Lee, Tsai & Partners Attorneys-at-Law 理慈國際科技法律事務所

  • Home
  • Taiwan
  • Taipei
  • Lee, Tsai & Partners Attorneys-at-Law 理慈國際科技法律事務所

Lee, Tsai & Partners Attorneys-at-Law 理慈國際科技法律事務所 We are a full-service law firm.

Our highly qualified local attorneys and technicians possess legal savvy and technical know-how, allowing us to provide our clients with comprehensive legal services.

 💡 Cloud Contracts:  Why SLAs Are More Than Just Technical MetricsAs businesses increasingly transition from owning IT i...
09/06/2026



💡 Cloud Contracts: Why SLAs Are More Than Just Technical Metrics

As businesses increasingly transition from owning IT infrastructure to subscribing to cloud services, the legal focus of technology contracts is evolving accordingly.

In cloud environments, traditional concepts such as software defect warranties are often replaced by a more practical question: Can the service reliably support business continuity?

This is where the Service Level Agreement (SLA) becomes crucial.

While often regarded as a technical appendix, a Service Level Agreement (SLA) fundamentally serves as a risk allocation mechanism that translates operational expectations into contractual rights and remedies.

📝 Several key considerations stand out:

✔️ Availability is more than just a percentage
The difference between 99.9% and 99.999% availability can mean the difference between 43 minutes and 26 seconds of downtime per month. For mission-critical industries, even brief interruptions can have significant consequences.

✔️ A response does not necessarily equate to a resolution
Many providers commit to response times but avoid committing to actual resolution timelines. Effective contracts should clearly address both aspects.

✔️ Business continuity should guide negotiations
Issues such as downtime calculations, scheduled maintenance windows, unilateral SLA modifications, and termination rights due to repeated failures can have a significant operational impact.

✔️ Service credits may be insufficient
Cloud providers often limit remedies to service credits. Customers should carefully evaluate whether these remedies sufficiently compensate for potential business losses.

The broader lesson is clear: an SLA is not merely a technical specification—it is one of the most important legal tools for managing risks associated with cloud services.

As organizations advance their digital transformation journeys, carefully structuring contracts will be essential to balancing innovation, operational resilience, and commercial certainty.

👉 Explore the article and connect with our professional, Albert Yen: https://www.leetsai.com/core-sla-metrics-and-risk-control-in-cloud-service-contracts?lang=en-US

 📢  Taiwan is transitioning from a light-touch regulatory approach to a comprehensive, enforcement-ready framework for v...
04/06/2026



📢 Taiwan is transitioning from a light-touch regulatory approach to a comprehensive, enforcement-ready framework for virtual assets. Lee, Tsai & Partners is honored to contribute the Taiwan chapter to the newly released “Cryptoassets, Law Over Borders Comparative Guide 2026” by The Global Legal Post.

In our chapter, authored by Jaclyn Tsai, Jaime Cheng, Teresa Huang and Lilian Hsu, we outline how Taiwan’s regulators are intensifying their focus on AML, CFT, anti-fraud measures, and consumer protection as the core pillars of virtual asset supervision.

💡 Key Takeaways

Taiwan’s crypto regulatory landscape is continuing to evolve toward a more comprehensive, compliance-oriented framework, with regulatory priorities remaining focused on anti-money laundering, fraud prevention, and consumer protection.

Matters that are not yet subject to crypto-specific regulations, such as contractual validity and tax implications, are still governed by Taiwan's general civil, criminal, and administrative laws.

The draft Virtual Asset Service Act, which is currently under legislative review, would introduce a comprehensive regulatory regime for virtual asset service providers and stablecoin-related activities, together with significantly enhanced compliance obligations and enforcement measures.

As the regulatory framework continues to develop, market participants can expect greater legal certainty, clearer compliance standards, and closer alignment between Taiwan’s regulatory approach and international best practices.

From structuring virtual asset (VA) and stablecoin offerings to navigating VASP registration and upcoming licensing requirements, Lee, Tsai & Partners is closely monitoring these developments and supporting industry stakeholders, regulators, and self-regulatory organizations as Taiwan’s virtual asset ecosystem matures.

