Due to an increase in cases of personal data breaches in recent years with incidents affecting large numbers of data subjects, critics have raised concerns about the existing penalties being too lenient to halt the frequent data breaches. In a high-profile case involving the secondary use of national health insurance data, the Taiwan Constitutional Court ruled in August 2022 that the lack of independent data protection authority is against the Constitution and requested the establishment of the relevant legal system within three years. The Taiwan Legislative Yuan passed the Amendment to the Personal Data Protection Act on 16 May 2023 to address these concerns.