• Journal of Information Technology Applications and Management
• /
• 제25권2호
• /
• pp.133-146
• /
• 2018

The technical definition of Blockchain is commonly known 'distributed ledger', however, there is no legal definition for being accepted in worldwide. Therefore, unless legal definitions and concepts of Blockchain are presented, there is a possibility that various legal disputes will occur in the future in Blockchain environment. The purpose of this study is to derive legal issues related to personal information protection that can be conflicted in Blockchain environment based on domestic Privacy Act and GDPR. The outcomes of this study can prevent various legal disputes and provide solutions that may occur due to the spread of Blockchain. It also suggests the foundation for the improvement of Privacy Act. Finally, it contributes to activate of Blockchain, industry, in Korea.

• 한국전자통신학회논문지
• /
• 제11권3호
• /
• pp.345-350
• /
• 2016

개인정보보호법이 마련되고 정부에서는 개인정보보호 기본계획을 수립하여 시행하고 있다. 그러나 해마다 공공기관에서의 개인정보 침해관련 민원발생은 증가추이를 보이고 있다. 본 논문은 설문조사를 통해 지방자치단체 공공기관의 개인정보보호에 관한 인식 수준 분석을 하고 개선의 필요성을 제기하였다.

• Journal of Information Science Theory and Practice
• /
• 제8권3호
• /
• pp.6-14
• /
• 2020

On information markets, we can identify different relations between sellers and their customers, with some users paying with money, some paying with attention, and others paying with their personal data. For the description of these different market relations, this article introduces the notion of arity into the scientific discussion. On unary information markets, customers pay with their money; examples include commercial information suppliers. Binary information markets are characterized by one market side paying with attention (e.g., on the search engine Google) or with personal data (e.g., on most social media services) and the other market side (mainly advertisers) paying with money. Our example of a ternary market is a social media market with the additional market side of influencers. If customers buy on unary markets, they know what to pay (in terms of money). If they pay with attention or with their personal data, they do not know what they have to pay exactly in the end. On n-ary markets (n greater than 1), laws should regulate company's abuse of money and-which is new-abuse of data streams with the aid of competition (or anti-trust) laws, and by modified data protection laws, which are guided by fair use of end users' attention and data.

• 한국IT서비스학회지
• /
• 제7권1호
• /
• pp.23-43
• /
• 2008

Because IT security guidelines for universities and colleges mostly focus on hardware aspects, the problems such as security incidents by a user's mistake and personal information leakage by hacking are serious in our higher educational institutes. In order to solve these information protection and security problems in the educational institutes, realizable and implementable information protection and security guidelines which will contribute to escalate information protection level should be established and at the same time, specific guidelines should be provided to make the guidelines efficient. In this paper, the information security problems and cases are categorized to develop information security guidelines for the higher educational institutes in terms of short, mid, and long term aspects and the solutions to the problems are sought. In addition, a serious of approaches to the information security are proposed such as the improvement measures for the employees of the institute to have desirable security-minded, security problem prevention and resolving methods, developing conflict coordination procedure and law and regulation system establishment for making the educational institutes be information-oriented.

• 의료법학
• /
• 제22권3호
• /
• pp.31-55
• /
• 2021

개정 데이터 3법 중 하나인 개인정보 보호법은 가명정보의 처리에 관한 특례 규정을 신설하였다. 이에 개인정보처리자는 과학적 연구, 통계작성, 공익적 기록보존 등의 목적을 위해서 정보주체의 동의 없이 가명정보를 처리할 수 있게 되었다. 그리고 개정 개인정보 보호법의 후속 조치로 의료 분야의 개인정보 가명처리를 다룬 '보건의료 데이터 활용 가이드라인'이 마련되었다. 가이드라인은 보건의료 데이터의 특성을 고려한 구체적인 해석과 사례를 규정함으로써 수범자들에게 실천적인 기준을 제시한다는 점에서 의미가 있다. 다만 가이드라인은 가명정보 활용 목적을 명확히 하고, 데이터 심의위원회 구성의 공정성을 강화할 필요가 있다. 또한 가이드라인은 보건의료 데이터 보상 체계를 구축하고, 취약 연구대상자의 권리 보호 강화가 요구된다. 아울러 가이드라인은 생명윤리 및 안전에 관한 법률, 의료법과의 부정합성을 정비할 필요도 있다. 본 연구가 보건의료 데이터 활용의 안전한 환경 조성은 물론 관련 법과 제도의 개선에 기여할 것으로 기대한다.

