• The Korean Society of Law and Medicine
• /
• v.17 no.2
• /
• pp.315-346
• /
• 2016

With the development of big data processing technology, the potential value of healthcare big data has attracted much attention. In order to realize these potential values, various research using the healthcare big data are essential. However, the big data regulatory system centered on the Personal Information Protection Act does not take into account the aspect of big data as an economic material and causes many obstacles to utilize it as a research purpose. The regulatory system of healthcare information, centered on the primary purpose of patient treatment, should be improved in a way that is compatible with the development of technology and easy to use for public interest. To this end, it is necessary to examine the trends of overseas legal system reflecting the concerns about the balance of protection and utilization of personal information. Based on the implications of the overseas legal system, we can derive improvement points in the following directions from our legal system. First, a legal system that specializes in healthcare information and encompasses protection and utilization is needed. De-identification, which is an exception to the Privacy Act, should also clearly define its level. It is necessary to establish a legal basis for linking healthcare big data to create synergy effects in research. It is also necessary to examine the introduction of the opt-out system on the basis of the discussion on the foreign debate and social consensus. But most importantly, it is the people's trust in these systems.

• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.149-156
• /
• 2015

The Personal Information Protection Commission shall be established under the direct jurisdiction of the President and shall independently perform affairs under its authority. It shall be comprised of total 15 members (5 members designated by the President, 5 members elected at the National Assembly and 5 members designated by the Chief Justice of the Supreme Court), including one minister-level Chairperson and one vice-minister-level standing member. Main functions of the Personal Information Protection Commission include deliberation and resolution of major policies and improvement of ordinances and systems related to personal information protection, coordination of opinions among public institutions in regards to the management of personal information, recommendation of improvement such as suspension of infringement by a central administrative agency, a local government and a constitutional institution, and submission of annual reports on personal information protection to the National Assembly. The function and role of the Personal Information Protection Commission regulated by the current law are insufficient in terms of independence and authorities of protection agencies compared to the international standard or level of discussion. The Commission thus cannot play a sufficient role as an independent agency for efficient protection of personal information. Therefore, there is a need for law revision that revives the purpose of the establishment of the Personal Information Protection Commission.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.97-107
• /
• 2013

The recent increase in smartphone usage has ignited the development of new applications which have changed the way of living in this internet era in the world. Almost all users which have smartphone have used many kinds of applications for lots of part. Especially, Social Network Service is the most popular part for smartphone users. The greater part of smartphone users take messenger service for smartphone. This kinds of applications provide to manage as deactivation of user or change of device. When users take to manage their information, their information would be deleted securely. If secure deletion didn't work correctly and released, their personal information can be easily abused to by others through various means such as internet phishing. In this paper, we analysis that the messenger application's management function keeps on the Personal Information Protection Act and suggest to prevent legally and technically for user's personal information and privacy.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.67-75
• /
• 2021

As pass the three revised bills, the Personal Information Protection Act was revised to have a larger application for personal information. For an industrial development through an efficient and secure usage of personal information, there is a need to revise the existing anonymity processing method. This paper modifies the Zero Knowledge Proofs algorithm among the anonymity processing methods to modify the anonymity process calculations by taking into account the reliability of the used service company. More detail, the formula of ZKP (Zero Knowledge Proof) used by ZK-SNAKE is used to modify the personal information for pseudonymization processing. The core function of the proposed algorithm is the addition of user variables and adjustment of the difficulty level according to the reliability of the data user organization and the scope of use. Through Setup_p, the additional variable γ can be selectively applied according to the reliability of the user institution, and the degree of agreement of Witness is adjusted according to the reliability of the institution entered through Prove_p. The difficulty of the verification process is adjusted by considering the reliability of the institution entered through Verify_p. SimProve, a simulator, also refers to the scope of use and the reliability of the input authority. With this suggestion, it is possible to increase reliability and security of anonymity processing and distribution of personal information.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.4
• /
• pp.103-110
• /
• 2013

In Information Technology era, various amazing IT technologies, for example Big Data, are appearing and are available as the amount of information increase. The number of counselling for violation of personal data protection is also increasing every year that it amounts to over 160,000 in 2012. According to Korean Privacy Act, in the case of treating unique personal identification information, appropriate measures like encipherment should be taken. The technologies of encipherment are the most basic countermeasures for personal data invasion and the base elements in information technology. So various cryptography algorithms exist and are used for encipherment technology. Therefore studies on safer new cryptography algorithms are executed. Cryptography algorithms started from classical replacement enciphering and developed to computationally secure code to increase complexity. Nowadays, various mathematic theories such as 'factorization into prime factor', 'extracting square root', 'discrete lognormal distribution', 'elliptical interaction curve' are adapted to cryptography algorithms. RSA public key cryptography algorithm which was based on 'factorization into prime factor' is the most representative one. This paper suggests algorithm utilizing telescoping series as a safer cryptography algorithm which can maximize the complexity. Telescoping series is a type of infinite series which can generate various types of function for given value-the plain text. Among these generated functions, one can be selected as a original equation. Some part of this equation can be defined as a key. And then the original equation can be transformed into final equation by improving the complexity of original equation through the command of "FullSimplify" of "Mathematica" software.

