Article 11
|
When the competent authority or the central authority in charge of relevant industry is privy to a cyber security incident and publicize the necessary contents and countermeasures relating to severe cyber security incidents under Paragraph 5 of Article 18 of the Act, upon awareness of such incidents, times of occurrence or privy of the occurrence, causes, affection degree, control status, and subsequent improvement measures of such incidents shall be stated in the publications.<br/>Under any of the following circumstances, the necessary contents and contingency measures relating to the incidents under the preceding paragraph shall not be publicized:<br/>1. If it involves trade secrets or information relating to business operations of individuals, juristic persons or organizations or if the disclosure might infringe upon rights or other rightful interests of the government agency, individual, juristic person or organizations; except as is otherwise required by law, or necessary for public welfare or necessary for protection of life, body, and health of people, or with consent of the parties concerned.<br/>2. Other circumstances of confidentiality, restriction, or prohibition on disclosure as required by law.<br/>If the necessary contents and contingency measure relating to the incidents shall not be publicized under Paragraph 1, only the other portion may be publicized.
|