• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.691-699
• /
• 2012

"Information", which is circulated in society by information technology development represented by computer, has brought innovation not only to physical civilization, but also deep into our daily lives. This is to say that information has brought fundamental change to its form of existence, and value system through being faster regarding the circulation and the way of management being diverse. As time goes by, this kind of change would stimulate more changes to be made as the development of scientific civilization. Therefore, informatization is one of the important characteristic that defines modern society's essence, but on the other side, information has been taken advantage of that temperament and abused in a lot of different ways. "The Law Regarding Computer Network Diffusion Expansion and Usage Promotion"(1986), as a counterplan of informatization is our nation's first Act about informatization, which enacts national policy and system about this issue. Since then, many laws has been enacted down to "Private Information Protection Act"(2011), forming a comprehensive system. The basic background of these laws are based upon the premise that even if the place where the information is managed is virtual space, rules that are considered valid in the real world should be basically applied in the virtual space. Therefore, the violation of the law in the real world is also considered the violation in the virtual space. This direction of current law regarding information is shared with both the theories and the reality. However, current law system and notion are based upon the premise that the law regards material objects, thus the characteristic of the information, which is "Immaterial Being" is not reflected. Also, the management and approach to this issue is allopathic, exposing many problems. Thus, this paper examines the way of protecting information stipulated in the current law, contemplates its protection scope and limitation, and seeks the direction of the improvement, based on the critical mind explained above.

• Journal of Digital Convergence
• /
• v.13 no.6
• /
• pp.1-12
• /
• 2015

In recent years, the privacy concern for mobile consumers is emerging as the use of mobile application(apps) is growing according to the rapid spread of mobile devices such as smart phones and tablet PCs. To improve privacy protections in the mobile communications and apps, overseas organizations are announcing guidelines and/or checklists for stake holders. Although personal information protection guidelines for application developers have been prepared in the country, efforts to improve consumer privacy capability is insufficient. Thus, in this paper we first scope the app privacy related guidelines in both domestic and foreign affairs, then present the risk factors of privacy invasion by the stage of mobile application use based on the "Privacy Protection Act", offering privacy checklists for consumers. This checklist will enhance the self-management capability of consumer privacy and create virtuous cycle in the mobile ecosystem.

• Journal of Auto-vehicle Safety Association
• /
• v.11 no.2
• /
• pp.6-10
• /
• 2019

This paper describes effectiveness of accident reduction on vehicles equipped with AEB using accident data occurring in Korea. During the statistical period, we used the number of vehicles which are covered by auto insurance and the number of accidents. To maximize the reduction effect of accidents caused by the driver's carelessness, the analysis was limited to Physical Damage Coverage that covers the cost of repairing or replacing the damaged vehicle caused by the driver's fault. Due to Personal Information Protection Law, it was not capable of comparing the same vehicle using Vehicle Identification Number in this study. Instead of that, we used it as a similar vehicle, so there are limits to the comparison and analysis results. As a result of this study, we have found that the effect of reducing accidents was different depending on the vehicle class, but it was generally concluded that the number of accidents decreased when the vehicle was equipped with an AEB system. Domestic research on the AEB effect of reducing accidents is not active yet. Therefore, it is absolutely essential to analyze the effects according to various conditions such as driver's age, occupation and gender as well as expanding the study models in the future.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.117-157
• /
• 2021

This research reviewed the HIPAA/HITECH, 21st Century Cures Act, Common Law, and private Guidances from the perspectives in protecting and utilitizing the medical data, while implications were followed. First, the standards for protection and utilization are relatively clearly regulated through single law on personal medical information in the United States. The HIPAA has been introduced in 1996 as fundamental act on protection of medical data. Medical data was divided into personally identifiable information, non-identifying information, and limited dataset under HIPAA. Regulations on de-identification measures for medical information, objects for deletion of limited data sets, and agreement on prohibition of data re-identification were stipulated. Moreover, in the 21st Century Cures Act regulated mutual compatibility for data sharing, prohibition of data blocking, and strengthening of accessibility of data subjects. Common Law introduced comprehensive consent system and clearly stipulates procedures. Second, the regulatory system is relatively simplified and clearly stipulated in the United States. To be specific, the expert consensus and the safe harbor system were introduced as an anonymity measure for identifiable medical information, which clearly defines the process while increasing trust. Third, the protection of the rights of the data subject is specified, the duty of explanation is specified in detail, while the information right of the consumer (opt-out procedure) for identification information is specified. For instance, the HHS rule and FDA regulations recognize the comprehensive consent system for human research, but the consent procedure, method, and requirements are stipulated through the common rule. Fourth, in the case of the United States, a trust-based system is being used throughout the health and medical data legislation. To be specific, Limited Data Sets are allowed to use in condition to the researcher's agreement to prohibit re-identification, and de-identification or consent process is simplified under the system.

