• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.05a
• /
• pp.202-203
• /
• 2023

The Ministry of Oceans and Fisheries is providing maritime safety services through the operation of the Korean e-Navigation service, and research is continuously needed to improve reliability and quality to secure the competitiveness of the system. In order to secure such competitiveness, we presented the basic design for the big-data maritime information gateway system for minimizes thereal-time operation impact of the Korean e-Navigation service, and a theoretical hardware structure diagram including pseudonymization procedures to implement the overall system and solve privacy security issues. However, the proposed structure diagram and design include only the overall concept, to link real-time maritime information, required detailed privacy security method to satisfy the Privacy Act of the Republic of Korea. To solve this problem, this study will identify factors to violate the Privacy Act within the real-time maritime information(privacy of shipowner, shipping company, captain, navigator, fisherman, etc.) linked by the big-data maritime information gateway system, and research the method to link the secured information to other institutions by encrypting identified the factors.

• Asia pacific journal of information systems
• /
• v.24 no.1
• /
• pp.93-112
• /
• 2014

As personal data breach reared up as a problem domestically and globally, organizations appointing chief privacy officers (CPOs) are increasing. Related Korean laws, 'Personal Data Protection Act' and 'the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc.' require personal data processing organizations to appoint CPOs. Research on the characteristics and role of CPO is called for because of the importance of CPO being emphasized. There are many researches on top management's role and their impact on organizational performance using the Upper Echelon theory. This study investigates what influence the characteristics of CPO gives on the organizational privacy performance. CPO's definition varies depending on industry, organization size, required responsibility and power. This study defines CPO as 'a person who takes responsibility for all the duties on handling the organization's privacy,' This research assumes that CPO characteristics such as role, personality and background knowledge have an influence on the organizational privacy performance. This study applies the part relevant to the upper echelon's characteristics and performance of the executives (CEOs, CIOs etc.) for CPO. First, following Mintzberg and other managerial role classification, information, strategic, and diplomacy roles are defined as the role of CPO. Second, the "Big Five" taxonomy on individual's personality was suggested in 1990. Among these five personalities, extraversion and conscientiousness are drawn as the personality characteristics of CPO. Third, advance study suggests complex knowledge of technology, law and business is necessary for CPO. Technical, legal, and business background knowledge are drawn as the background knowledge of CPO. To test this model empirically, 120 samples of data collected from CPOs of domestic organizations are used. Factor analysis is carried out and convergent validity and discriminant validity were verified using SPSS and Smart PLS, and the causal relationships between the CPO's role, personality, background knowledge and the organizational privacy performance are analyzed as well. The result of the analysis shows that CPO's diplomacy role and strategic role have significant impacts on organizational privacy performance. This reveals that CPO's active communication with other organizations is needed. Differentiated privacy policy or strategy of organizations is also important. Legal background knowledge and technical background knowledge were also found to be significant determinants to organizational privacy performance. In addition, CPOs conscientiousness has a positive impact on organizational privacy performance. The practical implication of this study is as follows: First, the research can be a yardstick for judgment when companies select CPOs and vest authority in them. Second, not only companies but also CPOs can judge what ability they should concentrate on for development of their career relevant to their job through results of this research. Cultural social value, citizen's consensus on the right to privacy, expected CPO's role will change in process of time. In future study, long-term time-series analysis based research can reveal these changes and can also offer practical implications for government and private organization's policy making on information privacy.

• Journal of the Korean Society for information Management
• /
• v.32 no.2
• /
• pp.25-61
• /
• 2015

This study was designed to propose library privacy guidelines to be applicable in any library without distinguishing library types. Individual libraries can refine, modify, and use them to fit their situation, using the guidelines as a base. The library privacy protection guidelines developed in this study are composed of purposes, definitions, scope of privacy, law and policy, general information, the library's job performance on the handling of personal information, and library subcontractors. The development objectives and utilization direction of the library privacy guidelines developed in this study are meant to provide a guide for change according to the amended provision of library "Privacy Act" implementation, optimization of library Privacy Directive, a reflection of the relevant laws and regulations, and the standardization-oriented library privacy guidelines.

• Journal of KIISE
• /
• v.44 no.9
• /
• pp.918-931
• /
• 2017

Recently, the spread of smartphones and various wearable devices has led to increases in the accumulation and usage of personal information. As a result, privacy protection has become an issue. Even though there have been studies and efforts to improve legal and technological security measures for protecting privacy, personal information leakage accidents still occur. Rather than privacy requirements, analysts mostly focus on the implementation of security technology within software development. Previous studies of security requirements strongly focused on supplementing the basic principles and laws for privacy protection and securing privacy requirements without understanding the relationship between privacy and security. As a result, personal information infringement occurs continuously despite the development of security technologies and the revision of the Personal Information Protection Act. Therefore, we need a method for eliciting privacy requirements based on related privacy protection laws that are applicable to software development. We also should clearly specify the relationship between privacy and security. This study aims to elicit privacy requirements and create privacy assurances cases for Privacy Friendly System development.