Taiwan Chapter: https://www.globallegalpost.com/lawoverborders/cryptoassets-law-guide-1030040461/taiwan-216675449

Contact our FinTech team: https://www.leetsai.com/lawyer-single.php?id=12

Download the full guide here: https://www.globallegalpost.com/lawoverborders/cryptoassets-law-guide-1030040461

 💡 China’s New Trade Secret Regulations:  Transitioning from Traditional Protection to Digital Asset GovernanceChina’s n...
31/05/2026



💡 China’s New Trade Secret Regulations: Transitioning from Traditional Protection to Digital Asset Governance

China’s newly issued Provisions on the Protection of Trade Secrets, effective June 1, 2026, represent more than just a regulatory update—they signify a fundamental transformation in trade secret protection within the digital economy.

The key shift is clear: trade secrets are no longer limited to traditional know-how; they now encompass data, algorithms, and digital systems as essential business assets.

📝 Several structural insights stand out:

1️⃣ Digital assets are formally recognized as protectable trade secrets
By explicitly including data, algorithms, and code, the Regulations align legal protection with the actual value creation in AI-driven and platform-based businesses.

2️⃣ “Value” is redefined to encompass both potential benefits and negative outcomes
The recognition of failed experimental data as protectable information reflects a deeper understanding of innovation cycles—especially in R&D-intensive sectors where unsuccessful results still hold strategic significance.

3️⃣ Confidentiality is no longer solely physical; it is now technical and process-driven
From remote work controls to data access management and exit procedures, the Regulations shift the focus toward digital governance of information flows, requiring enterprises to implement traceable and auditable systems.

4️⃣ Infringement is increasingly expanding into the digital domain
Unauthorized downloads, cloud transfers, and system intrusions are explicitly classified as improper means, reflecting the fact that most trade secret leaks now occur through digital exfiltration rather than physical removal.

5️⃣ Enforcement is becoming more effective and practical
With burden-shifting mechanisms, enhanced investigative powers, and extraterritorial reach, regulators are better equipped to act effectively—especially in cross-border and data-driven scenarios.

The broader message is clear: trade secret protection is evolving into a system of digital asset governance, where legal protection depends on demonstrable control, traceability, and a robust compliance infrastructure.

For enterprises, this means moving beyond contractual safeguards to adopt integrated technical, operational, and legal protection frameworks—especially in environments involving AI, cross-border collaboration, and remote work.

At Lee, Tsai & Partners, we consistently advise clients on safeguarding high-value intangible assets in an era where data and algorithms drive competitive advantage.

👉 Explore the article and connect with our professionals, Teresa Huang and Jolene Chen: https://www.leetsai.com/interpretation-of-the-core-provisions-of-the-regulations-on-the-protection-of-trade-secrets-mainland-china?lang=en-US

 💡 AI Data Compliance:  When Data Processing Becomes a Primary Legal RiskAs the adoption of artificial intelligence acce...
29/05/2026



💡 AI Data Compliance: When Data Processing Becomes a Primary Legal Risk

As the adoption of artificial intelligence accelerates, AI compliance is no longer limited to algorithms. A more fundamental issue is increasingly coming into focus: the legality of the data lifecycle.

Under China’s Data Security Law and Personal Information Protection Law, data processing covers a broad range of activities, including collection, storage, use, processing, transmission, provision, and disclosure. For enterprises applying AI technologies, legal risks often arise at the stages of data collection and data transmission.

📝 Several key insights emerge:

1️⃣ Data collection is now a legal threshold
Data collection is not merely a technical process. It must be conducted through legitimate and proper methods, within the purposes and scope prescribed by applicable laws and regulations, with the least impact on personal rights and interests, and within the minimum necessary scope.

2️⃣ Consent is not a formality
For personal information processing, obtaining consent requires more than a click-through confirmation. Enterprises should ensure sufficient notification, voluntary and explicit consent, withdrawal mechanisms, renewed consent where processing changes, and separate or written consent where required. Where users are not given meaningful options, consent may be challenged.

