• Informatization Policy
• /
• v.20 no.3
• /
• pp.63-85
• /
• 2013

Drawing on Protection Motivation Theory(PMT), this study attempts to clarify antecedents that influence the intention to protect individuals' privacy on the Internet. Protection motivation forms through individuals' cognitive appeal involving threat and efficacy. Then protection motivation causes privacy behavioral change. Protection motivation factors are established privacy trust and privacy risk, which are related to privacy attitude and belief. This proposed model is empirically analyzed by utilizing structural equation analysis(SEM). According to the result of the empirical analysis, it is founded that almost paths have statistically significant explanatory power except path from efficacy to privacy risk and path from privacy trust to privacy behavioral intention. This study shows powerful evidence of antecedent factors based on protection motivation of individuals' privacy behavioral intention in online environment.

• Journal of the Korean Home Economics Association
• /
• v.37 no.10
• /
• pp.55-66
• /
• 1999

The purpose of this study is to propose consumer policy related to the protection of personal information on the basis of regulations and laws in the developed countries. From this study, implications for the protection consumer privacy are discussed as follows. First, Consumer education is needed to enhance consumers'knowledge on their privacy right and this should be done not only by private consumer organization but also by businesses. Second, Businesses should realize ethical responsibilities of consumers'privacy right when they use personal information by databasemarketing. Finally, Government should establish a privacy law concerning both public and private sectors.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.8C
• /
• pp.1076-1085
• /
• 2004

Privacy enforcement has been one of the most important problems in IT area. Privacy protection can be achieved by enforcing privacy policies within an organization's data processing systems. Traditional security models are more or less inappropriate for enforcing basic privacy requirements, such as privacy binding. This paper proposes an extended role-based access control (RBAC) model for enforcing privacy policies within an organization. For providing privacy protection and context based access control, this model combines RBAC, Domain-Type Enforcement, and privacy policies Privacy policies are to assign privacy levels to user roles according to their tasks and to assign data privacy levels to data according to consented consumer privacy preferences recorded as data usage policies. For application of this model, small hospital model is considered.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.135-144
• /
• 2010

Privacy protection can only be achieved by enforcing privacy policies within an enterprise's on and offline data processing systems. There are P-RBAC model and purpose based model and obligations model among privacy policy models. But only these models each can not dynamically deal with the rapidly changing business environment. Even though users are in the same role, on occasion, secure system has to opt for a figure among them who is smart, capable and supremely confident and to give him/her a special mission during a given period and to strengthen privacy protection by permitting to present fluently access control conditions. For this, we propose Integrated Privacy Protection Model based on RBAC. Our model includes purpose model and P-RBAC and obligation model. And lastly, we define high level policy language model based XML to be independent of platforms and applications.

• Informatization Policy
• /
• v.29 no.2
• /
• pp.37-65
• /
• 2022

This article analyzes the relationship between the privacy attitudes of MyData users and the four dimensions of privacy cynicism (distrust, uncertainty, powerlessness, and resignation) as to privacy protection intentions through a structural equation model. It was examined that MyData user's internet skills had a statistically significant negative effect on 'resignation' among the privacy cynicism dimensions. Secondly, privacy risks have a positive effect on 'distrust' in MyData operators, 'uncertainty' in privacy control, and 'powerlessness' in terms of privacy cynicism. Thirdly, it was analyzed that privacy concerns have a positive effect on the privacy cynicism dimensions of 'distrust' and 'uncertainty', with 'resignation' showing a negative effect. Fourthly, it was found that only 'resignation' as a dimension of privacy cynicism showed a negative effect on privacy protection intention. Overall, MyData user's internet skills was analyzed as a variable that could alleviate privacy cynicism. Privacy risks are a variable that reinforces privacy cynicism, and privacy concerns reinforce privacy cynicism. In terms of privacy cynicism, 'resignation' offsets privacy concerns and lowers privacy protection intentions.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.51-59
• /
• 2008

As the innovative IT are being developed and applied in the e-business environment, firms are recognizing the fact that amount of customer information is providing care competitive edge. However, sensitive privacy information are abused and misused, and it is affecting the firms to require appropriate measures to protect privacy information and implement security techniques to safeguard carparate resources. This research analyzes the threat of privacy information exposure in the e-business environment, suggest the IPM-Trusted Privacy Policy Model in order to resolve the related problem, and examines 4 key mechanisms (CAM, SPM, RBAC Controller, OCM) focused on privacy protection. The model is analyzed and designed to enable access management and control by assigning user access rights based on privacy information policy and procedures in the e-business environment. Further, this research suggests practical use areas by applying TPM to CRM in e-business environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.767-779
• /
• 2013

A field of privacy protection lacks statistical information about the current status, compared to other fields. On top of that, since it has not been classified as a concrete separate field, the related survey is only conducted as a part of such concrete areas. Furthermore, this trend of being regarded as a part of fields such as informatization, information protection and law will continue in the near future. In this paper, a novel and practical way for collecting and storing a big amout of data from 110,000 privacy policies by data controller is proposed and the real analysis results is also shown. The proposed method can save time and cost compared with the traditional survey-based method while maintaining or even advancing the accuracy of results and speediness of process. The collected big personal data can be used to set up various kinds of statistical models and they will play an important role as a breakthrough of observing the present status of privacy information protection policy. The big data concept is incorporated into the privacy protection and we can observe the method and some results throughout the paper.

• Journal of Digital Convergence
• /
• v.18 no.10
• /
• pp.23-31
• /
• 2020

As children's participation in online activities has recently increased, online services for children are also rapidly increasing, but children are not sufficiently guaranteed their rights. The purpose of this study is to classify and analyze issues related to the children's online privacy issues in Korea through the current status and case studies of application services mainly used by children. For this purpose, this research analyzed problems related to the children's online privacy protection according to the stage of using the application. As a result of the application content analysis, 1) issues of child identification, 2) effectiveness of notice and consent, and 3) issues of children's rights as subjects of information were derived. Based on the current status analysis, the policy implications were drawn based on the children's online privacy protection in the online environment, and suggestions were made for improvement.

• Informatization Policy
• /
• v.27 no.3
• /
• pp.3-18
• /
• 2020

In the growing digitalized world, the European Union implemented the General Data Protection Regulation(GDPR) to establish a comprehensive data protection framework across member states. Given the constitutional roots of GDPR, the EU's regulatory approach is different than other data protection regimes. The new regulation has strengthened individual rights to data protection, but it also introduced several obligations for businesses that collect and process personal data. We review the existing literature on privacy, particularly GDPR, from a policy perspective. The evidence outlines data regulation's effects on competition, innovation, marketing activities, and cross-border data flows. The discussion highlights the tradeoffs between increased regulation of data protection and its effects on the market.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.183-193
• /
• 2014

Korean personal data(information) protection law requires privacy policies post on every website. According to recent survey results, users' interests on these policies are low due to these policies' low readability and accessibility. This study proposes a layout that effectively conveys online privacy policy contents, and assesses its impact on information understandability, vividness, and recognition of users. Studies on privacy policies and layouts, media richness theory, social presence theory, and usability are used to develop the new layered approach. Using experiments, three major layouts are evaluated by randomly selected online users. Research results shows that information understandability, vividness, and recognition of privacy policies in the revised-layered approach are higher than those of in the text-only or table-based layouts. This study implies that employing visual guides like icons on privacy policy layouts may increase users' interest in those policies.