On 31 December 2025, the NCC Taiwan's competent authority for communications and broadcasting affairs. published two soft-law guidelines on the same day, setting out clause by clause what a platform ought to disclose, and how it ought to give the people it acts against a path to appeal. A platform whose every line of code and every user agreement is public is the best possible sample for testing whether these two guidelines are workable. This page unfolds that self-assessment into a checkable list.

At a TWIGF panel, the host was blunt about how it began: because Matters open-sources even its user terms, he simply fed both guidelines in and matched them clause by clause. He described it as an itch he couldn't resist scratchingTWIGF 逐字稿(校正版)I just fed the whole thing in to see how compliant it was, and it turned out almost everything was already compliant — only about ten to twenty percent still needed a little more work, and from there he turned the point around into a suggestion for the administration: to “look back and check whether our own rules are actually workable.” What this page sets out to do is take that vague impression — “only about ten to twenty percent left” — and turn it into a table that marks each item Met / Partial / Gap. This table is not just for Matters itself; it is also a ready-made working draft for any other small or mid-sized platform in Taiwan that wants to look in the same mirror.

Every compliance verdict on this page is the platform's own self-assessment, not an official certification by the NCC or any third party. For anything that involves NCC-related code changes, the engineering work has so far only been merged into the develop branch and is not yet in production, so it is marked in-progress throughout; the guideline clauses are listed verbatim from the two PDFs, and the status column reflects the self-check as it stood at the time of writing.

What the two guidelines ask for

The division of labor between the two guidelines actually maps onto two sides of platform governance: one governs “how much the platform says to the outside world,” the other governs “whether the people the platform acts against have anywhere to turn.”

The Transparency Report Guidelines for Internet Service Providers split the disclosure duty into two layers — basic and advanced — with seven items each. The basic layer asks a platform to publish a report at least annually, with a Traditional Chinese versionNCC 透明度報告指引publish, on a regular basis (at least annually), a transparency report covering the internet service provider's operations relating to our country, and to provide a Traditional Chinese versionSource link ↗, and to disclose the basis for content moderation, the reporting period and reason categories, the outcomes of handling and the use of automated tools, and the workings of its complaint-and-remedy mechanism — plus one item especially sensitive for a censorship-resistant platform, the number of government requests for user data, the agencies, the legal basis, and the response rateNCC 透明度報告指引disclose information about government requests for internet service users' data, including: 1. the requesting authority … 2. the legal basis for the request … 6. the number and proportion of the internet service provider's responses to government requests, together with the privacy policy and announcements of major policy changes. The advanced layer stacks more on top: the criteria and resource allocation for content moderation, cybersecurity and up-front prevention, the sharing and use of personal data, the design of the recommendation system and product interfaceNCC 透明度報告指引explain how the recommendation system and product interface enhance internet service users' informational autonomy, or mitigate the emergence of filter bubbles and echo-chamber effects, multi-stakeholder exchange, public-private cooperation, and the promotion of digital literacy.

The Complaint and Remedy Mechanism Guidelines for Internet Service Users start from the “source of harm,” sorting it into three types — government bodies, the platform itself, and other usersNCC 申訴及救濟機制指引where the harm to an internet service user's rights originates from a government body … where the harm originates from the internet service provider … and where the harm comes from the conduct of another internet service user, the design of the complaint-and-remedy mechanism should focus on helping the affected internet service user restore their rights — and design a suitable channel for each. The basic layer's seven items ask the platform to provide clear complaint-and-remedy channels and procedures, a Traditional Chinese option, clear notice when service is restricted, public content-moderation rules, measures to restore rights, and the exercise of personal-data rights — plus the one link where Matters is currently weakest, establishing a reasonable handling timeframe and a queryable case historyNCC 申訴及救濟機制指引explain the reasonable timeframe for handling under the complaint-and-remedy mechanism, or by means of email, a form, or a portal page, enable internet service users to learn of, update, or review the status of their own case. The advanced layer asks for case-level examples of the criteria and specific reasons, case-by-case disclosure of AI/automated tools with a channel for supplementary explanation, channels for exercising rights that go beyond the law, abuse prevention, dedicated personnel in Taiwan and their training, and easy-read, accessible versions for different groups.

