A platform that deliberately collects no more personal data than it must, and whose back end sits outside Taiwan — when infringement reports and government letters arrive, how far can it comply, and what should it hold the line on? The answer Matters gives is not an elegant declaration of principles, but a string of judgments forced into being by real cases, each leaving its own trace of how it was handled.
For most platforms, the legal team's daily work is to “passively receive letters”: a lawyer's letter comes in, an official document comes in, and they reply by the book. Matters' legal work, from day one, has looked more like the front line of a running battle: junk ads, payment fraud, identity impersonation, government data requests, copyright reports — nearly all of it crammed onto the same timeline, forcing legal, product, and operations to move together the moment something happens. This is what sets it apart most from an ordinary content platformTWIGF 2026 簡報文字記錄Most platforms' Legal function ‘passively receives letters’; Matters' Legal function has been ‘the front line of a running battle’ from day one.
. This page takes that legal thread apart: when public authority and third-party rights-holders knock at the same time, how does a platform that treats “minimal collection” as a design premise draw a line it can actually stand behind, between complying and over-complying?
A structural premise: the back end sits outside Taiwan, and data is de-identified on a regular schedule
To understand every response Matters makes to an outside request, you first have to be clear about its legal foundation. On July 18, 2020, the platform's corporate entity moved from Hong Kong to the United States, and the governing law changed with it. This was far more than a company-registration formality: it came after Hong Kong's National Security Law was passed, and it was a structural choice. The corporate entity and the governing law moved togetherMatters 治理史時間線2020/7/18 the user agreement was changed to that of a U.S. company
Source link ↗That thread leaves a clear trace in the version history of the user agreement and privacy policy: the first version still cited Hong Kong law as its legal basis, while later versions changed to “the governing law and community self-governance precedents” — you can see that the company's whole structure and its governing jurisdiction had moved along with it. The agreement's legal basis was rewritten as the entity movedMatters 治理史時間線Launched the first version of the Matters user agreement and privacy policy
Source link ↗
The other half of that foundation is its attitude toward personal data. Matters requires no real names, asks for no personal data at registration, and has no private-messaging feature, and its back end deletes and de-identifies data on a regular schedule. As a product decision this is a matter of censorship resistance and user safety; placed in a legal setting, it becomes, almost by accident, a line of defense. When an outside request demands that the platform “hand over a particular user's particular record,” it is often not that the platform is unwilling to give it, but that technically it simply does not have that thing in hand. This premise steers the handling of every government letter that follows toward one and the same kind of response.
Infringement takedowns: give the user 24 hours first
The earliest legal pressure the platform faced came from third-party rights-holders' takedown A rights-holder or competent authority asks the platform to remove or hide infringing / violating content. requests. In August 2020, Microsoft Taiwan wrote in, asking the platform to take down an article promoting illegal Microsoft product keys. Operations' assessment at the time was blunt: “Microsoft's argument was well-founded,” but “out of respect for the user” it did not simply delete the piece — it left the user a procedure. The argument held, yet the user was still given a chance to explain firstLegal 進程Microsoft's argument was well-founded. Out of respect for the user.
From this case, the platform settled on an infringement-handling process it still uses today:
Infringement-report handling SOP (established 2020.08)
- Write to the user asking them to consider hiding the content themselves, or to offer a corresponding explanation — give them 24 hours;
- If there is no reply by the deadline, the platform may hide it directly; if the user gives a reason but it is unpersuasive, the platform may also notify them and then hide it.
The design of this process centers on putting the user back into the procedure, rather than rushing to a verdict on “take it down or not”: notify first, set a deadline, allow a defense, and act only when the deadline passes or the reason falls short. Notice and a deadline are the core of the SOPLegal 進程If we receive no reply within the set time, we can hide it directly; if the user gives a reason but it is unpersuasive, we can also notify them and hide it.
Source link ↗. It and the “ethical mirror” held up in the chapter on governance history (the DNS-RPZ mis-block) are really two directions of the same principle: the procedural transparency and the chance to appeal that the platform demands of its users are exactly what it would later hope to receive itself, once it became the governed party.
Infringement requests would later reach a scale far beyond what article-by-article handling could manage. From August 2024, the platform began receiving DMCA A U.S. copyright law often used to send infringement-takedown demands to platforms or their infrastructure providers. reports and copyright-related complaints in large numbers, pouring in through channels such as Cloudflare, AWS, and Google — mostly articles of various kinds involving copyright. Reports poured in through multiple infrastructure channelsTWIGF 2026 簡報文字記錄Poured in en masse through Cloudflare, AWS, and Google
Under the DMCA wave, all it could do was hide some articlesLegal 進程The overall volume was too large; we hid some of the articles. For now there is no better way to handle it.
. Faced with this order of magnitude, operations admitted “the overall volume was too large,” and could only hide some of the articles, with “no better way to handle it for now.” What this reflects is the reality of limited staffing: deal first with the clear-cut violations, which is a long way from a mature, settled system.
