• Journal of Information Technology Applications and Management
• /
• v.25 no.2
• /
• pp.133-146
• /
• 2018

The technical definition of Blockchain is commonly known 'distributed ledger', however, there is no legal definition for being accepted in worldwide. Therefore, unless legal definitions and concepts of Blockchain are presented, there is a possibility that various legal disputes will occur in the future in Blockchain environment. The purpose of this study is to derive legal issues related to personal information protection that can be conflicted in Blockchain environment based on domestic Privacy Act and GDPR. The outcomes of this study can prevent various legal disputes and provide solutions that may occur due to the spread of Blockchain. It also suggests the foundation for the improvement of Privacy Act. Finally, it contributes to activate of Blockchain, industry, in Korea.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.3
• /
• pp.345-350
• /
• 2016

It is the personal information protection law is prepared, in the government, to develop a personal information protection basic plan has been implemented. However, year after year, complaints caused by infringement of personal information in public institutions has increased. In this paper, the recognition level of analysis related to the protection of personal information of local governments, public institutions through a questionnaire survey, raised the need for improvement.

• Journal of Information Science Theory and Practice
• /
• v.8 no.3
• /
• pp.6-14
• /
• 2020

On information markets, we can identify different relations between sellers and their customers, with some users paying with money, some paying with attention, and others paying with their personal data. For the description of these different market relations, this article introduces the notion of arity into the scientific discussion. On unary information markets, customers pay with their money; examples include commercial information suppliers. Binary information markets are characterized by one market side paying with attention (e.g., on the search engine Google) or with personal data (e.g., on most social media services) and the other market side (mainly advertisers) paying with money. Our example of a ternary market is a social media market with the additional market side of influencers. If customers buy on unary markets, they know what to pay (in terms of money). If they pay with attention or with their personal data, they do not know what they have to pay exactly in the end. On n-ary markets (n greater than 1), laws should regulate company's abuse of money and-which is new-abuse of data streams with the aid of competition (or anti-trust) laws, and by modified data protection laws, which are guided by fair use of end users' attention and data.

• Journal of Information Technology Services
• /
• v.7 no.1
• /
• pp.23-43
• /
• 2008

Because IT security guidelines for universities and colleges mostly focus on hardware aspects, the problems such as security incidents by a user's mistake and personal information leakage by hacking are serious in our higher educational institutes. In order to solve these information protection and security problems in the educational institutes, realizable and implementable information protection and security guidelines which will contribute to escalate information protection level should be established and at the same time, specific guidelines should be provided to make the guidelines efficient. In this paper, the information security problems and cases are categorized to develop information security guidelines for the higher educational institutes in terms of short, mid, and long term aspects and the solutions to the problems are sought. In addition, a serious of approaches to the information security are proposed such as the improvement measures for the employees of the institute to have desirable security-minded, security problem prevention and resolving methods, developing conflict coordination procedure and law and regulation system establishment for making the educational institutes be information-oriented.

• The Korean Society of Law and Medicine
• /
• v.22 no.3
• /
• pp.31-55
• /
• 2021

The Personal Information Protection Act, one of the revised 3 Data Laws, established a special cases concerning pseudonymous data. As a result, a personal information controller may process pseudonymized information without the consent of data subjects for statistical purposes, scientific research purposes, and archiving purposes in the public interest, etc. In addition, as a follow-up to the revised Personal Information Protection Act, a 'Guidelines for Utilization of Healthcare Data' was prepared, which deals with the pseudonymization in the medical sector. The guidelines are meaningful in that they provide practical criteria for accomplices by defining specific interpretations and examples that take into account the characteristics of healthcare data. However, the guidelines need to clarify the purpose of using pseudonymous data and strengthen the fairness of the composition of the data deliberation committee. The guidelines also require establishing a healthcare data compensation framework and strengthening the protection of rights for vulnerable subjects. In addition, the guidelines need to be adjusted for inconsistency with the Bioethics and Safety Act and the Medical Service Act. It is expected that this study will contribute to the creation of a safe environment for the utilization of healthcare data as well as the improvement of related laws and systems.

