Journal of Information Technology Applications and Management

Korea Data Strategy Society (한국데이터전략학회)
권호 표지
DOI QR코드

DOI QR Code

Issues and Suggestions for "Act on the Development of Cloud Computing" and Protection of its Users

"클라우드컴퓨팅 발전 및 이용자 보호에 관한 법률"의 쟁점 및 개선방안

  • Lee, Jung Koo (Korea HPE Education Center) ;
  • Min, Daihwan (Digital Management Department, Korea University Sejong Campus) ;
  • Kwon, Hun Yeong (Graduate School of Information Security, Korea University)
  • Received : 2017.02.04
  • Accepted : 2017.03.31
  • Published : 2017.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

In Korea, "Act on the Development of Cloud Computing and Protection of its Users" has been enforced since September 28, 2015. Many countries implemented 'Cloud First' policies and global companies such as Amazon, Microsoft, IBM started cloud services in Korea. Under these circumstance, the Act was established for developing the cloud computing industry. The Act includes clauses for encouraging the use of private cloud computing by public organizations, supporting small- and medium-size cloud service providers, and utilizing secure cloud computing services by users. However, some terms appear to be similar but have different meanings from "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc." and "Personal Information Protection Act". This generated some confusion and conflicts in relation to providing user information to a 3rd party and notifying the intrusion in the Cloud Computing Act. This paper discusses these issues and suggestions for revision of the Cloud Computing Act.

Keywords

References

  1. Act on the Development of Cloud Computing and Protection of its Users, Act No. 13234, Korean National Law Information Center.
  2. Enforcement Decree under the Act on the Development of Cloud Computing and Protection of its Users, Presidential Decree No. 26550, Korean National Law Information Center.
  3. Guide to the Act on the Development of Cloud Computing and Protection of its Users, Ministry of Science, ICT, & Future Planning and National IT Industry Promotion Agency, 2015a.
  4. K-ICT Cloud Computing Vitalization Plan, Ministry of Science, ICT, & Future Planning and other ministries, 2015b.
  5. Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., Act No. 14080, Korean National Law Information Center.
  6. Enforcement Decree under the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., Presidential Decree No. 27951, Korean National Law Information Center.
  7. Personal Information Protection Act, Act No. 14107, Korean National Law Information Center.
  8. Enforcement Decree under the Personal Information Protection Act, Presidential Decree No. 27522, Korean National Law Information Center.
  9. Guide to the Personal Information Protection Act, Ministry of the Interior, 2016.
  10. Guide to the Personal Information Protection Act for Information and Communications Network Service Providers, Korea Communications Commission and Korea Internet & Security Agency, 2013.
  11. Koo, T., "Various Issues of Personal Information Protection Act (PIPA)", SNU Law Review, Vol. 3, 2012, pp. 66-97.
  12. Kim, J. H., "The Privacy Issues on Cloud Computing Environment", Review of KIISC, Vol. 24, No. 6, 2014, pp. 25-30.
  13. Yang, K. W., "The Prevention Strategies of Private Information Intrusion Related Crime in Cyberspace", The Journal of Police Science, Vol. 1, 2001, pp. 122-145.
  14. Yang, J. M., "Cloud Computing and Law", Han Yang Law Review, Vol. 37, 2012, pp. 29-48.
  15. You, H.-N., Kim, H.-J., Lee, J.-S., Park, T.-S., and Jun, M.-S., "Analysis on Domestic and Foreign Privacy Information Acts to Suggest Directions for Developing Korean Privacy Information Protection Act", Journal of the Korea Institute of Information Security and Cryptology, Vol. 22, No. 5, 2012, pp. 1091-1102.
  16. Yi, C. B., "The Legal Issues on Safe Using and Promotion of Cloud Computing", Review of KIISC, Vol. 20, No. 2, 2010, pp. 32-43.
  17. Mell, P. and Grance, T., The NIST definition of cloud computing, NIST Special Publication 800-145, 2011.
  18. NIST, Draft NISTIR 8006 : NIST Cloud Computing Forensic Science Challenges, 2014.
  19. https://help.instagram.com/155833707900388.