• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.591-608
• /
• 2023

With the emergence of advanced encryption technologies such as Quantum Cryptography and Full Disk Encryption, an era of strengthening information security has begun. Users respond positively to the advancement of privacy-enhancing technology, on the other hand, investigative agencies have difficulty unveiling the actual truth as they fail to decrypt devices. In particular, unlike past ciphers, encryption methods using biometric information such as fingerprints, iris, and faces have become common and have faced technical limitations in collecting digital evidence. Accordingly, normative solutions have emerged as a major issue. The United States enacted the CLOUD Act with the legal mechanism of 'Contempt of court' and in 2016, the United Kingdom substantiated the Compelled Decryption through the Investigatory Powers Act (IPA). However, it is difficult to enforce Compelled Decryption on individuals in Korea because Korean is highly sensitive to personal information. Therefore, in this paper, we sought a method of introducing a Compelled Decryption that does not contradict the people's legal sentiment through a perception survey of 95 people on the Compelled Decryption. We tried to compare and review the Budapest Convention with major overseas laws such as the United States and the United Kingdom, and to suggest a direction of legislation acceptable to the people in ways to minimize infringement of privacy. We hope that this study will be an effective legal response plan for law enforcement agencies that can normatively overcome the technical limitations of decoding.

• The Journal of Industrial Distribution & Business
• /
• v.11 no.2
• /
• pp.49-59
• /
• 2020

Purpose: Online and social media and mobile shopping are increasing and companies are required to provide personal information in order to supplement the non-invasive characteristics of the channels. With the increased provision of personal information, consumers' personal and social concerns about the prevention of personal information infringement are also increasing, and in response, personal or opt-in marketing has emerged to compensate for reckless information abuse. Despite the background of this emergence, the existing prior studies are limited to ignoring the negative feelings of consumers in the real world, including only the net function and positive effect of the opt-in mail. Research design, data and methodology: The research framework was intended to utilize the impact of human marketing activities on consumer attitudes combined with positive and negative factors. Factors that positively affect attitudes toward permation marketing were presented, such as informality, and perceived risks were presented as negative impact factors. Also, based on previous prior research, the prior factors of opt-in marketing were to present the effect on purchase intent through the medium of attitude toward opt-in marketing. Results: In this study, we used the framework of a two factor theory to address positive and negative factors as a leading factor in the customer attitude toward opt-in mail advertising, and as a result, functionality and personalization have a positive effect on customer attitude and perceived risk have a negative impact on customer attitude. In addition, it was confirmed that the customer attitude formed this way affects the intention to purchase again. Conclusions: This study suggests that we have demonstrated that marketing, an opt-in marketing that has been recognized as part of marketing that is deployed after obtaining customer consent, has been applied without any other marketing methodology. E-mail advertising at this point also provides practical implications that the system safeguards are in place under an opt-in protocol or system, and that even if an e-mail advertisement is carried out, customers will need to look at the level of awareness about the risks, and suggests that they need to consider the customer's journey that could lead to purchase at the content level.

• The Korean Journal of Air & Space Law and Policy
• /
• v.35 no.2
• /
• pp.75-111
• /
• 2020

The civilian drone world has evolved in recent years from one dominated by hobbyists to growing involvement by companies seeking to profit from unmanned flight in everything from infrastructure inspections to drone deliveries that are already subject to regulations. Drone flight under the property right relation with the land owner would be deemed legal on the condition that expeditious and innocent passage of drone flight over the land be assured. The United Nations Convention on the Law of the Sea (UNCLOS) enshrines the concept of innocent passage through a coastal state's territorial sea. Passage is innocent so long as it is not prejudicial to the peace, good order or security of the coastal state. A vessel in innocent passage may traverse the coastal state's territorial sea continuously and expeditiously, not stopping or anchoring except in force majeure situations. However, the disturbances caused by drone flight may be removed, which is defined as infringement against the constitutional interest of personal rights. For example, aggressive infringement against privacy and personal freedom may be committed by drone more easily than ever before, and than other means. The cost-benefit analysis, however, has been recognjzed as effective criteria regarding the removal of disturbances or injunction decision. Applying that analysis, the civil action against such infringement may not find suitable basis for making a good case. Because the removal of such infringement through civil actions may result in only the deletion of journal article. The injunction of drone flight before taking the information would not be obtainable through civil action, Therefore, more detailed and meticulous regulation and criteria in public law domain may be preferable than civil action, at present time. It may be suitable for legal stability and drone industry to set up the detailed public regulations restricting the free flight of drone capable of acquiring visual information amounting to the infrigement against the right of personal information security.

