• Korean Journal of Human Ecology
• /
• v.16 no.6
• /
• pp.1197-1209
• /
• 2007

The advance of digital contents industry shifts the focus of consumptions; from analogue to digital ones. It gives significant impact on individual life as well as overall society and culture, and it leads to the increased consumption of digital contents. Nevertheless, current digital contents industry fails to secure the sufficient consumer protection systems including relevant rules and laws which regulate the distribution, use, and other transaction activities of digital contents and the efforts, on the part of contents providers, to provide information to consumers and to protect them. Digital contents, by its nature, is different from the existing products so that its nature is likely to cause unique consumer problems totally different from the offline transactions and the electrical transactions of existing products. This study, therefore, aims to identify the possible problems which may be incurred by consumers in their use of digital contents, specify the types of consumer damages, and provide the underlying materials to improve the systems related to digital contents and take legally complementary measures for consumer protection. To identify the types of consumer damages, this study analyzed the results from consumer counselling cases, experts opinion survey, and FGI. For consumer damage cases, this study analyzed the consumer complaints received by open consumer counselling sites of the Korea Consumer Agency and Seoul Electronic Commerce Center. For experts opinion survey, it conducted questionnaire survey of the group of experts from digital contents manufacturers or providers, and those who treated consumer damages directly. For FGI analysis, it organized a panel of students and employees who had used digital contents to understand the types of consumer damages. The results of this study can be summed up as follows. Based on the results from consumer counselling cases, experts opinion survey, and FGI analysis, the consumer damages related to digital contents can be classified, in their nature, into economic or financial damages (25 cases), emotional or psychological ones (15 cases), time-related ones (7 cases), physical ones (4 cases), and privacy-related ones (i.e. leakage of personal data)(3 cases). More specifying the types of damages, damages can be subdivided into contract-, charge-, maintenance-, use-, individual-related ones and other ones. Among them, both contract- and charge-related damages appeared only in the economic or financial damages, whereas user-specific individual damages appeared only in physical and emotional or psychological ones. On the other hand, maintenance- and use-related damages and other ones were observed in both categories of economical or financial damages and time-related ones. Use- and privacy-related damages, in particular, caused emotional or psychological damages.

• International Journal of Advanced Culture Technology
• /
• v.10 no.2
• /
• pp.240-245
• /
• 2022

Because of the importance of the information, encryption algorithms are heavily used. Raw data is encrypted and secure, but problems arise when the key for decryption is exposed. In particular, large-scale Internet sites such as Facebook and Amazon suffer serious damage when user data is exposed. Recently, research into a new fourth-generation encryption technology that can protect user-related data without the use of a key required for encryption is attracting attention. Also, data clustering technology using encryption is attracting attention. In this paper, we try to reduce key exposure by using homomorphic encryption. In addition, we want to maintain privacy through similarity measurement. Additionally, holistic similarity measurements are time-consuming and expensive as the data size and scope increases. Therefore, Min-Hash has been studied to efficiently estimate the similarity between two signatures Methods of measuring similarity that have been studied in the past are time-consuming and expensive as the size and area of data increases. However, Min-Hash allowed us to efficiently infer the similarity between the two sets. Min-Hash is widely used for anti-plagiarism, graph and image analysis, and genetic analysis. Therefore, this paper reports privacy using homomorphic encryption and presents a model for efficient similarity measurement using Min-Hash.

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.21-28
• /
• 2017

There is growing interest in the use of cloud services these days because the amount of sensitive physical information related to u-fitness-based exercise management increase in explosive. However, it is possible to illegally access information stored in a cloud server, and to find out who owns the information, even, to illegally deduce an association among the information stored in its memory. The cloud server may also intentionally pass over the owner's legitimate operation requests such as modification and deletion of stored information, and may lose or damage information due to its malfunction. So, it is strongly required to solve the above problems because we can not trust the cloud server entirely. In this paper, we propose a protocol to preserve the privacy of the owner for u-Fitness-based exercise management in a cloud computing environment. And we show that our proposed architecture is applicable in real environment through security analysis and performance analysis.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.9-17
• /
• 2014

With the rapid development of the Internet and information technology, a company that deals with personal information does not have proper action to protect personal privacy and not take measures for the safe handling and management of personal information. It generates the case to abuse of personal information occurring frequently. In order to focus the effort to reduce damage and protect the privacy of personal information entity and enhance privacy laws based on the connection method and the processing of personal information, Korea encourages a company to follow regulation by providing certain criteria. However, in the case of items of measures standard of safety of personal information such as priority applicable criteria in accordance with the importance of itemized characteristics and the company of each individual information processing is not taken into account, and there are some difficulties to execute. Therefore, we derive criteria by law and reviewing existing literature related, the details of the measures standard of safety of personal information in this study and generate a hierarchical structure by using the KJ method for layering and quantification of the evaluation in integration of the reference item similar and the grouping. Accordingly, the weights calculated experts subject using the AHP method hierarchical structures generated in this manner, it is an object of the proposed priority for privacy and efficient more rational enterprise.

