• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.244-259
• /
• 2021

The economic value of personal information has its importance as an objective measure of valuation in commercial, legal, and policy areas. Until recently, however, personal information subjects have not properly recognized the economic value of personal information, which has led to the inability to exercise the right to self-determination of personal information by unconsciously agreeing to the terms and conditions of personal information service without recognizing the value of personal information provided to the service provider when subscribing to a specific service. Therefore, we will examine the methodologies for calculating the economic value of personal information and the practical guarantee of the right to self-determination of personal information and analyze the economic value of personal information through a survey. Also, we would like to propose various ways for the subject of personal information with limited cognitive resources to visually accept the economic value of personal information required by the terms and conditions and suggest the optimal visualization of personal information economic value to exercise the right to self-determination of personal information. To do so, in this paper, we have conducted two survey experiments to estimate the economic value of personal information. Based on the price of personal information by category retrieved from surveys, we have visualized the price of personal information in various forms and asked respondents to choose the optimal infographic that best represents the value of personal information visually. As a result, we have proposed an optimal usage of the infographic to 'nudge' information subjects about their right to self-determination of personal information, therefore opening the possibility of diminishing privacy paradox.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.3
• /
• pp.37-44
• /
• 2023

In the future society, a means to verify the identity of the information owner is required at the beginning of most services that the information owner encounters, and the emergence and gradual spread of digital identification that proves the identity of the information owner is essential. In addition, as the utilization value of personal information increases, discussions on how to provide personal information are active. Therefore, there is a need for a personal information management method necessary for building a hyper-connected society that is safe from various hacking, forgery, alteration, and theft by allowing the owner to directly manage and provide personal information management. In this study, a decentralized identity information management model that overcomes the problems and limitations of the centralized identity management method of personal information and manages and selectively provides personal information by the information owner himself and implemented a smart personal information provision system(SPIPS: Smart Personal Information Provision System) using a smartphone.

• Journal of Internet Computing and Services
• /
• v.25 no.4
• /
• pp.87-96
• /
• 2024

Information power has been a major criterion for wealth disparity in human history, and since the advent of the Fourth Industrial Revolution, referred to as the data economy era, personal information has also gained economic value. Additionally, companies collect and analyze customer information to use as a marketing tool, providing personalized services, making the collection of quality customer information crucial to a company's success. However, as the amount of data held by companies increases, crimes of stealing personal information for financial gain have surged, making corporate customer information a target for criminals. The leakage of personal information and its circumstances lead to a decline in corporate trust from the customer's perspective, threatening corporate sustainability with falling stock prices and decreased sales. Therefore, companies find themselves in a paradoxical situation where the utilization of personal information is increasing while the risk of personal information leakage is also growing. This study used the news big data analysis system, BIG KINDS, to analyze major keywords before and after media coverage on personal information leaks, examining domestic media coverage trends. Through this, we identified the impact of personal information leakage on corporate sustainability and analyzed the connection between personal information protection and sustainable corporate management. The results derived from this study are expected to serve as foundational data for companies seeking ways to enhance sustainable management while increasing the utilization of personal information.

• Journal of Information Processing Systems
• /
• v.6 no.2
• /
• pp.185-196
• /
• 2010

This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.587-608
• /
• 2022

The European Union recently established the General Data Protection Regulation (GDPR) for secure data use and personal information protection. Inspired by this, South Korea revised their Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and the Credit Information Use and Protection Act, collectively known as the "Three Data Bills," which prescribe safe personal information use based on pseudonymous data processing. Based on these bills, the personal data store (PDS) has received attention because it utilizes the MyData service, which actively manages and controls personal information based on the approval of individuals, and it practically ensures their rights to informational self-determination. Various types of PDS models have been developed by several countries (e.g., the US, Europe, and Japan) and global platform firms. The South Korean government has now initiated MyData service projects for personal information use in the financial field, focusing on personal credit information management. There is also a need to verify the efficacy of this service in diverse fields (e.g., medical). However, despite the increased attention, existing MyData models and frameworks do not satisfy security requirements of ensured traceability, transparency, and distributed authentication for personal information use. This study analyzes primary PDS models and compares them to an internationally standardized framework for personal information security with guidelines on MyData so that a proper PDS model can be proposed for South Korea.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.18 no.1
• /
• pp.37-45
• /
• 2022