Overall verdict: all four categories land at “partially met”

Adding up the 14 basic items and 14 advanced items across the two guidelines, and checking off these 28 items one by one, the overall verdict for the four categories is as follows. We deliberately withhold a tidy “compliance score,” because the guidelines themselves are soft-law and the items carry unequal weight; forcing a percentage on them would only manufacture false precision.

14 + 14
the basic + advanced items of the two guidelines (self-assessed)= 28 items in total
4 / 4
all four categories verdicted “partially met”none fully met, none entirely empty
in-progress
status of NCC compliance code changesmerged to develop only, not yet in production

The strongest compliance footing is in fact a mechanism already up and running: Community Watch turns the handler, the reason, the timestamp, the appeal, the re-review, and the public record into a process outsiders can inspect — closely aligned with the two guidelines' spirit of “transparent procedure, usable remedy.” Community Watch has a public-facing service page and open recordscommunity-watch(服務頁)Source link ↗, and it proves that Matters can deliver auditable governance. What really needs shoring up is to take that capability and institutionalize and open it up — from a single mechanism into a fixed section a regulator can understand, which is exactly what the two guidelines ask for.

Transparency report · Basic items (7)

The verdict on this layer can be summed up in a sentence: Community Watch has already pulled off the hard part — “real-time public records” — but three pieces, the annual Traditional-Chinese transparency report, disclosure of government requests, and the automation ratio, have not yet become a deliverable that outsiders can check against on a fixed basis. Overall, “partially met, on the low side.”

Guideline clause (basic)Self-assessmentBasis & gap
(1) Publish a transparency report on a regular basis, with a Traditional Chinese version Partial Community Watch keeps real-time public records in Traditional Chinese, but there is no annual-style transparency report section.
(2) Disclose the basis, reporting period, and reason categories for content moderation Partial Community Watch already states the basis and reasons for handling, but lacks a summary over fixed reporting periods and day counts.
(3) Disclose the figures, outcomes, and use of automated tools in content moderation Partial How things are handled (hidden / not acted on) is public, but the ratio of automated to human handling is not quantitatively disclosed.
(4) Explain how the user complaint-and-remedy mechanism operates Partial Community Watch has appeal and re-review procedures, but lacks statistics on the number, types, and handling time of appeals.
(5) Information on government requests for data (agency / legal basis / count / response rate) Gap The privacy policy has a “may disclose as required by law” clause, but there are no statistics on the count, agencies, legal basis, data types, or response rate. Currently the clearest unmet item.
(6) Privacy policy and the collection, processing, and use of personal data Met The privacy policy already covers what is collected, retention periods, how data is used, and users' personal-data rights.
(7) Announcements of major policy changes Partial There is a public update channel, but “major algorithm changes” have not yet been fixed into readable announcements.

Item (5) is the sharpest cell in this self-assessment, and it is saved for its own section at the end. It involves more than “whether the statistics are compiled”; it is the question of how far a censorship-resistant platform is willing — and able — to lay open even “how it responds to state power.”

Transparency report · Advanced items (7)

The overall verdict on the advanced layer is “not yet systematized.” Most of the raw material actually exists — scattered across the privacy policy, Community Watch records, engineering documents, and public articles — it just hasn't been organized into a report section that can be checked against. What's interesting is that the two items Matters is genuinely most confident about in this layer happen to be the two usually treated as hard: open source is itself the most thorough disclosure of “criteria and resource allocation,” while recommendation-system transparency nearly clears the bar in reverse, thanks to a rare product decision in the platform's history.

Guideline clause (advanced)Self-assessmentBasis & gap
(1) The criteria and resource allocation for content moderation Partial The anti-spam detection framework is already public — outsiders can read, adapt, and reuse it, and the decision logic is transparent; but staffing / training / support measures are not written down.
(2) Measures to improve cybersecurity, prevent problems up front, and mitigate risk Partial In practice it has long absorbed and fended off attacks, but lacks an outward account of up-front prevention and mitigation measures.
(3) Information on the sharing and use of personal data Partial The privacy policy has a basis for sharing, but data-minimization measures, recipients, purposes, and storage regions are not written into a section.
(4) The design of the recommendation system and product interface (mitigating filter bubbles) Partial The factors affecting visibility (interaction, reports, moderation, popularity) are public and checkable; homepage recommendations were deliberately de-emphasized after years of user feedback, but there is still no formal recommendation-transparency page.
(5) The state of multi-stakeholder exchange Partial This research project is itself one round of multi-stakeholder exchange (the TWIGF panel, user interviews, outside experts), but it has not yet been fixed into a standing consultation process.
(6) Actions on public-private cooperation Gap No outwardly disclosed mechanism for rapid reporting, emergency cooperation, or intelligence sharing.
(7) The actual state of digital-literacy promotion and educational resources Gap There are occasional public articles, but no formed literacy-promotion program or educational-resources page.