Identity impersonation: when “collect no personal data” meets “you need to prove you are you”
Also in August 2020, the platform met its first case that touched real-world law and, more than any other, forced its internal contradiction to the surface. A woman wrote in to say that her ID document and mobile number had been stolen; the impersonator had registered a fake account on the site and posted content harmful to her (for example, solicitations for sex), and she asked for help taking it down. The first case of a real identity being impersonated to postTWNIC 初稿 運營 workingHer ID document and mobile number were stolen; the impersonator registered a fake account online and posted content that harmed her.
(In keeping with this page's de-identification principle, the person is handled in a role-based, abstracted form.)
This was the first time the platform faced a legal situation where the true and the false were hard to tell apart. The process was: ask both the reporter and the account holder to provide proof-of-identity documents, and tell the account holder that if there is no reply within 24 hours, the account will be frozen first and the article force-hidden; and that if the account gives no further reply within the week, it will be cancelled. Both sides produce proof, a timed freeze, cancellation on defaultLegal 進程Write to both the reporter and the account holder, asking each to show proof of identity. 2. If the account does not reply within 24 hours, freeze the account and hide the article. 3. If the account gives no further reply within the week, cancel the account.
Source link ↗This case was ultimately verified as genuine: the reporter really was who she said she was, and she had already filed a police report, with a record on file.
What it truly exposed is a tension there is no dodging: the platform collects no personal data, yet cases like this one require precisely that the person provide proof of identity before the platform has any way to proceed. Operations put the difficulty plainly itself:
“How is the platform supposed to judge who is real and who is fake? Matters does not collect users' personal data, and registering an account requires no personal data at all — but this case really did need the user to provide proof of identity before the platform had any way to proceed. And when an incident may endanger a real person's physical safety or rights, how do we handle it efficiently and precisely, in a way that balances the interests of both the site's users and the person involved?”
This passage points to the price of the “minimal collection” principle: it protects the vast majority of users from being easily identified or easily handed over, but it also means that when real harm occurs and an identity has to be established, the platform must “borrow” proof of identity from the person on the spot, in order to find a path between protecting privacy and protecting the victim. Rather than a loophole, this looks more like a cost that any platform which takes privacy as its premise has to bear itself.
Government letters: reply politely, but do not over-comply
What best embodies the effect of the “separation of jurisdiction” is data requests from government agencies. Line up the known, named cases side by side and a highly consistent pattern of response emerges.
| Time | Source & request | Handling |
|---|---|---|
| 2023.02 | An official letter from the Investigation Bureau of the Ministry of Justice: in the course of a criminal investigation, it needed to look up a certain account's registration data and linked wallet | After discussion with counsel, the reply was: the back end is not in Taiwan, and data is deleted and de-identified on a regular schedule, so it could only answer that the account had no linked wallet; the rest of the data could no longer be recovered |
| 2023.05 | An official letter from the Taichung Police Department: in the course of a criminal investigation, it needed a user account's IP address | Received only half a year later; no reply |
| 2024.11 | iWIN, the online-content protection body, reported pornographic content on the site (established and operated by the private sector under a government mandate by law — not a government agency) | For violating platform rules, the offending account was cancelled |
| 2025.07 | An official letter from the Taipei Police Department: investigating a defamation case, it asked for materials such as a user's IP address | No reply |
The wording of the reply in the Investigation Bureau case is worth reading word for word, because it distills the entire stance into a single sentence:
“Because the platform's back end is not in Taiwan, and the back end deletes and de-identifies data on a regular schedule, upon inquiry the back-end staff could only state that this account had no linked wallet; the rest of the data could no longer be recovered.”
This reply is nothing like a refusal to cooperate; it is closer to a factual account that it truly has no data to hand over. What it reports is a factual state, not an attitudeLegal 進程Because the platform's back end is not in Taiwan, and the back end deletes and de-identifies data on a regular schedule, upon inquiry the back-end staff could only state that this account had no linked wallet; the rest of the data could no longer be recovered.
Source link ↗Set against the same year's Taichung Police letter — “received only half a year later, no reply” — and the “no reply” to the 2025 Taipei Police defamation case, you can see that the platform's posture is not to ignore everything across the board, but to sort by situation: the iWIN report of content endangering minors was handled at once and the offending account cancelled; requests for data in criminal investigations, by contrast, come back to the factual question of “does it technically exist,” and often there is simply nothing to provide. The presentation sums up this posture in one line:
“Reply politely, but do not over-comply. Because we never collected any excess personal data to begin with, there is not much we could hand over anyway.”
The key word in that sentence is “over.” The nerve to not over-comply comes from minimal collectionTWIGF 2026 簡報文字記錄Reply politely, but do not over-comply. Because we never collected any excess personal data to begin with, there is not much we could hand over anyway.
. It builds “non-compliance” on a design decision made in advance, rather than on a posture of resisting law enforcement in the moment: when you collect no excess personal data from the very start and de-identify on a regular schedule, the line between “refusing to hand it over” and “having nothing to hand over” blurs, and the platform need not make a fresh political judgment before every letter, because the answer was written long ago into the system's data-retention policy. It should be added that what is presented here is the platform's self-described stance in its outward communications and the handling of known cases; as for the more fine-grained internal judgments on police requests, the scope of this project requires them to be treated in the abstract, and they are not attributed case by case here.
