-
Thank you for going on Taiwan Salon and announcing the Digital Ministry on the program. My purpose here is to be able to do some fact-finding with regards to what is happening in Taiwan, and as part of my work visit here at this time, I would really like to learn more about the work that you’re doing here with this new ministry.
-
Sure.
-
In particular your vision for the future of this organization and how that fits into the broader government organizations in Taiwan.
-
And furthermore, more specifically, with regards to what you, your ministry, and the government writ large is learning from the experience of Ukraine with regards to enhancing information resiliency, both from a defensive as well as from an offensive perspective on how to contend with the potential challenges and threats emanating from the…PRC regime.
-
PRC regime.
-
Indeed, yes, with the PRC regime. And as such, how you see this organization that you lead, this government agency that you now lead, is responding to those various types of scenarios.
-
I’m here to learn as much as you are willing to and able to share with regards to the work that you are doing. And I would love to be able to bring that knowledge and information and insights back with me to Washington where my organization is based and to help better inform the broader policy community with regards to the work that you’re doing here and what Taiwan is learning from the Ukraine experience.
-
Okay, yeah, and this part, because it will be on the record, we will be making a transcript, but there is no video taken and will be each given, shared, 10 days to co-edit. So, if your questions pertain to, feel free to edit it out. But generally, I think…
-
Hi, my name is Zach. Hi, Russell.
-
Are you Zach? Nice to meet you, Zach.
-
I’m waiting for your call.
-
Oh, really? I found my way here. Thank you.
-
We’re just talking about the Ukraine experience because, indeed, as you know, the plan for the digital ministry has been going on for quite a while. And its original abbreviation, 數發部, is centered around development. So, you heard, you know, a new TSMC and things like that about software digitalization as basically Taiwan’s next export and things like that.
-
But all that changed with the Kyiv experience, with Russia’s unprovoked and illegal assault to Kyiv. Everything changed because then, for example, our abbreviation used to be 數發部 during the earlier days, but now we are 數位部.
-
We do have an administration for digital industries, but first and foremost, as you can see in the six strategic core industries of Dr. Tsai Ing-Wen, the cybersecurity itself is one of the six, not part of the information industry. So, all this basically says a strategic shift in the progress in industrialization of the digital industries being first and foremost supporting the safety and security needs.
-
Okay.
-
And because everyone really is interested in the question you just asked me, how Taiwan is learning from Ukraine. So, we get an influx of not just international correspondents, but also cybersecurity firms and people who are interested in this domain. And they’re all actually very willing to contribute just as people rushed to Fedorov’s and Zelensky’s help, and we have actual needs as well, right?
-
Last August, after Nancy Pelosi’s visit, we’ve got this historic high of cyber-attack. That is for the first time combined with propaganda and disinformation attack, which used to be in different arms in the PRC, but they are coordinated for the first-time last August. And after the so-called People’s Congress, we’re seeing more coordination also between the propaganda arm and the cyber-attack arm.
-
So, our other administration, the Administration for Cyber Security, is not working alone, but working with all the international democratic allies, and also with the National Institute of Cybersecurity, the NICE, which is a non-departmental public body. We have this institute that is not strictly speaking government to government, but it enabled, for example, collaboration with centers of excellence worldwide or other arm’s length institutes worldwide. So, we have G2G diplomacy with the more closely aligned democracies. But even for less closely aligned democracies, we also have NICE as an arm’s length collaboration point.
-
So, the two main points, one is the pivoting between a development or progress-oriented ministry into a safety-oriented ministry. And the participation of resilience for all and industrialization are all in support for the security or safety as the main public good is the first point.
-
And the second point is that the nature of international collaboration takes on a sense of urgency, because resilience means we’re investing in a plurality of suppliers. So, it’s not just Starlink, but also everybody, really. And the same for public cloud vendors. It used to be the CHT runs most of governmental digital infrastructure. Now it’s CHT and the National Center for High-Speed Computation and Google and Microsoft and Amazon.
