신체 정보를 활용한 사이즈 추천 서비스에 대한 소비자의 정보 프라이버시 염려와 정보 제공 의도 -프라이버시 계산 이론을 중심으로-

서상우 한국의류학회 2023 한국의류학회지 Vol.47 No.3

This study aimed to elucidate the information privacy attitudes and behaviors of users of size recommendation services based on body information. Focusing on the privacy calculus theory, the effects of information privacy concerns as well as perceived risk and benefit of information disclosure on information disclosure intention were analyzed. Consumers who used size recommendation services based on body information were surveyed from August 18 to 24, 2022. Analysis of the 251 responses collected revealed that information privacy concerns did not significantly affect information disclosure intention. Information privacy concerns had a positive effect on perceived privacy risk; however, perceived privacy risk had a negative effect on information disclosure intention, while perceived privacy benefit had a positive effect on information disclosure intention. Therefore, the privacy calculus theory confirms the existence of the privacy paradox, revealing perceived privacy benefit has a greater impact on information disclosure intention than perceived privacy risk.

Information Privacy Concern in Context-Aware Personalized Services: Results of a Delphi Study

이연님,권오병 한국경영정보학회 2010 Asia Pacific Journal of Information Systems Vol.20 No.2

Personalized services directly and indirectly acquire personal data, in part, to provide customers with higher-value services that are specifically context-relevant (such as place and time). Information technologies continue to mature and develop, providing greatly improved performance. Sensory networks and intelligent software can now obtain context data, and that is the cornerstone for providing personalized, context-specific services. Yet, the danger of overflowing personal information is increasing because the data retrieved by the sensors usually contains privacy information. Various technical characteristics of context-aware applications have more troubling implications for information privacy. In parallel with increasing use of context for service personalization, information privacy concerns have also increased such as an unrestricted availability of context information. Those privacy concerns are consistently regarded as a critical issue facing context-aware personalized service success. The entire field of information privacy is growing as an important area of research, with many new definitions and terminologies, because of a need for a better understanding of information privacy concepts. Especially, it requires that the factors of information privacy should be revised according to the characteristics of new technologies. However, previous information privacy factors of context-aware applications have at least two shortcomings. First, there has been little overview of the technology characteristics of context-aware computing. Existing studies have only focused on a small subset of the technical characteristics of context-aware computing. Therefore, there has not been a mutually exclusive set of factors that uniquely and completely describe information privacy on context-aware applications. Second, user survey has been widely used to identify factors of information privacy in most studies despite the limitation of users’ knowledge and experiences about context-aware computing technology. To date, since context-aware services have not been widely deployed on a commercial scale yet, only very few people have prior experiences with context-aware person alized services. It is difficult to build users’ knowledge about context-aware technology even by increasing their understanding in various ways: scenarios, pictures, flash animation, etc. Nevertheless, conducting a survey, assuming that the participants have sufficient experience or understanding about the technologies shown in the survey, may not be absolutely valid. Moreover, some surveys are based solely on simplifying and hence unrealistic assumptions (e.g., they only consider location information as a context data). A better understanding of information privacy concern in context-aware personalized services is highly needed. Hence, the purpose of this paper is to identify a generic set of factors for elemental information privacy concern in context-aware personalized services and to develop a rank-order list of information privacy concern factors. We consider overall technology characteristics to establish a mutually exclusive set of factors. A Delphi survey, a rigorous data collection method, was deployed to obtain a reliable opinion from the experts and to produce a rank-order list. It, therefore, lends itself well to obtaining a set of universal factors of information privacy concern and its priority. An international panel of researchers and practitioners who have the expertise in privacy and context-aware system fields were involved in our research. Delphi rounds formatting will faithfully follow the procedure for the Delphi study proposed by Okoli and Pawlowski. This will involve three general rounds: (1) brainstorming for important factors; (2) narrowing down the original list to the most important ones; and (3) ranking the list of important factors. For this round only, experts were treated as individuals, not panels. Adapted from Okoli and Pawlowsk...

