본문 바로가기
  • Home

A Legislative Study on the Concept of Pseudonymised Informationand Processing Conditions

  • Public Land Law Review
  • Abbr : KPLLR
  • 2019, 87(), pp.729-761
  • Publisher : Korean Public Land Law Association
  • Research Area : Social Science > Law
  • Received : July 31, 2019
  • Accepted : August 20, 2019
  • Published : August 27, 2019

KIM, IL HWAN 1 Kwon Geonbo 2

1성균관대학교
2아주대학교

Accredited

ABSTRACT

The current 「PERSONAL INFORMATION PROTECTION ACT」 establishes all personal information as a subject of protection, and then has separate protection for sensitive personal information. Personal information protected under this Act is required to be information ‘about living individuals.’ However, the recent development of the Internet of things, the activation of personal information by the entry into the big data society is required. As a result, criticism has been raised that the scope of personal information in Article 2 (1) of the Act is too wide. Therefore, in this paper, in order to harmonize the protection and utilization of personal information based on the review of the concept of personal information provided in the current law, the introduction of pseudonymised information and its legal system are reviewed. First, in the definition clause of Article 2 of the 「Personal Information Protection Act」, “pseudonymised information” is used as a concept distinguishing from “anonymous information” which means information that personal information is no longer recognized by a specific individual. It is necessary to define it as “pseudonymised information” so that it can no longer recognize a specific individual. Next, Article 18, Paragraph 2, Item 4 of the 「Personal Information Protection Act」 shall be amended to “Provide pseudonymised information processed so as not to be able to recognize a specific individual unless additional information is used, in which case, It may be used within a range that is reasonably recognized to be relevant to the purpose of the provision.” In addition, Article 29 to Clause 2 of the 「Personal Information Protection Act」 was newly added, and “the personal information processor is required to keep the additional information so that pseudonymised information combined with the additional information can not be recognized again. Technical, managerial, and physical measures must be taken.”

Citation status

* References for papers published after 2022 are currently being built.