Taiwan Recording Laws: One-Party Consent, CSSA, and 2025-2026 Updates

Taiwan Recording Laws: One-Party Consent, CSSA, and 2025-2026 Updates

Taiwan is a one-party consent jurisdiction. Under Article 29 of the Communication Security and Surveillance Act (通訊保障及監察法, CSSA), any participant in a communication may record it without notifying the other parties, provided the recording is not made for an illegal purpose.

Information last verified on 2026-05-15. This article has not yet been reviewed by a licensed lawyer admitted in the Republic of China (Taiwan).

Jurisdiction scope: This article addresses recording and surveillance law in the Republic of China (Taiwan) under the Communication Security and Surveillance Act (CSSA), the Criminal Code of the Republic of China (中華民國刑法), the Personal Data Protection Act (個人資料保護法, PDPA), and the Constitution of the Republic of China (中華民國憲法). It does not address the separate legal frameworks of the People's Republic of China, Hong Kong, or Macau. For mainland China, see China Recording Laws. For the broader Asia-Pacific region, see Japan Recording Laws and South Korea Recording Laws.

---

Quick Answer: Is Taiwan One-Party or Two-Party Consent?

Taiwan is a one-party consent jurisdiction. Article 29 of the Communication Security and Surveillance Act provides that surveillance conducted by a party to the communication, or with the consent of at least one party to the communication, does not constitute an offence under the Act, as long as the recording is not conducted for an illegal purpose. This means that if you are a participant in a phone call, video conference, in-person meeting, or digital messaging exchange, you may record that interaction without informing anyone else present. The one-party consent rule applies regardless of whether the other participants are also based in Taiwan, because Taiwanese courts apply Taiwanese law to recordings made on Taiwanese territory or by Taiwanese participants.

The sole substantive limit is the lawful-purpose condition. Recording a conversation to preserve evidence of fraud, document a verbal contract, or protect yourself against harassment is lawful. Recording to facilitate blackmail, extortion, defamation, or any other offence strips away the CSSA Article 29 protection. In that scenario, the recorder becomes subject to criminal liability under the CSSA and the Criminal Code.

The one-party consent rule does not apply to third parties. A person who is not a participant in the communication and who intercepts, records, or monitors it without court authorisation commits a criminal offence under both the CSSA and the Criminal Code.

---

Constitutional Foundation: Article 12 and the Right to Privacy

Taiwan's Constitution Article 12 guarantees the secrecy of correspondence (書信秘密). The Grand Justices of the Constitutional Court (司法院大法官) have interpreted Article 12 broadly to protect communications privacy beyond traditional mail, extending it to telephone calls, electronic communications, and other modern modes of private expression.

Interpretation No. 631 (released August 11, 2007) is the leading Constitutional Court ruling on communications surveillance. The Grand Justices held that communication surveillance by government authorities without prior judicial authorisation violates the constitutional guarantee of communications secrecy under Article 12. The decision established that any interception of private communications by the state requires a prior court warrant issued by a neutral judicial officer, and declared provisions of the pre-reform CSSA that allowed prosecutors to issue surveillance orders without judicial approval to be unconstitutional.

The 2007 reforms to the CSSA directly implemented the constitutional mandate from Interpretation No. 631, shifting warrant authority from prosecutors to courts and establishing the procedural safeguards in Articles 5 through 11 that remain in force today.

In addition, the Grand Justices have confirmed through multiple interpretations that the right to informational self-determination (資訊自主權) is a fundamental right derived from Article 22 of the Constitution. This right forms the constitutional foundation for the Personal Data Protection Act and shapes judicial interpretation of privacy claims arising from recordings.

---

The Communication Security and Surveillance Act (CSSA)

The CSSA (通訊保障及監察法) was first enacted on July 14, 1999, and has been amended several times. The most recent significant amendment package was enacted on July 12, 2024, as part of Taiwan's anti-fraud legislative response. The CSSA governs both private recording rights and government surveillance authority.

Scope: What Counts as a Communication

Article 3 of the CSSA defines communications broadly:

• Wired and wireless telecommunications, including sending, storing, transmitting, or receiving symbols, text, images, sound, or other information through wire, cable, fibre optic, radio frequency, satellite, or other electromagnetic systems
• Mail and letters handled through postal services
• Speeches and conversations between persons

This definition encompasses phone calls, SMS messages, emails, instant messages sent through apps such as LINE or WhatsApp, video calls, and in-person spoken conversations. The breadth of Article 3 means there is no technology gap in the CSSA's coverage.