-
And again, this is learning from the Ukrainian experience in that if you put all your egg in one basket, it becomes a bottleneck. So, we need to work with the plurality of suppliers. That’s the two main changes after Kyiv situation.
-
Thank you so much for that very good overview in terms of transformation of the responsibility of this organization. Given the broad mandate of the organization, many observers were curious to see how this organization would evolve and respond to the unprovoked and illegal invasion of Ukraine by Russia.
-
I think what you referenced in your second point was an emphasis on standard setting. What models are you applying as the standards that you are advising or requiring stakeholders adopt as part of your ecosystem? What models are you applying to as standards for the security and safety protocols that are now part of your organization’s purpose?
-
We have very specific scenarios. So, the cyber-attack following Nancy Pelosi’s visit was our constant reference, right? And, the other reference was recently when the island of Matsu got accidentally, you know, the submarine cables destroyed by one of the fishing vessels flying PRC flag. And then just a week or so after, accidentally another cargo vessel flying PRC flag caught the other submarine cable and left the Matsu Island without internet.
-
And so, of course, we very quickly worked with NCC and restored some of the bandwidth using microwave. The TTC, one of the institutes, deployed the mid-earth orbit satellite receiver, also in Matsu. And, of course, one of the submarine cables got repaired pretty quickly, so we have some resilience. But it showed everyone that, you know, the outbound and inbound links, if the adversary knows where they are, they can accidentally destroy them with a large earthquake at any given time.
-
So, we need to plan our defense and taking nothing for granted, right? We need to work with roaming between all the telecom providers as you did. We need to work with multiple satellite providers. We need to work with the cloud providers so that they provide local resilience, meaning that even when all the submarine cables are cut, the video conferencing between two people in the Taiwan’s jurisdiction can still happen without going through metadata to some other place in other countries.
-
So, this is not the kind of data localization stuff that other jurisdictions say “this is local resilience”, meaning that it should keep functioning domestically even when our outbound links are cut. And so that’s pretty urgent.
-
And the other one is a good enough cloud-based constant availability, backup, and things like that, so that when your people outside of Taiwan who want to know what’s actually happening, the international correspondents here in Taiwan can deliver still some real-time bandwidth to people around the world, and critical infrastructure and critical data, even if the data center in Taiwan gets all destroyed, there should still be some way to restore them. And again, this is a Kyiv experience.
-
Are you finding that there are the proper mechanisms in place right now between the interagency as well as with the private sector through which you are able to set and apply these types of standards? Are you finding that they are all in compliance with those standards?
-
Pretty much so. Yeah. Especially with private sectors originating from the United States, because the U.S. has long since considered the private sector as part of public infrastructure anyway. Just earlier this year, the .gov domain, like the government’s suffix of internet domain, the CISA of the U.S. contracted out to Cloudflare. So, this is quite symbolic. It means the private sector is now running pretty much all the governmental websites’ domain name system.
-
And so, I think the U.S. has pretty good cyber diplomacy capabilities. The U.S. has a cyber ambassador at large, I think reporting to the deputy secretary of state. And so that sort of diplomacy, including the private sector in a part of public-private partnership, multistakeholderism and so on, was always part of how the internet was governed. And so, because of this, our ministry doesn’t have a department of international cooperation as other ministries do. Instead, we have a Department of Democracy Network. So basically, we only collaborate with democracies, and we don’t insist on country-to-country relationships. It could be democracy-to-democracy, partner-to-partner, stakeholder-to-stakeholder. We’re very flexible. And we must be because the private sectors, as I mentioned, the public cloud vendors, Cloudflare and so on, are in a sense critical infrastructure provider that we need to partner with. And so, the U.S. has been very helpful in this regard.
-
As for interagency, well, I am actually, in addition to the Minister of Digital Affairs, also chair of National Cyber Security Institute. I’m also chair of NISC, and also the cabinet CIO. So, I have three levels of access. And so, if I need, for example, to work with the CIO, which are all deputy ministers in other ministries, I can use my cabinet email to have this interagency meeting. And conversely, I can also work at universities and so on that want to do cybersecurity research and so on through my NISC chairperson personality and without this Minister of Digital Affairs boundary between the public sector and academia.
