• Journal of the Korean Society for Library and Information Science
• /
• v.47 no.3
• /
• pp.73-96
• /
• 2013

This study investigates how librarians view library user privacy. To this end, a four-part survey was conducted: respondents' opinions about the privacy of library users, the degree to which library records violate the users' privacy, the role libraries and librarians fulfill to ensure user privacy protection, and librarians' need for privacy education. Results showed that librarians were very aware of privacy issues, but they perceived that library users' privacy awareness was not high. In particular, they had little knowledge of what library records or which library tasks might have the potential to violate users' privacy. In addition, awareness efforts of librarians to ensure user privacy was very low. On the other hand, the need for library user privacy educational programs was shown to be very high, and the willingness to participate was also relatively high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.141-156
• /
• 2020

Differential privacy, which used to collect and analysis data and preserve data privacy, has been applied widely in data privacy preserving data application. Local differential privacy algorithm which is the local model of differential privacy is used to user who add noise to his data himself with randomized response by self and release his own data. So, user can be preserved his data privacy and data analyst can make a statistical useful data by collected many data. Local differential privacy method has been used by global companies which are Google, Apple and Microsoft to collect and analyze data from users. In this paper, we compare and analyze the local differential privacy methods which used in practically. And then, we study applicability that applying the local differential privacy method in survey or opinion poll scenario in practically.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.1
• /
• pp.89-98
• /
• 2012

According to the enforcement of Personal Information Protection Act as of September 2011, the laws and regulations for the protection of personal information that were applied only to the certain sectors such as information & communication network, financial institutions, public sector etc. for the time being has been expanded to apply to all public and private sectors to process personal information. In particular, because the public institutions are obliged to be mandatorily conducted of the Privacy Impact Assessment, it will be enforced in earnest for each agency's informationization business that handles personal information. In this paper, I examine the most derived vulnerability and set up the improvement measure to supplement it with the examples of 10 of all the institutions conducting the Privacy Impact Assessment in the year 2011. And, I suggest the measures to be prepared by the institutions to observe the Personal Information Protection Act.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.4
• /
• pp.1057-1071
• /
• 2016

Privacy-right infringement using unmanned aerial vehicle (UAV) usually occurs due to the unregistered small UAV with the image data processing equipment. In this paper we propose that privacy protection acts, Personal Information Protection Act, Information and Communications Network Act, are complemented to consider the mobility of image data processing equipment installed on UAV. Furthermore, we suggest the regulations for classification of small UAVs causing the biggest concern of privacy-right infringement are included in aviation legislations. In addition, technological countermeasures such as recognition of UAV photographing and masking of identifying information photographed by UAV are proposed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.7
• /
• pp.3497-3515
• /
• 2018

Differential privacy has broadly applied to statistical analysis, and its mainly objective is to ensure the tradeoff between the utility of noise data and the privacy preserving of individual's sensitive information. However, an individual could not achieve expected data utility under differential privacy mechanisms, since the adding noise is random. To this end, we proposed an adaptive Gaussian mechanism based on expected data utility under conditional filtering noise. Firstly, this paper made conditional filtering for Gaussian mechanism noise. Secondly, we defined the expected data utility according to the absolute value of relative error. Finally, we presented an adaptive Gaussian mechanism by combining expected data utility with conditional filtering noise. Through comparative analysis, the adaptive Gaussian mechanism satisfies differential privacy and achieves expected data utility for giving any privacy budget. Furthermore, our scheme is easy extend to engineering implementation.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.26 no.4
• /
• pp.31-63
• /
• 2015

This research was based on the investigation of the awarenesses of librarians of issues regarding the privacy of the users of school libraries. It sought to determine if, by raising the issue of the importance of the need for the protection of the personal information of the users of the school libraries, and the implications of not paying attention to the rules in effect, the awareness regarding the privacy of the users of school libraries would be improved. For this, previous research related to the privacy of the students, the legal basis for the protection of the privacy of the domestic and foreign students, and the types of the infringements upon the protection of their personal information were investigated. A survey was conducted to measure the awareness of issues related to the privacy of the users of the library. The research showed the results as follows: First, the awarenesses regarding the privacy of the users of the school libraries appeared low, and low recognition was also found regarding the awareness of the cases of the infringements upon the privacy of the users of the school libraries; regarding the awareness in relation to the protection of privacy; regarding the seriousness of the privacy problems of the users; and regarding the factors that can encroach upon the privacy of the users. Second, regarding the seriousness felt when the library records of the users of the school libraries are leaked to the outside, 41.6% of the respondents responded by saying "It is serious", and 18.4% responded by saying "It is not serious". Third, as a result of investigating the awareness regarding whether the consent of the person concerned is needed in case a third party requests access to reading the records in the library, 68.5% of the respondent responded "It is needed", and only 10.4% responded "It is not needed". Last, in the investigation into whether the respondents had the experience of being educated as to the rules related to the privacy of the users at a school or an external organization, over 80% of the respondents answered that they did not receive it.

• The Korean Society of Law and Medicine
• /
• v.11 no.1
• /
• pp.117-143
• /
• 2010

Along with the development of digital technologies, the information obtained during the medical procedures was working as a source of valuable assets. Especially, the secondary use of personal health information gives the ordeal to privacy protection problems. In korea, the usage of personal medical information is basically regulated by the several laws in view of general and administrative Act like Medicine Act, Public institutions' personal information protection Act, Information-Network Act etc. There is no specific health information protection Act. Health information exchange program for the blood donor referral related with teratogenic drugs and contagious disease and medical treatment reporting system for income tax convenience are the two examples of recently occurred secondary use of health information in Korea. Basically the secondary use of protected health information is depend on the risk-benefit analysis. But to accomplish the minimal invasion to privacy, we need to consider collection limitation principle first. If the expected results were attained with alternative method which is less privacy invasive, we could consider the present method is unconstitutional due to the violation of proportionality rule.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.3C
• /
• pp.167-175
• /
• 2005

Privacy enforcement has been one of the most important problems in IT area. Privacy protection can be achieved by enforcing privacy policies within an organization's online and offline data processing systems. Traditional security models are more or less inappropriate for enforcing basic privacy requirements, such as purpose binding. This paper proposes a new approach in which a privacy control model is derived from integration of an existing security model. To this, we use an extended role-based access control model for existing security mechanism, in which this model provides context-based access control by combining RBAC and domain-type enforcement. For implementation of privacy control model we use GRBAC(Generalized Role-Based Access Control), which is expressive enough to deal with privacy preference. And small hospital model is considered for application of this model.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.87-94
• /
• 2018

Privacy means the right not to interfere with the private life of an individual. Bio data is the most private personal information about the person itself, and according to advancement of technology, it is possible to analyze and judge individual as well as identify individual. The Personal Information Protection Act is based on global privacy principles, but the legislation for the protection of bio information has yet to be enacted. Therefore, it is time to protect biometric data as more sensitive information than general personal information. We will review the global privacy discussions for protecting biometric information and propose additional privacy principles and measures for utilization that should be defined in the biometric information protection guideline.

• Spatial Information Research
• /
• v.11 no.2
• /
• pp.131-142
• /
• 2003

The Location Based Services comprised GIS and Telecommunication allow users to receive various services based on their geographic location. It is need to legislation to encourage the provision and use of location information by providing privacy protection to users. But the contents of the legislation proposed by Korean government have problems conflicted between protection of a person's location information and invigoration of location-based services. The purpose of this study is to search complementary measures for privacy protection of location information from a viewpoint of effective management strategy for geographic information.