Rule or Standard: The De-Identification of Personal Information in Korea

Cited 0 time in Web of Science Cited 0 time in Scopus

Ko, Haksoo; Lee, Sun Goo

Issue Date
서울대학교 아시아태평양법연구소
Journal of Korean Law, Vol.17 No.1, pp. 79-100
Big datade-identificationanonymizationpersonal informationKorearulestandardrisk-based approach
Korea is a data-rich country with huge potential in this era of the data-driven economy. Nonetheless, it is unclear if the country is actively utilizing its potential. A central reason for this hesitancy appears to be related to Koreas strict privacy law regime. In an effort to encourage utilization of data, the Korean government issued multi-agency de-identification guidelines in 2016. The guidelines rely heavily on the statistical concept of k-anonymity. In the context of academic discourse distinguishing between rules and standards, the adoption of k-anonymity can be identified with the adoption of a rule. By analogy, employing the concept of k-anonymity is akin to imposing the same speed limit in all cases, regardless of road conditions such as the traffic situation, time, and number of lanes. On the other hand, a standard would demand that drivers drive at a reasonable speed. As such, while a rule is simpler and easier to follow, a standard could be adapted to suit diverse circumstances. This article suggests that Korea needs to adopt a risk-based approach for de-identifying personal information and argues that a risk-based approach would be predicated upon providing a suitable standard, not a rule.
Files in This Item:
Appears in Collections:
College of Law/Law School (법과대학/대학원)The Law Research Institute (법학연구소) Journal of Korean Law (JKL)Journal of Korean Law Volume 17 Number 1/2 (2017/2018)
  • mendeley

Items in S-Space are protected by copyright, with all rights reserved, unless otherwise indicated.