-
So, I think this design is pretty flexible. And so far, I think all the interagency communications work quite well.
-
That’s wonderful to hear that it seems like it’s all being streamlined. You mentioned that during the speaker’s visit that there was the DDoS attacks. What was the quality of those attacks, in your view, were they substantively different? Or was the difference purely in the scale of the attacks that you observed? Can you talk about the features of these types of attacks that you are observing now and the ways in which you think the PRC may be utilizing these in future attacks against Taiwan?
-
Yeah, as I mentioned, what’s different was not just the scale, although the scale was quite different, but the coordination.
-
Once they successfully blocked temporarily the access to the major ministries, then they launched disinformation attacks, like the hate speech on the billboards outside the Taiwan Railway Station. It’s coupled with disinformation.
-
So, we need to also respond in a similarly coordinated way, because it doesn’t pay now to say, oh, this is disinformation, that is cyber, that is whatever propaganda, because they are all part of the same attack.
-
Right. I think you’re mentioning that there needs to be a coordinated response. To the extent that you are able to disclose, how is it? How are you coordinating? Are you training? Are you exercising potential crisis scenarios?
-
Right. Yeah, and running drills also. And the CODE defense exercise is public. We run once every two years, and we invite people around the world to be red teams, essentially, to simulate as close as possible to the actual scenario of a coordinated hybrid attack.
-
And this is every two years. This is held in Taiwan and you’re getting international partners to be able to participate. Are you getting substantive US participation in these exercises?
-
Yes.
-
Great. And those scenarios also involve potential mega disasters and not just potential…
-
All hazards.
-
All hazards.
-
Which is why I keep saying earthquakes.
-
Yeah. Right.
-
Because the same actually happened to our submarine cables. I think a decade or so ago, an actual earthquake destroyed an actual submarine cable that disrupted, I think, in the southern Taiwan. And we do have earthquakes that can actually disrupt communication.
-
And so, if there is an escalation in the traditional military sense, we expect the system that we built, the keys, will be handed to the military people. But we, in the civilian world, plan for all hazards, all disasters.
-
Is there interoperability? Are you looking at interoperability also between the civilian and military channels? Sort of networks on that so there is a channel by which…
-
Yeah of course, and also a shared posture. The posture is zero trust architecture. Everyone in the private sector is facing state-sponsored attacks. It’s not like those state-sponsored attacks will see you’re a dot com, so will not attack you because of, I don’t know, the Tallinn Manual’s rules of engagement or whatever. They don’t care.
-
So, whether you’re TSMC or whether you’re the administration, you’re subject to the same coordinated attack. And that means that the industrial standards, such as the SEMI E187, by the semiconductor supply chain, they suffer actually from the same degree of attack or even more because of industrial espionage and other needs of those state-sponsored attackers. So again, they adopt the same posture as the CMMC requirement of zero trust architecture. So, we’re converging to zero trust architecture as a shared way for the defense-oriented certifications and the civilian certifications and the private sector certifications so that the same techniques, the same tools, the same talent training and so on can interoperate and flow more easily between the different systems.
-
How much are your exercises, your planning, your strategy aimed or geared towards also enhancing civil resilience and civil defense efforts?
-
It seems like this is quite a top-down process as far as we have discussed so far. So, are you integrating civil society organizations to be better integrated into your trainings? And are there things that you can share in terms of examples that you are building right now as one part of this broader effort. Ukraine has been very effective in doing is getting their message out – and a part of that is having the capacity to be able to utilize the information channels and getting information out there, but having those communication channels already in place, not just the pipes, but then the people… the habits…
-
The norms.
-
The norms, exactly. And can you share a little bit about what you’re doing there?
