• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.99-116
• /
• 2023

The importance of data in the era of the 4th industrial revolution, a hyper-connected society based on information technology such as data and AI, is increasing, and the government is actively enacting and revising laws to revitalize the data economy. It is necessary to prevent and improve problems that may set an obstacle to the revitalization of the data industry or setting the wrong direction, such as possibility of conflict between the regulatory law(Personal Information Protection Act) and the Data Activation Act, differences in position by type of specialized agencies, performance scope of Data Specialist Organization and Expert Data Combination Agency, etc. In regard, I would like to analyze the role, current situation, and use cases of Expert Data Combination Agency, listen to field opinions, and derive and introduce measures to expand the role of Expert Data Combination Agency and improve them to vitalize the data economy

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.287-304
• /
• 2020

There have been a number of legal & policy studies on the affecting factors of big data utilization, but empirical research on the composition factors of personal information regulation or data combination, which acts as a constraint, has been hardly done due to the lack of relevant statistics. Therefore, this study empirically explores the priority of personal information regulation factors and data combination factors that influence big data utilization through Delphi Analysis. As a result of Delphi analysis, personal information regulation factors include in order of the introduction of pseudonymous information, evidence clarity of personal information de-identification, clarity of data combination regulation, clarity of personal information definition, ease of personal information consent, integration of personal information supervisory authority, consistency among personal information protection acts, adequacy punishment intensity in case of violation of law, and proper penalty level when comparing EU GDPR. Next, data combination factors were examined in order of de-identification of data combination, standardization of combined data, responsibility of data combination, type of data combination institute, data combination experience, and technical value of data combination. These findings provide implications for which policy tasks should be prioritized when designing personal information regulations and data combination policies to utilize big data.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.22 no.3
• /
• pp.88-103
• /
• 2023

With the recent advancement of 4th Industrial Revolution technology, transportation systems are generating large amounts of mobility data related to the individual movement trajectories of vehicles and people. There are many constraints on utilizing mobility data containing personal information. Thus, in South Korea, the processing and generation of pseudonymized information and the analysis and utilization of this information have been managed in a dual manner by applying separate agencies and technologies through the revision of the Data 3 Act and the enactment of the Data Basic Act. However, this dual approach fails to securely support the entire data lifecycle and suffers from inefficiencies in terms of processing time and cost. Therefore, to compensate for the problems of the existing Expert Data Combination System and Data Safety Zone, this study proposes an Integrated Data Safety Zone Framework that integrates and unifies the process of generating, processing, analyzing, and utilizing mobility data. The integrated process for data processing was redesigned, and common requirements and core technologies were derived. The result is an architecture for a next-generation Integrated Data Safety Zone system that can manage and utilize the entire life cycle of mobility data at one stop.

• Informatization Policy
• /
• v.28 no.3
• /
• pp.49-72
• /
• 2021

This study analyzes the major content, significances, and future outlook of Three Data Acts amendment enacted in August 2020 in South Korea, with the focus on their impact on the financial and data industries. It seems that the revision of the Credit Information Act will enable the specification of a business which had previously only been regulated as the business of credit inquiry, and also enable the domestic data industry to activate the MyData industry, data trading and platforms, and specify data pseudonymization and trading procedures. For the rational and efficient implementation of the amendments to the Three Data Acts, the Personal Information Protection Committee must be as transparent and lawful in its activities as possible, and fairness must be guaranteed. Even in the utilization of personal information, the development or complementation of the related data processing technologies is essential, and clear data processing methods and areas must be regulated. Furthermore, the amendments must be supported with guarantees and the systematization of a fair competitive system in the data market, stricter regulations on penalties for illegal acts related to data, establishment and strengthening of the related security systems, and reinforcement of the system of cooperation for data transfer.