• Title/Summary/Keyword: Personal Information Collection

Search Result 237, Processing Time 0.022 seconds

GDPR Compliant Consent Procedure for Personal Information Collection in the IoT Environment (IoT 환경에서 GDPR에 부합하는 개인정보수집 동의 절차)

  • Lee, Goo Yeon;Bang, Junil;Cha, Kyung Jin;Kim, Hwa Jong
    • The Journal of Korean Institute of Information Technology
    • /
    • v.17 no.5
    • /
    • pp.129-136
    • /
    • 2019
  • Many IoT devices like sensors lack screen and input devices, thus making them hard to meet the consent conditions that GDPR requires. This is acting as a legal barrier for further advancement in the business field. In this paper, we designed the process for consent of personal information collection that meets the legal conditions. In this design, user's personal data is received in an encrypted form by data collecting server first. The encrypted personal data can be decrypted after associating with user agent based on the consent procedure of the collection of personal information. During the consent procedure, user agent understands the privacy policy about personal information collection and offers the key to decrypt the data. This kind of personal information collection agreement procedure will satisfy the transparent and freely given consent requirements of GDPR. Thus, we can speculate from here that the proposed procedure will contribute to the evolution of IoT business area dealing with personal information.

A Strategy Study on Sensitive Information Filtering for Personal Information Protect in Big Data Analyze

  • Koo, Gun-Seo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.22 no.12
    • /
    • pp.101-108
    • /
    • 2017
  • The study proposed a system that filters the data that is entered when analyzing big data such as SNS and BLOG. Personal information includes impersonal personal information, but there is also personal information that distinguishes it from personal information, such as religious institution, personal feelings, thoughts, or beliefs. Define these personally identifiable information as sensitive information. In order to prevent this, Article 23 of the Privacy Act has clauses on the collection and utilization of the information. The proposed system structure is divided into two stages, including Big Data Processing Processes and Sensitive Information Filtering Processes, and Big Data processing is analyzed and applied in Big Data collection in four stages. Big Data Processing Processes include data collection and storage, vocabulary analysis and parsing and semantics. Sensitive Information Filtering Processes includes sensitive information questionnaires, establishing sensitive information DB, qualifying information, filtering sensitive information, and reliability analysis. As a result, the number of Big Data performed in the experiment was carried out at 84.13%, until 7553 of 8978 was produced to create the Ontology Generation. There is considerable significan ce to the point that Performing a sensitive information cut phase was carried out by 98%.

Research on the Analysis and Response of Unauthorized Personal Information Collection in Foreign Applications (해외 애플리케이션의 개인정보 무단 수집 실태 분석과 대응 방안에 대한 연구)

  • Kim, Se-Hwan;Yun, Hyung-Jun;Jung, Da-Hyun;Jang, Seung-Hoon;Han, Cheol-Kyu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.3
    • /
    • pp.453-462
    • /
    • 2021
  • The number of foreign applications available in Korea is increasing. Among them, there are many cases where applications having a large number of domestic users collect users' personal information in an unauthorized manner, causing serious problems. Unauthorized collection of personal information conducted through such applications is highly dangerous, because sensitive personal information of users can be used in a malicious way. Further, this is violation of business ethics and may interrupt the creation of the sound information technology ecosystem. This research is purposed to analyze the current status of unauthorized collection of users' personal information by foreign applications available in Korea and to derive countermeasures thereof.

Privacy-Preserving IoT Data Collection in Fog-Cloud Computing Environment

  • Lim, Jong-Hyun;Kim, Jong Wook
    • Journal of the Korea Society of Computer and Information
    • /
    • v.24 no.9
    • /
    • pp.43-49
    • /
    • 2019
  • Today, with the development of the internet of things, wearable devices related to personal health care have become widespread. Various global information and communication technology companies are developing various wearable health devices, which can collect personal health information such as heart rate, steps, and calories, using sensors built into the device. However, since individual health data includes sensitive information, the collection of irrelevant health data can lead to personal privacy issue. Therefore, there is a growing need to develop technology for collecting sensitive health data from wearable health devices, while preserving privacy. In recent years, local differential privacy (LDP), which enables sensitive data collection while preserving privacy, has attracted much attention. In this paper, we develop a technology for collecting vast amount of health data from a smartwatch device, which is one of popular wearable health devices, using local difference privacy. Experiment results with real data show that the proposed method is able to effectively collect sensitive health data from smartwatch users, while preserving privacy.