Article 29: The One-Party Consent Rule

Article 29 of the CSSA provides the operative one-party consent standard:

"The following communication surveillance shall not be subject to criminal liability: (1) Conducted by a party to the communication; (2) Conducted by a person with consent of one of the parties to the communication. However, the above shall not apply if the communication surveillance is conducted for committing another offence."

Three elements must be satisfied for the Article 29 exception to apply. First, the person conducting the recording must be a party to the communication or must have obtained consent from at least one party. Second, the recording must not be conducted for the purpose of committing an offence. Third, the recording must fall within the definition of communications in Article 3. All three conditions must be met simultaneously.

The Taiwan High Court has applied Article 29 in cases where one spouse recorded the other's conversations in domestic disputes, where employees recorded meetings with supervisors in labour cases, and where individuals recorded phone calls to preserve evidence of fraud. In each category, courts uphold admissibility so long as the recording party was a genuine participant and the recording was not made to further a crime.

Court-Ordered Surveillance: Articles 5, 6, and 7

Government surveillance of communications requires judicial authorisation. Article 5 permits court-ordered surveillance only when the offence under investigation carries a minimum statutory penalty of three years fixed-term imprisonment. The article lists qualifying offences including serious drug trafficking, organised crime offences, corruption, terrorism, national security offences, and offences involving violence or damage to critical infrastructure.

Article 6 provides an emergency exception allowing prosecutors or national security authorities to authorise surveillance for 24 hours without a prior court order when the urgency of an investigation makes prior judicial approval impracticable. A court must ratify or reject the emergency order within 24 hours of its execution.

Article 7 governs post-surveillance reporting. When court-authorised surveillance concludes, the executing authority must report to the overseeing prosecutor or national intelligence head, who in turn reports to the issuing court. The report must include the name and address of the person surveilled, the applicable legal provision, the warrant number, the actual surveillance period, whether relevant communications were obtained, and information about the legal remedies available to the person who was surveilled.

2024 Anti-Fraud Amendments: Article 11-1

On July 12, 2024, the Legislative Yuan passed a package of anti-fraud statutes that included significant amendments to the CSSA. The new Article 11-1 establishes a framework for law enforcement to access network traffic records during investigations into cybercrime, fraud, and related offences. Telecommunications enterprises and public network operators are required to retain subscriber data, communication records, and network traffic records for prescribed minimum periods, and must produce those records in response to lawful orders.

The 2024 amendments also revised Articles 14 and 14-1 to impose explicit technical assistance obligations on telecommunications enterprises, requiring them to provide technical cooperation when serving valid surveillance orders. Enterprises that fail to comply with assistance obligations face administrative penalties under the revised Article 17.

---

Criminal Code Protections: Articles 315-1, 315-2, and 358

Article 315-1: Secret Recording and Eavesdropping

Article 315-1 of the Criminal Code (中華民國刑法) criminalises two categories of conduct:

"(1) Using instruments or equipment to peek at, photograph, or record the private activities, body, or intimate parts of another person; (2) Using instruments or equipment to wiretap or eavesdrop on the non-public conversations or communications of another person."

The penalty for each category is imprisonment for up to three years, detention, or a fine of up to NT$30,000 (approximately US$950 as of 2025).

The critical phrase is "without justification" (無故). Courts have held that a person who is a party to the conversation has inherent justification for recording it under the CSSA's one-party consent framework. Article 315-1 therefore targets third parties who eavesdrop or record communications in which they have no part, and individuals who secretly record the private physical activities (including sexual activity, bathing, changing clothes) of others in spaces where those persons have a reasonable expectation of privacy.

The Taiwan Supreme Court (最高法院) addressed Article 315-1 in its decision 109 Tai Shang 1874 (2020), clarifying that the term "private activities" in the article includes activities that occur in locations where the person being recorded has a reasonable expectation of not being observed or recorded. The decision confirmed that placing hidden cameras in bathrooms, changing rooms, or hotel rooms falls squarely within the Article 315-1 prohibition even if the recorder later claims a different purpose for the device's presence.