• The Korean Society of Law and Medicine
• /
• v.23 no.4
• /
• pp.29-74
• /
• 2022

As social disasters occur under the Disaster Management Act, which can damage the people's "life, body, and property" due to the rapid spread and spread of unexpected COVID-19 infectious diseases in 2020, information collected through inspection and reporting of infectious disease pathogens (Article 11), epidemiological investigation (Article 18), epidemiological investigation for vaccination (Article 29), artificial technology, and prevention policy Decision), (3) It was used as an important basis for decision-making in the context of an infectious disease crisis, such as promoting vaccination and understanding the current status of damage. In addition, medical policy decisions using infectious disease data contribute to quarantine policy decisions, information provision, drug development, and research technology development, and interest in the legal scope and limitations of using infectious disease data has increased worldwide. The use of infectious disease data can be classified for the purpose of spreading and blocking infectious diseases, prevention, management, and treatment of infectious diseases, and the use of information will be more widely made in the context of an infectious disease crisis. In particular, as the serious stage of the Disaster Management Act continues, the processing of personal identification information and sensitive information becomes an important issue. Information on "medical records, vaccination drugs, vaccination, underlying diseases, health rankings, long-term care recognition grades, pregnancy, etc." needs to be interpreted. In the case of "prevention, management, and treatment of infectious diseases", it is difficult to clearly define the concept of medical practicesThe types of actions are judged based on "legislative purposes, academic principles, expertise, and social norms," but the balance of legal interests should be based on the need for data use in quarantine policies and urgent judgment in public health crises. Specifically, the speed and degree of transmission of infectious diseases in a crisis, whether the purpose can be achieved without processing sensitive information, whether it unfairly violates the interests of third parties or information subjects, and the effectiveness of introducing quarantine policies through processing sensitive information can be used as major evaluation factors. On the other hand, the collection, provision, and use of infectious disease data for research purposes will be used through pseudonym processing under the Personal Information Protection Act, consent under the Bioethics Act and deliberation by the Institutional Bioethics Committee, and data provision deliberation committee. Therefore, the use of research purposes is recognized as long as procedural validity is secured as it is reviewed by the pseudonym processing and data review committee, the consent of the information subject, and the institutional bioethics review committee. However, the burden on research managers should be reduced by clarifying the pseudonymization or anonymization procedures, the introduction or consent procedures of the comprehensive consent system and the opt-out system should be clearly prepared, and the procedure for re-identifying or securing security that may arise from technological development should be clearly defined.

• The Korean Society of Law and Medicine
• /
• v.20 no.1
• /
• pp.109-132
• /
• 2019

Recently, medical accidents related to surgical procedures have increased. In addition, the media reported that some of these accidents were involved in health crimes. Patient-advocate groups have called for mandatory establishment and management of CCTV in operating rooms. There is a lot of discussion among the interested parties, so it is necessary to review the relevant laws and regulations. The purpose of this study is to identify the characteristics of CCTV in operating rooms and to review legislations related to establishment and management of the CCTV in operating rooms. Medical institutions use CCTV for management of facilities and patient safety and install it in operating rooms optionally. The Constitution guarantees the privacy and the privacy of correspondence of every citizen, but it can be limited by the law for public welfare. Currently, however, there is no existing law about establishment and management of the CCTV in operating rooms and it can be defect of legal system. Under the current legislations, it is likely that the Self-determination can be violated due to the characteristic of healthcare provider when CCTV is mandatorily installed in operating room. In addition, the regulations on access and leakage of confidential information known by operator are insufficient. So that, the safety of the visual data might be threatened. Furthermore, unless the period and the place of storage of the visual data are clearly defined, it is highly unlikely to meet the original purpose of patient safety and prevention of medical accidents. This study is meaningful as there is few previous study on this topic although the need for legal review about this is growing and several bills are being proposed. It is expected that the results of this study can be utilized as basic data for enactment or amendment of the laws and regulations about establishment and management of CCTV in operating rooms.

