• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.501-522
• /
• 2016

In the digital era, information is a source of value creation. However, the growing importance of knowledge and information also increases risks and threats. When information is leaked, full recovery is difficult, and additional spreading of risk is high because it is easy to accomplish. Especially personal information is the main target due to its availability. Although individuals normally have to consent to the use of their personal information, they often do not know the use of their information. In such a difficult situation, one must exercise self-determination and privacy. Therefore, the goal of this study is to development a privacy literacy level measurement model for the proper exercise of the right to informational self-determination. It will be presented with the concept of privacy literacy index in order to determine the level of knowledge and understanding and practical application skills for individual. Through the index, we going to enhance the selection ability of information subject, and to promote the judgement and the determination capability for the protection and utilization of personal information.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.07a
• /
• pp.195-198
• /
• 2019

연명의료결정법의 정식 명칭은 '호스피스 완화의료 및 임종 과정에 있는 환자의 연명의료 결정에 관한 법'이다. 이 법은 호스피스 완화의료에 대한 것과 환자의 연명의료 결정에 대한 것을 규정하고 있다. 특히, 후자의 연명의료결정에 관한 부분은 법제정 과정에서 법 종교 의료 윤리 등 다양한 분야에서 논박이 있었지만 2018년 2월 4일부터 시행되고 있다. 법학에서는 이 법이 생명이라는 법익과 관련되어 있어 형사법적, 민사법적으로 중요한 의미를 갖는다. 이 법이 탄생되기 위해 두 번의 변곡점이 있었다. 첫째, 1997년 '보라매병원 사건'에서 의사를 작위에 의한 살인방조죄로 판결한 사건 둘째, 2009년 '김 할머니' 사건에서 회생할 수 없을 경우 가족 등이 진술한 환자 의사에 따라 연명 의료를 중단할 수 있다는 대법원 판결이다. 연명의료결정법은 헌법상 생명권과 자기운명결정권이라는 기본권 충돌이 발생한다. 두 기본권이 서로 상충 할 때에는 어떠한 기본권을 우선해야 하는지가 실질적으로 문제되는데, 이익형량을 통한 규범의 조화로운 해석을 통해 해결해야 한다. 또한 이 법의 흠결과 문제점을 고찰하여 개정작업이 진행되어야 한다.

• The Korean Society of Law and Medicine
• /
• v.21 no.2
• /
• pp.75-103
• /
• 2020

There is a growing voice that medical information should be shared because it can prepare for genetic diseases or cancer by analyzing and utilizing medical information in big data or artificial intelligence to develop medical technology and improve patient care. The utilization and protection of patients' personal information are the same as two sides of the same coin. Medical institutions or medical personnel should take extra caution in handling personal information with high environmental distinct characteristics and sensitivity, which is different from general information processors. In general, the patient's personal information is processed by medical personnel or medical institutions through the processes of collection, creation, and destruction. Still, the use of terms related to personal information in the Medical Service Act is jumbled, or the scope of application is unclear, so it relies on the interpretation of precedents. For the medical personnel or the founder of the medical institution, in the case of infringement of Article 24(4), it cannot be regarded that it means only medical treatment information among personal information, whether or not it should be treated the same as the personal information under Article 23, because the sensitive information of patients is recorded, saved, and stored in electronic medical records. Although the prohibition of information leakage under Article 19 of the Medical Service Act has a revision; 'secret' that was learned in business was revised to 'information', but only the name was changed, and the benefit and protection of the law is the same as the 'secret' of the criminal law, such that the patient's right to self-determination of personal information is not protected. The Privacy Law and the Local Health Act consider the benefit and protection of the law in 'information learned in business' as the right to self-determination of personal information and stipulate the same penalties for personal information infringement such as leakage, forgery, alteration, and damage. The privacy regulations of the Medical Service Act require that the terms be adjusted uniformly because the jumbled use of terms can confuse information subjects, information processors, and shows certain limitations on the protection of personal information because the contents or scope of the regulations of the Medical Service Law for special corporations and the Privacy Law may cause confusion in interpretation. The patient's personal information is sensitive and must be safely protected in its use and processing. Personal information must be processed in accordance with the protection principle of Privacy Law, and the rights such as privacy, freedom, personal rights, and the right to self-determination of personal information of patients or guardians, the information subject, must be guaranteed.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.07a
• /
• pp.121-123
• /
• 2015

본 논문에서는 잊혀질 권리에 대한 법정책적 검토를 논하고자 한다. 잊혀질 권리는 다른 기본권과 충돌할 수밖에 없기 때문에 이 권리를 법률로 구체화하는데 다각적인 학제 간 연구가 선결문제로써 검토되어야 한다. 정보 주체에게 잊혀질 권리를 법제화하는 것은 그 정보를 사용하려는 사람의 표현의 자유 및 국민의 알권리를 제한하는 결과를 초래하기 때문에 일정한 한계를 노출할 수밖에 없다. 비록 현행 개인정보보호법 및 정보통신망 이용촉진 및 정보보호 등에 관한 법률 제44조의 2는 개인정보의 파기제도를 신설하여 부분적으로 잊혀질 권리를 반영하고 있지만 헌법상 중요한 가치인 프라이버시권과 표현의 자유 및 알권리의 조화롭게 균형을 찾는 것이 선행과제인 것이다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.101-103
• /
• 2024