Behind item (4) lies a piece of platform history worth recording. At TWIGF, an early, senior user recalled that once the homepage recommendation algorithm was made public “you could game it,” and that after several years the platform simply de-emphasized the homepageTWIGF 逐字稿(校正版)the users' voices bore fruit, and it evolved to where it is now: Matters de-emphasized the homepage, and the homepage is no longer Matters' main source of traffic. That means “mitigating the filter bubble,” for Matters, is mainly not about adding new features; it is more like writing up a product decision that has already happened, in a way the guidelines can understand.

Complaint and remedy · Basic items (7)

This is the layer where Matters has the deepest foundation: in-site reporting, a support mailbox, Community Watch appeals, content restoration, and privacy requests all already exist, and each individual channel would pass. What really jams the overall verdict (“partially met”) are two structural things: there is no single unified entry point, and there is no platform-level case status or handling deadline.

Guideline clause (basic)Self-assessmentBasis & gap
(1) Provide clear complaint-and-remedy channels and procedures (including referral when the harm comes from a government body) Partial In-site reporting, hi@matters.town, and Community Watch appeals all exist, but they are scattered around with no unified entry point, so users have to know which one to look for themselves.
(2) Provide a Traditional Chinese option Met The interface and channels natively support Traditional Chinese.
(3) Give clear notice when a user's service is restricted Partial Account-level actions come with notice, but per-case notice is inconsistent when content is put in the “quiet room” (kept off the homepage).
(4) Disclose the rules for content moderation Met The community guidelines and moderation rules are public; the detection framework's code is public, making the rules inspectable.
(5) Measures to restore rights (restoring service, unblocking, transferring access, backups, etc.) Met Actions are reversible by design (e.g., the quiet room rather than deletion), and articles themselves remain accessible from outside the site via distributed storage (IPFS).
(6) The exercise of rights under the Personal Data Protection Act Met The privacy policy offers channels to exercise personal-data rights such as access, correction, and deletion.
(7) Establish a reasonable handling timeframe and case history Gap Community Watch records have a status, but an ordinary report only gets a “submitted successfully,” with no case-status progression and no clear handling deadline.

The “reversibility” in item (5) is the prettiest cell Matters has in these guidelines, and it is almost a byproduct of the technical architecture. At TWIGF, an engineering contributor explained that an article judged to be spam is not deleted but kept off the public areaTWIGF 逐字稿(校正版)it isn't deleted or blocked outright; it's just kept out of the public area … if you paste the URL in, you can still open the content of these articles, so it's actually a fairly gentle approach; on top of that, the content itself lives on IPFS and can still be retrieved from outside the site by its fingerprint. Restoring rights here needs no extra feature built — it is an escape route the design left open from the start.

Complaint and remedy · Advanced items (7)

The advanced layer is the lowest patch in the whole self-assessment (“partially met, on the low side”): case-by-case disclosure of AI/automation, dedicated personnel in Taiwan, easy-read accessible versions, and stakeholder consultation are mostly not yet institutionalized. This is also where engineering meets governance: the model may be open-source, but once decisions like score thresholds and auto-collapse affect whether a post is shown, what the guidelines want is to spell out the source of handling on every single case — and that is currently written only in engineering documents.