Article 315-2: Facilitation for Profit

Article 315-2 extends criminal liability to persons who facilitate violations of Article 315-1 for the purpose of profit. A person who provides a location, equipment, or other assistance to enable another person to commit an Article 315-1 offence faces the same criminal penalties as the principal offender.

This provision targets commercial voyeurism operations, individuals who rent premises for the purpose of recording others without consent, and suppliers of concealed recording equipment marketed for surveillance purposes where the marketing itself signals an intent to facilitate unlawful conduct.

Article 358: Unauthorised Computer Access and Interception

Article 358 of the Criminal Code criminalises unauthorised access to computers and electronic devices, with penalties up to three years imprisonment. Where the unauthorised access involves intercepting electronic communications or data transmissions, the Article 315-1 and CSSA Article 24 penalties may apply concurrently. Prosecutors routinely charge both provisions in cases involving hacking into email accounts or messaging apps to access private communications.

---

CSSA Criminal Penalties for Illegal Surveillance

The CSSA carries its own criminal penalty structure, separate from and cumulative with the Criminal Code.

Article 24: Unauthorised Surveillance

Article 24 imposes penalties in three tiers:

The aggravated profit-motive provision in the third tier is regularly applied in cases involving commercial espionage, where surveillance is conducted to obtain trade secrets or competitive intelligence for sale.

Article 25: Leaking Lawfully Obtained Surveillance Information

Non-civil servants who learn of confidential information through their involvement in lawful surveillance operations and who leak or disclose that information without good cause face up to two years imprisonment, detention, or a fine of up to NT$20,000.

Article 28: Distributing Illegally Obtained Surveillance Content

Any person who knowingly leaks, discloses, or distributes communications content that was obtained through illegal surveillance faces up to three years imprisonment.

Complaint-Based Prosecution

Article 24, Paragraph 1 and Article 25, Paragraph 1 offences are complaint-based (告訴乃論). The affected party must file a formal complaint before the prosecutor can initiate proceedings. This creates a practical consideration for victims: preserving a criminal case requires timely complaint filing, typically within six months of the date the victim knew or ought to have known of the offence.

---

Supreme Court Case Law on Recording Evidence

Taiwan's Supreme Court (最高法院) has developed a substantial body of case law on the admissibility and legality of participant recordings.

Admissibility of Participant Recordings

The Supreme Court's 2019 decision 108 Tai Shang 3563 confirmed the general admissibility of recordings made by a party to the communication under Article 29 of the CSSA, applying a proportionality framework. The court held that when a participant records a communication in which they are genuinely involved, and does so for a lawful purpose such as self-protection or evidence preservation, the recording does not violate the other party's privacy rights in a manner sufficient to exclude it from evidence. The court emphasised that the privacy interest of the non-consenting participant must be weighed against the recording participant's right to protect their own legal interests.

The Balancing Test

The Supreme Court's framework requires courts to assess three factors when ruling on the admissibility of a participant recording:

First, was the recording party a genuine participant in the communication? A person who joins a conversation pretextually in order to create a recording opportunity for a third party does not meet this standard and cannot rely on Article 29.

Second, was the recording made for a lawful purpose? Courts examine the subjective intent at the time of recording. Recordings made to document evidence of wrongdoing, preserve a record of a disputed agreement, or protect against later denial of facts discussed are treated as lawful in purpose. Recordings made to compile a dossier for later extortion are unlawful in purpose regardless of how they are later used.

Third, is the use of the recording proportionate to the purpose? Even a lawfully made recording may face admissibility challenges if the way it is introduced at trial involves irrelevant private content far exceeding what is necessary to establish the relevant facts.

Exclusionary Rule for Illegally Obtained Surveillance Content

The 2014 reforms to the CSSA strengthened the exclusionary rule by adding explicit provisions requiring courts to exclude content obtained through illegal surveillance and content from lawful surveillance that is unrelated to the stated surveillance purpose. The Supreme Court applied these provisions in its 2021 decision 110 Tai Shang 2891, suppressing communications content that had been obtained under a valid warrant but which concerned matters outside the scope of the warrant's stated purpose.

