• Review of KIISC
• /
• v.22 no.4
• /
• pp.46-51
• /
• 2012

ISO/IEC JTC1 SC27 WG 5의 프라이버시 프레임워크 표준에서는 바이오인식 정보를 그 정보만으로 개인을 식별하는 유일 정보로 규정하고 있고, 이는 이름과 주소등과 같이 그 자체가 식별정보는 아닌 정보와 구별하고 있다. 바이오정보는 한번 유출될 경우 개인의 프라이버시 침요요소가 매우 크기 때문에 국가 인프라 구축에 활용되기 위해서는 많은 기술적 문제점들이 고려되어야 한다. 프라이버시 프레임워크 표준등과 같이 프라이버시 정보와 바이오 정보가 함께 사용될 때 개인 식별정보에 대한 다양한 표준들이 바이오인식 프라이버시와 정보보호 관점에서 논의되고 있다. 본 논문에서는 프라이버시 관점에서의 바이오인식 표준화 동향을 소개하고, 향후 추진해야할 중점 표준화 항목을 도출한다.

• Information Systems Review
• /
• v.18 no.3
• /
• pp.185-207
• /
• 2016

This study investigated the relationship between privacy policy awareness and willingness to provide personal information. Online privacy policies published on the Internet aim to build the trust of consumers and reduce their concerns about the provision of providing personal information. This study uses FIP(FIP; Fair Information Practices) principles to measure awareness of privacy policy. The result of the survey indicates significant relationships among awareness of privacy policy of e-commerce websites, privacy trust, and privacy risk. Privacy policy aims to improve transparency of collection and use of personal information. A high level of privacy trust is related to a high level of willingness to provide personal information on an e-commerce website. A low level of privacy risk is related to a high level of willingness to provide personal information on an e-commerce website. This study found that disposition to trust moderates the relationship between privacy policy awareness and privacy trust. This study contributes to further research on the relationships among privacy policy awareness, privacy trust, and privacy risk. The result of this study can be used by companies that aim to build privacy trust and reduce privacy risk.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.107-119
• /
• 2013

The purpose of this study is to find an answer why internet users are unconcern about their privacy information. We found that perceived privacy risk and website usability have a significant effect on privacy unconcern. That is, individuals who have experiences privacy incidents are more likely to be unconcern about their privacy information. Accordingly, organizations who supply services on the web have to pay more attention to these individuals to increase a privacy concern. Implications and Conclusions are discussed.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.1-12
• /
• 2016

Today, with the popularity of smart phones and the proliferation of SNS, anyone is exposed to the risk of personal information leakage. Unlike the prior studies of privacy, this research aims to identify the privacy factors affecting the provision intention of individual information from the SNS Users. This study also analyses how the perceived privacy risks and corporate trust affect the provision intention of individual information. The analysis results of empirical data show that despite experiencing the privacy leakage such as direct hacking and being aware of the risk, people are providing firms with personal information. The most influential variables to perceived privacy risk are information privacy policy, information privacy concern, previous privacy experience and information privacy awareness in the decreasing order of importance. Those to the corporate trust are information privacy policy, information privacy awareness, previous privacy concern and information privacy experience. Besides, the corporate trust and the perceived privacy risk also affect the provision intention of personal information. Finally, this study proposes the implications for personal information privacy.

• Management & Information Systems Review
• /
• v.36 no.1
• /
• pp.81-94
• /
• 2017

In the age of information overload such as Internet of Things(IoT), big data, and cloud computing, Data and informations are collected to processed regardless of the individual's will. The purpose of this paper presents a model related to personal information overlord, information privacy risk, information privacy concern (collection, control, awareness) and personal information privacy protective response. The results of this study is summarized as follows. First, personal information overload significantly affects information privacy risk. Second, personal information overload significantly affects information privacy concern(collection, control, awareness) Third, information privacy risk significantly affects collection and awareness among information privacy concern, but control does not significantly affects. This results shows that users are cognitively aware the information risk through collection and awareness of information. Users can not control information by self, control of information does not affects. Last, information privacy concern(collection and awareness significantly affect information privacy protective response, but information privacy concern (control) does not affect. Personal information users are concerned about information infringement due to excessive personal information, ability to protect private information became strong.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.8
• /
• pp.853-862
• /
• 2010

As the mobile device and broadband wireless internet such as WiBro, HSDPA is widely spreading, various types of advertisement and services based on personal location information can be provided. However, with convenience supported by these services, it is possible to be increased an invasion of privacy such as personal location and moving pattern. In this paper, we analysis an essential element for protection of privacy related on location information in mobile environment and propose location privacy protocol for managing location privacy self-control. And we design and implementation prototype of location privacy self-control system which is able to manage user's location privacy condition oneself using the proposed location privacy protocol.

