operations or social stability.
|