---

Personal Data Protection Act and the PDPC (2025)

PDPA Framework

The Personal Data Protection Act (個人資料保護法, PDPA) governs the collection, processing, and use of personal data, including audio and video recordings that can directly or indirectly identify a natural person. The PDPA applies to both government agencies and private entities. Its central requirements are:

• Personal data may only be collected when there is a specific, explicit, and legitimate purpose
• Data must not be used beyond the scope of the stated collection purpose
• Data must not be retained longer than necessary for the purpose of collection
• Cross-border transfers to third countries require that those countries provide adequate protection or that specific conditions are met

Recordings of conversations are personal data under the PDPA when the voice or content can identify the speaker. A recording of a business meeting that captures identifiable participants is personal data. The PDPA's requirements apply to the collection (the recording), the processing (storage, analysis, transcription), and the use (disclosure, sharing, litigation submission) of that data.

Personal Data Protection Commission: Preparatory Office 2023, Full Commission 2025

Taiwan's Constitutional Court Judgment 111-Hsien-Pan-13 (August 12, 2022) declared certain PDPA provisions unconstitutional and ordered the government to establish an independent personal data protection authority by August 2025. In response, the Preparatory Office of the Personal Data Protection Commission (個人資料保護委員會籌備處) was formally launched on December 5, 2023. The Preparatory Office assumed responsibility for interpreting the PDPA from the National Development Council (NDC) effective January 1, 2024. The full, formal Personal Data Protection Commission (個人資料保護委員會, PDPC) was established under the amendments to the PDPA promulgated on November 11, 2025, which elevated the Preparatory Office into a fully constituted independent supervisory authority. Prior to the PDPC's establishment, PDPA enforcement was fragmented across various sector-specific government agencies. The PDPC assumed consolidated regulatory authority over personal data protection across all private-sector and government contexts.

Further operational amendments to the PDPA were promulgated on November 11, 2025. These amendments clarify the PDPC's enforcement powers, introduce mandatory breach notification requirements (requiring notification to affected individuals and to the PDPC within specified timeframes following a personal data breach), and update cross-border transfer rules to align with evolving international data protection standards.

Businesses operating in Taiwan that record conversations as part of customer service, quality assurance, or internal compliance operations must now ensure that their recording practices comply with both the one-party consent framework of the CSSA and the data governance requirements of the PDPA, with the PDPC as the competent enforcement authority. Enforcement actions by the PDPC against entities that fail to maintain proper notice, retention, and access controls over recorded data began in the second half of 2025.

Taiwan Is Not in the EU/EEA

Taiwan is not a member of the European Union or the European Economic Area, and the GDPR does not apply directly to recordings made in Taiwan. The PDPA is Taiwan's domestic equivalent, modelled in part on earlier European data protection frameworks but distinct in its institutional structure, enforcement mechanisms, and scope. Businesses that operate in both Taiwan and EU member states may face dual compliance obligations: the PDPA for Taiwan-based operations and the GDPR for EU-based operations. Those frameworks do not automatically align; legal advice specific to each jurisdiction is required.

---

Civil Law: Civil Code Article 195 and Personality Rights

Civil Code Article 195

Taiwan's Civil Code (民法) Article 195 provides a civil cause of action for violations of personality rights, including the rights to reputation (名譽), privacy (隱私), and personal liberty. Where an unlawful recording violates a person's personality rights, the affected person may bring a civil claim for damages, including compensation for non-economic harm (精神慰撫金).

Article 195 has been applied in cases where one party to a relationship secretly recorded intimate conversations or activities and then disclosed those recordings to third parties or used them in a manner that damaged the recorded person's reputation or emotional wellbeing. Courts have awarded damages for both material losses (for example, loss of employment resulting from disclosure) and non-material harm (emotional distress, reputational damage, loss of dignity).

Interaction with Criminal Liability

A single act of unlawful recording may give rise to both criminal prosecution under the CSSA or Criminal Code and a civil claim under Civil Code Article 195. These are parallel proceedings. A criminal conviction for violation of Criminal Code Article 315-1 does not automatically establish civil liability, but courts regularly cite criminal findings in civil proceedings as evidence of the unlawful nature of the conduct.

Where recordings are made in violation of Article 315-1 and then distributed publicly, particularly through digital platforms or social media, courts have imposed significantly higher damages awards under Article 195, reflecting the amplified scope of harm caused by viral disclosure.

---

Recording Telephone and Digital Communications

Phone Calls

Taiwan's one-party consent rule applies fully to telephone calls. A participant in a telephone conversation may record it without informing the other party. This applies equally to landline calls, mobile phone calls, and calls made through internet-based platforms including LINE, WhatsApp, Telegram, Signal, FaceTime, Google Meet, and Zoom.

