Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

Dilemma of Data Driven Technology Regulation : Applying Principal-agent Model on Tracking and Profiling Cases in Korea

데이터 기반 기술규제의 딜레마 : 국내 트래킹·프로파일링 사례에 대한 주인-대리인 모델의 적용

  • Lee, Youhyun (Department of Public Administration and Police Science, Hannam University) ;
  • Jung, Ilyoung (Science and Technology Policy Institute)
  • 이유현 (한남대학교 행정.경찰학부) ;
  • 정일영 (과학기술정책연구원 혁신성장정책연구본부)
  • Received : 2020.03.11
  • Accepted : 2020.06.20
  • Published : 2020.06.28
Download PDF
⟨ Previous Next ⟩

Abstract

This study analyzes the regulatory issues of stakeholders, the firm, the government, and the individual, in the data industry using the principal-agent theory. While the importance of data driven economy is increasing rapidly, policy regulations and restrictions to use data impede the growth of data industry. We applied descriptive case analysis methodology using principal-agent theory. From our analysis, we found several meaningful results. First, key policy actors in data industry are data firms and the government among stakeholders. Second, two major concerns are that firms frequently invade personal privacy and the global companies obtain monopolistic power in data industry. This paper finally suggests policy and strategy in response to regulatory issues. The government should activate the domestic agent system for the supervision of global companies and increase data protection. Companies need to address discriminatory regulatory environments and expand legal data usage standards. Finally, individuals must embody an active behavior of consent.

본 연구는 주인-대리인 모델을 적용하여 데이터 산업의 이해관계자인 정부, 개인, 기업의 규제 이슈를 분석해내는 데 목적이 있다. 데이터 산업은 거대한 딜레마적 상황에 직면해 있다. 데이터 경제의 중요성이 빠르게 부상하고 있으나, 데이터 사용에 대한 국가의 규제로 인해 산업 발전이 저해되는 한편, 데이터의 무분별한 활용으로 인한 개인의 프라이버시 역시 침해받고 있다. 본 연구에서는 기술적 사례연구의 방식을 이용하여 딜레마적 상황에서 각각의 행위자들의 이해관계에 기반한 규제 이슈를 분석하고, 그에 대응할 수 있는 전략을 제시하였다. 사례분석 결과 첫째, 국내 데이터 산업의 주요 정책행위자는 데이터 회사와 정부이다. 둘째, 데이터 기반 사회에서 가장 우려스러운 두 가지 문제점은 기업이 빈번하게 개인정보를 침해한다는 것과 국제적 기업의 데이터 독과점 현상이 나타난다는 점이다. 이러한 규제 이슈를 해결하기 위해 본 논문에서는 이에 대한 전략을 다음과 같이 제시하고 있다. 정부는 글로벌 기업의 감독을 위한 국내 대리인제도를 활성화하고 데이터 보호를 증대해야 한다. 기업은 차별적인 규제환경을 해결하고 합법적인 데이터 활용기준을 확장해야 한다. 마지막으로 개인은 능동적인 동의 행태를 구현해야 한다.