• Journal of Arbitration Studies
• /
• v.26 no.4
• /
• pp.151-179
• /
• 2016

Emerging as a strategic domain of the service industry, the drone logistics industry is evolving into a zero effort industry, which realizes smart device service ranging from corporate services to daily customer services. The role of the drone industry is becoming increasingly important in strengthening national competitiveness, as well as corporate competitiveness, beyond the strengthening of product competitiveness. Although drones have various strengths and weaknesses for industries, there are plenty of possibilities for diverse disputes and conflicts due to lack of related laws, regulations, and institutional norms, as well as unsolved problems related to technologies and operations; that is, there are still policy tasks and problems to be solved such as unauthorized seizure of drones, hacking, protection of personal privacy, safety concerns, regulation and limitation of flying areas, damage relief, and dispute settlements. Thus, in order to vitalize the drone industry as a future growth engine while responding to the changes in the environment of the drone industry in Korea and overseas and to strengthen national and corporate competitiveness by harmonizing with advanced management innovations, it is necessary to conduct in-depth discussions and review policy issues related to the vitalization of the drone industry. Therefore, the purpose of this study is to review the domestic and overseas realities and statuses of the drone logistics industry and application cases, analyze policies regarding the drone logistics industry of each country, review general theories on the solution of disputes arising out of the transactions in the drone logistics industry, and, as a conclusion, suggest desirable policy issues for the vitalization of the drone logistics industry in Korea.

• The Korean Society of Law and Medicine
• /
• v.21 no.2
• /
• pp.75-103
• /
• 2020

There is a growing voice that medical information should be shared because it can prepare for genetic diseases or cancer by analyzing and utilizing medical information in big data or artificial intelligence to develop medical technology and improve patient care. The utilization and protection of patients' personal information are the same as two sides of the same coin. Medical institutions or medical personnel should take extra caution in handling personal information with high environmental distinct characteristics and sensitivity, which is different from general information processors. In general, the patient's personal information is processed by medical personnel or medical institutions through the processes of collection, creation, and destruction. Still, the use of terms related to personal information in the Medical Service Act is jumbled, or the scope of application is unclear, so it relies on the interpretation of precedents. For the medical personnel or the founder of the medical institution, in the case of infringement of Article 24(4), it cannot be regarded that it means only medical treatment information among personal information, whether or not it should be treated the same as the personal information under Article 23, because the sensitive information of patients is recorded, saved, and stored in electronic medical records. Although the prohibition of information leakage under Article 19 of the Medical Service Act has a revision; 'secret' that was learned in business was revised to 'information', but only the name was changed, and the benefit and protection of the law is the same as the 'secret' of the criminal law, such that the patient's right to self-determination of personal information is not protected. The Privacy Law and the Local Health Act consider the benefit and protection of the law in 'information learned in business' as the right to self-determination of personal information and stipulate the same penalties for personal information infringement such as leakage, forgery, alteration, and damage. The privacy regulations of the Medical Service Act require that the terms be adjusted uniformly because the jumbled use of terms can confuse information subjects, information processors, and shows certain limitations on the protection of personal information because the contents or scope of the regulations of the Medical Service Law for special corporations and the Privacy Law may cause confusion in interpretation. The patient's personal information is sensitive and must be safely protected in its use and processing. Personal information must be processed in accordance with the protection principle of Privacy Law, and the rights such as privacy, freedom, personal rights, and the right to self-determination of personal information of patients or guardians, the information subject, must be guaranteed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.513-528
• /
• 2018

In a smart home environment that integrates IoT technology into a residential environment, the smart home hub provides convenience functions to users by connecting various IoT devices to the network. The smart home hub plays a role as a gateway to and from various data in the process of connecting and using IoT devices. This data can be abused as personal information because it is closely related to the living environment of the user. Such abuse of personal information may cause damage such as exposure of the user's identity. Therefore, this thesis analyzed the threat by using LINDDUN, which is a threat modeling technique for personal information protection which was not used in domestic for Smart Home Hub. We present evaluation criteria for smart home hubs using the Common Criteria, which is an international standard, against threats analyzed and corresponding security requirements.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• The Korean Journal of Air & Space Law and Policy
• /
• v.33 no.2
• /
• pp.367-418
• /
• 2018

Just as safety is the most important thing in aviation, safety is the most important in the operation of unmanned aircraft (RPA), and safety operation is the most important in the legal responsibility of the operator of the unmanned aircraft. In this thesis, the legal responsibility of the operator of the unmanned aircraft, focusing on the responsibility of the operator of the unmanned aircraft, was discussed in depth with the issue of insurance, which compensates for damages in the event of an accident First of all, the legal responsibility of the operator of the unmanned aircraft was reviewed for the most basic : definition, scope and qualification of the operator of the unmanned aircraft, and the liability of the operator of the Convention On International Civil Aviation, the ICAO Annex, the RPAS Manual, the Rome Convention, other major international treaties and Domestic law such as the Aviation Safety Act. The ICAO requires that unmanned aircraft be operated in such a manner as to minimize hazards to persons, property or other aircraft as a major principle of the operation of unmanned aircraft, which is ultimately equivalent to manned aircraft Considering that most accidents involving unmanned aircrafts fall to the ground, causing damage to third parties' lives or property, this thesis focused on the responsibility of operators under the international treaty, and the responsibility of third parties for air transport by Domestic Commercial Act, as well as the liability for compensation. In relation to the Rome Convention, the Rome Convention 1952 detailed the responsibilities of the operator. Although it has yet to come into effect regarding liability, some EU countries are following the limit of responsibility under the Rome Convention 2009. Korea has yet to sign any Rome Convention, but Commercial Act Part VI Carriage by Air is modeled on the Rome Convention 1978 in terms of compensation. This thesis also looked at security-related responsibilities and the responsibility for privacy infringement. which are most problematic due to the legal responsibilities of operating unmanned aircraft. Concerning insurance, this thesis looked at the trends of mandatory aviation insurance coverage around the world and the corresponding regulatory status of major countries to see the applicability of unmanned aircraft. It also looked at the current clauses of the Domestic Aviation Business Act that make insurance mandatory, and the ultra-light flight equipment insurance policy and problems. In sum, the operator of an unmanned aircraft will be legally responsible for operating the unmanned aircraft safely so that it does not pose a risk to people, property or other aircraft, and there will be adequate compensation in the event of an accident, and legal systems such as insurance systems should be prepared to do so.