Guideline clause (advanced)Self-assessmentBasis & gap
(1) Explain examples of the criteria for content moderation and the specific reasons Partial The rules and framework are public, but there is no case-level compilation of examples or account of specific reasons.
(2) Disclose the use of automated tools in individual cases, and provide a channel for supplementary explanation Gap Community Watch already states that “automated tools do not delete outright,” but the spam-content model, its scores, and thresholds remain in engineering documents; per-case notices do not state the source of handling or how to appeal.
(3) Explain channels for exercising rights that go beyond what our country's law provides Partial In practice, actions are reversible and minimized by design, but this is not spelled out in a transparency report or policy.
(4) Prevent the complaint-and-remedy mechanism from being abused Partial Historically it trialed a jury and a petition-voting mechanism (since discontinued); there is currently no formal account of abuse-prevention review or prioritization.
(5) Build public-private cooperation and multi-stakeholder exchange and consultation mechanisms Partial This project is itself one round of multi-stakeholder exchange, but it has not yet become a standing consultation mechanism.
(6) Assign dedicated complaint-and-remedy personnel in our country, with training Gap No written arrangement for dedicated personnel in Taiwan or a training mechanism.
(7) Improve the accessibility of the complaint-and-remedy mechanism for different groups (easy-read version) Gap No easy-read / info-card / simplified accessible version of the appeal instructions.

The “Partial” on item (4) carries a lesson. Matters once trialed, in 2021, the “Matters City architects” jury that let the community take part in rulings; the operations lead admitted at TWIGF that this system ran for only one term before it was discontinuedTWIGF 逐字稿(校正版)this jury actually only ran for one term — about a year — and after that we didn't continue, and handing verdicts with blurry boundaries to ordinary users instead sank into subjective persuasion and canvassing for favors. It's a reminder of one thing: the “abuse prevention” the guidelines want must, beyond blocking malicious reports, also keep the remedy mechanism itself from being captured by favors and follower counts — and that is far harder than writing an institutional document.

From self-assessment to shoring up: build the compliance shell first, then automate the report

Pull together the gaps from the four tables above, and the five that most deserve priority are actually related: the missing unified complaint entry point, the missing platform-level case status and handling deadline, the missing data model that can reliably produce a transparency report, the missing disclosure of government requests, and the insufficient case-by-case disclosure of automation and AI. What they have in common is that most are not beyond technical reach; they just haven't been organized into a fixed form outsiders can check one by one.

So the route to shoring up deliberately goes “shell first, automation later,” in three stages.

A word for other small and mid-sized platforms in Taiwan: don't be scared off by “28 items.” The real message of this table is that the first stage of compliance is almost all about writing down what you already do and putting it in the right place. What's genuinely hard is institutionalizing and opening it up; adding new features comes second. An auditable handling process like Community Watch will get you closer to the spirit of the guidelines than a pretty report.

One tension you can't get around: transparent “open-the-box” has to lay open even “how you respond to the government”

The one item in this self-assessment marked the clearest “Gap” — and the hardest to fill — is item (5) of the transparency basic layer: the count, agencies, legal basis, and response rate of government requests for user data. What makes it hard has nothing to do with how tedious the statistics are; it touches a censorship-resistant platform's core contradiction.

Matters' factual stance on government data requests was put plainly by the host at TWIGF: the platform entity has already moved, the backend is not in Taiwan, and faced with an incoming letter it tends to respond minimally, most often not at all, handling only things like child-protection reports right awayTWIGF 逐字稿(校正版)the direction we hope to achieve is to respond in a minimized way — and usually, more often than not, there is no response … the ones where there's a real problem, like child-protection reports, are the ones we respond to right away. This is a posture deliberately chosen by a platform that draws cross-border, sensitive writers and must protect user safety.

And what the NCC transparency guidelines require disclosed is exactly that: “how many were received, which agency, under what law, how many were answered.” So if “transparent open-the-box” is to be thorough, then beyond disclosing how it governs its users, the platform must also disclose how it responds to state power. For a platform that treats “having no data to hand over, and not necessarily responding” as a means of protection, this is a disclosure boundary to be judged with care. Disclosing the count and the agencies might itself reveal which writers are being watched; disclosing nothing at all is precisely the opacity the guidelines mean to correct. This puzzle has no clean solution; it is two sides of the same problem as “tiered disclosure”: transparency itself needs to be governed. Deciding what to lay open, to whom, and when is inherently one of the heaviest calls in platform governance.

So what this mirror reflects, more than a pretty report card, is a conclusion worth recording: the procedural transparency, accessible complaints, and usable remedy that Matters asks of its users are exactly what it most needs to shore up when it holds itself against the guidelines. Community Watch has already proved it can deliver auditable governance; what remains is to grow that capability from a single mechanism into a platform-level institution a regulator can understand — and the first leg of that road is shorter than it looks.