API abuse: keeping “open” apart from “out of control”
Not all outside pressure comes from public authority. In May 2023, because the API An outward-facing interface that lets other programs connect in and automatically draw on the platform's data or features. was open and the cost of malicious use was low — and because the caller's data might be inaccurate — the platform saw a bout of negative effects in the community, and even a risk of things spinning out of control. An open API abused at low costLegal 進程Because the API is open, the cost of malicious use is low, and because the caller's data may be inaccurate, it caused negative effects in the community and even a risk of things spinning out of control.
The platform did not pull the openness back over this; instead it added a set of rules for developers using the API, laying a layer of usage norms between “keeping it open enough to connect to, and to fork and reuse” and “preventing abuse.” This is the same line of thinking as the tiered disclosure discussed in later chapters: open does not mean unconditional — you have to spell out “what it may be used for.”
When the platform becomes the governed: the ethical mirror of the DNS-RPZ mis-block
This legal thread finally flipped onto the platform itself. During the 2025 Lunar New Year, some users in Taiwan suddenly could not reach matters.town; the screen showed a “counterfeit address” warning, with an appeal link to TWNIC The non-profit that manages Taiwan's domain names and IP addresses. beneath it. The cause was that a member of the public had reported a secondary-scam post on the site to the Administration for Digital Industries, triggering a DNS-RPZ Tampering at the level of the internet's “phone book”: the lookup result for a given address is altered or blocked, so users can no longer reach the original site. mechanism that blocked the entire site at the domain level. An individual violation at the content layer led to a whole-site block at the infrastructure layerTWNIC 初稿 運營 workingThis was likely TWNIC, after receiving a report, blocking access to the Matters.Town site by intercepting and rewriting DNS queries.
. The full story of the incident is in the chapter on governance history (the DNS-RPZ mis-block). Placed on this legal thread, its meaning is to turn “the platform handling other people's requests” entirely on its head: for the first time, the platform became the party being acted upon and having to ask for a remedy.
The breakdown of procedure was especially glaring. Although the block page came with an appeal URL and phone number, it happened to fall over the holiday when the case officer was off, so “the appeal channel existed in form but could not actually be started.” Under TWNIC's own procedure, the site administrator should first be notified to take the content down, and a block should follow only if nothing is done — yet the platform never received any notice; it was blocked with no warning. When it afterward asked how the losses caused by having no one to reach over the holiday would be remedied, the officer said they would ask about the remedy mechanism, but “in the end it came to nothing.” The remedy existed in form but failed in substanceTWNIC 初稿 運營 workingIf wrongly blocked you can call the appeal hotline, but we asked back: during the New Year holiday there was no one to reach, so what about the losses from having the site blocked? The officer said they would ask about the remedy mechanism, but in the end it came to nothing.
In the end it took reaching the TWNIC director-general directly through a personal connection to get the block lifted within hours — but by then the site had been wrongly blocked for three days.
Connect this incident back to the earlier SOP and a complete mirror appears. What the platform designed for infringement reports was “notify first, set a deadline, allow a defense”; what it demanded of its users was procedural transparency, an appeal channel that could actually be found, and losses that could be remedied. Yet once it became the governed party itself, what it got was no warning, no one to reach, and a remedy that came to nothing. Operations put this realization very frankly:
“In the past, Matters always played the role of the platform — receiving user reports and handling disputed content. The rules of governance matter, but the corresponding remedy mechanism matters just as much: once the procedure is not complete enough, it can cause harm, exactly like the situation Matters found itself in in this case.”
From individual cases to institution: what this thread is trying to say
Line up the infringement SOP, the identity impersonation, the government letters, the API rules, and the DNS-RPZ mis-block, and a consistent governance philosophy surfaces. And almost none of it was designed in advance; most of it was forced into being by one real case after another, and then settled into place:
- Procedure before verdict. Whether it is leaving the user 24 hours or asking both sides of a report to produce proof, the point is to “give the procedure first,” rather than rushing to a penalty.
- Not over-complying is built on minimal collection decided in advance. “There is not much to hand over” is the result of a design, not a posture struck in the moment, so there is no need to redo a political judgment for every letter.
- The separation of jurisdiction hands the judgment back to technical fact. With the back end outside Taiwan and de-identification on a regular schedule, the line between “refusing” and “having no way to provide” falls on the verifiable question of whether the data still exists.
- Apply the same measure to yourself. The transparency, appeal, and remedy it demanded of its users became, in 2025, exactly what it hoped to receive when it was the one being governed.
This thread echoes the chapter “NCC clause-by-clause compliance self-assessment” directly: when the platform treats “notice in advance, an appeal channel that can actually be found, and the principle of proportionality” as its demands on external governance, it is in fact asserting a minimum set of procedures that should hold no matter who does the governing — and that measure includes the platform itself. Matters' value lies not in every one of its judgments being correct, but in its having left the traces of those judgments behind, so that those who come after can use them as a basis to debate: a platform that deliberately collects no personal data and keeps its back end offshore — how far, in the end, can it comply, and what should it hold the line on? This is exactly the square that “opening the box, transparently” wants to lay out on the table.