Abstract
Since the "4th Industrial Revolution" has been a big issue today, the importance and public attention regarding data also has increased. In addition, activities that create new values while acting as catalysts for the development of other industries by using various types of data are called “Data economy” or “Data industry”. And many policies are also being designed to support them.
While Korean government implements various policies that consider the use of data to promote the data economy and industry, it also operates systems to prevent infringement accidents and minimize information leakage damage. However, the financial institutions that caused large-scale personal information leakage accidents are excluded from the subject of the Inforamation Security Management System (ISMS) certification obligations, and domestic universities have refused the certification review. In addition, in the case of the information protection (voluntary) disclosure system, no companies participated for a year since the implementation was insignificant. Even in public institutions that need to take the initiative in protecting personal information, cases of unauthorized access and leakage of personal information are constantly being occured. And cryptocurrency exchanges where data itself is converted into cashable assets have been hacked.
In this era of data economy and industry, the demand for information security management and supervision system is expected to gradually increase, it is expected that the level of social expectations for policy and system operation in this regard will also increase. In this paper, we first looked at the data economic environment and related trends, and examined the current status and limitations of the current information protection and management system. Afterwards, we tried to suggest some ways to improve the information protection, management, and supervision systems, and suggest directions to help secure the use of data in the future to meet the era of secured data economy.
While Korean government implements various policies that consider the use of data to promote the data economy and industry, it also operates systems to prevent infringement accidents and minimize information leakage damage. However, the financial institutions that caused large-scale personal information leakage accidents are excluded from the subject of the Inforamation Security Management System (ISMS) certification obligations, and domestic universities have refused the certification review. In addition, in the case of the information protection (voluntary) disclosure system, no companies participated for a year since the implementation was insignificant. Even in public institutions that need to take the initiative in protecting personal information, cases of unauthorized access and leakage of personal information are constantly being occured. And cryptocurrency exchanges where data itself is converted into cashable assets have been hacked.
In this era of data economy and industry, the demand for information security management and supervision system is expected to gradually increase, it is expected that the level of social expectations for policy and system operation in this regard will also increase. In this paper, we first looked at the data economic environment and related trends, and examined the current status and limitations of the current information protection and management system. Afterwards, we tried to suggest some ways to improve the information protection, management, and supervision systems, and suggest directions to help secure the use of data in the future to meet the era of secured data economy.
| Translated title of the contribution | A preliminary study on methods to improve information protection, management, and supervision policies as the data economy ages |
|---|---|
| Original language | Korean |
| Pages (from-to) | 119-170 |
| Number of pages | 52 |
| Journal | IT와 법연구 |
| Issue number | 21 |
| DOIs | |
| State | Published - 2020 |