• Journal of Korea Society of Industrial Information Systems
• /
• v.22 no.1
• /
• pp.69-87
• /
• 2017

This Research Attempted to Clarify the Eeffect of Privacy Concern and Institutional Trust on Privacy Decision based on Privacy Calculus Perspective. We Developed a Research Model Suggesting that the Influence of Privacy Benefit and Privacy risk on the Information Disclosure Behavior and the Influence of Privacy Concern and Institutional Trust on the Privacy Calculus. In this Regard, in Order to Examine the Difference According to the Target whose Personal Information was Collected, an Empirical Analysis was Conducted to Compare the E-commerce Field and LBS(Location Based Service) Field. The Results of Empirical Analysis are as follows. First, it is Founded that other Relations were All Statistically Significant Except the Relation between Privacy Risk and Information Disclosure Behavior in the LBS group. Next, as a Results of Comparison of Constructs in the E-commerce and Institutional trust than the LBS group, Identifying that the Consumers are more Sensitive to the Personal Information Collected in the E-commerce site.

• Information Systems Review
• /
• v.11 no.2
• /
• pp.91-111
• /
• 2009

Collection and use of personal information have enabled firms to improve their value propositions by offering personalization. On the other hand, they have caused widespread concerns by consumers that their privacy is invaded. Because previously distributed personal information can be integrated and utilized to offer more personalized services, those concerns may be intensified with the progress of the digital convergence environment. In this study, factors for privacy invasion and their impact on the privacy concerns are suggested. Then, an empirical study is conducted to examine some of the suggestions. From the analysis, several results are derived. First, as more personal data are collected, secrecy and autonomy concerns increase exponentially rather than steadily. Second, as targeting accuracy is improved, greater secrecy and autonomy concerns are expressed by consumers, but less seclusion concerns. Finally, monetary reward such as coupons can reduce seclusion concerns when targeting accuracy is high. Based on the results, implications for managing consumer privacy concerns are provided under digital convergence environment.

• Review of KIISC
• /
• v.22 no.2
• /
• pp.52-57
• /
• 2012

프라이버시 참조구조(privacy reference architecture)는 구현 및 배치 상황을 바탕으로 해야 하며, 독립적으로 존재할 수 없다. 구조 설치는 프라이버시 인지 및 가능 ICT 시스템을 배치할 구조와 조화를 이루어 운영되며 정책을 반영하는 업무 관리 기능, 프로세스 및 절차를 종합적으로 고려하여 이루어진다. 업무 및 데이터 처리 모델 또는 인벤토리의 공식적인 구축 및 유지는 해당 조직에 적용되는 모든 프라이버시 및 정보 보호 요건에 부합해야 한다. 업무 프로세스 모델이 구축되고 데이터 처리 모델과의 비교가 완료되면 동의 취득 기능, 개인식별정보 범주화 및 태깅 기능, 감사 및 기록 절차, 보존 일정, 고지 및 보안 경보와 같은 프라이버시 통제수단을 정하고 필수적인 프라이버시 보호 요건과 비교할 수 있다. ISO/IEC JTC1 SC27 WG5의 프라이버시 표준화는 프라이버시 프레임워크, 프레임워크 기반 구현을 위한 프라이버시 레퍼런스 아키텍쳐를 중심으로 이루어지고 있다. 본 논문에서는 프라이버시 표준화를 위한 국외 표준화 동향을 소개하고, 향후 추진해야할 중점 표준화 항목을 도출한다.

• Journal of KIISE
• /
• v.44 no.9
• /
• pp.918-931
• /
• 2017

Recently, the spread of smartphones and various wearable devices has led to increases in the accumulation and usage of personal information. As a result, privacy protection has become an issue. Even though there have been studies and efforts to improve legal and technological security measures for protecting privacy, personal information leakage accidents still occur. Rather than privacy requirements, analysts mostly focus on the implementation of security technology within software development. Previous studies of security requirements strongly focused on supplementing the basic principles and laws for privacy protection and securing privacy requirements without understanding the relationship between privacy and security. As a result, personal information infringement occurs continuously despite the development of security technologies and the revision of the Personal Information Protection Act. Therefore, we need a method for eliciting privacy requirements based on related privacy protection laws that are applicable to software development. We also should clearly specify the relationship between privacy and security. This study aims to elicit privacy requirements and create privacy assurances cases for Privacy Friendly System development.