• Journal of the Korea Society of Computer and Information
• /
• v.24 no.2
• /
• pp.201-207
• /
• 2019

The purpose of this study is to suggest some implications by empirical testing the relationships between children's self-perception and human rights recognition in local children's center. For this study, Total 438 children were sampled and surveyed. The analytical results are the followings. First, personal characteristics was shown to have a significant effect to human right recognition. Second, self-perception was shown to have a significant effect to human right recognition. Third, right guarantee of center was shown to moderate the relationship between self-perception and human right recognition. This study provides some theoretical and polcy implications basing on these analytical results.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.237-242
• /
• 2021

The article deals with the problematic issues of defining information as an object of private relations. Definitions that they are intangible and non-consumable by nature, are inextricably linked to a specific material carrier are/or secured by the subject that transmits them, messages, and information that have quantitative and qualitative characteristics, and are capable of having a freight or another value, and in case of its illegal usage causing damage and moral harm.

• The Korean Society of Law and Medicine
• /
• v.21 no.3
• /
• pp.145-178
• /
• 2020

This paper examines discussions surrounding cognitive liberty, neuro-privacy, and mental integrity from the perspective of Neuro-rights. The right to control one's neurological data entails self-determination of collection and usage of one's data, and the right to object to any way such data may be employed to negatively impact oneself. As innovations in neurotechnologies bear benefits and downsides, a novel concept of the neuro-rights has been suggested to protect individual liberty and rights. In Oct. 2020, the Chilean Senate presented the 'Proyecto de ley sobre neuroderechos' to promote the recognition and protection of neuro-rights. This new bill defines all data obtained from the brain as neuronal data and outlaws the commerce of this data. Neurotechnology, especially when paired with big data and artificial intelligence, has the potential to turn one's neurological state into data. The possibility of inferring one's intent, preferences, personality, memory, emotions, and so on, poses harm to individual liberty and rights. However, the collection and use of neural data may outpace legislative innovation in the near future. Legal protection of neural data and the rights of its subject must be established in a comprehensive way, to adapt to the evolving data economy and technical environment.

• Journal of Information Technology Services
• /
• v.22 no.6
• /
• pp.1-15
• /
• 2023

This study compares and analyzes the legal systems of Korea, the European Union, China, and the United States based on the disclosure principles and processing policies for personal data processing and provides references for seeking improvements in our legal system. Furthermore, this research aims to suggest institutional implications to overcome data transfer limitations in the upcoming digital economy. Findings on a comparative analysis of the relevant legal systems for disclosing privacy policies in four countries showed that Korea's privacy policy is under the eight principles of privacy proposed by the OECD. However, there are limitations in the current situation where personal information is increasingly transferred overseas due to direct international trade e-commerce. On the other hand, the European Union enacted the General Data Protection Regulation (GDPR) in 2016 and emphasized the transfer of personal information under the Privacy Policy. China also showed differences in the inclusion of required items in its privacy policy based on its values and principles regarding transferring personal information and handling sensitive information. The U.S. CPRA amended §1798.135 of the CCPA to add a section on the processing of sensitive information, requiring companies to disclose how they limit the use of sensitive information and limit the use of such data, thereby strengthening the protection of data providers' rights to sensitive information. Thus, we should review our privacy policies to specify detailed standards for the privacy policy items required by data providers in the era of digital economy and digital commerce. In addition, privacy-related organizations and stakeholders should analyze the legal systems and items related to the principles of personal data disclosure and privacy policies in major countries so that personal data providers can be more conveniently and accurately informed about processing their personal information.

• The Korean Society of Law and Medicine
• /
• v.21 no.2
• /
• pp.75-103
• /
• 2020

There is a growing voice that medical information should be shared because it can prepare for genetic diseases or cancer by analyzing and utilizing medical information in big data or artificial intelligence to develop medical technology and improve patient care. The utilization and protection of patients' personal information are the same as two sides of the same coin. Medical institutions or medical personnel should take extra caution in handling personal information with high environmental distinct characteristics and sensitivity, which is different from general information processors. In general, the patient's personal information is processed by medical personnel or medical institutions through the processes of collection, creation, and destruction. Still, the use of terms related to personal information in the Medical Service Act is jumbled, or the scope of application is unclear, so it relies on the interpretation of precedents. For the medical personnel or the founder of the medical institution, in the case of infringement of Article 24(4), it cannot be regarded that it means only medical treatment information among personal information, whether or not it should be treated the same as the personal information under Article 23, because the sensitive information of patients is recorded, saved, and stored in electronic medical records. Although the prohibition of information leakage under Article 19 of the Medical Service Act has a revision; 'secret' that was learned in business was revised to 'information', but only the name was changed, and the benefit and protection of the law is the same as the 'secret' of the criminal law, such that the patient's right to self-determination of personal information is not protected. The Privacy Law and the Local Health Act consider the benefit and protection of the law in 'information learned in business' as the right to self-determination of personal information and stipulate the same penalties for personal information infringement such as leakage, forgery, alteration, and damage. The privacy regulations of the Medical Service Act require that the terms be adjusted uniformly because the jumbled use of terms can confuse information subjects, information processors, and shows certain limitations on the protection of personal information because the contents or scope of the regulations of the Medical Service Law for special corporations and the Privacy Law may cause confusion in interpretation. The patient's personal information is sensitive and must be safely protected in its use and processing. Personal information must be processed in accordance with the protection principle of Privacy Law, and the rights such as privacy, freedom, personal rights, and the right to self-determination of personal information of patients or guardians, the information subject, must be guaranteed.

