• Review of KIISC
• /
• v.30 no.4
• /
• pp.39-47
• /
• 2020

우리나라에서 2020년 1월 데이터 3법이 개정되면서 개인정보의 보호와 활용의 기반이 마련되었다. 가명처리 개념이 도입되었고, 국제 표준에 근거한 가명 처리의 이행이 요구되는 시점이다. 개인정보보호 요구사항은 일반적으로 법제도, 위험평가, 조직간 계약에서 나온다. 국제표준은 이러한 개인정보보호와 활용과 보호에 대한 글로벌 표준을 제공하여 국경을 넘는 호환성있는 개인정보의 처리를 가능케 한다. 개인정보보호 국제표준화를 주도적으로 추진하는 표준화 그룹은 국제표준화위원회/전기위원회 합동위원회 1/서브위원회 27/작업반 5 (ISO/IEC JTC 1/SC 27/WG 5)이다. 2019년 10월 프랑스 파리 회의 이후에는 개인정보보호 분야 4건의 신규워크아이템 제안과 2건의 연구회기가 진행되었다. 2020년 4월 회의는 당초 러시아 상트페테르부르크에서 열릴 예정이었으나 코로나19의 확산으로 인해 전자회의로 개최되었다. 본고에서는 이 그룹에서 2019년 10월 이후 추진되고 있는 개인정보보호 관련 국제표준화 동향을 제시하고자 한다. 또한 지난 4월 SC27 WG5 전자 회의에서 논의된 개인정보보호 관련 주요 표준화 이슈와 대응 방안을 제시한다.

• Review of KIISC
• /
• v.32 no.4
• /
• pp.77-84
• /
• 2022

2020년 8월 5일 통합 개인정보보호법 [3]이 본격적으로 시행되면서 데이터의 보호와 활용을 동시에 만족할 수 있는 가명처리 개념이 도입되었다. 여러 개인정보처리자로 수집된 가명정보를 결합하기 위한 결합 관리기관이 지정되고 있다. 개인정보보호 국제표준은 관행이나 기술을 국제표준으로 개발하여 상호 연동이 가능한 서비스를 제공할 수 있을 뿐만 아니라 제품이나 서비스의 경쟁력을 강화하는데 활용할 수 있다. 개인정보보호 국제표준화를 주도적으로 추진하고 있는 대표적인 국제표준화 그룹은 국제표준화위원회/전기위원회 합동위원회 1/서브위원회 27/작업그룹 5 (ISO/IEC JTC 1/SC 27/WG 5)를 들 수 있다. 이 그룹의 의장님 독일 쾨테대학 Kai Rannenberg 교수가 맡고 있다. 여기서는 2020년 4월 전자회의 이후에는 개인정보보호 분야 3건의 국제표준을 채택하였다. 차기 회의는 2022년 9월 룩셈부르그에서 펜데믹 이후 최초로 대면과 비대면으로 개최될 예정이다. 본 고에서는 이 그룹에서 2020년 4월 이후 추진되고 있는 개인정보보호 관련 국제표준화 동향을 제시하고자 한다. 또한 지난 4월 SC27 WG5 전자 회의에서 논의된 개인정보보호 관련 주요 표준화 이슈와 대응 방안을 제시한다.

• The Korean Society of Law and Medicine
• /
• v.22 no.3
• /
• pp.31-55
• /
• 2021

The Personal Information Protection Act, one of the revised 3 Data Laws, established a special cases concerning pseudonymous data. As a result, a personal information controller may process pseudonymized information without the consent of data subjects for statistical purposes, scientific research purposes, and archiving purposes in the public interest, etc. In addition, as a follow-up to the revised Personal Information Protection Act, a 'Guidelines for Utilization of Healthcare Data' was prepared, which deals with the pseudonymization in the medical sector. The guidelines are meaningful in that they provide practical criteria for accomplices by defining specific interpretations and examples that take into account the characteristics of healthcare data. However, the guidelines need to clarify the purpose of using pseudonymous data and strengthen the fairness of the composition of the data deliberation committee. The guidelines also require establishing a healthcare data compensation framework and strengthening the protection of rights for vulnerable subjects. In addition, the guidelines need to be adjusted for inconsistency with the Bioethics and Safety Act and the Medical Service Act. It is expected that this study will contribute to the creation of a safe environment for the utilization of healthcare data as well as the improvement of related laws and systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.253-261
• /
• 2020

This study examines the technologies and application processes related to the use of pseudonym data of companies after the passage of the Data 3 Act to activate the data economy in earnest, and what companies should prepare to use pseudonym data and what will happen in the process It was intended to contribute to the elimination of uncertainty. In the future, companies will need to extend the information security management system from the perspective of the existing IT system to manage and control data privacy protection and management from a third party provisioning perspective. In addition, proper pseudonym data use control should be implemented even in the data use environment utilized by internal users. The economic effect of market change and heterogeneous data combination due to the use of pseudonymized data will be very large, and standards for appropriate non-identification measures and risk assessment criteria for data utilization and transaction activation should be prepared in a short time.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.25-36
• /
• 2019

With the development of information and communication technology, hospitals that electronically process and manage medical information of patients are increasing. However, if medical information is processed electronically, there is still room for infringing personal information of the patient or medical staff. Accordingly, in 2017, the International Organization for Standardization (ISO) published ISO TS 25237 Health Information - Pseudonymization[1]. In this paper, we examine the re - identification process based on ISO TS 25237, the procedure and the problems of our proposed method. In addition, we propose a new processing scheme that adds a re-identification procedure to our secure differential privacy method [2] by keeping a mapping table between de-identified data sets and original data as ciphertext. The proposed method has proved to satisfy the requirements of ISO TS 25237 trust service providers except for some policy matters.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.207-210
• /
• 2020

