• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.227-235
• /
• 2016

As various measures of law observance obligations such as mandatory obligation of privacy impact assessment (PIA) for public institutions and authorization of information security management system (ISMS) are put into practice, increase in demand for information security consulting and securement of information security consultants are emerging as a major issue. The purpose of this study is to empirically investigate what core competencies information security consultants should possess and how much they actually possess them. By analyzing the differences in perception between practitioners and managers on core competencies, this study understands difference of views between the two groups and suggests ideas for cultivation of information security consultants.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.1-7
• /
• 2010

One of celebrities using Social media caught public's eye and interest in Korea. Thereby the number of the user has grown rapidly and by last year it had reached to about 770 million. But at the same time, it has brought us social issues such as invasion of privacy, spreading of malicious code, and stealing of ID. To solve these problems, first the government need to establish adequate law and policy. Second, Service provider should remove vulnerability in the security system and filter illegal information. Third, individual user should put more effort to protect their own privacy. This paper will suggest a solution of using the Social media more sound and secure.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.43-51
• /
• 2012

CCTV would be the effective way in the prevention of abuse, as well as recorded image information evidence of the crime as a significant legal effect. But recorded image information As evidence by utilizing the Complaint/complaint handling, and administrative business processes that are currently operating offline procedural complexity and unnecessary time appear costly, privacy remains an issue to be solved, etc. Runoff. In this paper, incidence rate of offline business processing phase to solve the problems proposed to build unified portal for CCTV image information and the existing studies on the effectiveness of electronic civil service system, previous studies by analyzing e-government in accordance with laws and privacy laws, CCTV image information portal deployment model is applied to data integration occurs are trying to solve the problem effectively.

• Informatization Policy
• /
• v.21 no.4
• /
• pp.20-39
• /
• 2014

The age of big data has not only opened new opportunities for economic growth in various industries, but it has also created new problems related to personal information protection and privacy invasion. Given this situation, Korea's communications commission has proposed a big data guideline that specifies how companies should collect and utilize personal information in the big data environment. However, this guideline is more focused on industrial development than personal information protection, and it contains many features that conflict with personal information protection law as it currently exists. As a result, civic groups strongly oppose the guideline, as it may create serious privacy issues for subjects of information gathering. Thus, this paper analyses the limitations of the guideline by comparing it with domestic and foreign laws about personal information protection and privacy. We also discuss the direction of legalization and institutionalization with respect to the secure use of big data.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.59-68
• /
• 2020

In January 2020, the National Assembly passed the revisions of three bills which ease regulations on the use of personal information. The revised laws include the launch of an independent supervisory body, the arrangement of redundant regulations, and regulations for the development of the data economy. This paper analyzes the content and meaning of each law of the Three Revised Bills that Ease Regulations on the Use of Personal Information. And the future challenges outline three aspects: the establishment of a system to ensure the right to informational self-determination of privacy concerns, the establishment of a certification system and the presentation of reasonable guidelines, and the expectation of professional performance by the Personal Information Protection Commission.

• Journal of Science and Technology Studies
• /
• v.4 no.1 s.7
• /
• pp.31-57
• /
• 2004

Controversies over NEIS(Network of Education Information System) began with very deep concern about infringement of human rights stemming from NEIS. A large information system which accumulates and uses huge size of individual information is always able to deeply infringe on human rights. But the ministry of education would not do the best not to be 'Big Brother' being dazzled by instrumental efficiency of information technology. NEIS has demonstrated problems of the information policy of Korea strongly driven in the name of 'E-goverment'. It has very strong characteristic of the statist economic growth policy focusing on more economic possibility than other. In this situation, making money is easily considered more important than protecting human rights. Information capitalism is nurtured at the sacrifice of human rights. So, we have to face problems of 'E-goverment' in order to correct the NEIS problem, The most important task to correct the NEIS problem is to make an element law protecting privacy and to establish an independent national institute protecting privacy