• Journal of Information Technology Services
• /
• v.12 no.1
• /
• pp.131-141
• /
• 2013

Matters related to the right to be forgotten started the dispute Europe to introduce it first when Data Protection Directive established in 1995 proceeded revision. Relating to this, diverse disputes proceed on responding to personal information protection and internet laws in our nation. Especially as our National Assembly submitted the law regarding the promotion of information and communication network use and protection of information and amendment of copyright, it is necessary to look into the movement on introduction of law of right to be forgotten closely in detail. EU which attempted the institutionalization for the first time, relating to review of General Data Protection Regulation, proposed opinions such as the necessity to define subjects of personal information concretely and specifically and or protection target and balanced consideration on freedom of expression which is constitutional value. In the case of our nation, there was legislation attempt to introduce the regulation but it was limited in the form of fallen effectiveness without concrete and detailed review on internet law. To solve such problems, it is necessary to look into issues and matters to be considered required to accept right to be forgotten closely and discuss possibility of introducing right to be forgotten, conflicts between fundamental rights becoming issue, effect of goal achievement of personal information protection through the system introduction, and other rational acceptance method.

• Journal of KIISE:Information Networking
• /
• v.30 no.2
• /
• pp.189-198
• /
• 2003

As people are damaged increasingly by personal information leakage, awareness about user privacy infringement is increasing. However, the existing DRM system does not support the protection of user's personal information because it is not necessary for the protection of copyrights. This paper is suggesting a license administration protocol which is more powerful to protect personal information in DRM. To protect the exposure of users identifier, this protocol uses temporary ID and token to guarantee anonymity and it uses a session key by ECDH to cryptography and Public-Key Cryptosystem for a message so that it can protect the exposure of personal information and user's privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1269-1277
• /
• 2016

European Union and United States have introduced new Privacy Shield agreement after decision of Court of Justice of the European Union which invalidated Safe Harbor agreement. Privacy Shield agreement contains several clauses to raise the level of personal data protection such as enhanced commitments, stronger enforcement, clear safeguards and transparency obligations, and effective protection of EU citizens' rights with several redress possibilities. This agreement has received positive response as an enhanced measure for personal data protection. This paper examines EU and US discussion history and current situation regarding Privacy Shield and suggests national policy direction such as measures for personal data transborder flow system improvement and international cooperation.

• Korea and Global Affairs
• /
• v.2 no.2
• /
• pp.63-88
• /
• 2018

The purpose of the present paper is to examine the North Korean refugee protection system and its shortcomings. Based on the findings from the analysis of legal system and status of personal protection, this paper proposes the following measures to solve the problems and improve South Korea's existing system. First of all, personal protection for North Korean refugees should be carried out in an inclusive and humanitarian manner. Secondly, the collaborative governance operating system for protecting North Korean refugees should be established. Lastly, clear guidelines for personal protection procedures should be developed to ensure personal protection officers'accountability.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.83-92
• /
• 2018

The GDPR implemented since 25 May 2018 is common to all EU Member States and is legally binding. It is also important and legally valuable in that it takes into account the latest trends related to privacy protection. The purpose of this study is to propose a comprehensive review and improvement direction of the personal information protection laws in South Korea through a comparative analysis of EU GDPR and privacy related laws in South Korea. As a result of this study, the differences between the GDPR and privacy related laws in South Korea are Definition of personal sensitive information, Right to data portability, Data protection officer, Transfers of personal data to third countries, Supervisory authority, and Punishment, etc. The differences in these regulations were necessary to protect the rights and interests of data subjects and to properly handle personal information of personal information controllers. Therefore, based on the results of the comparative analysis of this study and suggestions on improvement direction of the law related to personal information protection, it is expected that it will contribute to the overall inspection and improvement of the law related to personal information protection in South Korea.