A Study on the Relative Importance of the Administrative and Technical Measures for the Personal Information Protection
Abstract
As the collection and use of personal information increases, the accidents that abuse and leak personal information are continuously increasing. The nation has established new laws and strengthened related laws for the prevention of the mass leakage of personal information and the secondary damage due to the leaked personal information. The nation also established the guidelines that need to be implemented by the institutions handling personal information for the safety of the personal information. For the efficient implementation of guidelines under the limited time and resources, it is necessary to establish the priorities between guidelines. This paper compares the relative importance of the guidelines by AHP (Analytic Hierarchy Process) technique. We performed the analysis on two expert groups, the group of consultants working in information security consulting company and the group of information security staffs handling personal information directly in the company. We compared the differences between groups and recommended the relative importances of the guidelines.
Full Text:
PDFReferences
Choi, S. U., “Implementation of Nonparametric Statistics in the Non-Normal Process,” Journal of the Korea Safety Management and Science, pp. 573-577, 2012.
Gibbons, J. D. and Chakraborti, S., Nonparametric Statistical Inference, 5 Edition, Chapman and Hall/CRC, 2010.
Implement the OECD ‘Privacy Guidelines’ in the Electronic Environment : Focus the internet 1998, .
Kim, B. S., “The Legal Justice of Conferring Criminal Negligence on Chief Privacy Officers, Journal of the Korea Society of IT Services, Vol. 10, No. 4, pp. 21-32, 2011.
Kim, D. K. and Kim, O. K., “A Study on the Development of Criteria and Priority Orders for Selecting Third Party Logistics Companies,” Journal of the Korean Operations Research and Management Science Society, Vol. 20, No. 2, pp. 161-163, 2003.
Kim, J. D. and Hwang, S. H., “A Study on Critical Success Factors for Implementing Governance of Personal Information Protection,” Journal of the Korea Institute of Information Security and Cryptology, Vol. 21, No. 5, pp. 97-203, 2011.
Kim, J. Y., “Analyzing Effects on Firms’ Market Value of Personal Information Security Breaches,” The Journal of Society for e-Business Studies, Vol, 18, No. 1, pp. 1-12, 2013.
Kim, S. G., “Analysis on Domestic and Foreign Privacy Information Acts to Suggest Directions for Developing Korean Privacy Information Protection Act,” Journal of the Korea Institute of Information Security and Cryptology, Vol. 22. No. 5. pp. 1091-1102, 2012.
Kim, Y. H. and Kook, K. H., “A Study on Priority Ranking of Actions Providing Personal Information Security,” Convergence Security Journal, Vol, 14. No. 4, pp. 9-17, 2014.
Korea Communications Commission, National Information Society Agency, “15th hacking prevention workshop,” National Information Society Agency, 2011.
LEE, C. H., “group decision making,” sejongbooks, 2000.
Lee, P. J., “System of Personal Information Protection Act and The Related Laws,” Journal of the Korean Review of Crisis and Emergency Management, Vol. 10, No. 1, pp. 81-103, 2014.
Mann, H. and Whitney, D., “On a Test of whether One of Two Random Variables Is Stochastically Larger than the Other,” Ann. Math. Statist, Vol. 18, pp. 50-60, 1949.
Ministry of Security and Public Administration, “Actions Providing Personal Information Security,” Ministry of Security and Public Administration Notice No. 43, pp. 1-48, 2011.
Ministry of Security and Public Administration, “National Informatization Whith Paper,” National Information Society Agency pp. 407-408, 2012.
Ministry of Security and Public Administration, “The terms of the Personal Information Protection Act personal information and infringement,” Ministry of Security and Public Administration, pp. 18-53, 2010.
National IT Industry Promotion Agency, Korea Internet Security Center, “IT industry 10 grand challenge,” National IT Industry Promotion Agency, 2012.
Organization for Economic Cooperation and Development guidelines, Annex to the recommendation of the Council of Vol. 23, 1980, “Guidelines governing the protection of privacyand transborder flows of personal data.”
Saaty, T. L., “The Analytic Hierarchy Process,” New York : McGraw-Hill. International, 1980.
Saaty, T. L., “Decision Making with Dependenceand Feedback : The Analytic Network Process,” Int. J. Services Sciences, Vol. 1, No. 1, pp. 83-98, 2008.
Saaty, T. L., “Decision making for leaders (AHP series, Vol. 2),” RWS, 1995.
Shin, Y. J., Jeong, H. C., and Kang, W. Y., “A Study of Priority for Policy Implement of Personal Information Security in Public Secto,” Journal of the Korea Institute of Information Security and Cryptology, Vol. 22, No. 2, pp. 379-390, 2012.
So, W. Y., “A Study on the Operating Status of the Protection Organizations in Developed Countries,” Korea Information Security Agency, 1998.
Wacks, R., Personal Information : Privacy and the Law, Oxford : Clarendon Place, 1989.
Refbacks
- There are currently no refbacks.