-
So, in the IT army of Ukraine, what we have found is that there were already private sector practitioners of cybersecurity that already participated in those drills regularly. And they already know what are the important targets to defend and so on. And in this, the public cloud providers play a large role, as we can see, including Microsoft and other cloud providers play a significant role in defending Kyiv. They basically worked to reduce the attack surface, to absorb the initial waves of the attack, and also served as threat intelligence broadcasting center so that the people in the so-called ID army can act with good enough intelligence and also feedback their intelligence in OS and spelling case style so that Federal and team can make more informed decisions and so on. So that, of course, worked very well.
-
And so, to this end, the National Institute of Cybersecurity is working very closely with all these threat intelligence-gathering stakeholders to establish the norm. So that the private sector computer emergency response team, which is entirely private sector, can interoperate with more defense or administration or critical infrastructure oriented, so they share not just the threat intelligence, which they already share, but also the personnel and some of the flows.
-
And of course, there are boundaries to this because some of the private sector doesn’t want the state to know the kind of ransomware-attack they’re undergoing. But there are ways to basically use privacy enhancing technologies to ensure that the metadata is still shared meaningfully and people still know the situation and have awareness of what’s going on.
-
Taiwan has an election next year, you know, coming up in January. Are you seeing any sort of noticeable uptick in the types of online activities that was apparent in previous elections? What are your major concerns with regards to the types of threats vector that you’re watching here? And are there particular types that you are most concerned about that, that, you know, warrants closer attention?
-
Right. So, in terms of FIMI, Foreign Information Manipulation and Interference, which is an EU term that is easier to say than mis/dis/mal-information, which is impossible to pronounce.
-
(laughter)
-
So, in terms of FIMI, we have seen a lot in the scam front of the new use of voice cloning and also behavior cloning. So, for example, people would receive a phone call and they will answer it. And with just a few seconds of voice print, now AI can very meaningfully synthesize the acoustic model so that over the phone you never know who’s actually speaking there without a code word or zero trust fingerprinting digital signature or some kind. And this is a large threat vector. It means social engineering will probably always succeed if people are not aware of the voice cloning, and even video cloning now, capabilities is caught off guard and aware.
-
So, a lot of our work now in addition to resilience of all, is just the cyber awareness of everyone that basically picture and it doesn’t happen video and it doesn’t happen. Everything can be synthetic now. And we have pretty good reason to believe in my book here actually runs a fully simulated model of me that it will become interactive. Meaning that even if you ask hard questions that only Audrey is supposed to answer with language models that’s running entirely offline, so it’s impossible to detect. One can actually synthesize a very convincing script.
-
So, the main difference is that what used to be broadcast-level disinformation that requires going viral and therefore detectable can be now done like spearphishing in a precision level. So, individualized interactive persuasion at a scale of viral videos. That is an emerging threat vector enabled by language models.
-
Have there been any cases of this yet or is it something that you are preparing for?
-
In the scam world already. There’s very convincing voice cloning already. And video cloning there is… because video cloning currently is still quite compute intense, so I suspect that as the techniques goes easier on the hardware which is improving by the day, maybe by the next month or so, it will become like everyone’s phone can fully synthesize anyone. And then people will use those apps for fun as well. So, it’s not like it’s criminal only.
-
I mean it’s a lot of work that your agency is now doing. How big is your staff?
-
Yeah. So, in terms of full-time public service staff, it’s close to 600 people, but that doesn’t count the NICS which is another few hundreds people. So, all in all we have close to a thousand full-time staff.
-
Is that adequate?
-
I think it’s pretty good.
-
You know it’s always a matter within Taiwan that politics in some ways get involved. Does your agency have bipartisan support within Taiwan?
-
Oh yeah. Pan-parties.
-
Pan-parties?
-
All parties are supportive.
-
All parties are supportive. That’s really important.
-
Yeah. We made it quite clear because we founded last August which is close to another election, Mayoral election. So, we made a point of… for example all the directors, generals and administrators can theoretically be appointed by me from someone outside of public service. But I made a point of appointing each and every one of them from the career public service and not from outside.
