• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1103-1113
• /
• 2012

DLP technology has been effectively enforcing privacy protection policy in on-line computing environment. However, with wide spread use of smart devices and promotion of smart-works, it has been pointed out that DLP technology cannot effectively prevent privacy leakage at smart devices and is comparatively weak at APT attack. In this paper, we suggests a hybrid approach, PPS, which integrates E-DRM system with DLP technology, taking advantages of both technologies. The technology basically uses encryption function and access control of E-DRM system, and thus it can effectively prevent leakage of privacy information of customers, even if the documents are in the hands of malicious third parties.

• The Journal of Society for e-Business Studies
• /
• v.25 no.4
• /
• pp.1-14
• /
• 2020

IT businesses in Korea have relatively strong regulations. While providing the same service, domestic businesses are in a situation of 'reverse discrimination of regulations' as they are less competitive than global IT companies in accordance with the application of the personal information protection legislation in Korea. In this paper, Personal Information Protection legislation was classified and laws of major countries were analyzed in comparative ways. It also compared and analyzed the "private policy" presented by representative Internet sites (Naver, Daum, Google, Facebook) that provide services to users in Korea. We also proposed three aspects of legislation improvement to address reverse discrimination.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.157-164
• /
• 2006

Information is playing a key role in sufficing the needs of individual members of the society in today's rapidly changing environment. Especially, the cases of illegal gathering of privacy information will increase and the leakage of privacy information will grow as the individual activities in the ubiquitous computing environment. In this paper, we suggested the privacy framework in order to make design and implementation of secure and effective privacy management system. Ant we also introduced the methodology which is represent to 5 specific stages in order to suggest to the privacy system development guideline from the standpoints of the privacy system operator or developer. Especially, we tried to determine whether the suggested methodology can be effectively used in the real computing environment or not by making necessary investments in management (privacy policy) and technical (system architecture) sides. We believe that the privacy framework and methodology introduced in this research can be utilized to suggest new approach for showing direction from the privacy protection perspective, which is becoming more important in ubiquitous environments, and practical application rather than providing conceptual explanation from the views of engineer or developer.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.10
• /
• pp.223-233
• /
• 2022

In this paper, we examined the causes of information privacy concerns, trust and related factors in social network services. On the basis of the 'elaboration likelihood model,' we established factors such as information quality, privacy policy, perceived SNS app popularity and optimism bias affecting information privacy concern of SNS users. In addition, we analyzed the relationship between information privacy concern, trust in SNS members, trust in SNS platform and intention to use. Finally, on the basis of the 'trust transfer theory', we analyzed the relationship between trust in SNS members and trust in SNS platform. The results of the study showed that (1) information quality, privacy policy and optimism bias had the significant effects on information privacy concerns, (2) perceived SNS app popularity didn't affect information privacy concerns, (3) information privacy concerns had the significant effects on trust in SNS platforms (4) in accordance with the trust transfer theory, trust in SNS members had the significant effect on trust in SNS platforms, and (5) trust in SNS members had the significant effect on intention to use, while trust in SNS platform didn't have the significant effect on intention to use. The findings of the study are expected to help to improve the SNS firms' understanding towards customers' information privacy protection behaviors and trust.

• Journal of Digital Convergence
• /
• v.13 no.6
• /
• pp.1-12
• /
• 2015

In recent years, the privacy concern for mobile consumers is emerging as the use of mobile application(apps) is growing according to the rapid spread of mobile devices such as smart phones and tablet PCs. To improve privacy protections in the mobile communications and apps, overseas organizations are announcing guidelines and/or checklists for stake holders. Although personal information protection guidelines for application developers have been prepared in the country, efforts to improve consumer privacy capability is insufficient. Thus, in this paper we first scope the app privacy related guidelines in both domestic and foreign affairs, then present the risk factors of privacy invasion by the stage of mobile application use based on the "Privacy Protection Act", offering privacy checklists for consumers. This checklist will enhance the self-management capability of consumer privacy and create virtuous cycle in the mobile ecosystem.