• Journal of Digital Convergence
• /
• v.9 no.6
• /
• pp.81-90
• /
• 2011

Companies using internet as a kind of marketing means are increasing rapidly according to the expansion trend of e-commerce through internet and consumers also use internet as the common means of purchasing necessary articles. E-commerce using internet has advantages without limitation to temporal and spatial accessibility and general consumers and unspecified individuals also use internet to purchase their goods as well as general transactions such as advertisement, contract, payment and claim settlement. 'In the age of information, invasion of personal information resulted from the development of information and communication technology is one of the greatest problems all the countries in the world face. Therefore, Personal information protection Act is one of basic laws to protect personal information and rights and it is also an essential law in the age of information. In that sense, new Personal information protection Act is the advanced act containing various items to minimize the national damages from the leaking of private information and protect right to informational self-determination in the information society. It is expected that this legislation contributes to reduce the leaking of private information, enhance the level of privacy protection and develop privacy related industries. However, active participation of all members of our society and improvement of their recognition should be preceded for the rational and legal use of private information and the settlement of its protection culture. While the purpose of Personal information protection Act can protect privacy from collection, leaking, misuse and abuse of private information and enhance national interests and protect personal dignity and value, it also must perform the roles of balancing privacy protection with liberal information flow.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.681-694
• /
• 2018

This paper studied the effects of risk cognition of personal information and self-expression information on conation of privacy protection. In the first study, 88 college students who volunteered for this research were surveyed about risk cognition of personal information and conation to protect it. In the second study, after an information-seeking expert collected and organized the self-expression information that 88 volunteers had expressed on SNS, and then showed the organized self-expression information to 88 volunteers, and then 88 volunteers were surveyed about risk cognition of self-expression information and conation to protect it. As results of the first data analysis, the risk cognition of personal information had the greatest influence on non-disclosure of personal information, followed by reduction of the disclosure scope and law institutionalization requirement. As results of the second data analysis, SNS users openly expressed their opinion or life-style, but when they realized that self-expression information can be accumulated and become sensitive information, they had conation to protect their self-expression information such as non-disclosure, reduction of disclosure scope, and law institutionalization requirement. The implication of this study is that we have overcome the limitations of existing researches that can not explain information protection behavior on SNS.

• The Korean Society of Law and Medicine
• /
• v.21 no.3
• /
• pp.145-178
• /
• 2020

This paper examines discussions surrounding cognitive liberty, neuro-privacy, and mental integrity from the perspective of Neuro-rights. The right to control one's neurological data entails self-determination of collection and usage of one's data, and the right to object to any way such data may be employed to negatively impact oneself. As innovations in neurotechnologies bear benefits and downsides, a novel concept of the neuro-rights has been suggested to protect individual liberty and rights. In Oct. 2020, the Chilean Senate presented the 'Proyecto de ley sobre neuroderechos' to promote the recognition and protection of neuro-rights. This new bill defines all data obtained from the brain as neuronal data and outlaws the commerce of this data. Neurotechnology, especially when paired with big data and artificial intelligence, has the potential to turn one's neurological state into data. The possibility of inferring one's intent, preferences, personality, memory, emotions, and so on, poses harm to individual liberty and rights. However, the collection and use of neural data may outpace legislative innovation in the near future. Legal protection of neural data and the rights of its subject must be established in a comprehensive way, to adapt to the evolving data economy and technical environment.

• The Korean Society of Law and Medicine
• /
• v.12 no.1
• /
• pp.99-131
• /
• 2011

To strengthen the protection of human research subjects and human materials, the Korean Ministry of Health and welfare proposed the amendment bill of Bioethics and Safety Law(2010) to the Congress. It includes so many meaningful clauses. According to the bill, the scope that this act shall apply will be expended to the research involving human subjects and human materials. In the bill, there are the principles of this act; the protection of the life, health, and dignity of the human subjects, the obtaining of the adequate informed consent, the protection of the human subject's information confidentiality and the human subject's privacy, the assessment and minimizing of the risks involved and the guarantee of the safety for the human subjects, the preparation of the special protection program for the vulnerable human subjects, and so on. According to the bill, Institutional Bioethics Review Board(the same as Institutional Review Board) will be responsible for the auditing and monitoring on the research that was approved by IBRB, conducting the education program for the researchers, IBRB members and administrative staffs, preparing of the special protection program for the vulnerable human subjects, and forming the guidelines for the researchers as well as the review of the research protocols. And the State and local governments shall take necessary measures to support the expending of the social infrastructure. In addition to, IBRB will have to be assessed and to be gained the accreditation by the Korean Ministry of Health and welfare. So, if Bioethics and Safety Law is amended, it will contribute enormously to enhance the level of the human research subjects protection. Also, if this Law is amended, IBRB will play a major role for the conduct of the ethically, scientifically, and legally proper research. But now, as a matter of fact, the capability of IBRB members and IBRB office members is not enough to charge of this role because some people and some organizations does not know the importance of IBRB exactly. In spite of, IBRB shall be able to this role to protect the human subjects and to develop the level of the research On the international level. Therefore, the State, local governments and the Organization shall back up the administrative and financial terms of the IRB and IRB Office.