-
(laughter)
-
That is to say we’re non-partisan in our nature and we’re not interested in meddling with the election at all. We’re just interested in countering FIMI and not in helping any party win. And I made a point of attending none of the rallies. I never attended any party rallies anyway. I don’t belong to any political party.
-
So, this time around I think because we’re in the transportation committee in the LY.
-
Last year, every time they interpellated NCC they invited me in because they think somehow I’m part of that. But this session not anymore, so we’re not confused with the NCC.
-
Right. It was sort of a matter of understanding whether or not there’s legislative authorities for the particular agency that you are in charge of, you know, and whether or not those authorities are competitive authorities.
-
Like the recent ruling on CTiTV?
-
Right.
-
It’s in the news. Yeah.
-
So, are those authorities clear then in terms of right now?
-
Yes. Because many of us came from NCC. Our vice minister 葉寧 came from NCC. And two of our departments did. So, we are very intentional in designing our mandates to not overlap that of NCC, in particular internet broadcasting regulation. So, any of the supervisory role belongs squarely in the NCC and we’re not revoking anyone’s license.
-
So, it sounds like right now you are almost entirely focused on security. How do you see your mandate evolving? Is this a permanent feature of your agency? Or would it change when the Ukraine war abate? How would you respond to that?
-
You mean like, what would we do next if the PRC regime repeals its anti-secession law?
-
No. That’s unlikely.
-
(laughter)
-
So, do you see then that security is being a permanent mandate of this organization and its focus?
-
Yes. And I think that is also why we’re sorted into the Transportation Committee because transportation, critical infrastructure, national security and cybersecurity and so on are the purviews of that committee. We didn’t get sorted into the economy subcommittee because well, the Ministry of Economic Affairs is still there. This puts our Administration for Digital Industries into a new role; instead of competing with the MOEA, it now augments MOEA, by taking care of the people who are by definition not part of MOEA’s mandate. For example, you mentioned civil defense. Many civil defense groups are of the type of associations, foundations, or co-ops. They organize the local people. They are not as interested in being publicly listed on stock exchange.
-
So, the startup and SMEs and so on, that’s the economy affairs. But for us, we’re working on digital resilience for all. So, we have significant amount of subsidies and so on that goes in the digital transformation of those local civil groups which is outside of MOEA’s purview, but it does help in the civil society resilience, especially communication resilience as you mentioned during the escalation, right? So, I think, and this is quite new actually to the administration people because many of them came from MOEA and they are now building fresh grassroots civil groups connections. But I think we’ve been doing pretty good in running all sorts of participation efforts around Taiwan, so that they can reconnect to the people who care about the resilience and security of the community and not that much about publicly listing or whatever investment.
-
You mentioned that there are certain areas where you as the agency head or Taiwan in general still needs more international support. In what areas would you specify as being the capabilities or the support that is most needed in the work that you’re doing?
-
Sure. So, we mentioned the critical infrastructure. The private sector stepping in as essentially critical infrastructure providers. That is for the short term. In the rollout of ZTA, the Zero Trust Architecture, we cannot do it alone. We must work with the NIST and CMMCs of the world to make sure that we’re rolling it out with international standardization bodies. And the same goes to, for example, if you want to upgrade to post-quantum cryptography, or we want to be resilient against interactive deepfakes. I don’t think only Taiwan faces that. Everybody faces that. So, we need international planning and coordination.
-
And for example, we’re also the competent authority for the Digital Signature Act. And so we do need, for example, to cross-recognize with the European, with the U.S. digital signature trust systems because that’s going to be the ongoing digital signature, and going to be the go-to solution to the interactive defect problem. Basically, only the things that are recognized as digitally signed are true. Everybody else is a bot. We’ll have to flip the default on our communication. So instead of swift trust, like trusting random posters on a stranger being a human, anyone who doesn’t have a blue tick coule be a bot — we can see recent actions by Twitter toward that direction. So, we’re very quickly going that route as well but then, we need to work with the research community to make sure that we don’t infringe on privacy because it’s easy to go into a real-name Internet with all the draconian state surveillance.