College Students' Cognitive and Behavioral Attitude toward Digital Behavioral Advertising and Personal Information Protection through In-depth Interview (디지털 맞춤형 광고와 개인정보 보호에 대한 대학생들의 인식 및 행동연구)

  • Um, Namhyun
    • Journal of Digital Convergence
    • /
    • v.20 no.4
    • /
    • pp.73-82
    • /
    • 2022
  • As digital advertising industry grows, consumers' concerns over personal information protect also rise. Thus, the current study is designed to explore college students' perspectives on digital behavioral advertising and personal information protection through in-depth interviews. According to study results, importance of personal information protection is highly regarded among college students and interviewees suggest individuals, companies, and government organizations work together to protect personal information. College students' behavioral level of personal information protection can be divided into three levels such as 1) no-action taken, 2) passive response, and 3) active response. The study found that college students' attitude toward digital behavioral advertising is positive and also negative at the same time. Lastly, the study suggests that college students have positive attitude toward companies' personal information collection and use for the marketing purpose such as digital behavioral advertising. At the discussion section this study puts emphasis on the need for digital media literacy education and suggests practical implications for personal information collection and its procedures.

Effects of Information Overload to Information Privacy Protective Response in Internet of Things(Iot) (사물인터넷 시대의 개인정보과잉이 정보프라이버시 보호반응에 미치는 영향)

  • So, Won-Geun;Kim, Ha-Kyun
    • Management & Information Systems Review
    • /
    • v.36 no.1
    • /
    • pp.81-94
    • /
    • 2017
  • In the age of information overload such as Internet of Things(IoT), big data, and cloud computing, Data and informations are collected to processed regardless of the individual's will. The purpose of this paper presents a model related to personal information overlord, information privacy risk, information privacy concern (collection, control, awareness) and personal information privacy protective response. The results of this study is summarized as follows. First, personal information overload significantly affects information privacy risk. Second, personal information overload significantly affects information privacy concern(collection, control, awareness) Third, information privacy risk significantly affects collection and awareness among information privacy concern, but control does not significantly affects. This results shows that users are cognitively aware the information risk through collection and awareness of information. Users can not control information by self, control of information does not affects. Last, information privacy concern(collection and awareness significantly affect information privacy protective response, but information privacy concern (control) does not affect. Personal information users are concerned about information infringement due to excessive personal information, ability to protect private information became strong.

  • PDF

Exploratory Study on the Media Coverage Trends of Personal Information Issues for Corporate Sustainable Management

  • Dabin Lee;Yeji Choi;Jaewook Byun;Hangbae Chang
    • Journal of Internet Computing and Services
    • /
    • v.25 no.4
    • /
    • pp.87-96
    • /
    • 2024
  • Information power has been a major criterion for wealth disparity in human history, and since the advent of the Fourth Industrial Revolution, referred to as the data economy era, personal information has also gained economic value. Additionally, companies collect and analyze customer information to use as a marketing tool, providing personalized services, making the collection of quality customer information crucial to a company's success. However, as the amount of data held by companies increases, crimes of stealing personal information for financial gain have surged, making corporate customer information a target for criminals. The leakage of personal information and its circumstances lead to a decline in corporate trust from the customer's perspective, threatening corporate sustainability with falling stock prices and decreased sales. Therefore, companies find themselves in a paradoxical situation where the utilization of personal information is increasing while the risk of personal information leakage is also growing. This study used the news big data analysis system, BIG KINDS, to analyze major keywords before and after media coverage on personal information leaks, examining domestic media coverage trends. Through this, we identified the impact of personal information leakage on corporate sustainability and analyzed the connection between personal information protection and sustainable corporate management. The results derived from this study are expected to serve as foundational data for companies seeking ways to enhance sustainable management while increasing the utilization of personal information.