3️⃣ Necessity is becoming a defining standard
Where processing is justified as necessary for contract performance or service functionality, enterprises should assess whether the relevant data is truly necessary for the basic service or an additional function independently selected by the user. Over-collection may create legal risk, even where the data is technically available.

4️⃣ Data sourcing methods require careful review
Data crawling is not subject to a one-size-fits-all answer. Its legality may depend on whether the data comes from lawful public channels, whether website crawler rules are respected, whether network services or computer systems are affected, whether intellectual property rights are implicated, and whether unfair competition concerns arise.

5️⃣ Cross-border data flows remain a key compliance issue
Cross-border data transfer may include not only sending data overseas, but also allowing overseas institutions, organizations, or individuals to access, retrieve, download, or export data stored in China. Depending on the circumstances, security assessments, personal information protection certification, standard contracts, or exemptions may need to be considered.

👉 Explore the article and connect with our professionals, Teresa Huang and Yanting Pei: https://www.leetsai.com/compliance-tips-for-the-application-of-artificial-intelligence-technology-iii-data-processing-compliance-mainland-china?lang=en-US

 💡 AI Data Compliance:  When Data Processing Becomes a Primary Legal RiskAs the adoption of artificial intelligence acce...
28/05/2026



💡 AI Data Compliance: When Data Processing Becomes a Primary Legal Risk

As the adoption of artificial intelligence accelerates, AI compliance is no longer limited to algorithms. A more fundamental issue is increasingly coming into focus: the legality of the data lifecycle.

Under China’s Data Security Law and Personal Information Protection Law, data processing covers a broad range of activities, including collection, storage, use, processing, transmission, provision, and disclosure. For enterprises applying AI technologies, legal risks often arise at the stages of data collection and data transmission.

📝 Several key insights emerge:

1️⃣ Data collection is now a legal threshold
Data collection is not merely a technical process. It must be conducted through legitimate and proper methods, within the purposes and scope prescribed by applicable laws and regulations, with the least impact on personal rights and interests, and within the minimum necessary scope.

2️⃣ Consent is not a formality
For personal information processing, obtaining consent requires more than a click-through confirmation. Enterprises should ensure sufficient notification, voluntary and explicit consent, withdrawal mechanisms, renewed consent where processing changes, and separate or written consent where required. Where users are not given meaningful options, consent may be challenged.

3️⃣ Necessity is becoming a defining standard
Where processing is justified as necessary for contract performance or service functionality, enterprises should assess whether the relevant data is truly necessary for the basic service or an additional function independently selected by the user. Over-collection may create legal risk, even where the data is technically available.

4️⃣ Data sourcing methods require careful review
Data crawling is not subject to a one-size-fits-all answer. Its legality may depend on whether the data comes from lawful public channels, whether website crawler rules are respected, whether network services or computer systems are affected, whether intellectual property rights are implicated, and whether unfair competition concerns arise.

5️⃣ Cross-border data flows remain a key compliance issue
Cross-border data transfer may include not only sending data overseas, but also allowing overseas institutions, organizations, or individuals to access, retrieve, download, or export data stored in China. Depending on the circumstances, security assessments, personal information protection certification, standard contracts, or exemptions may need to be considered.

👉 Explore the article and connect with our professionals, Teresa Huang and Yanting Pei: https://www.leetsai.com/compliance-tips-for-the-application-of-artificial-intelligence-technology-ii-algorithm-compliance-mainland-china?lang=en-US

 💡 Taiwan’s PDPA Reform: Toward Centralized and Enforceable Data GovernanceTaiwan is entering a new phase in personal da...
25/05/2026



💡 Taiwan’s PDPA Reform: Toward Centralized and Enforceable Data Governance

Taiwan is entering a new phase in personal data protection. Following the amendment of the Personal Data Protection Act in November 2025, the Preparatory Office of the Personal Data Protection Commission announced draft amendments to the PDPA Enforcement Rules and several related subordinate regulations in January 2026.

