생체정보 보호 강화를 위한 입법정책적 고찰Legislative Policy Consideration for Reinforcement of Biometrics Protection
- Other Titles
- Legislative Policy Consideration for Reinforcement of Biometrics Protection
- Authors
- 이부하; 박신욱
- Issue Date
- 2022
- Publisher
- 충북대학교 법학연구소
- Keywords
- 생체정보; 생체인식정보; 개인 건강정보; 민감정보; 인증; Biometrics; Biometric Data; Personal Health Data; Sensitive Data; Authentication
- Citation
- 과학기술과 법, v.13, no.1, pp.171 - 198
- Indexed
- KCI
- Journal Title
- 과학기술과 법
- Volume
- 13
- Number
- 1
- Start Page
- 171
- End Page
- 198
- URI
- https://scholarworks.bwise.kr/gnu/handle/sw.gnu/2193
- DOI
- 10.34267/cbstl.2022.13.1.171
- ISSN
- 2093-5927
- Abstract
- Article 23 (1) of the Personal Information Protection Act stipulates that “A personal information controller shall not process any information prescribed by Presidential Decree (hereinafter referred to as ‘sensitive data’), including ideology, belief, admission to or withdrawal from a trade union or political party, political opinions, health, sex life, and other personal information that is likely to markedly threaten the privacy of any data subject.” Article 18 of the Enforcement Decree of the Personal Information Protection Act stipulates that ‘Information prescribed by Presidential Decree’ in the main clause , with the exception of the subparagraph, of Article 23 (1) of the Act means the following data or information. In subparagraph 3, “Personal information resulting from specific technical processing of data relating to the physical, physiological or behavioral characteristics of an individual for the purpose of uniquely identifying that individual” is defined as one of the sensitive data.
The range of sensitive data is wider than that of biometrics. ‘Data that constitutes a criminal history record’ defined in subparagraph 5 of Article 2 of the Act on the Lapse of Criminal Sentences, etc. as stipulated in Article 18 (3) of the Enforcement Decree of the Personal Information Protection Act and Article 18 (4) of the Enforcement Decree of the Personal Information Protection Act ‘Personal information revealing racial or ethnic origin’ is sensitive data completely different from biometric information.
Therefore, it is necessary to enact a separate law to protect and manage biometrics or biometric information that requires more protection than sensitive data.
As safety measures for biometrics security, there are first, security measures for forged/falsified biometric information, second, protection of the transmission section when collecting and inputting biometric information, third, use within the scope of the agreed purpose, fourth, biometric information collection and input processing at the terminal, fifth, encryption when storing biometric information, sixth, destruction of biometric information, seventh, separate storage when storing original biometric information, eighth, in case of leakage of biometric information, protective measures are taken.
The Act on Protection and Management of Biometrics (draft) includes Chapter 1 General Provisions, Chapter 2 Establishment of Biometrics Protection Policy, Chapter 3 Collection and Use of Biometrics and Restrictions on It, Chapter 4 Safe Management of Biometrics, and Chapter 5, Guarantee of Rights of Data Subjects.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - 법과대학 > Department of Law > Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.gnu.ac.kr/handle/sw.gnu/2193)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.