A Study on Decision Making Model for Personal Information Collection and Use Policy Establishment through Internet Homepage of Financial Companies (금융회사 인터넷 홈페이지를 통한 개인정보 수집 및 이용 동의 정책 수립 모델 연구)

  • Kim, Seong-hoon;Lee, Kyeong-ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.637-651
    • /
    • 2017
  • In order for a financial company to collect personal information, it explicitly notifies consumers of the contents stipulated by law and gets consent beforehand. As a result, as financial products became more complicated and diverse, and the contents of 'Consent form for providing personal information' became more complicated and more. In particular, in the case of internet or mobile, the letter became smaller as the screen size limit, making it more difficult to understand. This is because almost all companies that collecting personal information are in a similar situation, In the position of consumers who use services are, contradictions arise that habitually agree without understanding the consent contents. In this research, in order to present a consent policy establishment decision-making model to rationally collect and use personal information through the Internet website of financial companies, consider the domestic and foreign legal system Then, derive a problem To present improvement measures. In addition, the evaluation factors selected through the research are verified by presenting decision making models and formulas using AHP (Analytic Hierarchy Process) method.

A Study on Legal Protection, Inspection and Delivery of the Copies of Health & Medical Data (보건의료정보의 법적 보호와 열람.교부)

  • Jeong, Yong-Yeub
    • The Korean Society of Law and Medicine
    • /
    • v.13 no.1
    • /
    • pp.359-395
    • /
    • 2012
  • In a broad term, health and medical data means all patient information that has been generated or circulated in government health and medical policies, such as medical research and public health, and all sorts of health and medical fields as well as patients' personal data, referred as medical data (filled out as medical record forms) by medical institutions. The kinds of health and medical data in medical records are prescribed by Articles on required medical data and the terms of recordkeeping in the Enforcement Decree of the Medical Service Act. As EMR, OCS, LIS, telemedicine and u-health emerges, sharing and protecting digital health and medical data is at issue in these days. At medical institutions, health and medical data, such as medical records, is classified as "sensitive information" and thus is protected strictly. However, due to the circulative property of information, health and medical data can be public as well as being private. The legal grounds of health and medical data as such are based on the right to informational self-determination, which is one of the fundamental rights derived from the Constitution. In there, patients' rights to refuse the collection of information, to control recordkeeping (to demand access, correction or deletion) and to control using and sharing of information are rooted. In any processing of health and medical data, such as generating, recording, storing, using or disposing, privacy can be violated in many ways, including the leakage, forgery, falsification or abuse of information. That is why laws, such as the Medical Service Act and the Personal Data Protection Law, and the Guideline for Protection of Personal Data at Medical Institutions (by the Ministry of Health and Welfare) provide for technical, physical, administrative and legal safeguards on those who handle personal data (health and medical information-processing personnel and medical institutions). The Personal Data Protection Law provides for the collection, use and sharing of personal data, and the regulation thereon, the disposal of information, the means of receiving consent, and the regulation of processing of personal data. On the contrary, health and medical data can be inspected or delivered of the copies, based on the principle of restriction on fundamental rights prescribed by the Constitution. For instance, Article 21(Access to Record) of the Medical Service Act, and the Personal Data Protection Law prescribe self-disclosure, the release of information by family members or by laws, the exchange of medical data due to patient transfer, the secondary use of medical data, such as medical research, and the release of information and the release of information required by the Personal Data Protection Law.

  • PDF

Personal Information life Cycle Model Considering the Learning Cha racteristics of Artificial Intelligence (인공지능의 학습 특성을 고려한 개인정보 라이프 사이클 모델)

  • Jaeyoung Jang;Jong-Min Kim
    • Convergence Security Journal
    • /
    • v.24 no.2
    • /
    • pp.47-53
    • /
    • 2024
  • The traditional personal information life cycle model, primarily tailored to conventional systems, is inherently unsuitable for comprehending the nuances of personal information flow within artificial intelligence frameworks and for formulating effective protective measures. Therefore, this study endeavors to introduce a personal information life cycle model specifically designed for artificial intelligence (AI). This paper presents a personal information life cycle model suitable for artificial intelligence, which includes the stages of collection, retention, learning, use, and destruction/suspension, along with the re-learning process for destruction/suspension. Subsequently, we compare the performance of these existing models (such aspersonal information impact assessment and the ISMS-P model) with the newly proposed model. This underscores the superiority of our proposed model in comprehensively understanding the personal information flow in AI and establishing robust protective measures.