• Journal of the Korea Convergence Society
• /
• v.9 no.10
• /
• pp.55-59
• /
• 2018

Big-data, a revolutionary technology in the era of the 4th Industrial Revolution, provides services in various fields such as health, public sector, distribution, marketing, manufacturing, etc. It is very useful technology for marketing analysis and future design through accurate and quick data analysis. It is very likely to develop further. However, the biggest problem when using Big-data is privacy and privacy. When various data are analyzed using Big-data, the tendency of each user can be analyzed, and this information may be sensitive information of an individual and may invade privacy of an individual. Therefore, in this paper, we investigate the necessary measures for Personal private information infringement that may occur when using Personal private information in Big-data environment, and propose necessary Personal private information protection technologies to contribute to protection of Personal private information and privacy.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.5
• /
• pp.2415-2421
• /
• 2013

Widespread personal data utilization has led personal data protection to its importance at core, and serious data spill has increased constantly as a result. Though various types of protection systems for data spill have been suggested, all these met failures in detection of personal data when printed out or preventing fatal data exposure without any protections when data spill happens. I propose API-Hook method which detects and controls personal data within printouts, and prevents data leakage through masking on the printed-out data. Also, it is verified if security is guaranteed on the documents containing personal data when implementing. In order to obtain security, it is essential to put more weights on the balance with availability than confidentiality.

• Journal of Information Technology Services
• /
• v.22 no.3
• /
• pp.29-47
• /
• 2023

With the recent advancement of information and communication technologies such as artificial intelligence, big data, cloud computing, and 5G, data is being produced and digitized in unprecedented amounts. As a result, data has emerged as a critical resource for the future economy, and overseas countries have been revising laws for data protection and utilization. In Korea, the 'Data 3 Act' was revised in 2020 to introduce institutional measures that classify personal information, pseudonymized information, and anonymous information for research, statistics, and preservation of public records. Among them, it is expected to increase the added value of data by combining pseudonymized personal information, and to this end, "the Expert Data Combination Agency" and "the Expert Data Agency" (hereinafter referred to as the Expert Data Processing Agency) system were introduced. In comparison to these domestic systems, we would like to analyze similar overseas systems, and it was recently confirmed that the Vermont government in the United States enacted the first "Data Broker Act" in the United States as a measure to protect personal information held by data brokers. In this study, we aim to compare and analyze the roles and functions of the "Expert Data Processing Agency" and "Data Broker," and to identify differences in designated standards, security measures, etc., in order to present ways to contribute to the activation of the data economy and enhance information protection.

• Journal of the Korea Convergence Society
• /
• v.11 no.6
• /
• pp.37-42
• /
• 2020

In the field of public informatization maintenance business, the attacks of external illegal users such as unauthorized leakage, destruction, and alteration due to intentional or inadequate management of personal information are increasing. In order to prevent such security incidents in advance, it is necessary to develop and quantitatively manage SLA indicators. This study presents the privacy SLA indicators and suggests specific methods such as information collection method and timing of the privacy SLA indicators. In order to confirm the validity and reliability of the proposed SLA indicators, an online survey was conducted with a group of experts. As a result, it was evaluated that compliance rate of personal information destruction and compliance rate of personal information protection system would be effective when applied to new and revised SLA indicators in terms of importance and validity. In the future, using SLA indicators for personal information protection as a standard for public information maintenance will contribute to improving SW quality and securing safety.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.12
• /
• pp.4062-4080
• /
• 2022

COVID-19, a highly infectious disease, has affected the globe tremendously since its outbreak during late 2019 in Wuhan, China. In order to respond to the pandemic, governments around the world introduced a variety of public health measures including contact-tracing, a method to identify individuals who may have come into contact with a confirmed COVID-19 patient, which usually leads to quarantine of certain individuals. Like many other governments, the South Korean health authorities adopted public health measures using latest data technologies. Key data technology-based quarantine measures include:(1) Electronic Entry Log; (2) Self-check App; and (3) COVID-19 Wristband, and heavily relied on individual's personal information for contact-tracing and self-isolation. In fact, during the early stages of the pandemic, South Korea's strategy proved to be highly effective in containing the spread of coronavirus while other countries suffered significantly from the surge of COVID-19 patients. However, while the South Korean COVID-19 policy was hailed as a success, it must be noted that the government achieved this by collecting and processing a wide range of personal information. In collecting and processing personal information, the data minimum principle - one of the widely recognized common data principles between different data protection laws - should be applied. Public health measures have no exceptions, and it is even more crucial when government activities are involved. In this study, we provide an analysis of how the governments around the world reacted to the COVID-19 pandemic and evaluate whether the South Korean government's digital quarantine measures ensured the protection of its citizen's right to privacy.

