• Journal of Advanced Navigation Technology
• /
• v.26 no.4
• /
• pp.244-248
• /
• 2022

The various digital services that people are experiencing recently are bringing about changes in the daily lives, and these changes are due to the spread of the Fourth Industrial Revolution. The 4th Industrial Revolution is based on the development of ICT technology, and ICT technology inevitably generates issues such as the use and protection of personal information as well as the use of public data. Accordingly, countries around the world are making efforts to revitalize new industries by wisely solving conflicting issues between the use and protection of personal information through legislation. There are some differences in the protection and use of personal information in Korea, the United States, and the EU. Korea trys to make the legislation that prioritizes the use of data, and the United States establishes individual laws governing the protection of personal information by sector, while the EU has clarified the strengthening personal information protection. This paper aims to find out how personal information protection is defined in Korea, the United States, and the EU through enacted laws and organize the direction of the future policies.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.5
• /
• pp.235-241
• /
• 2008

Please Interests in the medical service are increasing in internet environment as life quality of the people improves because of development in information and medical technology. The medical information in today's modern internet environment can violate privacy of the patients. Many medical institutions in Korea are very passive in the privacy protection of patients in the internet environment. The law, standard scheme and systematic guidance to prevent drain of medical information are not developed. This study examines cases of infringement pattern on information of each patient in the internet environment. This study will also try to find a solution to protect the personal information of patients in the internet environment in the measures of law system, technique and management.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.23-31
• /
• 2020

As children's participation in online activities has recently increased, online services for children are also rapidly increasing, but children are not sufficiently guaranteed their rights. The purpose of this study is to classify and analyze issues related to the children's online privacy issues in Korea through the current status and case studies of application services mainly used by children. For this purpose, this research analyzed problems related to the children's online privacy protection according to the stage of using the application. As a result of the application content analysis, 1) issues of child identification, 2) effectiveness of notice and consent, and 3) issues of children's rights as subjects of information were derived. Based on the current status analysis, the policy implications were drawn based on the children's online privacy protection in the online environment, and suggestions were made for improvement.

• The Journal of Society for e-Business Studies
• /
• v.17 no.3
• /
• pp.129-147
• /
• 2012

In this paper, we research on the personal information protection system in smart-phone based on mobile environment. This paper proposes the enhanced personal location privacy mechanism in location-based service environment of a smart phone operating system(iOS, Android) for the relevant regulations on location-based protection and utilization. Also, the result verified that possibility on a self-control mechanism of the personal information protection system's subject in the window platform throughout the experiment. Therefore, this study have drew a method that user positively can cope with a protection of personal location information by having a user's self-control method in the system under development or done by illegal location-based service providers and illegal application developer.

• Informatization Policy
• /
• v.25 no.3
• /
• pp.29-51
• /
• 2018

As the core technology of the Fourth Industrial Revolution, the Internet of Things has been developed and has enabled various services, and personal information has been handled freely in the process. However, the infringement threat of personal information is increasing as more convenient services are provided and more information devices including smart devices are connected to the network. Therefore, this study is to analyze prioritizing personal information protection policy indicators in order to provide IoT services by constructing secure environment for implementing the Internet of things as the core technology of the 4th Industrial Revolution. This study reviewed personal information protection policy indicators based on the literature survey, and identified 3 fields, 9 areas, and 25 indicators through Delphi analysis for experts. The weights were calculated based on the AHP survey for 66 experts and the results were used to present the relative importance and priority of the policy indexes. The results of this study found the policy field was the most important, followed by the technical field, and the administrative field. Of the three areas of the policy field, strengthening the personal information protection laws related to IoT is the most important, while among the indicators, promoting and revising the personal information protection law related to IoT is the most important. Comparisons of the fields, areas, and indicators of IoT-related personal information protection policies found consistent values. The personal information protection policy indicators derived this way will contribute to the nation's competitiveness by expanding secure IoT policies in the future.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.117-157
• /
• 2021