Several key implications stand out:

1. From fragmented oversight to a more centralized framework
The establishment of the PDPC and the introduction of common compliance standards indicate Taiwan’s movement from a decentralized oversight model toward a more unified supervisory framework. During the transition period, however, certain inspection and sanction powers will continue to be exercised by central competent authorities and local governments.

2. Compliance expectations are becoming more operational
The draft rules move beyond high-level principles by setting out more concrete implementation expectations. For large-scale non-government agencies, these include dedicated security maintenance plans, specialized personnel, audit teams, regular risk assessments, breach drills, audits, and continuous improvement mechanisms.

3. Breach response obligations are becoming more structured
The draft breach notification rules would require affected individuals to be notified within 72 hours of discovery. In certain cases, reporting to the competent authority would also be required within 72 hours, including where sensitive data is involved, where the affected system contains more than 10,000 records, or where 100 or more records are affected.

4. Regulatory supervision is becoming more risk-based
The draft administrative inspection rules contemplate annual inspection plans based on risk levels, written notice to target entities, and inspection powers that may include seizing or copying data files, involving professional experts, and publishing inspection results.

5. Data governance is becoming more documentation-driven
For businesses, the direction of reform highlights the importance of maintaining clear records, response procedures, outsourcing oversight, security plans, internal audits, and evidence of continuous improvement.

The broader message is clear: data protection in Taiwan is moving toward strengthened institutional oversight, enhanced operational accountability, and greater regulatory consistency.

👉 Explore the article and connect with our professionals, Hannah Kuo and Angel LI: https://www.leetsai.com/the-taiwan-preparatory-office-of-the-personal-data-protection-commission-announced-draft-amendments-to-the-enforcement-rules-of-the-personal-data-protection-act-and-related-subordinate-regulations?lang=en-US

 💡 Forced Labor Compliance:  A Growing Trade and Supply-Chain RiskForced labor is increasingly becoming a core issue in ...
22/05/2026



💡 Forced Labor Compliance: A Growing Trade and Supply-Chain Risk

Forced labor is increasingly becoming a core issue in international trade, supply-chain management, and corporate governance.

Taiwan’s Ministry of Labor recently issued the Reference Guidelines for Enterprises on Preventing Forced Labor, providing companies with practical indicators and assessment principles to help identify, prevent, and respond to forced labor risks.

The Guidelines draw on the International Labour Organization’s forced labor framework and set out concrete steps for enterprises, including:

1. Establishing clear policy commitments
Companies should consider adopting human rights or zero-tolerance policies on forced labor and incorporating them into internal rules, training programs, and employee handbooks.

2. Conducting periodic internal risk audits
Enterprises are encouraged to review employment contracts, payroll records, recruitment documents, working-hour arrangements, and other internal materials to assess potential forced labor risks.

3. Strengthening response and remediation mechanisms
Where suspected issues arise, companies should promptly investigate, stop improper conduct, formulate remediation plans, and provide appropriate redress to affected workers.

4. Extending risk management across the supply chain
Forced labor compliance increasingly requires attention not only to a company’s own operations, but also to suppliers, subcontractors, and labor recruitment agencies.

Although Taiwan does not currently have legislation specifically targeting forced labor, companies may still face legal exposure in serious cases, as well as commercial consequences such as exclusion from supply chains or import restrictions in certain markets.

For businesses engaged in international trade, the message is clear: forced labor compliance is no longer only an ESG concern. It is becoming an essential part of legal, operational, and market-access risk management.

At Lee, Tsai & Partners, we continue to assist clients in assessing labor compliance risks and developing practical response systems for an increasingly regulated global supply-chain environment.

👉 Explore the article and connect with our professionals, Frank Sun and Chad Fan: https://www.leetsai.com/taiwan-ministry-of-labor-issues-reference-guidelines-for-enterprises-on-preventing-forced-labor-labor-law-risks-in-international-trade-and-supply-chains?lang=en-US

 We are pleased to share that our Senior Associate, Lilian Hsu, representing Lee, Tsai & Partners as the Next Gen repres...
19/05/2026



We are pleased to share that our Senior Associate, Lilian Hsu, representing Lee, Tsai & Partners as the Next Gen representative of the Employment Law Alliance (ELA), will be attending the Asia Pacific Regional Meeting 2026 in Sydney this week.

