• Title/Summary/Keyword: The right to informational self-determination

Search Result 9, Processing Time 0.035 seconds

A Study on the Improvement of the Unconditional Right to Informational Self-Access Based on the Status of Domestic and Foreign Legislation and It's Application to Domestic Corporations (무조건적 자기정보접근권 부여에 대한 국내외 규제현황 및 사례분석을 통한 개선방안 연구)

  • Bae, Jin-ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.591-605
    • /
    • 2017
  • The right to informational self-determination refers to the constitutional right for an individual, which is approved by the constitutional court, to decide what contents the collected information comprises and to control the circulation of information relation to oneself. It contains claim for inspection of personal information(The right to informational self-access) as a right for individual to review information of current state and processing history which information holders have. To assure the right to informational self-access, individual must be notified of the processing history of information by information holders regardless of individual's request(The unconditional right to informational self-access). This study will analyse current status of domestic and foreign legislation and global regulation which are related to the unconditional right to informational self-access. In addition, the action of domestic corporations will be introduced. Finally, it will be concluded with relevant problems and solutions to solve the problems.

A Study on the Privacy Literacy Level Measurement for the Proper Exercise of the Right to Informational Self-Determination (올바른 개인정보자기결정권 행사를 위한 프라이버시 리터러시 수준 측정에 관한 연구)

  • Park, Hyang-mi;Yoo, Ji-Yeon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.501-522
    • /
    • 2016
  • In the digital era, information is a source of value creation. However, the growing importance of knowledge and information also increases risks and threats. When information is leaked, full recovery is difficult, and additional spreading of risk is high because it is easy to accomplish. Especially personal information is the main target due to its availability. Although individuals normally have to consent to the use of their personal information, they often do not know the use of their information. In such a difficult situation, one must exercise self-determination and privacy. Therefore, the goal of this study is to development a privacy literacy level measurement model for the proper exercise of the right to informational self-determination. It will be presented with the concept of privacy literacy index in order to determine the level of knowledge and understanding and practical application skills for individual. Through the index, we going to enhance the selection ability of information subject, and to promote the judgement and the determination capability for the protection and utilization of personal information.

A Case Study for Improvement of Users' Right to Informational self-determination: Focusing on the GDPR of EU and the CCPA of California, USA (국내 기업의 개인정보 자기결정권 강화를 위한 논의: EU의 GDPR과 미국 캘리포니아주의 CCPA를 중심으로)

  • Yoon, Young-Ho;Yoon, Hyun Shik
    • The Journal of Information Systems
    • /
    • v.28 no.4
    • /
    • pp.65-103
    • /
    • 2019
  • Purpose The purpose of this study is to find out in extent to which the companies in Korea and oversea, which has been subjected by different laws of their country, have guaranteed the personal information rights and have provided proper 'right to access' to the information subjects. Design/methodology/approach This study compared Korean laws with 'General Data Protection Regulation (GDPR)' of EU and 'California Consumer Privacy Act (CCPA)' to check each of the level of 'right to access' guarantee. In terms of the difference in guaranteeing the right, this study compared Korean IT leading companies with US global leading IT companies to find out how much 'right to access' are properly implemented in their policies and functions they provide. Findings The result of the study shows that 'right to access' has not been well guaranteed by Korean law, as it does not provide the right to choose method and medium by information subjects and does not clarify the types of diverse information. This was clearly opposite with the other laws providing the right to choose what method and medium that subjects want with clarifying every types of personal information possible to be more. In addition, 'right to access' has not been well guaranteed by Korean companies in comparison with by the oversea companies which proactively guarantee the right by setting the function enabling subjects to browse their information through their websites or applications.

Factors Affecting the Intention to Adopt Self-Determination Rights of Personal Medical Information (개인의료정보 자기결정권 행사 의도에 영향을 미치는 요인)

  • Yunmo Koo;Sungwoo Hong;Beomsoo Kim
    • Information Systems Review
    • /
    • v.20 no.1
    • /
    • pp.159-177
    • /
    • 2018
  • With an extensive proliferation of information and communication technology, the volume and amount of digital information collected and utilized on the Internet have been increasing rapidly. Also on the rapid rise are side effects such as unintended breach of accumulated personal information and consequent invasion of personal privacy. Informational self-determination is rarely practiced, despite various states' legal efforts to redress data subjects' damage. Personal health information, in particular, is a subcategory of personal information where informational self-determination is hardly practiced enough. The observation is contrasted with the socio-economic inconvenience that may follow due to its sensitive nature containing individuals' physical and health conditions. This research, therefore, reviews factors of self-determination on personal health information while referring to the protection motivation theory (PMT), the long-time framework to understand personal information protection. Empirical analysis of 200 data surveyed reveals threat-appraisal (perceived vulnerability and perceived severity of threats) and coping-appraisal (perceived response effectiveness), in addition to individual levels of concern regarding provided personal health information, influence self-determination to protect personal health information. The research proposes theoretical findings and practical suggestions along with reference for future research topics.