본 논문에서는 잊혀질 권리에 대한 법제도 및 법정책적 검토를 논하고자 한다. 잊혀질 권리는 알권리, 표현의 자유 등 다른 기본권과 충돌할 수밖에 없기 때문에 이 권리를 법률로 구체화하는데 다각적인 학제 간 연구가 선결문제로써 검토되어야 한다. 정보 주체에게 잊혀질 권리를 법제화하는 것은 그 정보를 사용하려는 사람의 표현의 자유를 제한하는 결과를 초래하기 때문에 일정한 한계를 노출할 수밖에 없다. 현행 개인정보 보호법, 정보통신망 이용촉진 및 정보보호 등에 관한 법률 등에서 개인정보의 파기제도를 신설하여 부분적으로 잊혀질 권리를 반영하고 있지만 헌법상 중요한 가치인 잊혀질 권리와 알권리 및 표현의 자유에 대해 조화롭게 균형을 찾는 것이 선행과제인 것이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.591-605
• /
• 2017

The right to informational self-determination refers to the constitutional right for an individual, which is approved by the constitutional court, to decide what contents the collected information comprises and to control the circulation of information relation to oneself. It contains claim for inspection of personal information(The right to informational self-access) as a right for individual to review information of current state and processing history which information holders have. To assure the right to informational self-access, individual must be notified of the processing history of information by information holders regardless of individual's request(The unconditional right to informational self-access). This study will analyse current status of domestic and foreign legislation and global regulation which are related to the unconditional right to informational self-access. In addition, the action of domestic corporations will be introduced. Finally, it will be concluded with relevant problems and solutions to solve the problems.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1194-1197
• /
• 2007

개인정보는 정보서비스의 효율적인 운용과 새로운 비즈니스 모델에서 수익창출을 위한 자원으로 활용되고 있다. 이로 인하여 중요 정보에 대한 불법적인 사용 또는 개인정보 소유자의 허가 없는 사용으로 개인 프라이버시 침해가 발생되고 있다. 따라서 본 논문에서는 각 정보 시스템에서 사생활보호와 중요정보보호를 위한 정보 보안정책 모델을 제안한다. 제안된 모델은 정보 제공정책 모델과 정보 사용정책 모델로 구성하여 정보자기결정권을 부여하여 이중적인 접근제어 방식을 적용하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.76-79
• /
• 2007

유비쿼터스는 다양한 상황 정보들에 따라 여러 가지 형태의 서비스들이 요청되어 처리되어야 하는 환경이며, 이러한 환경의 태생적인 한계로 인해 사용자가 인지 못하는 사이에 야기 되어지는 개인정보 침해는 해결되어야 하는 직면된 문제 중 하나이다. 유비쿼터스 컴퓨팅은 원활한 정보 공유와 서비스 이용을 위한 환경으로 정보 공유가 필요하며, 정보에 대한 접근제어 정책으로 정제된 정보 공유를 적용하여 개인정보 보호가 가능하다. 본 논문에서는 개인정보 보호를 위한 해결방안들에 관하여 고찰하고, 정보주체에 대한 자기정보결정권을 지닌 개인정보 보호 접근제어 모델을 제안한다.

• Knowledge Management Research
• /
• v.23 no.4
• /
• pp.133-157
• /
• 2022

As data becomes a new core resource with high attention, MyData service is spreading to various fields such as finance, medical care, and the public sector. However, research on the behavior of MyData service users is insufficient. Therefore, this study aims to empirically examine the effect of MyData service traits on value perception and acceptable behavior particularly in the financial sector where MyData service is most active. To this end, this study proposed a research model based on the literature. 295 survey responses were collected from individuals and analyzed using AMOS 26.0 for hypothesis testing. As a result of the analysis, it was found that self-information control, financial convenience, and personalized service had a significant effect on perceived value, and that perceived value had a significant effect on the intention to accept MyData service. Furthermore, this study examined the role of personal innovation and technological security in the relationship between variables by suggesting them as moderators. Results show that individual innovation was found to strengthen the relationship between two variables(self-information control and personalized service) and perceived value. Also, technological security was shown to strengthen the relationship between perceived value and intention to accept financial MyData services. The findings are expected to provide useful information to understand the factors affecting the acceptance of financial MyData service users and to understand the importance of individual innovation levels and technological security.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.185-210
• /
• 2021

On September 24, 2021, the new provisions(Article 38-2 of the Medical Service Act) mandatory CCTV installation in operating rooms where the unconscious patient is operating such as general anesthesia. The revised medical law aims to effectively prevent illegal activities that may occur in the operating rooms and to promote appropriate resolution to medical dispute. According to the law, medical institutions operating unconscious patients, such as general anesthesia, must install CCTVs in the operating rooms by September 25, 2023, and film surgical scenes only at the request of patients and their guardians, regardless of the consent of the medical personnel. The bill delegated the legislative device to minimize infringement of fundamental rights to subordinate statutes without stipulating it in the law.(Article 38-2(10)) The most realistic policy plan to minimize the infringement of the fundamental rights of patients is to prepare specific regulations. Therefore, this study examines the legislative background and main contents of the amended CCTV installation bill, and suggests issues to be reviewed when preparing subordinate statutes by analyzing major issues. It was reviewed based on compliance with the principle of minimizing infringement of fundamental rights of information subjects in the operating rooms. The information subjects of CCTV are health professionals and patients. Suggesting issues should be considered when preparing subordinate statutes so that the purpose of the CCTV installation law can be achieved while minimizing infringement of right of self-determination of personal information, personality rights, and human rights. It is hoped that this paper will be referred when discussing subordinate statutes and regulations to contribute minimizing infringement of fundamental rights.