As part of the global Employment Law Alliance (ELA) network, this regional gathering offers a valuable platform for employment lawyers from various jurisdictions to exchange insights on evolving workplace trends, labor compliance developments, and cross-border workforce challenges.

In today’s rapidly evolving business environment—shaped by digital transformation, hybrid work models, AI adoption, and changing labor regulations—international collaboration and local legal expertise have become increasingly vital for multinational employers operating across Asia-Pacific markets.

We look forward to engaging with fellow ELA member firms and strengthening regional cooperation to better support clients as they navigate complex employment and compliance issues across jurisdictions.

And, of course, we are also looking forward to experiencing Sydney’s sunshine and vibrant energy along the way. ☀️

🔗 Connect with our professional, Lilian Hsu: https://www.leetsai.com/lawyer-single.php?id=37&lang=en-US.

🔗 Employment Law Alliance (ELA) Asia Pacific Regional Meeting 2026: https://events.ela.law/2026-apac-regional-event

19/05/2026



💡 Taiwan’s Employment Gold Card Revisions: Greater Clarity for Foreign Professionals and Employers

Taiwan’s Ministry of the Interior recently amended the rules governing Employment Gold Card applications for foreign professionals, providing greater clarity on eligibility criteria and application restrictions.

The Employment Gold Card serves as a four-in-one permit, combining a work permit, resident visa, alien resident certificate, and re-entry permit. During its validity period, cardholders may engage in professional work in Taiwan, travel in and out of Taiwan, and change employers without restriction.

The recent amendments are significant because they help clarify who may apply and when an application may be denied.

Several implications deserve careful consideration:

1. From ambiguity to clearer eligibility standards
Applicants must qualify as “foreign special professionals” with expertise in designated fields, including science and technology, the digital economy, economy, education, culture and the arts, sports, finance, law, architectural design, national defense, environmental protection, biotechnology, and other fields recognized by the competent authority.

2. Field-specific criteria remain important
The competent authority for each professional field may establish its own standards for recognizing special expertise. For example, recent biotechnology criteria include salary thresholds, doctoral qualifications, relevant work experience, and professional capabilities or cross-border experience urgently needed in Taiwan.

3. Greater emphasis on application history and supporting documentation
The amended rules clarify circumstances in which the National Immigration Agency must deny an application, including certain statutory adverse records within the three years prior to application, unauthorized work in Taiwan, illegal entry, activities inconsistent with visa purposes, or other specified visa-related circumstances.

4. New express exclusions should be carefully reviewed
A notable change is that certain diplomatic personnel, officials employed by foreign embassies, consulates, foreign institutions, or international organizations in Taiwan, and certain family members are expressly excluded from Employment Gold Card eligibility.

5. Implications for employers and multinational teams
Companies that rely on cross-border talent mobility should reassess their hiring strategies, documentation processes, and workforce planning to ensure alignment with the updated application framework.

The broader message is clear: talent mobility is becoming increasingly structured, documentation-driven, and closely connected to regulatory compliance.

👉 Explore the article and connect with our professionals, Lilian Hsu and Chad Fan: https://www.leetsai.com/taiwan-ministry-of-the-interior-amends-restrictions-on-employment-gold-card-applications?lang=en-US

Address

Taipei

Opening Hours

Monday 09:00 - 18:00
Tuesday 09:00 - 18:00
Wednesday 09:00 - 18:00
Thursday 09:00 - 18:00
Friday 09:00 - 18:00

Alerts

Be the first to know and let us send you an email when Lee, Tsai & Partners Attorneys-at-Law 理慈國際科技法律事務所 posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Lee, Tsai & Partners Attorneys-at-Law 理慈國際科技法律事務所:

Share