• Journal of Digital Convergence
• /
• v.10 no.8
• /
• pp.149-157
• /
• 2012

Recently, many corporations and public institutions are busy preparing and providing measures in dealing with new privacy information law. This study reviews privacy impact assessments in order to perform preventing and diagnosis against potential threats focus on the K-hospital case. The quality of protection in K-hospital shows that the corporations itself is 79.0, the system is 97.0, the life cycle of the privacy is 67.4 and CCTV is 90.0. The lowest levels are saving and keeping 50.0, usage and offer 64.1 and destruction 66.7 among the life cycle of the privacy. The result of risk analysis shows that the highest levels are controlling for privacy 11.0, saving and keeping 12.5 and destruction 13.0. From the result, dangerous duplications are saving and keeping and destructions.

• Journal of Advanced Navigation Technology
• /
• v.26 no.4
• /
• pp.244-248
• /
• 2022

The various digital services that people are experiencing recently are bringing about changes in the daily lives, and these changes are due to the spread of the Fourth Industrial Revolution. The 4th Industrial Revolution is based on the development of ICT technology, and ICT technology inevitably generates issues such as the use and protection of personal information as well as the use of public data. Accordingly, countries around the world are making efforts to revitalize new industries by wisely solving conflicting issues between the use and protection of personal information through legislation. There are some differences in the protection and use of personal information in Korea, the United States, and the EU. Korea trys to make the legislation that prioritizes the use of data, and the United States establishes individual laws governing the protection of personal information by sector, while the EU has clarified the strengthening personal information protection. This paper aims to find out how personal information protection is defined in Korea, the United States, and the EU through enacted laws and organize the direction of the future policies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1013-1023
• /
• 2016

Transborder data flow(TBDF) of personal information in Korea has been limited by current Privacy law which request data subject to give consent. As the IT industry is growing at an incredible rate, there is a need to review the existing law to cope with growing industrial demand and increasing numbers of international data transfer. The transfer of personal data overseas not only allow businesses providing IT services including finance, internet, e-commerce to thrive, but also impact every aspect of our lives which are increasingly depended on these technology. Transmitting personal data across borders raises serious questions of privacy protection and restriction of business operation. In ordrer to promote interoperability of personal data in international environment, a considerable amount of research and debate needs to be taken before implementing a sound policy. This paper presents a need for a sound TBDF policy in Korea by examine the main policy challenges associated with TBDF. Finally, the paper identify policy suggestions based on European Union's approach as they have successfully implemented TBDF policy that balanced data privacy and economic agenda.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.317-326
• /
• 2012

Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.

• Journal of Digital Convergence
• /
• v.9 no.6
• /
• pp.81-90
• /
• 2011

Companies using internet as a kind of marketing means are increasing rapidly according to the expansion trend of e-commerce through internet and consumers also use internet as the common means of purchasing necessary articles. E-commerce using internet has advantages without limitation to temporal and spatial accessibility and general consumers and unspecified individuals also use internet to purchase their goods as well as general transactions such as advertisement, contract, payment and claim settlement. 'In the age of information, invasion of personal information resulted from the development of information and communication technology is one of the greatest problems all the countries in the world face. Therefore, Personal information protection Act is one of basic laws to protect personal information and rights and it is also an essential law in the age of information. In that sense, new Personal information protection Act is the advanced act containing various items to minimize the national damages from the leaking of private information and protect right to informational self-determination in the information society. It is expected that this legislation contributes to reduce the leaking of private information, enhance the level of privacy protection and develop privacy related industries. However, active participation of all members of our society and improvement of their recognition should be preceded for the rational and legal use of private information and the settlement of its protection culture. While the purpose of Personal information protection Act can protect privacy from collection, leaking, misuse and abuse of private information and enhance national interests and protect personal dignity and value, it also must perform the roles of balancing privacy protection with liberal information flow.