Keywords

References

  1. T. Symons & T. Bass. (2017). Me, my data and I: The future of the personal data economy. London: DECODE, Nesta. Retrieved October 22, 2018 from https://www.decodeproject.eu/publications/me-my-data-and-ithe-future-personal-data-economy.
  2. M. Micheli, M. Blakemore, M. Ponti & M. Craglia. (2018). The Governance of Data in a Digitally Transformed European Society. Second Workshop of the DigiTranScope Project, European Commission, 2018,
  3. H. Y. Kang & H. Y. Kwon. (2019). Policy Suggestions on Personal Data Utilization by Analyzing Domestic and International De-identification Policy. Convergence Security Journal, 19(1), 41-48.
  4. H. Ko & Y. Im. (2019). Data Ownership, Pakyoungsa : Seoul.
  5. D. H. Guston. (1996). Principal-agent theory and the structure of science policy. Science and Public Policy, 23(4), 229-240. DOI: 10.1093/spp/23.4.229
  6. D. Braun & D. H. Guston. (2003). Principal-agent theory and research policy: an introduction. Science and public policy, 30(5), 302-308. DOI: 10.3152/147154303781780290
  7. R. Gauld. (2007). Principal-agent theory and organisational change: lessons from New Zealand health information management. Policy Studies, 28(1), 17-34. DOI: 10.1080/01442870601121395
  8. T. P. Hagen. (1997). Agenda setting power and moral hazard in principal-agent relationships: Evidence from hospital budgeting in Norway. European journal of political research, 31(3), 287-314. DOI: 10.1111/j.1475-6765.1997
  9. Ministry of Science and ICT (2019), Key Findings from 2018 Data Industry Survey.
  10. Chunlei Tang (2016), The Data Industry: The Business and Economics of Information and Big Data, NY: John Wiley & Sons.
  11. Korea Internet & Security Agency (2018.03), Report on overseas private information protection trends.
  12. Korea Data Agency (2018) White paper on data industry.
  13. K. J. Arrow. (1985), "The economics of agency," In Pratt, J. W. & R. J. Zeckhauser (eds.), Principals and Agents: The Structure of Business, Boston, MA: Harvard Business School Press, 37-51.
  14. Gerber, Brian. J & Teske. Paul (2000). Regulatory policymaking in the american states: A review of theories and evidence. Political Research Quarterly, 53(4), 849-886. DOI: 10.1177/106591290005300408
  15. Hwang. (2005), Principal-Agent Relations in the Policy Process: Reinterpreting the Formation Process of the "Drug Prescription & Dispensing Separation" Policy. Korea Policy Review 14(4), 29-57.
  16. Pavlou, P. A., Liang, H. and Xue, Y. "Understanding and Mitigating Uncertainty in Online Exchange Relationships: A Principal-Agent Perspective," MIS Quarterly, 31(1), 2007, pp. 105-136. DOI: 10.2307/25148783
  17. S, Lee. (2017), Contents and implications of guidelines for online customized advertisements, KISO Journal.
  18. Lee, I. (2017) Study on Development Methods of Personal Information Protection in Korea. Personal Information Protection Commission Research Report.
  19. Park, N. (2017). A Legal Analysis of the Profiling Provisions in the EU GDPR.
  20. European Union (2016), REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  21. Google and Facebook advertisements have it too easy, targeted by the EU(2017.01.12.) JoongAng Ilbo.
  22. Jung, I. et al. (2019), The Analysis of Industrial Ripple Effect of GDPR and Issues in Innovative Technologies, STEPI Insight
  23. 3 in 10 World Citizens Are on Facebook"(2019.04.25.), Statista.
  24. 10 years of Facebook... 10 services that are now no longer in service (2014.02.03), ZDNet Korea.
  25. Acquisti, A., & Grossklags, J. (2005), Privacy and rationality in individual decision making. IEEE Security & Privacy, 3(1), 26-33. DOI: 10.1109/MSP.2005.22
  26. Rosenblum, D. (2007), What anyone can know: The privacy risks of social networking sites. IEEE Security & Privacy, 5(3), 40-49 DOI: 10.1109/MSP.2007.75
  27. Govani, T., & Pashley, H. (2007), Student awareness of the privacy implications when using Facebook,
  28. Barth, S., & De Jong, M. D. (2017), The privacy paradox-Investigating discrepancies between expressed privacy concerns and actual online behavior-A systematic literature review. Telematics and Informatics, 34(7), 1038-1058. DOI: 10.1016/j.tele.2017.04.013
  29. J. Kim et al. (2018), Study on information privacy paradox, 2018 NAVER Privacy White Paper.
  30. Google Fined Record $2.7 Billion in E.U. Antitrust Ruling(2017.06.29.), The New York Times.
  31. E.U. Fines Google $5.1 Billion in Android Antitrust Case (2018.07.18), The New York Times.
  32. 'Domestic Agent system to come online' Survey of value-added telecommunications service providers is reverse discrimination for domestic firms (2019.09.22), Law Times.