• Ecology and Resilient Infrastructure
• /
• v.7 no.3
• /
• pp.171-180
• /
• 2020

With the increase in industrialization and urbanization, scarcity of space for leisure life has become an important issue. Opportunities such as natural scenery and ecological experiences provided by waterfront spaces around streams are fundamental factors in the development of the community and creation of a hydrophilic park. In the past, on-site surveys have been conducted using human resources to quantify the number of river visitors, but the accuracy of the results was not sufficient owing to limitations in expenses, manpower, space, and time. In this study, to overcome this problem, we estimated the number of visitors using the location information related to hydrophilic parks. The study areas were Samrak Ecological Park and Daejeo Ecological Park located downstream of the Nakdong River. We compared and analyzed the pattern of the visitors by using the large communication data and the visiting pattern based on GPS location information. The GPS location information is based on Google Popular Times and Kakao visitor data. When the GPS location data were used, the pattern for weekday and weekend visitors was clearer than when the large communication data were used. Therefore, it is expected to be similar to the result of GPS location information if the number of visitors is extracted under the condition of precision of pCELL size and residence time of 30 minutes or more when using future communication big data. In addition, if revisions such as the Personal Information Protection Act are made to extract more accurate data, by estimating the number of visitors based on GPS data, more accurate indicators of the number of visitors can be derived.

• Korean Security Journal
• /
• no.61
• /
• pp.59-85
• /
• 2019

In the reality that the boundary between the real world and the virtual world disappears with the 4th Industrial Revolution, cyber crimes that occur beyond time and space have clear limitations in fulfilling their duties only with the police force of government organizations established under the real law system. The research method of this thesis is based on the literature research and the experience of security work. The purpose of this paper is to establish a social system where collective intelligence of each social field can participate voluntarily to respond to cyber crimes occurring beyond the time and space before the law and institutionalization. In addition, the social system in which collective intelligence in each social sector can participate voluntarily was established to define crime types in cyberspace in real time and to prevent crimes defined by the people themselves and the counter-measures had been proposed in order to form social consensus. First, it is necessary to establish a collective intelligent network-type cyberpolice volunteer system. The organization consists of professors of security and security related departments at universities nationwide, retired public officials from the National Intelligence Service, the National Police Agency, and the National Emergency Management Agency, security companies and the organizations, civilian investigators, security & guard, firefighting, police, transportation, intelligence, security, national security, and research experts. Second, private sector regulation should be established newly under the Security Business Act. Third, the safety guard of the collective intelligent cyberpolice volunteer system for the stability of the people's lives should strengthen volunteer work. Fourth, research lessons and legal countermeasures against cybercrime in advanced countries should be introduced. Fifth, the Act on the Protection of Personal Information, the Act on Promotion of Information and Communication Network Utilization and Information Protection, the Act on the Utilization and Protection of Credit Information, and the Special Act on the Materials and Parts Industry should be amended. Sixth, police officers should develop cybercrime awareness skills for proactive prevention activities.

• The Korean Society of Law and Medicine
• /
• v.20 no.2
• /
• pp.111-140
• /
• 2019

The Bioethics and Safety Act provides a set of rules to regulate biobanks and research activities using human biological material, but the law seems to be defective in several folds. The law requires that, prior to collection or use of human biological materials, researchers should obtain the informed consent of the donors, but the law does not obligate biobanks to do so. Even in cases where the law requires informed consent, the ordinance of the Ministry of Health and Welfare allows open (or blanket) consent. In addition, a new article in the Act, Article 42-2 which will take effect from October 24, 2019, allows medical institutions to provide biobanks with remaining biospecimens collected in the course of diagnosis and treatment, unless the donors express their intent to opt-out, without obtaining specific consent from them. Given the need to protect the autonomy of donors and the unique characteristics of biobanks and research activities that use human biological materials, this paper concludes that such open consent-based law may not be suitable to protect the autonomy of the donors and that the broad consent requirement may be a desirable policy option. The paper acknowledges that the international community has long questioned whether broad consent (as well as open consent) is an effective choice to regulate the use of human biological materials. The paper stresses that the baseline requirement in designing the law is that the secondary use of human biological materials should be based on informed consent of the donors; the core value of the law should be a governance structure that promotes transparency and protects donor participation.

• Journal of Intelligence and Information Systems
• /
• v.29 no.1
• /
• pp.143-174
• /
• 2023

With the development of deep learning technologies, Artificial Intelligence powered Optical Character Recognition (AI-OCR) has evolved to read multiple languages from various forms of images accurately. For the financial industry, where a large number of diverse documents are processed through manpower, the potential for using AI-OCR is great. In this study, we present a configuration and a design of an AI-OCR modality for use in the financial industry and discuss the platform construction with application cases. Since the use of financial domain data is prohibited under the Personal Information Protection Act, we developed a deep learning-based data generation approach and used it to train the AI-OCR models. The AI-OCR models are trained for image preprocessing, text recognition, and language processing and are configured as a microservice architected platform to process a broad variety of documents. We have demonstrated the AI-OCR platform by applying it to financial domain tasks of document sorting, document verification, and typing assistance The demonstrations confirm the increasing work efficiency and conveniences.