In accordance with the Executive Yuan’s policy on the prohibition of the use and procurement of Mainland China brand ICT products as described below, our university has also established relevant regulations based on Articles 8 and 9 of the Regulations Governing the Information Security and Management. All units are requested to comply accordingly.

Principles for the Restricted Use of Products That Endanger National Information and Communication Security

1. According to the letter issued by the Secretary-General of the Executive Yuan on December 18, 2020 (院臺護長字第1090201804A號函), the following principles regarding the use of information and communication technology (ICT) products (including software, hardware, and services) by public agencies are reaffirmed:

• ICT products used for official purposes must not be of Mainland China brands, and non-official software must not be installed.
• Personal ICT devices must not be used to handle official affairs, nor should they be connected to official environments.
• Agencies must register Mainland China brand ICT products that have already been procured or are in use, and such products must not be connected to official environments.

2. Definition of “Mainland China Brands” and “ICT Products”:

• Mainland China Brand Identification: Agencies must determine this strictly. Any product identified as a Mainland China brand—regardless of its country of origin being Taiwan, Mainland China, or a third region—must be included.
• Definition of ICT Products: In reference to the terminology in Article 3 of the 資通安全管理法 (Information and Communication Security Management Act), this includes software, hardware, and services. Additionally, any product with networking capabilities, data processing, or control functions is broadly defined as an ICT product, such as drones, network cameras, printers, etc.
• If an agency is unable to complete the replacement within the deadline or encounters practical difficulties, it must submit a justified reason. The Administration for Cyber Security (資通安全署) will assist in evaluating its appropriateness or explore alternative solutions.

3. Disposal of Mainland China Brand ICT Products:

• According to Executive Yuan policy, ICT products (including software, hardware, and services) for official use must not be from Mainland China brands. Those already registered should be replaced as soon as possible, in accordance with their lifecycle.

4. Restrictions on the Use of Mainland China Brand ICT Products in Leased or Outsourced Venues:

• School outsourcing contracts or venue rental agreements must explicitly state the prohibition on the use of Mainland China brand ICT products.
• For existing outsourcing contracts, the university should coordinate with vendors to comply with the policy or amend the contract terms accordingly.

Common Mainland China Brands

While the Executive Yuan has not provided an official equipment list (refer to the Q&A below), the following brands are listed for reference only, including but not limited to:

Hikvision (海康威視), Huawei (華為), DJI (大疆), OPPO (歐加控股), TP-Link (普聯), Xiaomi (小米), Dahua (大華), ZTE (中興通訊), Hisense (海信), Vivo, MEIZU (魅族), Nubia (努比亞), REALME (真我), TOTOLINK, Tenda (騰達), Foscam, Sugar, etc.

Are “Mainland China-funded enterprises” also prohibited?

According to the Executive Yuan Secretary-General’s official letter (院臺護長字第1100181360A號) dated August 11, 2021, companies with Mainland China capital established in third-party countries or in Taiwan are generally not included in the scope for inventory and replacement. However, if the procurement involves business categories listed by the Investment Commission, Ministry of Economic Affairs, as “sensitive or national security-related (including cyber security) concerns,” agencies must clearly state in the tender documents that vendors announced by the Investment Commission as Mainland China-funded ICT service providers are not permitted to participate.