With the development of the 4th industry, big data using AI is being used in many areas of our lives, and the importance of data is increasing accordingly. In particular, as various services using personal information appear and hacking attacks that exploit them appear in various ways, the importance of personal information management is increasing. Personal information must be managed safely even when collecting, retaining, using, providing, and destroying personal information, and the rights of information subjects must be protected. In this paper, an analysis was performed on the notification of usage history during the protection of the rights of information subjects using the MyData model. According to the Personal Information Protection Act, users must be periodically notified of the use of personal information, so we notify each individual of the use of personal information through e-mail or SNS once a year. It is difficult to understand and manage which company use my personal information. Therefore, in this paper, a personal information usage history notification system model was proposed, and as a result of performance analysis, it is possible to provide the controllability, availability, integrity, source authentication, and personal information self-determination rights.

• Journal of Information Technology Services
• /
• v.19 no.4
• /
• pp.13-30
• /
• 2020

Not only does it cause damage to individuals and businesses due to the occurrence of large-scale personal information leakage accidents, but it also causes many problems socially. Companies are embodying efforts to deal with the threat of personal information leakage. However, it is difficult to obtain detailed information related to personal information leakage accidents, so there are limitations to research activities related to leakage accidents. This study collects information on personal information leakage incidents reported through the media for 15 years from 2005 to 2019, and analyzes how the personal information leakage incidents occurring to companies are related to the characteristics of the company. Through the research results, it is possible to grasp the general characteristics of personal information leakage accidents, and it may be helpful in decision making for prevention and response to personal information leakage accidents.

• Journal of Information Technology Services
• /
• v.13 no.2
• /
• pp.163-172
• /
• 2014

Personal information has been stolen continuously and it is also affected from development of the Internet. So the government requires that companies spend more effort for protecting customers' personal information. The OLAP server also should meet this requirement, but it is hard to satisfy for the authority management. The OLAP server must use personal information to extract required information from database. This thesis suggests a model of separating between general information and personal information, so this model can help to minimize the leakage of personal information. The model is implemented and tested as a prototype. This prototype can prove that the new model is better than the original one. This study presents that the authority management on the separation between personal information and general information helps protect the personal information of customers.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.24 no.4
• /
• pp.167-176
• /
• 2024

The Personal Information Protection Commission was launched in August 2020 as an integrated control tower for personal information protection, but several problems have been pointed out in the personal information protection operation system. First, despite the fact that Korea's personal information protection system has an integrated legal system that regulates both the public and private sectors, it has been pointed out that it is difficult to carry out smooth personal information protection functions due to incomplete integration of protection functions, such as the Financial Services Commission being in charge of personal credit information protection and the Korea Communications Commission being in charge of personal location information protection. Next, despite the increasing number of public sector personal information leakage incidents, there is a lack of personnel with expertise and specialized support organizations to efficiently investigate them, and there is a concern that the lack of an efficient response system to personal information infringement by global IT companies in Korea in the era of digital commerce may weaken the protection of citizens' personal information. In order to solve these problems, I reviewed overseas cases and literature and proposed the following measures. First, it is necessary to centralize the personal information protection supervision function for credit information and location information to the Personal Information Protection Commission. Second, it is necessary to secure expertise by securing specialized personnel and establishing specialized institutions to respond to public sector personal information leakage incidents. Third, it is necessary to revitalize the domestic agency designation system and establish an international cooperation system to protect people's personal information in the digital commerce era. I believe that these measures to develop the personal information protection system will lead to more systematic personal information protection.

• Smart Media Journal
• /
• v.12 no.9
• /
• pp.95-102
• /
• 2023

As the utilization value of personal information increases, discussions on how to provide personal information are active, but information required by institutions to utilize personal information is being exposed more than necessary. Therefore, personal privacy protection is essential to overcome the problems and limitations of personal information protection. In this study, a decentralized identity information management model that overcomes the problems and limitations of the centralized identity management method of personal information and manages and selectively provides personal information by the information owner himself and demonstrates the excellence of personal information by implementing the Smart Personal Information Provision System (SPIPS) in the PBFT consensus algorithm through experiments.