The one-party consent protection applies to the act of recording itself. If a party subsequently discloses the recording in a way that causes harm, PDPA and Civil Code Article 195 considerations become relevant to the manner of disclosure, not the recording itself.

Text Messages and Messaging Apps

Text message conversations in which you are a participant may be preserved as screenshots or exported as data without triggering any recording consent issue, because you are a party to the text exchange. The CSSA's definition of communications covers digital messaging, but the one-party consent framework in Article 29 treats a participant's preservation of their own communication history as lawful.

Video Calls

Recording a video call in which you participate is lawful under Article 29. The recording captures both audio and video, and both components are covered by the CSSA's definition of communications. The same lawful-purpose condition applies: recording a video call to preserve evidence of a negotiation or a disputed instruction is lawful; recording to compile material for harassment or exploitation is not.

---

In-Person Conversations

The one-party consent principle extends to face-to-face conversations. A participant in a meeting, negotiation, or discussion may audio- or video-record it without disclosing the recording device, subject to the lawful-purpose condition.

Article 315-1 draws the line clearly: the prohibition on secret recording applies to persons who are not participants in the conversation. Placing a recording device in a room to capture conversations among people who are not aware of the recorder's presence, and in which the recorder will not participate, is an offence under Article 315-1.

The distinction between participant and non-participant is assessed at the time of recording. A person who leaves a meeting and then activates a remote listening device to continue monitoring the remaining participants shifts from participant to third-party interceptor and loses the Article 29 protection for the remotely captured content.

---

Recording Police and Government Officials

There is no specific provision in Taiwanese law prohibiting a member of the public from recording interactions with police officers or other government officials in the performance of their public duties.

Taiwan's courts and legal commentators have applied a reduced-expectation-of-privacy principle to the conduct of public officials acting in their official capacity. A police officer making an arrest in a public space, conducting a traffic stop, or exercising administrative authority does not have the same expectation of privacy in their official conduct as a private individual engaged in a private conversation.

Recording a police officer's conduct during a public interaction is generally treated as a participant recording (the citizen is present and participates in the encounter) and falls within the Article 29 one-party consent framework. The lawful-purpose condition is readily satisfied when the purpose is accountability documentation.

Interference with a recording that does not itself obstruct the officer's duties does not constitute a criminal offence. However, a person who uses recording as a pretext to obstruct an officer's lawful exercise of authority may be subject to separate liability under laws governing obstruction of official duties (妨害公務罪) under Criminal Code Article 135.

Separately, disclosing recordings of police operations that involve confidential investigation information may engage CSSA Article 28 if the content was obtained through or related to a lawful surveillance operation.

---

Voyeurism and the Sexual Offences Prevention Act

Criminal Code Article 315-1 in Voyeurism Contexts

Criminal Code Article 315-1, Subparagraph 1 criminalises using instruments or equipment to peek at, photograph, or record the private activities, body, or intimate parts of another person without their consent. This provision is the primary criminal basis for prosecuting voyeuristic recording in Taiwan, covering hidden cameras in bathrooms, changing rooms, hotel rooms, and other spaces where persons have a reasonable expectation not to be observed or recorded.

The penalty is up to three years imprisonment, detention, or a fine of up to NT$30,000.

Sexual Offences Prevention Act (性侵害犯罪防治法)

The Sexual Offences Prevention Act (性侵害犯罪防治法) addresses crimes of sexual violence including acts facilitated by recording technology. Amendments enacted in 2023 and 2024 strengthened protections for victims of image-based sexual abuse, including intimate recordings made without consent. Relevant provisions:

• Prohibit the distribution of recordings depicting sexual offences or intimate conduct obtained without consent
• Require platforms and service providers to expeditiously remove content upon notification
• Mandate government agencies to provide victim support services and coordinate law enforcement responses to cross-platform distribution

The Sexual Offences Prevention Act works alongside Criminal Code Article 315-1 and the deepfake provisions (below) to form an overlapping framework addressing image-based sexual abuse. Prosecutors routinely apply multiple charges across these instruments when both the recording and the distribution of intimate material without consent are established.

---

Deepfake and AI-Generated Content: 2024-2026 Legislation

Taiwan has experienced significant public and legislative attention to non-consensual deepfake imagery, partly in response to documented cases involving Taiwanese celebrities and public figures being targeted by AI-generated pornographic content.

