近期各國電信業者致力使用大數據於經營及應用服務，包括顧客經驗管理、網路優化、營運分析及資料變現等範疇。臺灣業者卻因個資法中對去識別化的規範不明而躊躇不前，致使相關發展呈停滯狀態。本研究以電信服務為例，從資料所有權檢視資料變現應用與消費者個資保護的權衡，訪問主要業者法務及資訊部門主管，並調查消費者對其個資保護的憂慮。本文也邀請產官學研探討如何平衡雙方意見，並提出政策法規的困境及解決之道。研究顯示，消費者對業者使用大數據的信任度明顯偏低，而電信業者則認為個資法對去識別化之規範不夠明確。唯有主管機關協助建立一套完整驗證標準，業者持續加強保護消費者個資，做好去識別化，如此對資料變現的期待才有可能實踐。

In recent years, telecommunication companies in many countries have been actively working on using consumers' big data in value-added applications of telecommunications data, including four major areas: customer experience management, network optimization, operational analytics, and data monetization. Although telecommunications companies in Taiwan have begun to apply consumers' big data to the value-added applications of telecom data, they have hesitated due to the government's unclear interpretation of the “de-identification” requirement stipulated in the Personal Data Protection Law, which has caused related value-added applications to stagnate. This study takes telecommunications services as an example to discuss the balance between the telecom data monetization applications and consumers' personal data protection. It interviews the heads of the legal and information departments of major domestic telecommunication companies and uses online survey to explore consumers' concerns about the protection of their personal data when using telecommunication services. In addition, this paper also uses a focus group approach to invite telecom industry, government, and experts to discuss how to balance the value-added applications of telecommunications data and consumer personal data protection, and proposes the solutions to deal with the dilemma of the Personal Data Protection Law and regulations faced by Taiwan telecommunications companies when considering the value-added application of consumer data. The results of the study show that consumers have significantly lower trust in the information provided by telecom operators using big data, while telecom operators believe that the Personal Data Protection Law is not clear enough about the specification of de-identification. Only when the competent authority assists the industry to establish a clear verification standard, and the industry continues to strengthen the protection of consumers' personal information and de-identifies it, the industry's expectation of data monetization can be realized.