• Journal of radiological science and technology
• /
• v.44 no.5
• /
• pp.503-512
• /
• 2021

The purpose of this study is to check the extent to which "instruction of physician or dentist" defined in the Medical Service Technologists, etc. Act is applied in relation to radiography examination procedures for radiological technologists. In addition, it is intended to present basic data on the requirement to revise the Medical Service Technologists, etc. Act in the radiological technologist's duty area and scope of work, The subjects of this study were radiological technologists with license, and the response data were collected after sending the questionnaire link written on the online questionnaire form. The final number of respondents were 1,018, and the response rate was 6.8%. Most of the negative responses were "I have never received 'instruction' for radiologic examination by a physician or dentist, including a radiologist in a medical environment." There were a high perception that "the professionalism in radiation examination on radiological technologists are higher than that of a physician or dentist." They answered that the current continuing education has a great impact on maintaining and continuing professionalism and learning new knowledge in the radiology field. In addition, the radiological technologists provide a very high level of education in areas related to radiography procedure ethics such as patient care, patient safety, and patient privacy protection, as well as specialized fields such as radiation-related examination methods, radiography examination dose, and patient exposure dose. Radiological technologists replied that they were receiving it consistently. In conclusion, in the current medical environment, the 'instruction' of a physician or dentist cannot be seen as being realistically performed. The phrase 'instruction' of a physician or dentist as defined in the Medical Service Technologists, etc. Act is considered inappropriate in respect of the fact that the state recognizes the qualifications of the medical service technologist through a license. It is thought that revision to a new term suitable for the current medical environment is necessary.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.4
• /
• pp.71-76
• /
• 2016

In this study, de-identification policies of the US, the UK, Japan, China and Korea are compared to suggest a future direction of de-identification regulations and a method for vitalizing the big data industry. Efficiently using the de-identification technology and the standard of adequacy evaluation contributes to using personal information for the industry to develop services and technology while not violating the right of private lives and avoiding the restrictions specified in the Personal Information Protection Act. As a counteraction, the re-identification issue may occur, for re-identifying each person as a de-identified data collection. From the perspective of business, it is necessary to mitigate schemes for discarding some regulations and using big data, and also necessary to strengthen security and refine regulations from the perspective of information security.

• The Journal of Society for e-Business Studies
• /
• v.25 no.1
• /
• pp.123-134
• /
• 2020

Although the rights of data subjects are defined through laws such as the Personal Information Protection Act, the consent process for collecting personal information by financial institutions is only formal and does not guarantee the right of self-determination of personal information. Therefore, it is necessary to analyze the problem by information provision items of the current model, and to improve by changing the structure such as replacing the current method provided with the text with pictures and videos, and mandatory to provide the information subjects with personal information flow related images from the signing up stage. The improvement model is presented as a way to add a procedure to the current model. The effect was verified through a survey. It is hoped that the proposed model is actually reflected through the review to create an environment that can be a true meaning agreement that reflects the information subject's right to self-determination.

• Korean journal of communication and information
• /
• v.38
• /
• pp.211-244
• /
• 2007

Article 17 and 18 of the Korean Constitution respectively prescribe the violation of individual's right to privacy and the secrecy of wire communication. Meanwhile, Article 20 of the Criminal Code provides that an act which is conducted within the ambit of laws or pursuant to accepted business practices or which does not violate the social norms shall not be punishable. In 1999, the Constitutional Court held that media reports on public matters of public figures must be given strong constitutional protection, and treated differently from reports on private matters of private figures. In accordance with the decision, the Supreme Court has expanded the scope of constitutional guarantee of freedom of expression since 2002. This study analyzes the issue of media liability for publication of illegally intercepted wire communication by a third person. Particularly, it reviews Seoul High Court's ruling on 'X-file scandal' which disclosed intercepted wire communications between notable public figures regarding a slush fund for a presidential candidate. In the light of this analysis, the study concludes that the media reporting of the intercepted communication does not violate social norms of Article 20, and therefore it is entitled to a constitutional privilege.

• Korean Security Journal
• /
• no.53
• /
• pp.211-228
• /
• 2017

In May 2012, the police was empowered to electronically obtain location information of mobile devices from the telecommunication service provides for the purpose of rescue by the Act on the Protection, Use, ETC. of Location Information, after years of pressure with repeated serious violent crime outbreaks and controversy concerning the risk of breaching privacy. This study examines the environmental, legal, and technological challenges related to location tracking at the time of five years after the amendment of the law. The bottom line of police's locating power is to secure the lives of people in deadly emergent circumstance. Therefore, location tracking using given information should be swiftly proceeded after consideration and judgment of justification in timely manner to electronically request information to mobile carriers, and it is necessary to have somewhat flexibility of interpretation to be applied to diverse situation. In addition, location tracking technology should be continuously updated through cooperation with the stake-holders. Recognizing substantial problems in practice, we identified and explored the issues including obtaining prior consent for tracking the user's location in case of emergency, confirmation of emergency situation requiring police presence, qualification of legitimate requester, and limited applicability in various circumstances, which are required to reconsidered in conjunction with the personal information protection laws. Additional practical issues may include the expenses for information provision and other incentives to promote active cooperation by the telecom companies.