Text and Data Mining

Text and Data Mining (TDM) is the automated process of analyzing large amounts of digital information to uncover new knowledge, patterns, and insights. It is a foundational technique for developing artificial intelligence. Legally, TDM is explicitly defined and regulated under the EU's Directive on Copyright in the Digital Single Market (Directive (EU) 2019/790), which provides exceptions for research and general purposes under specific conditions. In enterprise risk management, TDM is a critical component of AI governance frameworks, requiring robust controls to mitigate risks such as copyright infringement, personal data misuse under GDPR, and algorithmic bias. It must be managed within a structured system like one aligned with ISO 31000 (Risk Management) and ISO/IEC 27701 (Privacy Information Management).

In enterprise risk management, TDM is implemented through a structured, three-step process. Step 1: Scoping and Risk Assessment. Define the business objective and identify all data sources. Assess associated legal risks, such as determining the lawful basis for processing personal data under GDPR Article 6. Step 2: Policy and Control Implementation. Develop clear data handling policies and implement Privacy Enhancing Technologies (PETs) like pseudonymization. Ensure data usage complies with copyright licenses or legal exceptions. Step 3: Monitoring and Auditing. Maintain comprehensive records of processing activities as required by GDPR Article 30 and conduct regular audits. For example, a global bank uses TDM to analyze financial news for risk signals, ensuring compliance by using licensed news feeds and filtering personal data. This approach can increase regulatory audit pass rates to over 95% and reduce compliance-related fines.

Taiwan enterprises face three key challenges. First, legal uncertainty, as Taiwan's Copyright Act lacks a specific TDM exception like the EU's, forcing reliance on the ambiguous 'fair use' doctrine. This creates unpredictable legal risks. Second, cross-border data governance, as using international datasets requires compliance with complex regulations like GDPR, including implementing data transfer mechanisms such as Standard Contractual Clauses (SCCs). Third, a talent and resource gap, where many firms lack the expertise to build compliant TDM pipelines. To overcome these, enterprises should adopt a risk-based approach, conduct thorough 'fair use' assessments, prioritize licensed data, and partner with specialized consultants to implement management systems aligned with international standards like ISO/IEC 27701.

Winners Consulting specializes in text and data mining for Taiwan enterprises, delivering compliant management systems within 90 days. Free consultation: https://winners.com.tw/contact