A Study on Legal Protection, Inspection and Delivery of the Copies of Health & Medical Data (보건의료정보의 법적 보호와 열람.교부)

  • Jeong, Yong-Yeub
    • The Korean Society of Law and Medicine
    • /
    • v.13 no.1
    • /
    • pp.359-395
    • /
    • 2012
  • In a broad term, health and medical data means all patient information that has been generated or circulated in government health and medical policies, such as medical research and public health, and all sorts of health and medical fields as well as patients' personal data, referred as medical data (filled out as medical record forms) by medical institutions. The kinds of health and medical data in medical records are prescribed by Articles on required medical data and the terms of recordkeeping in the Enforcement Decree of the Medical Service Act. As EMR, OCS, LIS, telemedicine and u-health emerges, sharing and protecting digital health and medical data is at issue in these days. At medical institutions, health and medical data, such as medical records, is classified as "sensitive information" and thus is protected strictly. However, due to the circulative property of information, health and medical data can be public as well as being private. The legal grounds of health and medical data as such are based on the right to informational self-determination, which is one of the fundamental rights derived from the Constitution. In there, patients' rights to refuse the collection of information, to control recordkeeping (to demand access, correction or deletion) and to control using and sharing of information are rooted. In any processing of health and medical data, such as generating, recording, storing, using or disposing, privacy can be violated in many ways, including the leakage, forgery, falsification or abuse of information. That is why laws, such as the Medical Service Act and the Personal Data Protection Law, and the Guideline for Protection of Personal Data at Medical Institutions (by the Ministry of Health and Welfare) provide for technical, physical, administrative and legal safeguards on those who handle personal data (health and medical information-processing personnel and medical institutions). The Personal Data Protection Law provides for the collection, use and sharing of personal data, and the regulation thereon, the disposal of information, the means of receiving consent, and the regulation of processing of personal data. On the contrary, health and medical data can be inspected or delivered of the copies, based on the principle of restriction on fundamental rights prescribed by the Constitution. For instance, Article 21(Access to Record) of the Medical Service Act, and the Personal Data Protection Law prescribe self-disclosure, the release of information by family members or by laws, the exchange of medical data due to patient transfer, the secondary use of medical data, such as medical research, and the release of information and the release of information required by the Personal Data Protection Law.

  • PDF

Personal Information Protection in Digital Era -Reviewing Personal information protection Act- (디지털시대의 개인정보보호 - 새로운 개인정보보호법을 중심으로)

  • Yoo, Jong-Lak
    • Journal of Digital Convergence
    • /
    • v.9 no.6
    • /
    • pp.81-90
    • /
    • 2011
  • Companies using internet as a kind of marketing means are increasing rapidly according to the expansion trend of e-commerce through internet and consumers also use internet as the common means of purchasing necessary articles. E-commerce using internet has advantages without limitation to temporal and spatial accessibility and general consumers and unspecified individuals also use internet to purchase their goods as well as general transactions such as advertisement, contract, payment and claim settlement. 'In the age of information, invasion of personal information resulted from the development of information and communication technology is one of the greatest problems all the countries in the world face. Therefore, Personal information protection Act is one of basic laws to protect personal information and rights and it is also an essential law in the age of information. In that sense, new Personal information protection Act is the advanced act containing various items to minimize the national damages from the leaking of private information and protect right to informational self-determination in the information society. It is expected that this legislation contributes to reduce the leaking of private information, enhance the level of privacy protection and develop privacy related industries. However, active participation of all members of our society and improvement of their recognition should be preceded for the rational and legal use of private information and the settlement of its protection culture. While the purpose of Personal information protection Act can protect privacy from collection, leaking, misuse and abuse of private information and enhance national interests and protect personal dignity and value, it also must perform the roles of balancing privacy protection with liberal information flow.

The Improvement Plan of the Individual Information Protection of the Law on the Development of Cloud Computing and User Protection (클라우드 컴퓨팅 발전 및 이용자 보호에 관한 법률상 개인정보 보호에 대한 개선방안)

  • Lee, Hie-Houn
    • The Journal of the Convergence on Culture Technology
    • /
    • v.5 no.1
    • /
    • pp.219-225
    • /
    • 2019
  • Today, in the era of the 4th Industrial Revolution, the cloud computing sector has advantages for cost reduction and efficiency of work, but problems related to privacy may arise. Therefore, the law on the development of cloud computing and user protection should be improved to enable providers of cloud computing services to proactively identify whether or not they contain their personal information, or to take steps to protect their privacy. And this same law is desirable to improve the implementation of a national mandatory certification system for privacy protection systems for cloud computing businesses. This same law is also desirable that cloud computing service providers create direct accountability for privacy breaches and appropriate scope for those responsibilities.

Overview of Personal Information Protection Act in Korea (개인정보보호법의 개관 및 개정방향에 관한 연구)

  • Kim, Ilhwan;Sung, Jaeho
    • Journal of Internet Computing and Services
    • /
    • v.16 no.4
    • /
    • pp.141-148
    • /
    • 2015
  • The Personal Information Protection Act enacted in March 2011 stated that the application target of this law includes all personal information processors in the public and private sector, and established the protection standard by phase such as collection, use and provision of personal information. There was an introduction of the Privacy Impact Assessment system that enables personal information processors to perform impact assessment autonomously if there are great concerns over the fact that making and expanding personal information files will influence the protection of personal information, while also making impact assessment compulsory for public institutions in specific reasons with great concerns for violating the rights of the subjects of information. This Act still has the problem that it is generally difficult to understand. This paper deals with the Korean legal practices about the personal information protection with regard to ambiguity and promotional system.

Meanings and Tasks of the Three Revised Bills which Ease Regulations on the Use of Personal Information (데이터 3법 개정의 의미와 추후 과제)

  • Kim, Seo-An
    • Convergence Security Journal
    • /
    • v.20 no.2
    • /
    • pp.59-68
    • /
    • 2020
  • In January 2020, the National Assembly passed the revisions of three bills which ease regulations on the use of personal information. The revised laws include the launch of an independent supervisory body, the arrangement of redundant regulations, and regulations for the development of the data economy. This paper analyzes the content and meaning of each law of the Three Revised Bills that Ease Regulations on the Use of Personal Information. And the future challenges outline three aspects: the establishment of a system to ensure the right to informational self-determination of privacy concerns, the establishment of a certification system and the presentation of reasonable guidelines, and the expectation of professional performance by the Personal Information Protection Commission.