• The Korean Journal of Air & Space Law and Policy
• /
• v.29 no.2
• /
• pp.135-161
• /
• 2014

An unmanned aerial vehicle (UAV), commonly known as a drone and also referred to as an unpiloted aerial vehicle and a remotely piloted aircraft (RPA) by the International Civil Aviation Organization (ICAO), is an aircraft without a human pilot aboard. ICAO classify unmanned aircraft into two types under Circular 328 AN/190. Unmanned aircraft, which is the core of the development of the aviation industry. However, there are also elements of the legal dispute. Unmanned aircraft are manufactured in small size, it is possible to shoot a record peripheral routes stored in high-performance cameras and sensors without the consent of the citizens, there is a risk of invasion of privacy. In addition, the occurrence of the people of invasion of privacy is expected to use of civilian unmanned aircraft. If the exposure of private life that people did not want for unmanned aircraft has occurred, may occur liability to the operator of unmanned aircraft, this is a factor to be taken into account for the development of unmanned aircraft industry. In the United States, which is currently led by the unmanned aircraft industry, policy related to unmanned aircraft, invasion of privacy is under development, is preparing an efficient measures making. Unmanned aircraft special law has not been enforced. So there is a need for legal measures based on infringement of privacy by the unmanned aircraft. US was presented Privacy Protection Act of unmanned aircraft (draft). However Korea has many laws have been enacted, to enact a new law, but will be able to harm the legal stability, there is a need for the enactment of laws for public safety of life. Although in force Personal Information Protection Law, unmanned aerospace, when the invasion of privacy occurs, it is difficult to apply the Personal Information Protection Law. So, it was presented a privacy protection bill with infringement of privacy of unmanned aircraft in the reference US legislation and the Personal Information Protection Act.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.2
• /
• pp.317-322
• /
• 2013

Personal information is defined information related to users' privacy data. It can be verified information through social security number, image, and means relating to individual can verify. Such personal information is in accordance with the privacy act in law for the collection and usage in enterprises and institutions. However, it can be induced privacy problem when it is exposed information without attention. This user's inadvertent disclosure of personal information has occurred due to social engineering and intelligent cyber-crime occurred in order to solve these problems. A variety of protection solutions for personal information have been developed. Web privacy filtering firewall and solutions related with server have been developed among developed many solutions, web privacy filtering and firewall solutions is proposed in this paper.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.10
• /
• pp.151-157
• /
• 2017

In the case of uploading privacy information of an information owner in the Internet, the information owner may want to deliver the privacy information itself or remove such information from the search list in order to prevent third parties from accessing the privacy information of the information owner. Such a right to be forgotten may collide with the freedom of expression of a third party. The right to be forgotten, which originates from the self-determination right on privacy information based on Article 10 and 17 of the Constitution and the freedom of expression, which is based on Article 21 thereof are all relative basic rights and are both limited by Item 2 under Article 37 of the same law, which is the general limitation provision for the basic rights. Therefore, when the right to be forgotten and the freedom of expression collides, it is not possible to give priority to one of the those unilaterally. It depends on the nature of the case at hand to find a natural balance for the harmonious solution for both parties. The criteria can be the sensitivity to the privacy of the information owner caused by the disclose of the privacy information, the public benefits such information may serve, the social common good that could be expected by the disclosure of the privacy information and the damages suffered in terms of the personal interest caused by the disclosure of the information, in a comprehensive manner.

• Journal of the Korea Convergence Society
• /
• v.9 no.3
• /
• pp.231-240
• /
• 2018

Recently, personal information processing are becoming more important in the behavioral advertising based on online and mobile platform. The behavioral advertising analyzes and utilizes individual's search & purchase history, hobbies, and tendency based on the personal behavior information collected using the automatic collection device. Therefore, it collects and stores other types of personal information which did't defined in Privacy Act and can analyze personal behavior. This characteristics may cause disclosure of personal information and exposure to intrusion. In this paper, we investigate and analyze the privacy policy of the advertising agencies, and discussded the measures to be taken in collecting, storing and using personal information suitable for behavior information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.415-423
• /
• 2016

Smart grid systems can be real-time information exchange between suppliers and consumers, and provides a lot of convenience. However, the risk to the user's personal information exposure is ever-present. Depending on the characteristic of the smart grid environment, there is a threat of the disclosure of personal information based on the personal information life-cycle, and can also be exposed a variety of information based on energy consumption pattern analysis. In this paper, we analyze the existing privacy act in the smart grid and propose improvements for the existing directive.

• Korean Journal of Biological Psychiatry
• /
• v.30 no.1
• /
• pp.7-16
• /
• 2023

Objectives This study aimed to review the Korean Constitution articles 14 and 20 of the "Law on suicide prevention" and investigate public perceptions of specific improvements to suicide prevention policies using results from the Korean 2018 National Survey on Suicide. Methods The questionnaire was designed to analyzing the act restricts sharing of patient information between hospitals, making it difficult to track suicide attempts. The questionnaire was also designed to suggest further medical and normative criteria for objective judgment of continuous follow-up utilizing suicide risk evaluations and proportional principle review that consider patients' and medical staff's basic rights. Results This study identified the result of the 1500 respondents, 79.1% believed that Korea should allow suicide prevention management to be implemented without requiring individual consent to protect suicide attempters. Conclusions According the results, I propose the following criteria for policy improvement: use of anonymized information and non-profit research for technical and ethical considerations, access to medical information only for therapeutic purposes, and use of surgical severity assessment criteria appropriate for Korea.