빅데이터 환경에서 프라이버시권 개념의 재정식화

변용완,장재옥 아주대학교 법학연구소 2022 아주법학 Vol.16 No.3

In today's information technology era, even if there is no individual confidentiality in itself, if it is comprehensively collected and processed, the individual's life and personality are in a position to be revealed without hiding. The current situation is that personal information or personal data in the information age can be searched and used at any time, increasing the risk of infringing on an individual's personality or privacy. In particular, there have been many studies in the fields of philosophy, ethics, and law on the value of privacy and social functions. In other words, there are personal values such as building and maintaining various human relationships, realizing social freedom, securing superiority in strategic behavior or competition with others, and easing tensions, while considering social values such as realizing individual autonomy, balance of power relations with organizations such as governments and companies, etc. are becoming serious. In particular, when big data including personal information is used for the purpose of realizing social benefits, there is a problem of conflict or balance between the principle of personal information or privacy protection and free use of information. In this paper, I examined the development process of constitutional privacy rights in the United States, which can be considered the starting point of privacy, and the domestic discussion process. In the United States, the existing privacy type has a limitation in that it cannot grasp new privacy violations caused by the development and distribution of information technology, and in Korea, privacy rights are understood as a kind of personal rights, so it can be seen that they are unclear. Based on this awareness of the problem, the theory of Solove and Nissenbaum was examined as a major study of the pragmatic approach to privacy in big data. Solove presented the approximate types of situations such as information collection, processing, diffusion, and intrusion from the perspective of the information subject, and further subdivided each situation type to extract 16 types of harmful activities. Identifying the problem of privacy infringement according to the above type and classification system can prevent the phenomenon that privacy with conceptually abstract and ambiguous characteristics is exaggerated and recognized. Furthermore, according to Solov's classification system, various cultural perceptions of privacy can be reflected depending on the detailed types of harmful or problematic acts belonging to privacy violations. Nissenbaum grasped privacy by context. Context refers to a structured social situation characterized by typical activities, roles, relationships, power structures, rules, and internal values (goals or purposes), and using this basic framework, Nissenbaum can predict the possibility of privacy invasion when new information services, science, and business are introduced. Solove and Nissenbaum's practical approach is meaningful in that it specifically illuminates the abstract problem of privacy from various angles and provides specific measures suitable for the purpose of privacy protection. In particular, Nissenbaum's proposition, "Privacy is the proper flow of information," is meaningful as a starting point for alternatives to improve the limitations of the concept of privacy in big data era.

사용자 인식을 기반으로 한 디지털 개인 정보 유형 연구

김아연,성용준 한국소비자·광고심리학회 2021 한국심리학회지 소비자·광고 Vol.22 No.1

In the digital media environment, privacy issues are becoming more important than ever, and individual’s privacy concerns are increasing. However, the definition of privacy remains unclear and limited empirical research has been conducted. In particular, limited research has investigated the types of privacy from consumers’ perspective. To address this gap in the literature, the present study defines the meaning of privacy in the digital media environment, including various types of personal information based on perceived privacy, and to classify personal information types. Results showed that there are four types of personal information people perceive: digital footprint information, digital life information, demographic information, and self-expression information. Perceived privacy for digital life information was the highest, and it was also most strongly correlated with privacy concerns, while perceived privacy for demographics was the lowest, and weakly correlated with privacy concerns. In addition, perceived privacy for each type of personal information differed depending on gender and age. These findings enhance the understanding of the meaning of privacy from the individual’s point of view, and provide more specific guidelines for government and corporate to solve privacy problems. 디지털 미디어 환경에서 프라이버시 문제는 더 중요해지고 있으며 사람들이 느끼는 프라이버시 염려는 높아지고 있다. 그러나 기존 프라이버시 관련 연구에서 프라이버시의 정의는 여전히 불분명하고, 비교적 단순하게 연구되어왔다. 특히 프라이버시의 유형을 나누어 살펴본 연구는 굉장히 제한된 실정이며 개인 정보의 주체인 사용자 관점이 제외되어왔다. 따라서 본 연구에서는 사용자 인식을 기반으로 다양한 개인 정보 유형을 포함해 디지털 미디어 환경에서 프라이버시의 의미를 재정립하고 개인 정보 유형을 새롭게 분류하고자 하였다. 설문 조사 결과 사람들이 지각하는 개인 정보 유형은 디지털 발자취 정보, 디지털 생활 필수 정보, 인구통계 정보, 자기표현 정보의 네 가지 유형으로 나타났다. 디지털 생활 필수 정보에 대한 프라이버시 지각이 가장 높았으며, 프라이버시 염려와도 가장 강한 상관관계를 보인 한편, 인구통계에 대한 지각된 프라이버시는 가장 낮고, 프라이버시 염려와 낮은 상관관계를 나타냈다. 또한, 각 개인 정보 유형에 대한 지각된 프라이버시는 성별과 연령에 따라서도 차이가 있었다. 이러한 연구 결과는 사용자 관점에서 프라이버시 의미에 대한 이해를 높였다는 점에서 이론적 의의가 있으며, 프라이버시 문제 해결을 위한 정부와 기업의 고민에 대해 구체적인 가이드라인을 제시한다는 점에서 실무적 의의가 있다.

