• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.117-157
• /
• 2021

This research reviewed the HIPAA/HITECH, 21st Century Cures Act, Common Law, and private Guidances from the perspectives in protecting and utilitizing the medical data, while implications were followed. First, the standards for protection and utilization are relatively clearly regulated through single law on personal medical information in the United States. The HIPAA has been introduced in 1996 as fundamental act on protection of medical data. Medical data was divided into personally identifiable information, non-identifying information, and limited dataset under HIPAA. Regulations on de-identification measures for medical information, objects for deletion of limited data sets, and agreement on prohibition of data re-identification were stipulated. Moreover, in the 21st Century Cures Act regulated mutual compatibility for data sharing, prohibition of data blocking, and strengthening of accessibility of data subjects. Common Law introduced comprehensive consent system and clearly stipulates procedures. Second, the regulatory system is relatively simplified and clearly stipulated in the United States. To be specific, the expert consensus and the safe harbor system were introduced as an anonymity measure for identifiable medical information, which clearly defines the process while increasing trust. Third, the protection of the rights of the data subject is specified, the duty of explanation is specified in detail, while the information right of the consumer (opt-out procedure) for identification information is specified. For instance, the HHS rule and FDA regulations recognize the comprehensive consent system for human research, but the consent procedure, method, and requirements are stipulated through the common rule. Fourth, in the case of the United States, a trust-based system is being used throughout the health and medical data legislation. To be specific, Limited Data Sets are allowed to use in condition to the researcher's agreement to prohibit re-identification, and de-identification or consent process is simplified under the system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.4 no.2
• /
• pp.71-75
• /
• 2003

The distribution model of multimedia content is proposed, This solves the problems which are occurred by various multimedia content and the complex distribution structure. The online distribution processes in wireless environments contain many different, companent from the of offline and wire networks. The multimedia content can be very easily propagated illegally. Under these environments the seneme to protect the copyrights of multimedia content and rights of distribution entities is needed. In this paper a distribution framework of content in wireless environment based on MPFG-21 framework if proposed. This model can be adapted to DRM(digital rights management) and utilized to protect the rights of distribution entities.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.11a
• /
• pp.627-632
• /
• 2005

The online distribution systems under the wireless environment include many different factors from the conventional offline and wired networks. Furthermore, the multimedia content may be propagated more easily and illegally. The scheme to protect the rights and profits of people related to the copyrights of digital content Is needed. In this paper a framework for content distribution under the wireless environment based on MPEG-21 and UCI application process are proposed. This model can be applied to the digital rights management system and utilized to protect the rights of trading entities in online distribution of electronic commerce.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.4
• /
• pp.298-302
• /
• 2004

An electronic commerce model is proposed which distributes digital content in mobile environment. This model resolves the problems caused by various digital content and complex distribution structure. The online distribution systems under the wireless environment include many different factors from the conventional offline and wired networks. Furthermore, the multimedia content may be propagated more easily and illegally. The scheme to protect the rights and profits of people related to the copyrights of digital content is needed. In this paper a framework for electronic commerce of content distribution under the wireless environment based on MPEG-21 is proposed. This model can be applied to the digital rights management system and utilized to protect the rights of trading entities in online distribution of electronic commerce.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.3
• /
• pp.349-355
• /
• 2019

In the trend of continuously increasing collection and use of personal information, there are legal grounds for protecting personal information and various policies and systems are implemented, but there is insufficient analysis about education and its effect of personal information protection. In this study, we surveyed and analyzed the degree of awareness and actual perception level in the protection of personal information of college students, and investigated the satisfaction of personal information protection education. The results of the analysis showed that students' interest in privacy protection and concern about personal information exposure was very high, but the efforts to protect personal information and the perception level of rights and systems for protecting personal information was very low. In addition, the experience and satisfaction of education for personal information protection were found to be very low. Students felt that the necessity of education for personal information protection was strongly agreed and preferred regular and continuous education rather than one-time education.

• Journal of Hospice and Palliative Care
• /
• v.18 no.1
• /
• pp.42-50
• /
• 2015

Purpose: This study was aimed to analyze how social workers understand the rights for elderly patient and family caregiver to make end-of-life (EOL) care decisions and their roles the decision making process. Methods: The study employed a quantitative research method of collecting data from a structured questionnaire that was filled out by 334 social workers at long-term care facilities. Data were analyzed by descriptive statistics, mean differences, correlation between variables, using SPSS 20.0 program. Results: The mean score for the understanding the rights to an EOL care decision was $3.46{\pm}0.69$ and of their own roles $3.48{\pm}0.84$. The level of understanding significantly differed by social workers' experience of assisting a process to make an EOL care decision such as advance directives and life sustaining treatment, work experience, and the number of beds. Positive correlation was observed between the level of understanding of the rights for EOL care decisions and of social workers' roles (Pearson r=0.329, P<0.001). Conclusion: This study proposes development of an education program for social workers and devising standards for the EOL care decision making process to protect elderly patients, family caregivers as well as social workers in a long term care facility.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.87-92
• /
• 2012