• Review of Korea Contents Association
• /
• v.14 no.3
• /
• pp.25-29
• /
• 2016

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.57-66
• /
• 2023

Since 2009, Morocco has had a law governing the processing of personal data, the law 09-08, and a supervisory authority, the CNDP (National Commission for the Protection of Personal Data). Since May 2018, the European General Regulation on the Protection of Personal Data (GDPR) entered into force, which applies outside the EU in certain cases and therefore to certain Moroccan companies. The question of the protection of personal data is primarily addressed to the customer. The latter may not only be a victim of crime linked to ICT, but also have to face risks linked to the collection and abusive processing of his personal data by the private and public sectors. Often the customer does not really know how their data is stored, nor for how long and for what purpose. This fact raises the question of satisfying customer requirements, in particular for organizations that have adopted a quality approach based on ISO 9001 standard.In order to master these constraints, Moroccan companies have to adopt strategies based on modern quality management techniques, especially the adoption of principles issued from the international standard ISO 9001 while being confirmed by the law 09-08. It is through ISO 9001 and the law 09-08 that these companies can refer to recognized approaches in terms of quality and compliance. The major challenge for these companies is to have a Quality approach that allows the coexistence between the law 09-08 and ISO 9001 standard and this article deals within this specific context.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1115-1133
• /
• 2024

With the rapid development of AI technology, AI systems are increasingly collecting, processing, and utilizing personal information in large quantities. As a result, transparency and accountability of personal information processing by AI systems, ensuring the rights of information subjects, and minimizing the risk of personal information infringement are becoming important issues. However, the existing privacy policy only discloses the personal information processing in general, and there is no privacy policy for AI systems. In order to solve these problems, In response to the implementation of the privacy policy evaluation system in accordance with the revision of the Personal Information Protection Act, we propose a new AI system privacy policy establishment and disclosure for personal in the design, development and operation of AI system. This study is expected to play a complementary role to the regulations on the right of data subjects to request an explanation and exercise the right of refusal for automated decisions under the current Personal Information Protection Act.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.101-103
• /
• 2024

본 논문에서는 잊혀질 권리에 대한 법제도 및 법정책적 검토를 논하고자 한다. 잊혀질 권리는 알권리, 표현의 자유 등 다른 기본권과 충돌할 수밖에 없기 때문에 이 권리를 법률로 구체화하는데 다각적인 학제 간 연구가 선결문제로써 검토되어야 한다. 정보 주체에게 잊혀질 권리를 법제화하는 것은 그 정보를 사용하려는 사람의 표현의 자유를 제한하는 결과를 초래하기 때문에 일정한 한계를 노출할 수밖에 없다. 현행 개인정보 보호법, 정보통신망 이용촉진 및 정보보호 등에 관한 법률 등에서 개인정보의 파기제도를 신설하여 부분적으로 잊혀질 권리를 반영하고 있지만 헌법상 중요한 가치인 잊혀질 권리와 알권리 및 표현의 자유에 대해 조화롭게 균형을 찾는 것이 선행과제인 것이다.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.3
• /
• pp.22-30
• /
• 2008

Recently, protection of personal information is getting more important. Many countries have legislated about the protection of personal information. Now, the protection of relevant personal information is required not for a simple image of enterprises but law obligation. Most databases in enterprises used to store customers' names, addresses and credit card numbers with no exceptions. The personal information about a person is sensitive, and this asset is strategic. Therefore, most enterprises make an effort to preserve personal information safely. If someone, however, hacks password information of DBMS manager, no one can trust this system. Therefore, encryption is required based in order to protect data in the database. Because of database encryption, however, it is the problem of database performance in terms of computation time and the limited SQL query. Thus, we proposed an efficient query method to solve the problem of encrypted data in this paper.