-
So, the EU sponsors a lot of privacy-enhancing technologies, verifiable credentials, decentralized identifiers, and so on, so that you can prove you’re a human or you’re 18 years old or whatever without revealing anything about yourself. And we do need to adopt that, especially that we’re going to have a personal data protection unit.
-
The incubator will start later this year, and hopefully by next year we’ll have a GDPR compatibility. So, we need legal support there as well to recognize essentially Taiwan as part of the CBPR and GDPR system, so that the data can still flow freely with trust.
-
So, that’s pretty much it. The infrastructure level, the communication level, and the standard setting level.
-
Are you having challenges and difficulties to be able to participate in these standardizing mechanisms?
-
It’s pretty easy now.
-
It’s pretty easy now? There aren’t any restrictions given Taiwan’s status?
-
It almost changed overnight with the Ukraine situation. It used to be that we had to sort… I was once in an open government partnership meeting before the Ukraine situation and I was representing Taiwan as a civil society organization, Taiwan as a CSO. And there are many contortions like the TPKM jurisdictions, separate custom territory, “country/area”, you name it. But now, after the Ukrainian situation, it’s very easy. We’re just democracies in the Summit for Democracy. We’re just partners in the Declaration for the Future of the Internet.
-
So, by participating as partners or democracies, we are full members but we don’t need to do this whole country/area/jurisdiction/regime dance. And this is quite fresh to me. And so far, we don’t have any problem directly pinging my counterparts under this state are part of this multistakeholder system of democratic partners.
-
And is this a direct output of the Summit for Democracy?
-
Yes.
-
That’s important to know.
-
And the DFI too. I think it really helped a lot in Taiwan.
-
That’s really important to know that there are concrete outputs in terms of how the SFD has helped to enhance Taiwan’s international space and its security as well, in particular in terms of being able to adopt these international standards and contribute to those standards.
-
What is your vision for the future of the digital space, digital transformation, some call the era we are in the fourth industrial revolution. What is the role of your agency in moving forward in this space.
-
I’m writing a book on that. It will be posted on plurality.net.
-
Wonderful.
-
Yes. Plurality, or collaborative diversity is a wordplay because “數位” in Mandarin means both digital and plural. Shu wei as in several, right? “數位部長”.
-
Right.
-
So, to me, the space that is digital embodies the promise that people who are very far away in terms of ideology, culture, ethnicity or whatever can be bridged by the space. And that’s the original promise of internet. It’s called the end-to-end principle,
-
and with the contributions of the participatory policymaking community, including the Twitter community notes, actually, and the language models fostering transcultural dialogues.
-
Of course, we have to sort our 20 national languages first, but it does carry the possibility of bridging across divide in a systemic way, and the peacemaking potential of internet is paramount. On the other hand, of course, we also see that under the wrong incentives, it will also foster addiction, synthesize intimacy. So, all these has its flip and dark side as well. And I think it’s our role in Taiwan, just as we counter the pandemic with a lockdown and the infodemic with no takedowns, to prove that it is possible to counter the threats to democracy by more democracy and not less democracy.
-
And that is the core of the vision.
-
I would love to be able to host you for a conversation about your book when it’s ready for publication. I think it sounds incredibly forward thinking and important to share to the world and our audience.
-
If I may be able to return to an earlier topic, an issue area that you have been very invested in and leading in Taiwan’s effort, certainly in recent years, is countering PRC disinformation. And how much of that is also within your current mandate, within MODA’s responsibilities? And how are you either working with your interagency partners and/or public-private partnerships in responding to this current crisis?
-
For the National Institute of Cybersecurity, we take a comprehensive view on FIMI, Foreign Information Manipulation and Interference. The adversary is coordinated and so should be the defense. So, although it is not in our ministerial mandate, it is in the institute mandate because the National Institute of Cybersecurity also has as part of the mandate to raise cyber resilience awareness for all. So, cyber security awareness for everyone. And it’s in that mandate the NICS can do this kind of FIMI countering work.