In the early 2012, European Union proposed new legal framework, including the right to be forgotten, for the protection of personal data. The new Proposal articulates kind of sweeping new privacy right and there has been debates on its potential threat to free speech in the digital age. While the situation is similar in Korea, I want to introduce the right to be forgotten in the Proposal. Then, I will analyze current legal system in Korea regarding the new privacy right and suggest some guidelines in searching direction for the coming legislation with respect to the right to be forgotten. The right to be forgotten should not have been promulgated without considering fully its effect on the free speech, especially in the society where the voice toward direct democracy or movement toward participation of the citizen, mainly through cyber space or Social Network Services, has risen much higher in Korea. Especially, the new right seems not to cover the control of data subject on a third party where the third party expressing his opinion by posting himself other's personal data on his blog or others.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.981-997
• /
• 2020

Blockchain technology can provide a high level security based on a decentralized distributed ledger and consensus-based structure. In order to increase the utilization of blockchain technology, it is necessary to find a way to use it in fields that require personal data processing such as health care and e-commerce. To achieve this goal, the blockchain based system should be able to comply with data privacy regulations represented by European Union(EU)'s GDPR(General Data Protection Regulation). However, because of the properties of the blockchain like the immutability and decentralized recorded data, it is difficult to technically implement the requirements of the existing privacy regulations on the blockchain. In this paper, we propose a multi-chain based access control system that can guarantee the rights of the personal data subject required by GDPR by utilizing Chameleon Hash and Attribute Based Encryption (ABE). Finally, we will show through security analysis that our system can handle personal data while maintaining confidentiality and integrity.

