개인정보보호의 신경향 －프라이버시 중심 디자인(Privacy by Design)을 중심으로－

Abstract

In order to correctly keep privacy, increasing self cognition on privacy by individual is necessary first of all. Service provider needs to perform ``Privacy by Design`` which is an privacy focused design examining possibility of privacy invasion and minimizing risk in own corporation service. In order to certainly protect privacy, relying on only regulation obedience is not sufficient. Hence, government or corporation needs to promote construction of a structure for technically protecting privacy in design stage. It is required to certainly protect privacy from initial stage. That is, it is to ``construct from first stage`` the system for personal information protection. The base of ``Privacy by Design`` can be said to be in the technology, but application of its concept also gradually affects design of responsible business process and physical space or network, infrastructure. This is not simply subject to only technology (especially, information system) but general business process. Among them, Dr. Ann Cavoukian mentioned the specific object as IT system (technical field) field, responsible business convention, physical design and network infra. Privacy by Design concept has been actively discussed recent years. Especially, in 32th International Personal Information Protection Authority Conference1) opened on October, 2010, Privacy by Design was agreed to be recognized as essential element. What the International Personal Information Protection Authority Conference agreed on was that Privacy by Design is recognized as new global privacy standard. Actually, the agreement in this conference encourages acceptance a basic principle of Privacy by Design. Due to promotion and support for review structure about international privacy, application of Privacy by Design is proceeded worldwide. What the Privacy by Design try to keep is privacy information of user (citizen, consumer, customer) in a word and privacy of user itself who is a principal agent of that information. This is clear that the source of Privacy by Design is PETs(Privacy Enhancing Technologies) and the basic requirement is appeared while PETs concept is evolved. PETs is the whole technology enhancing personal privacy protection in information system. This was originally to prevent illegal collection, use and provision of personal data and enhance control on own personal information by individual. Specifically, a technology remove cookie or virus, filtering spam mail, etc. However, recently service provider lays a stress on ``consideration at design stage``, ``advancement of technology receiving feedback from user`` and requests tool or system environment more actively protecting privacy. A thought on the positive sum which ``protects both user and provider`` has been widely applied. As service provider cooperates in protecting privacy information in advance with user not leaving it to user, he can obtain trust from user and the business relations can be enhanced. Such a new paradigm became the basis for Privacy by Design. On this new paradigm which each world nation is actively discussing and applying, our country should more positively discuss and cope actively with application environment (changes in technology and legal system) of Privacy by Design worldwide.