최근 개인정보자기결정권의 동향

백윤철 단국대학교 법학연구소 2014 법학논총 Vol.38 No.3

The Information Privacy Rights is the one of the rights that private information can impact on personal life right to control the subject itself. And the difference between Information Privacy Rights and the privacy of the information that traditionally used, based on the information that the privacy ofan individual's private life that is free physical space for decision-making has been to emphasize the exclusion of interference in the traditional sense, and it has privacy and discrimination. For information about privacy rights violations during the most. It is about the CCTV, 'CCTV' technology for the installation of the expansion of the protection of human rights of the people first think to protect your personal information, and keeping with the principles of the Constitution prohibits excessive 'CCTV' evidence of ability to admit the evidence. But still 'CCTV' idea of a view of the installation is a panacea, whichis a violation of people's privacy rights and information about Portrait rights has been forgotten. 'CCTV' needs and the installation of at least keeping with the principles of the constitutional prohibition must be installed. In addition, installation of domestic airport's full body scanner become a concern at the Ministry of Land, Infrastructure and Transport. Which violate the principles of the Constitution prohibits the excess can be seen as examples. In addition to the Human Rights Commission, the National Pension Corporation personal information from unauthorized view of human rights violations against there commendation was sitting reading room at the National University Library Person of human rights violations by fingerprint identification system also recommended that measures to protect the personal information. In this perspective, ironically, the current protection of personal information is protectingby Human Rights Committee, rather than the Committee of Personal Information Protection Because of privacy laws are enacted, protection of personal information should not have blind spots, but still protecting personal information law system can not be committed. As I described, the protection of personal information does not abolished, so Act on the Protection of Personal CombineInformation have been conflicted with privacy laws. and privacy during work on the important work that the Personal Information Dispute Mediation Committeerole. Privacy Commissioner of deliberation and voting rights, but it does not have a ministerial committee that is only good semblance. Thus, the originalintent of the Privacy Act that people have the right to receive privacy established by the specific identification method and the abolition of privacy, Privacy Commissioner is able to function with different legal status of their permanent status and country Council also operates as same. If the committee of personal information protection can not function it as they described, the Human Rights Commissioner could possibly protect the basic human rights. 최근 불법정보도 아닌데 사회질서를 해한다는 이유로 인터넷 상의 글들이방통심의위에 의해 삭제되고 있다. 최근에는 유병언 전 세모그룹 회장의 사체를 두고 의혹을 제기한 글들이 삭제됐다. 조속한 법 개정이 필요하다는 주장이 나온다. 아울러 ‘잊혀질 권리’를 위한 법 개정 과정에서 인터넷 검열이 강화될 수 있다는 우려도 제기된다. 이러한 측면에서 18세기부터 19세기에 이르러 확립된 기본권(fundamental human rights)이라든가 자유(freedom)의 보장이라는 근대법 이념이 더욱 추진되어, 21세기 인터넷시대에는 개인의 정보주권자로서의 위치와 그 실질적 평등이 지도원리가 될 것이다. 인터넷세계에 있어서는 ‘소비자’라는 관념 그 자체가 정보관계적으로 변경되고, 바뀌어서 등장하는 것이, 있어야 할 모습으로서는 정보주권자(informationalsovereign)이다. 이 의미는, 인터넷세계에 있어서는, 정보의 홍수현상이 더욱 발달되고, 그 중에서 효율적으로 정확하고 필요한 정보에 접근하여 취득, 전달하는 능력이 사람에 따라서 크게 다르며, 이념으로서는 정보주권자인 사람들이, 현실적으로는 정보처리능력에서 열등한 정보약자가 될 수 있다는 것이다. 정보의 홍수현상은 인터넷세계의 시민(netizen)을 삼켜버리고, 편중된 방향으로 netizen을 흘려 넣을 위험이 있다. 여기에서의 정보처리능력이라 함은, 그러한 정보의 홍수현상에 저항할 만큼의 지력과 자율성을 의미한다. 개인의 존중에 필요한 것은 정보의 홍수현상이 아니라, 개인이, 필요로 하는 정확하고 적절한 정보를 알고, 제어할 수 있는 것이다. 모든 시민(netizen)이이 의미의 ‘정보기본권’(fundamental right to information) 내지 정보인권을갖기 위해서는, 각자가 올바른 정보처리능력을 몸에 붙일 권리와 의무를 가질 것이 필요하다. 그러면 이러한 정보기본권 내지 정보인권이란 실정법적 개념이 아닌데, 그 개념에 대한 정의를 하면 우선 여기서 정보란 사전적 의미로 사물이나 어떤 상황에 대한 새로운 소식이나 자료를 의미하고, 정보기본권에서 정보란 사전적 의미에 기본권 주체에 관련된 정보이고, 이러한 정보는 수집, 가공, 수정, 유통, 처리, 활용 등에 관한 기본권 주체가 이에 대하여 통제할 수 있는 기본권이라 정의하고자 한다. 그 의미에서 소비자교육과는 다른, 인터넷시민적 교육(netizenry education), 정보주권자(informationsovereign, holder of (fundamental human) rights to information)에 적합한 자율성이 중요하다. 그와 같이 자율성, 주체성을 보지하는 인터넷세계의 주민 netizen이, Net상에서 사회적으로 적극적으로 발언하고, 주장하고, 행동한다면, 그곳에 원시성운과 같은 대단한 에네르기를 갖는 정보사회가 창조될 것이다. 모든 발신의 근원을 포함시킨 Net상의 정보량은, 진정 천문학적인 규모에 달하는 것이다. 정보에 관한 자유의 정도는 정말로 ‘폭발한다’고 하여도 좋을 것이다. 그리고 인터넷과 헌법의 문제에서 논의되고 있는 주제는 다음과 같다. 우선 사이버공간이 영토, 영해, 영공에 이은 제4의 영역이 될 수 있는냐는 문제이다. 이러한 문제는 관할권 문제가 제기된다. 특히 인터넷은 국경이 없는 공간이기 때문에 이러한 문제를 해결하는 것은 쉽지가 않다. 그리고 인터넷과 기본권 문제로서 제기되는 것은 표현의 자유, 개인정보자기결정권 문제, 교육권, 소비자의 권리, 재판청구권문제, 그리고 전자적 민주주의라는 주제로 논의되는 정치적 표현 ...