• Journal of Arbitration Studies
• /
• v.16 no.1
• /
• pp.343-373
• /
• 2006

지적재산권의 속지주의 원칙에 따라 전통적으로 지적재산권의 침해에 있어서 결과의 발생이 없는 행위지를 침해지로 인정하지 않았다. 어문과 예술작품을 보호하기 위해 1886년 체결된 베른협약(Berne Convention for the Protection of Literary and Artistic Works) 제5조 제1항은 저작자가 베른협약에 따라 보호되는 저작물에 관하여 본국 이외의 동맹국에서 각 법률이 현재 또는 장래에 자국민에게 부여하는 권리 및 이 협약이 특별히 부여하는 권리를 향유한다고 규정하여 내국민대우원칙을 천명하고 있다. 또한 베른협약 제5조 제2항은 저작권의 보호와 향유는 저작물의 본국에서 보호가 존재하는 여부와 관계가 없이, 보호의 범위와 저작자의 권리를 보호하기 위하여 주어지는 구제의 방법은 오로지 보호가 주장되는 국가의 법률의 지배를 받는다라고 규정하여 저작권 침해가 발행한 국가의 법률의 적용을 명시하고 있다. 인터넷과 무선통신 기술의 발달은 저작물을 디지탈 형식으로 실시간에 전세계에 배포하는 것을 가능하게 하였다. 특히 저작물의 인터넷상에서의 배포는 다국적 저작권 침해행위를 야기하여, 저작권자가 다수의 국가에서 저작권 침해소송을 제기하여 판결을 집행하는 것이 필요하게 되었다. 헤이그국제사법회의(Hague Conference on Private International Law)에서 1992년부터 논의되어 온 민사 및 상사사건의 국제재판관할과 외국판결에 관한 협약(Convention on Jurisdiction and Foreign Judgment in Civil and Commercial Matters)에서 채택된1999년의 예비초안(preliminary draft) 및 2001년 외교회의에서 수정된 잠정초안(Interim text) (이하 헤이그 협약 )은 저작권자가 저작권침해행위가 발생한 각 국가에서 저작권 침해행위를 금지하는 소송을 제기할 필요없이, 동 협약의 한 가맹국가의 법원의 저작권침해금지판결을 다른 가맹국가에서도 집행할 수 있는 가능성을 제시해 주는데 의미가 있다. 헤이그 협약 제10조는 불법행위(torts)에 관한 일반적인 재판관할에 관한 규정을 두고 있으며, 저작권침해에 관한 분쟁은 동 조항의 적용을 받는다. 제10조에 의해 당사자는 가해행위지 국가의 법원 또는 결과발생지 국가의 법원에서 소송을 제기할 수 있다. 결과발생지의 경우 제10조 1항 (b)는 피고가 자신의 행위가 본국의 법규에 비추어 동일한 성격의 손해를 초래할 수 있다라고 합리적으로 예견할 수 없었던 경우에 본 조항의 적용을 배제하고 있다. 인터넷을 통한 저작권침해의 경우, 피고가 자신의 국가의 법규하에서 합법적으로 저작물을 웹사이트에 게시하였으나, 그 행위가 다운로딩이 행해진 국가에서 불법인 경우, 피고는 저작권침해를 예견할 수 없었으므로 이에 문제가 제기된다. iCrave TV사건에서, 피고인 캐나다회사가 미국 및 캐나다에서 방송되는 텔레비젼 방송 프로그램을 자신의 웹사이트에 게시하여 이용자들로 하여금 컴퓨터를 통하여 방송을 재시청 할 수 있도록 하였는데 이는 캐나다에서 합법인 반면에 미국에서는 저작권 침해에 해당한다. 피고는 방송 프로그램을 인터넷상에서 재방송하는 것은 캐나다법상 합법이므로 저작권침해를 예견할 수 없었다고 주장하면서, 해당 사이트에 오직 캐나다 거주자만의 접속을 허용하고 미국 거주자의 접속을 제한하는 일련의 Click-Wrap 계약과 스크린 장치를 제공하였다고 주장하였다. 본 사건 피고의 주장을 받아들인다고 가정할 때, 제10조 1항(b)에 의해 원고는 결과발생지인 미국법원의 재판관할을 강제할 수 없을 것이다. 지적재산권을 둘러싼 분쟁에 관한 재판관할과 국제법상의 판결의 승인 및 집행의 통일성을 기하기 위하여 2001년 1월 세계지적재산권기구(World Intellectual Property Organization)가 제안한 WIPO 협약초안(Draft Convention on Jurisdiction and Recognition of Judgments in Intellectual Property Matters)은 헤이그 협약이 재판관할과 판결의 승인 및 집행에 대한 일반적인 접근을 하고 있는 점에 반하여 지적재산권자의 보호라는 측면을 고려하여 지적재산권침해소송에 국제재판관할권을 규정하고 있다. WIPO 협약초안 제6조는 저작권자가 저작권 침해를 막기 위한 합리적인 조치를 취한 국가에서 저작권 침해소송을 피할 수 있다고 규정하고 있다. 따라서 본 조항에 의할 경우, iCrave TV사건의 피고는 미국에서의 저작권 침해소송을 회피할 수 있을 것이다. 이상과 같이 헤이그 협약이 외국판결의 승인 및 집행을 가능하게 하고 있음에도 불구하고, 외국법원의 판결이 다수의 가맹국가에서 집행되지 못하는 가장 큰 장애는 대다수의 국가들이 외국법원의 판결이 공서양속(Public Policy)에 반하는 경우 판결을 승인하지 않는 예외규정을 두고 있기 때문이다. 미국의 경우, Uniform Recognition Act와 Restatement(Third) of Foreign Relations에 따른 공서양속의 예외규정(Public Policy exception)은 외국법원의 판결의 승인을 부인하는 근거가 된다. Yahoo! 사건에서 Yahoo! Inc.의 옥션 사이트를 통해 독일 나치 소장물의 판매가 이루어졌는데, 프랑스 형법상 이는 범죄행위에 해당하므로, 프랑스 법원은Yahoo! Inc.에게 프랑스 이용자가 당해 옥션 사이트에 접속할 수 없도록 모든 가능한 조치를 취할 것을 명하였다. 이에 미국 법원은 프랑스 법원의 판결은 Yahoo! Inc.의 미국헌법 제1 수정(First Amendment)의 언론의 자유(freedom of speech)에 반하므로 판결의 집행을 거부하였는데 이는 공서양속의 예외규정을 보여주는 예이다. 헤이그 협약 제28조와 WIPO 협약초안 제25조 또한 공서양속의 예외규정을 두고 있다. 본 논문은 인터넷과 통신기술의 발달로 야기되는 다국적 저작권 침해사건에서 한 국가의 법원의 저작권 침해금지판결이 다수의 국가에서 승인 및 집행될 수 있는 능성을 헤이그 협약과 WIPO 협약초안 및 미국판결을 중심으로 살펴보았다. 국제적으로 통일된 저작권법이 존재하지 않고 외국 판결의 승인을 부인하는 예외조항과 외국판결의 집행에 관한 각국의 이해관계와 준거법의 해석이 다른 현시점에서 지적재산권의 속지주의를 뛰어넘어 외국법원의 판결을 국제적으로 집행하는 것은 다소 어려움이 있어 보이나 국제적인 집행가능성의 열쇠를 제시하는 헤이그 협약과 장래의 국제조약에 그 기대를 걸어볼 수 있겠다.

• Informatization Policy
• /
• v.19 no.1
• /
• pp.74-90
• /
• 2012

This thesis analyzes the Apple Inc.'s case from the viewpoint of the necessity for the protection of information privacy related to location data as for information society and ubiquitous community. Meanwhile, the regulatory conformity to equilibrium of contradictional value between personal data protection and utilization of information is debated from the fundamental right as for constitutional law concept to the commercial and technological structure in terms of economic and business point. Therefore, this paper reaches the conclusion that the legislative system should form a harmonious relationship between legal protection and lawful utilization to reappraise the present condition of legalization on personal data protection from guaranteeing rights and interests of information subject in the perspective of human rights to information guarantee consequently. As a result, it is required to revaluate the lawfulness of the fine on the violation of administrative duty levied by KCC(Korea Communications Commission).