2024 Legislative Amendments

In 2024, the Legislative Yuan amended the Sexual Harassment Prevention Act (性騷擾防治法) to explicitly include the creation and distribution of AI-generated or digitally manipulated intimate imagery without the depicted person's consent as a form of sexual harassment subject to criminal and administrative penalties. The amendment covers:

• Creating deepfake intimate imagery of an identifiable real person without their consent
• Distributing, possessing with intent to distribute, or facilitating the distribution of such imagery
• Threatening a person with the creation or disclosure of such imagery

Criminal penalties for the most serious forms of non-consensual intimate deepfake creation and distribution are up to five years imprisonment when the conduct is accompanied by threats or causes serious reputational harm.

Proposed Criminal Code Amendments (2025-2026)

The Executive Yuan and the Legislative Yuan have been advancing amendments to the Criminal Code to add a standalone provision criminalising non-consensual intimate deepfake imagery, separate from the harassment framework. As of 2026, the proposed amendments would:

• Create a new criminal offence specifically targeting the AI-generated or digitally manipulated depiction of a real person engaged in sexual or intimate conduct without consent
• Impose higher maximum penalties than the harassment route for cases involving profit motive or systematic distribution
• Establish a right for victims to seek court orders requiring platform removal and prohibiting further distribution

These proposals reflect Taiwan's recognition that existing provisions, while applicable, do not fully address the scale and technical sophistication of AI-generated image abuse.

Deepfake Context: Regional and Domestic Cases

Several documented incidents involving Taiwanese public figures, including cases in 2024 where AI-generated intimate imagery of Taiwanese female celebrities was distributed through encrypted messaging applications, generated widespread public attention and accelerated the legislative response. These cases are referenced in legislative records as the factual basis for the 2024 Sexual Harassment Prevention Act amendments. The cross-border dimension of these incidents, where servers hosting the content were located outside Taiwan, underscores the enforcement challenges that motivated the platform-cooperation provisions.

---

Recording in Public and Semi-Public Spaces

Taiwan does not have a comprehensive statute governing recording in public spaces by private individuals. The applicable legal framework is assembled from the Criminal Code, the PDPA, and local government regulations.

In genuinely public spaces where there is no reasonable expectation of privacy, such as streets, public parks, plazas, and outdoor commercial areas, recording of publicly observable activity is generally permissible. Persons who appear in publicly recorded footage in public spaces do not have a categorical right to suppress that recording.

The situation changes in semi-public and shared spaces. Courts and the PDPC have applied privacy analysis to common areas of residential buildings, building lobbies with restricted access, shared office spaces, and similar environments. Recording in these spaces requires consideration of whether the persons being recorded have a reasonable expectation of privacy in that context, and whether the PDPA's notice and purpose requirements are met if the footage will be processed or retained.

Businesses that install CCTV cameras in premises accessible to the public must comply with PDPA requirements: posting visible notices that surveillance cameras are in use, specifying the purpose of data collection, limiting retention to what is necessary, and restricting access to the footage.

---

Workplace Recording and Employer Monitoring

Employee Recordings

An employee who participates in a workplace conversation, whether a meeting with a supervisor, a discussion with a client, or a group session with coworkers, may record that interaction under the one-party consent rule. Such recordings can be used in labour tribunal proceedings, sexual harassment complaints, unfair dismissal claims, and disputes over verbal instructions. Taiwan's labour courts have admitted participant recordings from employees in numerous cases.

Employer Monitoring Obligations under the PDPA

Employers who implement audio or video monitoring of employees must comply with the PDPA. The key obligations are:

• Purpose specification. The employer must identify and document a specific, legitimate purpose for the surveillance (for example, quality assurance in a call centre, security monitoring in a cash-handling area).
• Prior notice. Employees must be informed of the surveillance, its purpose, and how the data will be used. This notice is typically given in employment contracts, workplace policies, or dedicated written notices.
• Proportionality. The scope and intrusiveness of monitoring must be proportionate to the stated purpose. Comprehensive audio surveillance of all employee communications throughout the working day is difficult to justify on proportionality grounds for most business contexts.
• Data governance. Recording data must be stored securely, accessed only by authorised personnel, retained only for the necessary period, and deleted or de-identified once the purpose is fulfilled.