This research reviewed the HIPAA/HITECH, 21st Century Cures Act, Common Law, and private Guidances from the perspectives in protecting and utilitizing the medical data, while implications were followed. First, the standards for protection and utilization are relatively clearly regulated through single law on personal medical information in the United States. The HIPAA has been introduced in 1996 as fundamental act on protection of medical data. Medical data was divided into personally identifiable information, non-identifying information, and limited dataset under HIPAA. Regulations on de-identification measures for medical information, objects for deletion of limited data sets, and agreement on prohibition of data re-identification were stipulated. Moreover, in the 21st Century Cures Act regulated mutual compatibility for data sharing, prohibition of data blocking, and strengthening of accessibility of data subjects. Common Law introduced comprehensive consent system and clearly stipulates procedures. Second, the regulatory system is relatively simplified and clearly stipulated in the United States. To be specific, the expert consensus and the safe harbor system were introduced as an anonymity measure for identifiable medical information, which clearly defines the process while increasing trust. Third, the protection of the rights of the data subject is specified, the duty of explanation is specified in detail, while the information right of the consumer (opt-out procedure) for identification information is specified. For instance, the HHS rule and FDA regulations recognize the comprehensive consent system for human research, but the consent procedure, method, and requirements are stipulated through the common rule. Fourth, in the case of the United States, a trust-based system is being used throughout the health and medical data legislation. To be specific, Limited Data Sets are allowed to use in condition to the researcher's agreement to prohibit re-identification, and de-identification or consent process is simplified under the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.195-208
• /
• 2010

As information communication technologies have highly advanced, a large amount of user sensitive information can be easily collected and unexpectedly distributed. For user-friendly services, a service provider requires and processes more user information. However known privacy protection models take on a passive attitude toward user information protection and often involve serious weaknesses. In reality, information exposure by unauthorised access and mistakenly disclosure occurs frequently. In this paper, we study on the applicability of anonymous authentication services for fine-grained user privacy protection. We analyze authentication schemes and classify them according to the level of privacy newly defined in this paper. In addition, we identify security requirements that a privacy protection scheme based on anonymous authentication can achieve within legal boundary.

• Informatization Policy
• /
• v.21 no.1
• /
• pp.3-16
• /
• 2014

The personal information is now considered more valuable and important topic in this highly improved knowledge information society. In this research, 50 research papers and government reports between 2000 and 2013 are analysed to understand a trend of academic research of the personal information. To summarize of the result of the analysis, firstly, there are many discussions and emphases to governmental protections of the personal information, mainly in the qualitative and legal system level. Secondly, there are insufficient researches of the personal information, particularly in the academic field rather than government and national research institutes. Thirdly, there are not sufficient investigations to approach influential reasons and relations of cause and effect, though there are much enough researches on the actual and present conditions of the protection of the personal information. To develop the investigation of the personal information, it needs to be considered to research more about systematic approach to the issue of personal information, expansion of research area considering the changeable IT environment, diverse methodological experiment like a metrical way, reformation of investigation system, and improved information management in the private sector.

• Informatization Policy
• /
• v.26 no.3
• /
• pp.69-89
• /
• 2019

In order to implement smart cities that will become living spaces in the fourth industrial revolution era, detailed privacy information such as residents' living information, buildings and facilities information must be collected and processed in real time. While city functions and convenience for individuals are being facilitated, threats to personal information exposure and leakage are also likely to increase at the same time. Therefore, the design concept for personal information protection should be considered and accordingly reflected from the stages of smart city design, technology development and operation planning of intelligent information (AI) facilities. The results of the analysis show that for activation of smart cities and operation of data-driven cities, the concept of Privacy by Design (PbD) has already been introduced in the institutional, industrial and technological aspects, particularly in the cases of European countries and the US. In order to strengthen the local and global competitiveness of smart cities and the country, Korea also needs to actively deploy PbD as a strategy to secure a data-driven economy, which is the core strategy for smart cities. Therefore, the study suggests policy implications focused on approaches to legislative improvement and technology development support, which reflect the basic properties of PbD as defined in the study.

• The Journal of the Korea Contents Association
• /
• v.16 no.10
• /
• pp.175-187
• /
• 2016

Protection of personal information has significant meaning in current information age. Information of crime victim is one of top in value in that divulgence of the information to perpetrators may threat safety of the victim or cause psychological demage as $2^{nd}$ harm if disclosed to public. Legal system protects the information with scattered statutes including Criminal Procedure Act. Existing studies have been limited to discussion of the single statute without integrated approach. Bearing necessity of the approach in mind, as issues of protection system this research proffers too broad subject of eligible inspection of case document, inactive practice of identity management cards and omission of personal information, and inappropriate punishment on the disclosure or divulgence. After reviewing systems of foreign jurisdictions to get useful implications, this paper suggests several measures with two separate aspect of legal provisions and protection practice.