Risk based policy at big data era: Case study of privacy invasion (빅 데이터 시대 위험기반의 정책 - 개인정보침해 사례를 중심으로 -)

Hyejung Moon (문혜정); Cho, Hyun Suk (조현석)

Risk based policy at big data era: Case study of privacy invasion

Informatization Policy
Abbr : 정보화정책
2012, 19(4), pp.63-82
Publisher : NIA
Research Area : Social Science > Public Policy

Hyejung Moon ¹, Cho, Hyun Suk ¹

¹서울과학기술대학교

Accredited

ABSTRACT

The world’s best level of ICT(Information, Communication and Technology) infrastructure has experienced the world’s worst level of ICT accident in Korea. The number of major accidents of privacy invasion has been three times larger than the total number of Internet user of Korea. The cause of the severe accident was due to big data environment. As a result, big data environment has become an important policy agenda. This paper has conducted analyzing the accident case of data spill to study policy issues for ICT security from a social science perspective focusing on risk. The results from case analysis are as follows. First, ICT risk can be categorized ‘severe, strong, intensive and individual’ from the level of both probability and impact. Second, strategy of risk management can be designated ‘avoid, transfer, mitigate, accept’ by understanding their own culture type of relative group such as ‘hierarchy, egalitarianism, fatalism and individualism’. Third, personal data has contained characteristics of big data such like ‘volume, velocity, variety’ for each risk situation. Therefore, government needs to establish a standing organization responsible for ICT risk policy and management in a new big data era. And the policy for ICT risk management needs to balance in considering ‘technology, norms, laws, and market’ in big data era.

KEYWORDS

big data, privacy invasion, technological risk, cultural types, ICT policy

Citation status

* References for papers published after 2023 are currently being built.

[book] 김영평 / 1991 / 불확실성과 정책의 정당성 / 고려대학교 출판부

[report] 소영진 / 2001 / 한국원자력 기술의 체감안전성에 관한 비교 연구 / 한국원자력연구소

[journal] 정익재 / 2007 / An Analysis of Information Security Vulnerabilities and Policy Responses / 한국정책학회보 / 한국정책학회 16(2) : 211~238

[journal] 한창희 / 2011 / A Quantitative Assessment Model of Private Information Breach / 한국전자거래학회지 / 한국전자거래학회 16(4) : 17~31

[other] 경향신문 / 2011 / 떨고있는 포털업계…‘개인 위치정보수집’구글∙다음 압수수색

[other] 뉴스핌 / 2008 / 마케팅전화 거부∙개인정보 동의 철회권도입

[other] 디지털타임즈 / 2012 / 빅 데이터 활용이 개인정보 유출로 이어지지 않도록 법제화 노력 이어져야

[other] 디지털타임즈 / 2012 / 빅 데이터 공통기반 시스템 만든다

[other] 머니투데이 / 2012 / 카드한장 가입했는데…”개인정보250곳에 뿌려진다”: 개인정보 제3자 제공 동의하지 않아도 회원가입 가능해야 하지만 지키는 카드사 없어

[other] 서울경제 / 2011 / ”글로벌 기업 눈치”솜방망이 처벌 논란

[other] 서울경제 / 2012 / [KT 고객정보 유출] 해킹∙악성코드아닌 가입자 정보 조회하듯 한건씩 빼내

[other] 지디넷 / 2012 / 헌재‘위헌’...인터넷 실명제 폐지 된다

[other] 참여연대 / 2011 / 개인정보 해킹, 인터넷실명제 폐지가 대안이다

[other] SBS뉴스 / 2008 / ’최진실 괴담‘ 유포자 괘씸”개인정보 유출 테러

[book] Beck, Ulrich / 1998 / The Politics of Risk Society / Polity Press

[book] Cobb / 1983 / Participationin American Politics / Johns Hopkins Univ. Press

[journal] Cobb, Roger / 1976 / Agenda Building as a ComparativePolitical Process / American PoliticalScience Review 40 : 126~135

[book] Crouch, Edmund / 1983 / Risk/Benefit Analysis / Ballinger Publishing Co

[book] Deloach, J. W. / 2000 / Enterprise-wide Risk Management. Strategies for Linking Risk and Opportunities / Financial Times/Prentice-Hall

[web] Douglas, Laney / 2001 / 3D Data Management: Controlling Data Volume, Velocity and Variety / http://blogs.gartner.com/doug-laney/files/2012/01/ad949-3D-Data-Management-Controlling-Data-Volume-Velocity-and-Variety.pdf

[book] Douglas, Mary / 1982 / Risk and Culture: An Essay on the Selection of Technological and Environmental Dangers / University of California Press

[other] Gantz, John / 2011 / Extracting Value from Chaos / IDC IVIEW

[confproc] Gonzalez, Jose J. / 2002 / A framework for human factors in Information security / Proceeding soft he WSEAS International Conference on Information Security (ICIS’02)

[book] George, Alexander L. / 2005 / The Method of Structured, Focused Comparison in Case studies and theory development in the social sciences / MIT Press

[book] Lessig, Lawrence / 1999 / Code and Other Laws of Cyberspace / Basic books

[web] Manyika, James / 2011 / Big data: The next frontier for innovation, competition, and productivity / McKinsey Global Institute / http://www.mckinsey.com/insights/mgi/research/technology_and_innovation/big_data_the_next_frontier_for_innovation

[journal] May, P. J. / 1991 / Reconsidering Policy Design: Policies and Publics / Journal of Public Policy 11(2) : 187~206

[journal] May, P. J. / 2009 / Widespread Policy Disruption: Terrorism, Public Risks, and Homeland Security / Policy Studies Journal 37(2) : 171~194

[journal] May, P. J. / 2009 / Widespread Policy Disruption and Interest Mobilization / Policy Studies Journal 37(4) : 779~801

[journal] Norrman, A. / 2004 / Ericsson’s proactive risk management approach after a serious sub-supplier accident / International Journal of Physical Distribution and Logistics Management 34(5) : 434~456

[web] Ponemon Institute / 2010 / Fifth Annual US Cost of Data Breach, January 2010 / http://msisac.cisecurity.org/resources/reports/documents/symantec_ponemon_data_breach_costs_report2010.pdf

[other] Project Management Institute / 2008 / A Guide to the Project Management Body of Knowledge(PMBOK®Guide) / PMI

[journal] Slovic, Paul / 1987 / Perception of Risk / Science 236 : 236~285

[book] Wildavsky, Aaron / 1988 / Searching for Safety / Transaction Publisher

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

Informatization Policy 2023 KCI Impact Factor : 4.08