• The Journal of Information Technology
• /
• v.7 no.2
• /
• pp.55-67
• /
• 2004

The copyright law only protects the creative representation of works because it conditionally requires a creativity aspect of works. Due to the lack of protection regime in existing laws and the systems, the online digital contents industrial development act has been enacted to alternatively protect the digital contents providers based on a principle of preventive of illegal competition.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.266-274
• /
• 2021

The study covers three components of the facility for protecting public utilities market participants in the public utilities market: prevention of potential poverty, reduction of existing poverty and compensation to the injured party in a case of tort that exacerbates or threatens to exacerbate its poverty. The analysis is based on official statistical information on the activities of the public utilities sector. Operational information of public utility service providers regarding certain indicators of their activity in the work was not studied. This approach narrows the empirical basis of the study, but at the present stage in the context of different rates of implementation of changes in regions, sectors and at the level of individual entities, as well as lack of uniformity in the structure of indicators published by service providers, analysis allows to identify «bottlenecks» of legal regulation, which are systemic in nature and largely independent of the subjective factor.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.5
• /
• pp.235-241
• /
• 2008

Please Interests in the medical service are increasing in internet environment as life quality of the people improves because of development in information and medical technology. The medical information in today's modern internet environment can violate privacy of the patients. Many medical institutions in Korea are very passive in the privacy protection of patients in the internet environment. The law, standard scheme and systematic guidance to prevent drain of medical information are not developed. This study examines cases of infringement pattern on information of each patient in the internet environment. This study will also try to find a solution to protect the personal information of patients in the internet environment in the measures of law system, technique and management.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.591-608
• /
• 2023

With the emergence of advanced encryption technologies such as Quantum Cryptography and Full Disk Encryption, an era of strengthening information security has begun. Users respond positively to the advancement of privacy-enhancing technology, on the other hand, investigative agencies have difficulty unveiling the actual truth as they fail to decrypt devices. In particular, unlike past ciphers, encryption methods using biometric information such as fingerprints, iris, and faces have become common and have faced technical limitations in collecting digital evidence. Accordingly, normative solutions have emerged as a major issue. The United States enacted the CLOUD Act with the legal mechanism of 'Contempt of court' and in 2016, the United Kingdom substantiated the Compelled Decryption through the Investigatory Powers Act (IPA). However, it is difficult to enforce Compelled Decryption on individuals in Korea because Korean is highly sensitive to personal information. Therefore, in this paper, we sought a method of introducing a Compelled Decryption that does not contradict the people's legal sentiment through a perception survey of 95 people on the Compelled Decryption. We tried to compare and review the Budapest Convention with major overseas laws such as the United States and the United Kingdom, and to suggest a direction of legislation acceptable to the people in ways to minimize infringement of privacy. We hope that this study will be an effective legal response plan for law enforcement agencies that can normatively overcome the technical limitations of decoding.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.5
• /
• pp.171-177
• /
• 2019

In this paper, we analyze the current phenomenon of child abuse crimes based on the information gathered by the National Child Protection Agency. The purpose of this paper is to diagnose the seriousness of child abuse by biological parents based on the analyzed information and propose measures against it. Comprehensive and integrated measures are needed for child abuse committed by biological parents due to abuse concealment, continuity of damage, and inactive national intervention by considering punishment on attackers through national intervention, fundamental in-depth psychological counseling, therapeutic care, promoting recovery of victims, and ultimately continuous and regular management and monitoring as a long-terms measure. To do so, developing customized and individual educational programs and make them obligations can be first presented to identify child abuse in advance and build up preventive systems based on the principle of family preservation. In addition, problems should be addressed at a fundamental level by performing various and active therapeutic treatments such as psychological treatment, mental treatment, or drug treatment gradually and through phases for biological parents who commit child abuse and contributing to recovering the relationship. Furthermore, proper protection and treatment service should be provided to children victimized by abuse by extending professional children care facilities and adopting the professional family commission system as measures by separating family.