James J. (Jong Hyuk) Park et al. (eds.), Future Information Technology, Lecture Notes in Electrical Engineering 276, 351 DOI: 10.1007/978-3-642-40861-8_50, © Springer-Verlag Berlin Heidelberg 2014 Privacy Breach Investigations of Incident Response to Personal Information Protection Act Da-Yu Kao 1,* , Cheng-Yu Peng 2 , Frank Fu-Yuan Huang 3 , and Shiuh-Jeng Wang 1 1 Department of Information Management, Central Police University, Taoyuan, Taiwan 2 Graduate Institute of National Development, National Taiwan University, Taipei, Taiwan 3 Directorate-General of Personnel Administration, Executive Yuan, Taipei, Taiwan camel@mail.cpu.edu.tw Abstract. The proliferation of big data is developing with substantial advancement to enter into glorious future, but the vulnerability of personal data has always been a disaster to this dream. In order to foster confidence in information systems, a novel examination of incident response approach is evaluated from a Taiwan hacking ring case. With the guidance of this case study, we can discriminate normal information sharing from internet privacy violation. Enhancing data privacy is a baffling task because of its newness and technological furtherance. It is believed that this study will clarify the obscure technological and social aspects of data privacy enhancement. The proposed security measures can prohibit individuals or organizations from the risk of getting hurts, facilitate to cut down its roots and remove its foundation. Keywords: Information Security, Internet Privacy Violation, Hacker Case, Incident Response. 1 Introduction As times goes by, few public issues attract more attention than the protection of privacy. The rapid growth of the internet has raised far-reaching questions about the future of privacy. Identity, financial information, education, and work performance data are commonly regarded as private, despite many are commonly accessible through credit-reporting organizations. The distinction between public and private behaviors is often ambiguous [1]. Technology gives with the one hand and takes with the other. While Personal Information Protection Act (PIPA) in Taiwan helps to safeguard data subject’s privacy, the safeguard serves a large range of other values and interests. Little evidence exists to indicate that the architects of PIPA share a deep-seated hostility to computers and other forms of IT. The development and existence of PIPA have inspired in legal fields. * Corresponding author.