• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.169-179
• /
• 2011

Recent personal data breach incidences draw the public's attention to their privacy and personal rights. The new personal data protection law effective in September 2009 imposes additional legal responsibility on personal data controllers and processors. For instance, if a data breach occurs, this new law requires that the processors must notify individuals (data subjects) and data protection authorities of the nature of incidents. This research reviews the U.S. forty six state laws and related acts, and offers a framework for managing incidents. This framework includes five major components: (1) type of personal data required to be reported and notified, (2) the ultimate subject notifying data subjects, (3) event occurrence and notification time phases, (4) notification message details, and (5) direct/indirect communication media. Along with this framework, we also offer directions for effective/manageable guidelines on data breach notification act.

• Electronics and Telecommunications Trends
• /
• v.35 no.6
• /
• pp.88-96
• /
• 2020

As the usability and value of personal information increase, the importance of privacy protection has increased. In Korea, the scope of the use of pseudonymized personal information has increased because of revisions to the law. In the past, security technologies were used to safely store and manage personal information, but now, security technologies focused on usability are needed to safely use personal information. In this paper, we look at issues related to the de-identification and re-identification of personal information. Moreover, we examine the standards and techniques related to the de-identification of personal information.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.2
• /
• pp.317-322
• /
• 2013

Personal information is defined information related to users' privacy data. It can be verified information through social security number, image, and means relating to individual can verify. Such personal information is in accordance with the privacy act in law for the collection and usage in enterprises and institutions. However, it can be induced privacy problem when it is exposed information without attention. This user's inadvertent disclosure of personal information has occurred due to social engineering and intelligent cyber-crime occurred in order to solve these problems. A variety of protection solutions for personal information have been developed. Web privacy filtering firewall and solutions related with server have been developed among developed many solutions, web privacy filtering and firewall solutions is proposed in this paper.

• Journal of Digital Convergence
• /
• v.17 no.10
• /
• pp.49-58
• /
• 2019

In the era of the 4th industrial revolution, the development of information technology brought various benefits, but it also increased social interest in privacy issues. As the possibility of personal privacy violation by big data increases, academic discussion about privacy management has begun to be active. While the traditional view of privacy has been defined at various levels as the basic human rights, most of the recent research trends are mainly concerned only with the information privacy of online privacy protection. This limited discussion can distort the theoretical concept and the actual perception, making the academic and social consensus of the concept of privacy more difficult. In this study, we analyze the privacy concept that is exposed on the internet based on 12,000 news data of the portal site for the past one year and compare the difference between the theoretical concept and the socially accepted concept. This empirical approach is expected to provide an understanding of the changing concept of privacy and a research direction for the conceptualization of privacy for current situations.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.320-326
• /
• 2022

The use of the Internet has become commonplace for billions of people on the planet. The rapid development of technology, in particular, mobile gadgets, has provided access to communication anywhere, anytime. At the same time, there are growing concerns about the behavior of people on the Internet, in particular, towards each other and social groups in general. This raises the issue of human rights in today's information society. In this study, we focused on human rights such as the right to privacy, confidentiality, freedom of expression, the right to be forgotten, etc. We point to some differences in this regard, in particular between the EU, etc. In addition, we describe the latest legal regulation in this aspect in European countries. Such methods as systemic, factual, formal and legal, to show the factors of formation and development of human rights in the context of digitalization were used. The authors indicate which of them deserve the most attention due to their prevalence and relevance. Thus, we concluded that the technological development of social communications has laid the groundwork for a legal settlement of privacy and opinion issues on the Internet. Simultaneously, jurisdictions address issues on every aspect of human rights on the Internet, based on previous norms, case law, and principles of law. It is concluded that human rights legislation on the Internet will continue to be actively developed to ensure a balance of private and public interests, safe online access and unimpeded access to it.

• Convergence Security Journal
• /
• v.20 no.2
• /
• pp.59-68
• /
• 2020

In January 2020, the National Assembly passed the revisions of three bills which ease regulations on the use of personal information. The revised laws include the launch of an independent supervisory body, the arrangement of redundant regulations, and regulations for the development of the data economy. This paper analyzes the content and meaning of each law of the Three Revised Bills that Ease Regulations on the Use of Personal Information. And the future challenges outline three aspects: the establishment of a system to ensure the right to informational self-determination of privacy concerns, the establishment of a certification system and the presentation of reasonable guidelines, and the expectation of professional performance by the Personal Information Protection Commission.

• Informatization Policy
• /
• v.25 no.2
• /
• pp.3-19
• /
• 2018

With the introduction of video cameras into law enforcement, a great deal of police organizations have adopted the technology in their routine crime prevention activities. The up-to-date systems of ambient surveillance energized by CCTV, police wearable cameras, drones, and thermal imaging devices enable the police to thoroughly monitor public spaces as well as to rigorously arrest on-scene criminals. These efforts to improve the level of surveillance are often met with public resistance raising concerns over citizens' rights to privacy. Recent studies on the use of police video equipment have constantly raised the issues related to the lack of applicable legal provisions, risk of personal information and privacy infringement as well as security vulnerabilities. In this regard, the present study attempted to review the public surveillance methods currently used by law enforcement agencies worldwide within the context of public safety and individual rights to privacy. Furthermore, the present study also discussed the legal boundaries of police use of video equipment to address public concerns over privacy issues.

• Convergence Security Journal
• /
• v.12 no.2
• /
• pp.43-51
• /
• 2012

CCTV would be the effective way in the prevention of abuse, as well as recorded image information evidence of the crime as a significant legal effect. But recorded image information As evidence by utilizing the Complaint/complaint handling, and administrative business processes that are currently operating offline procedural complexity and unnecessary time appear costly, privacy remains an issue to be solved, etc. Runoff. In this paper, incidence rate of offline business processing phase to solve the problems proposed to build unified portal for CCTV image information and the existing studies on the effectiveness of electronic civil service system, previous studies by analyzing e-government in accordance with laws and privacy laws, CCTV image information portal deployment model is applied to data integration occurs are trying to solve the problem effectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.391-400
• /
• 2012

This study focused on the role of the center for private information, which can manage and share the personal data from data breach incidents. Especially, this study addresses on the importance of establishing information management systems for preventing secondary misappropriation of breached personal data and private information. The database of breached personal data can be used for reducing privacy worries of potential victims of secondary misuse of personal data. Individuals who use the same IDs and passwords on multiple websites may find this service more effective and necessary. The effectiveness of this breached data center on reducing secondary privacy infringement may differ depending on the extend of data being shared and the conditions of data submission. When businesses experienced data breach and submission of data to this center is required by the law, the accuracy and effectiveness of this service can be enhanced. In addition, centralized database with high quality data set can increase matching for private information and control the secondary misappropriation of personal data or private information better.

• The Journal of the Korea Contents Association
• /
• v.14 no.6
• /
• pp.1-10
• /
• 2014

Through the development of internet mobile devices and online business activation, sensitive data of unspecified user is being easily exposed. In such an open business environment, the outflow of sensitive personal information has often been remarked on recently for which adoption of encryption solution for database became top priority in terms of importance. In 2011, government also legislated for the protection of personal information as an information network law, and is now applying the law to a variety of industries. Firms began to comply with these regulations by establishing various measures for protection of personal information and are now quickly introducing encryption solution to reinforce security of personal information they are managing. In this paper, I present architecture and technological parts that should be considered when introducing security solution.