• 정보학연구
• /
• 제7권2호
• /
• pp.55-67
• /
• 2004

디지털콘텐트산업은 정보화사회의 핵심적인 기반산업분야이나 복제의 용이성으로 디지털코텐츠를 법적으로 보호하지 않는다면 우리사회가 필요로 하는 디지털콘텐츠의 개발의욕을 저하시켜 산업발전을 기대할 수 없을 것이다. 따라서 디지털콘텐츠제작자의 법적보호는 국가적 이익을 극대화하기 위한 필수불가결한 조치일 것이다. 이러한 디지털콘텐츠제작자의 법적보호를 위하여 탄생한 법이 온라인디지털콘텐츠산업발전법이다.

• International Journal of Computer Science & Network Security
• /
• 제21권3호
• /
• pp.266-274
• /
• 2021

The study covers three components of the facility for protecting public utilities market participants in the public utilities market: prevention of potential poverty, reduction of existing poverty and compensation to the injured party in a case of tort that exacerbates or threatens to exacerbate its poverty. The analysis is based on official statistical information on the activities of the public utilities sector. Operational information of public utility service providers regarding certain indicators of their activity in the work was not studied. This approach narrows the empirical basis of the study, but at the present stage in the context of different rates of implementation of changes in regions, sectors and at the level of individual entities, as well as lack of uniformity in the structure of indicators published by service providers, analysis allows to identify «bottlenecks» of legal regulation, which are systemic in nature and largely independent of the subjective factor.

• 한국인터넷방송통신학회논문지
• /
• 제8권5호
• /
• pp.235-241
• /
• 2008

정보통신기술과 의료기술의 발전으로 국민들의 삶의 질이 향상되면서 인터넷 환경에서의 의료서비스에 대한 관심이 커지고 있다. 이러한 인터넷 환경에서의 의료정보화는 환자의 개인정보를 침해할 수 있다. 우리나라의 상당수 의료기관은 인터넷 환경에서의 환자개인정보보호에 소극적이다. 의료정보의 유출을 방지하기 위한 법령과 표준안 및 체계적인 지침이 개발되어 있지 않다. 본 연구에서는 인터넷 환경에서의 환자 개인정보 침해유형을 사례를 통해 살펴보고, 법제도적 측면 기술적 측면 관리적 측면에서 인터넷 환경에서의 환자 개인정보를 보호할 수 있는 방안을 모색해 보고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권2호
• /
• pp.591-608
• /
• 2023

With the emergence of advanced encryption technologies such as Quantum Cryptography and Full Disk Encryption, an era of strengthening information security has begun. Users respond positively to the advancement of privacy-enhancing technology, on the other hand, investigative agencies have difficulty unveiling the actual truth as they fail to decrypt devices. In particular, unlike past ciphers, encryption methods using biometric information such as fingerprints, iris, and faces have become common and have faced technical limitations in collecting digital evidence. Accordingly, normative solutions have emerged as a major issue. The United States enacted the CLOUD Act with the legal mechanism of 'Contempt of court' and in 2016, the United Kingdom substantiated the Compelled Decryption through the Investigatory Powers Act (IPA). However, it is difficult to enforce Compelled Decryption on individuals in Korea because Korean is highly sensitive to personal information. Therefore, in this paper, we sought a method of introducing a Compelled Decryption that does not contradict the people's legal sentiment through a perception survey of 95 people on the Compelled Decryption. We tried to compare and review the Budapest Convention with major overseas laws such as the United States and the United Kingdom, and to suggest a direction of legislation acceptable to the people in ways to minimize infringement of privacy. We hope that this study will be an effective legal response plan for law enforcement agencies that can normatively overcome the technical limitations of decoding.

• 한국컴퓨터정보학회논문지
• /
• 제24권5호
• /
• pp.171-177
• /
• 2019

In this paper, we analyze the current phenomenon of child abuse crimes based on the information gathered by the National Child Protection Agency. The purpose of this paper is to diagnose the seriousness of child abuse by biological parents based on the analyzed information and propose measures against it. Comprehensive and integrated measures are needed for child abuse committed by biological parents due to abuse concealment, continuity of damage, and inactive national intervention by considering punishment on attackers through national intervention, fundamental in-depth psychological counseling, therapeutic care, promoting recovery of victims, and ultimately continuous and regular management and monitoring as a long-terms measure. To do so, developing customized and individual educational programs and make them obligations can be first presented to identify child abuse in advance and build up preventive systems based on the principle of family preservation. In addition, problems should be addressed at a fundamental level by performing various and active therapeutic treatments such as psychological treatment, mental treatment, or drug treatment gradually and through phases for biological parents who commit child abuse and contributing to recovering the relationship. Furthermore, proper protection and treatment service should be provided to children victimized by abuse by extending professional children care facilities and adopting the professional family commission system as measures by separating family.