The PDPC, since becoming fully operational in 2025, has signalled that workplace monitoring will be a priority area for inspection and enforcement guidance. Employers with legacy monitoring practices that predate the PDPC's establishment should audit those practices against current PDPA standards.

Covert Employer Surveillance

Covert audio monitoring of employees, meaning monitoring that is not disclosed in advance, faces serious legal obstacles. Without prior notice, the collection of personal data through covert audio monitoring is likely to violate the PDPA's notice requirements. Additionally, if the covert monitoring captures conversations between employees that are not directly related to their work performance, Criminal Code Article 315-1 liability may arise for the employer or the individuals who implement the monitoring. Employers should obtain legal advice before implementing any form of undisclosed surveillance in the workplace.

---

Cross-Border Transfers and Cross-Strait Considerations

PDPA Cross-Border Transfer Framework

The PDPA contains specific provisions governing the transfer of personal data outside Taiwan. Article 21 empowers the central government authority (now the PDPC) to designate countries or regions to which data transfers are restricted or prohibited based on adequacy assessments. The PDPC may impose conditions on transfers to countries that do not provide adequate data protection.

Transfers to Mainland China

Taiwan's PDPA and associated regulations impose specific restrictions on transfers of personal data to the People's Republic of China. Regulated entities including communications enterprises, social work agencies, and human resources agencies are prohibited from transferring subscriber or client personal data to mainland China. For other categories of data, transfers require PDPC approval or reliance on specified transfer mechanisms.

Recordings made in Taiwan that contain personal data of Taiwanese residents may therefore be subject to transfer restrictions if the business intends to store or process those recordings on servers in mainland China. This is a material consideration for multinational businesses operating across the Taiwan Strait. The CSSA and PDPA frameworks in Taiwan and the surveillance and data governance frameworks in mainland China differ fundamentally in their approach to privacy protection and government access to data.

---

Admissibility of Recordings in Taiwan Legal Proceedings

Civil Proceedings

In civil proceedings, recorded evidence is evaluated under the general evidentiary framework of the Code of Civil Procedure. Participant recordings made under Article 29 of the CSSA are generally admissible. Courts assess authenticity (is this an unaltered recording of an actual conversation?), relevance (does the recording make a disputed fact more or less likely?), and lawfulness (was it made by a participant for a lawful purpose?).

Civil courts have admitted participant recordings in property disputes, contract disputes, employment cases, and family law proceedings. Courts have shown willingness to accept transcripts of recordings as secondary evidence where the recording itself raises authentication issues, provided the transcript is corroborated.

Criminal Proceedings

In criminal proceedings, the Code of Criminal Procedure (刑事訴訟法) governs admissibility. The exclusionary rule under the reformed CSSA and Code of Criminal Procedure requires exclusion of evidence obtained through illegal surveillance. The 2014 CSSA amendments codified a proportionality-based admissibility assessment for private recordings: courts must weigh the severity of any procedural violation, the constitutional interests at stake, and the nature of the crime under investigation.

Participant recordings that satisfy the Article 29 conditions are generally admitted in criminal proceedings. Courts have admitted recordings of victims' own conversations with suspects in fraud cases, domestic violence cases, and threats cases.

---

Penalty Reference Table

---

Disclaimer

This article presents general legal information about recording and surveillance law in the Republic of China (Taiwan). It is not legal advice. The laws described reflect statutes and judicial decisions in force as of May 2026. Laws change; the information here may not reflect amendments, new court decisions, or regulatory guidance issued after that date. This article does not address the law of the People's Republic of China, Hong Kong, Macau, or any other jurisdiction. Readers who need advice about their specific situation, including whether a particular recording is lawful, whether evidence is admissible, or whether their business practices comply with the PDPA, should consult a lawyer licensed to practise in the Republic of China (Taiwan). Nothing in this article creates a lawyer-client relationship.

About the Author

[PLACEHOLDER: author roster pending]

Related Articles

• Japan Recording Laws: One-Party Consent Rules and Penalties
• South Korea Recording Laws: One-Party Consent Rules and Penalties
• China Recording Laws: Privacy Rules and Penalties
• Hong Kong Recording Laws: Privacy Rules and Penalties
• World Recording Laws: International Guide

---

Last updated: 2026-05-15. Statutes cited reflect their in-force version as of May 2026.