• International journal of advanced smart convergence
• /
• v.9 no.4
• /
• pp.106-114
• /
• 2020

As information and communication technology develops, it brings various benefits to our lives. However, information and communication technology has had various side effects in our lives. Representative side effects include internet addiction, smartphone addiction, copyright violation, personal information infringement, cyber bullying and hacking. Recently, smart phone addiction rate is increasing with the spread of smart devices in Korea. In this study, we analyze the correlation between age group and smartphone addiction. In order to obtain fair and objective results, statistical analysis was performed based on the national statistical data of the National Information Society Agency. The results showed that the infant group and the adult group were correlated with the smartphone addiction rate. In this study, we analyzed the causes of smartphone addiction for different age groups. We also discuss dangers of smartphone addiction for different age groups. In additions, we proposed various ways to prevent and cure smartphone addiction for infants, adults, and senior citizen group. The results of this study are expected to be widely used as a remedy for smartphone addiction and future smartphone addiction research works.

• Journal of KIISE
• /
• v.44 no.9
• /
• pp.918-931
• /
• 2017

Recently, the spread of smartphones and various wearable devices has led to increases in the accumulation and usage of personal information. As a result, privacy protection has become an issue. Even though there have been studies and efforts to improve legal and technological security measures for protecting privacy, personal information leakage accidents still occur. Rather than privacy requirements, analysts mostly focus on the implementation of security technology within software development. Previous studies of security requirements strongly focused on supplementing the basic principles and laws for privacy protection and securing privacy requirements without understanding the relationship between privacy and security. As a result, personal information infringement occurs continuously despite the development of security technologies and the revision of the Personal Information Protection Act. Therefore, we need a method for eliciting privacy requirements based on related privacy protection laws that are applicable to software development. We also should clearly specify the relationship between privacy and security. This study aims to elicit privacy requirements and create privacy assurances cases for Privacy Friendly System development.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.4
• /
• pp.63-68
• /
• 2010

Mobile devices like iphone, ipad, kindle, and PDA are used as everyday tool. In the mobile environment, smart phones and other mobile units are also used as a tool for protection or infringement of personal information. Therefore, smart monitoring technology is required to protect personal information and privacy. On the other hand, with smart phones and the mobile environment, diverse application technologies are realized on hardware and software platforms. Therefore, this paper designs the network structure that forms privacy trust zone, and based on this, deals with the monitoring and monitoring prevention system with a focus on CCTV, through which this paper proposes a system that provides privacy trust zone information and its utilization which is capable of smart monitoring.

• Management & Information Systems Review
• /
• v.36 no.1
• /
• pp.81-94
• /
• 2017

In the age of information overload such as Internet of Things(IoT), big data, and cloud computing, Data and informations are collected to processed regardless of the individual's will. The purpose of this paper presents a model related to personal information overlord, information privacy risk, information privacy concern (collection, control, awareness) and personal information privacy protective response. The results of this study is summarized as follows. First, personal information overload significantly affects information privacy risk. Second, personal information overload significantly affects information privacy concern(collection, control, awareness) Third, information privacy risk significantly affects collection and awareness among information privacy concern, but control does not significantly affects. This results shows that users are cognitively aware the information risk through collection and awareness of information. Users can not control information by self, control of information does not affects. Last, information privacy concern(collection and awareness significantly affect information privacy protective response, but information privacy concern (control) does not affect. Personal information users are concerned about information infringement due to excessive personal information, ability to protect private information became strong.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.391-400
• /
• 2012

This study focused on the role of the center for private information, which can manage and share the personal data from data breach incidents. Especially, this study addresses on the importance of establishing information management systems for preventing secondary misappropriation of breached personal data and private information. The database of breached personal data can be used for reducing privacy worries of potential victims of secondary misuse of personal data. Individuals who use the same IDs and passwords on multiple websites may find this service more effective and necessary. The effectiveness of this breached data center on reducing secondary privacy infringement may differ depending on the extend of data being shared and the conditions of data submission. When businesses experienced data breach and submission of data to this center is required by the law, the accuracy and effectiveness of this service can be enhanced. In addition, centralized database with high quality data set can increase matching for private information and control the secondary misappropriation of personal data or private information better.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.6
• /
• pp.173-180
• /
• 2015

The advent of personal healthcare record(PHR) technology has been changing the uses as well as the paradigm of internet services, and emphasizing the importance of services being personalization. But the problem of user's privacy infringement and leaking user's sensitive medical information is increasing with the fusion of PHR technology and healthcare. In this paper, we propose a security labeling scheme for privacy protection in PHR system. In the proposed scheme, PHR data can be labeled also manually based on patient's request or the security labelling rules. The proposed scheme can be used to control access, specify protective measures, and determine additional handling restrictions required by a communications security policy.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.193-200
• /
• 2006

RFID technology has been gradually expanding its application areas however studies on personal space infringement along with security are insufficient. This paper proposes a new security protocol access time interval scheme and RSA algorithm to analyze existing RFID security protocol and attempts to solve the problem of lightweight protocol. Information protection for two-way channels can be enforced through the proposed protocol and other issues of sniffing and man-in-the-middle attacks can be solved by applying a mutual certification technique application among tag readers.