대부분의 공공기관과 기업에서 개인정보가 포함된 문서를 마스킹 처리하여 온라인상에 게재하고 있다. 이 때, 여러 검색 엔진에서 특정 키워드를 통한 검색 결과를 통해 개인정보가 포함된 문서들이 대량으로 노출되고 있으며 마스킹 처리가 된 정보라 하더라도 2개 이상의 부가 정보들을 조합해서 개인을 특정할 수 있는 문제가 발생할 수 있다. 이를 통해 얻은 개인정보와 개인을 특정할 수 있는 정보는 다양한 범죄 피해를 발생시킬 우려가 있다. 따라서 본 논문은 검색 엔진과 온라인상에서 노출되고 있는 개인정보가 포함된 문서들을 탐지한다. 그 후 발견된 문서들의 통계와 조사를 통해 온라인상에 노출 중인 개인정보와 가명정보 등이 초래하는 피해의 심각성을 재고하고, 대안을 제시하고자 한다.

• The Korean Society of Law and Medicine
• /
• v.23 no.4
• /
• pp.29-74
• /
• 2022

As social disasters occur under the Disaster Management Act, which can damage the people's "life, body, and property" due to the rapid spread and spread of unexpected COVID-19 infectious diseases in 2020, information collected through inspection and reporting of infectious disease pathogens (Article 11), epidemiological investigation (Article 18), epidemiological investigation for vaccination (Article 29), artificial technology, and prevention policy Decision), (3) It was used as an important basis for decision-making in the context of an infectious disease crisis, such as promoting vaccination and understanding the current status of damage. In addition, medical policy decisions using infectious disease data contribute to quarantine policy decisions, information provision, drug development, and research technology development, and interest in the legal scope and limitations of using infectious disease data has increased worldwide. The use of infectious disease data can be classified for the purpose of spreading and blocking infectious diseases, prevention, management, and treatment of infectious diseases, and the use of information will be more widely made in the context of an infectious disease crisis. In particular, as the serious stage of the Disaster Management Act continues, the processing of personal identification information and sensitive information becomes an important issue. Information on "medical records, vaccination drugs, vaccination, underlying diseases, health rankings, long-term care recognition grades, pregnancy, etc." needs to be interpreted. In the case of "prevention, management, and treatment of infectious diseases", it is difficult to clearly define the concept of medical practicesThe types of actions are judged based on "legislative purposes, academic principles, expertise, and social norms," but the balance of legal interests should be based on the need for data use in quarantine policies and urgent judgment in public health crises. Specifically, the speed and degree of transmission of infectious diseases in a crisis, whether the purpose can be achieved without processing sensitive information, whether it unfairly violates the interests of third parties or information subjects, and the effectiveness of introducing quarantine policies through processing sensitive information can be used as major evaluation factors. On the other hand, the collection, provision, and use of infectious disease data for research purposes will be used through pseudonym processing under the Personal Information Protection Act, consent under the Bioethics Act and deliberation by the Institutional Bioethics Committee, and data provision deliberation committee. Therefore, the use of research purposes is recognized as long as procedural validity is secured as it is reviewed by the pseudonym processing and data review committee, the consent of the information subject, and the institutional bioethics review committee. However, the burden on research managers should be reduced by clarifying the pseudonymization or anonymization procedures, the introduction or consent procedures of the comprehensive consent system and the opt-out system should be clearly prepared, and the procedure for re-identifying or securing security that may arise from technological development should be clearly defined.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.503-512
• /
• 2020

The revisions to data privacy acts allows the disclosure of data after anonymizing personal information. Such anonymized data is expected to be useful in research and services, but there are high concerns about privacy breaches such as re-identifying of the individuals from the anonymized data. In this paper, we showed that identifying individuals from public data is not very difficult, and also raises questions about the reliability of the public data. We suggest that users understand the trade-offs between data disclosure and privacy protection so that they can use data securely under the revised data privacy acts.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.22 no.3
• /
• pp.88-103
• /
• 2023

With the recent advancement of 4th Industrial Revolution technology, transportation systems are generating large amounts of mobility data related to the individual movement trajectories of vehicles and people. There are many constraints on utilizing mobility data containing personal information. Thus, in South Korea, the processing and generation of pseudonymized information and the analysis and utilization of this information have been managed in a dual manner by applying separate agencies and technologies through the revision of the Data 3 Act and the enactment of the Data Basic Act. However, this dual approach fails to securely support the entire data lifecycle and suffers from inefficiencies in terms of processing time and cost. Therefore, to compensate for the problems of the existing Expert Data Combination System and Data Safety Zone, this study proposes an Integrated Data Safety Zone Framework that integrates and unifies the process of generating, processing, analyzing, and utilizing mobility data. The integrated process for data processing was redesigned, and common requirements and core technologies were derived. The result is an architecture for a next-generation Integrated Data Safety Zone system that can manage and utilize the entire life cycle of mobility data at one stop.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.994-996
• /
• 2012

개인건강기록에서 프라이버시를 보호하기 위한 방안으로 환자의 식별정보를 제거하는 익명화와 식별 정보를 가상의 식별자로 변경하였다가 권한을 가진 사용자가 열람할 수 있게 복원하는 가명화, 그리고 건강기록을 암호화하여 정보를 보호하는 방법들이 연구되어 왔다. 본 논문에서는 용어표현을 위해 국제표준코드를 사용하는 건강기록에서 항목별 정보의 민감도에 따라서 암호화 수준을 달리하여 정보전체를 암호화하는 것 보다 효율적이고 강력한 보안수준을 유지할 수 있는 방법을 제시한다.