-
But we make it very clear that we’re not 新聞局 — we’re not revoking anyone’s licenses and we’re not saying this is news or that is not news. We’re not doing any content layer judgments. That belongs to the NCC.
-
What we are doing, though, is on the actor and behavior level. As I mentioned, the digital signature work that we’re doing to make it harder to impersonate 5,000 people at once and things like that. So, we tend to work on the upstream. That is to say to prevent interactive deepfakes from happening in the first place instead of taking anything down, which is NCC. I hope that answers your question.
-
Okay, no, that’s all right. I was unclear as to what is that.
-
It is ABC, right? Actor Behavioral Content. So, we’re on the A part.
-
That’s all us. And the behavior part is shared by multiple competent authorities. And the content part is all NCC.
-
Got it. Wonderful. Thank you so much for sharing all your insights.
-
This session has been very, very productive in terms of what you’ve been able to share with me, in just I think a relatively short time, but you’ve been very generous with your views.
-
Are there sort of anything on the horizon that you think are really important for the international observers to understand about what your agency is doing and the challenges that Taiwan faces with regards to within the digital space? And what are sort of like, you know, if there are sort of the most important takeaway?
-
The one takeaway?
-
Yeah.
-
Well, if you’re someone with eight years of contributions to the digital world, like if you have a GitHub project that is more than eight years old, well, you can get a Taiwanese gold card. So, even if you’re just 20 something, if you already in high school, like I did, contributed a lot to the community, that means that you get universal health care for your dental issues and also residency permits and open work permits for three years.
-
And this is quite different from the previous wave of gold card, which is aimed at professionals in their 40s and 50s. This is the first time that we’re issuing gold cards targeting people at their 20s. And those foreign talent can work anywhere anyway, right? They’re digital nomads. So, we don’t expect them to stay full time in Taiwan. But even if you just drop by and to understand what’s actually happening here on the ground, you stay for less than six months. You don’t have to pay tax.
-
You get multiple entry and you get to use this special gold card venues and things like that.
-
So, what we’re trying to do with the digital gold card is to make a culture of being also Taiwanese, just like I’m wearing this because I’m a Lithuanian e-resident. And the Lithuanian Ministry of Economic and Innovation gave me this T-shirt that says “labàdienà”. Because I was participating in international events, wearing this T-shirt, at a recent event the Lithuanian host said I’m the pride of Lithuania. It does create a bond between their interest and ours. And so, through the Taiwanese digital gold card, we also want people to try out Taiwan for a while.
-
If you make significant contribution for five years, because it’s renewable, on your second gold card term, and if you’re willing, we’re also giving you a passport of the R.O.C citizenship without you giving up the original passport. So, a dual citizenship. And that is, again, something that’s very new. That’s basically reserved for, I think, priests and nuns that have been serving the Taiwanese people for 60 years or something. They get that sort of dual citizenship. But now we’re offering this to AI experts, to cybersecurity experts, and so on. They’re always willing to consider Taiwan as a second home.
-
How long has this plan… this initiative been in place?
-
It started last week.
-
So, it’s very new.
-
Yes. Very, very new.
-
Okay. Well, thank you so much, Minister Tang. I think you’ve answered all my questions that I had, and I really appreciate your time. If there’s anything that, in GTI, that we can do to help to better inform the international community about the important work that your agency and the many important initiatives that you are undertaking here, do please let us know. And we would love to be able to engage you further in the future in our programming, should your time allow it. And please do keep everyone informed about what Taiwan is facing and what we can do to help.
-
Excellent. We need all the help we can get from the democratic allies.
-
And if the democracies work closely enough, maybe someday the PRC would drop their anti-secession law.
-
(laughter)
-
We will work hard on it.
-
Okay. Thank you.
-
Thank you so much.
-
Thank you.
-
Thank you, Zach. Take care.