전자상거래에서 정보 프라이버시 염려를 유발하는 원인과 보호반응에 관한 연구: 주인-대리인 이론을 중심으로

김종기 ( Jong Ki Kim ),김진성 ( Jin Sung Kim ) 한국정보시스템학회 2014 情報시스템硏究 Vol.23 No.4

Under the premise that information privacy concerns can atrophy e-commerce by causing particular behaviors of Internet users, this study focused on exploring the causes of information privacy concerns, the related information privacy protective responses of Internet users, and measures for alleviating the information privacy concerns. This study is based on the ``principal-agent theory,`` and established the following as factors that cause information privacy concerns of Internet users: perceived information non-transparency; perceived action uncertainty. Also, the information privacy concerns caused by the factors were established as the cause of information privacy protective responses of Internet users. Also, the concept of ``signaling`` and ``incentive,`` which were presented to solve the adverse selection and moral hazard issue in the host-agent theory, was introduced to establish the following as factors that alleviate information privacy concerns: trust; informativeness. Those factors were included in the research model to conduct an empirical analysis. The analysis has revealed that both the perceived information non-transparency (p<0.01) and perceived action uncertainty (p<0.01) as to websites had a significant impact on information privacy concerns. Also, information privacy concerns of Internet users (p<0.01) had a significant impact on their information privacy protective responses who strive to protect their personal information. In addition, when trust and informativeness, which were established as factors that can alleviate information privacy concerns, were empirically analyzed, trust and informativeness had the effect of alleviating information privacy concerns. Based on the findings, the following was confirmed: Boosting the trust of Internet users in websites and offering useful information related to personal data can play a key role in alleviating the information privacy concerns of Internet users.

연구논문 : 최근 개인정보자기결정권의 동향

백윤철 ( Yun Chul Ba다 ) 단국대학교 법학연구소 2014 법학논총 Vol.38 No.3

The Information Privacy Rights is the one of the rights that private information can impact on personal life right to control the subject itself. And the difference between Information Privacy Rights and the privacy of the information that traditionally used, based on the information that the privacy of an individual`s private life that is free physical space for decision-making has been to emphasize the exclusion of interference in the traditional sense, and it has privacy and discrimination. For information about privacy rights violations during the most. It is about the CCTV, ``CCTV`` technology for the installation of the expansion of the protection of human rights of the people first think to protect your personal information, and keeping with the principles of the Constitution prohibits excessive ``CCTV`` evidence of ability to admit the evidence. But still ``CCTV`` idea of a view of the installation is a panacea, which is a violation of people`s privacy rights and information about Portrait rights has been forgotten. ``CCTV`` needs and the installation of at least keeping with the principles of the constitutional prohibition must be installed. In addition, installation of domestic airport`s full body scanner become a concern at the Ministry of Land, Infrastructure and Transport. Which violate the principles of the Constitution prohibits the excess can be seen as examples. In addition to the Human Rights Commission, the National Pension Corporation personal information from unauthorized view of human rights violations against the recommendation was sitting reading room at the National University Library Person of human rights violations by fingerprint identification system also recommended that measures to protect the personal information. In this perspective, ironically, the current protection of personal information is protecting by Human Rights Committee, rather than the Committee of Personal Information Protection Because of privacy laws are enacted, protection of personal information should not have blind spots, but still protecting personal information law system can not be committed. As I described, the protection of personal information does not abolished, so Act on the Protection of Personal Combine Information have been conflicted with privacy laws. and privacy during work on the important work that the Personal Information Dispute Mediation Committee role. Privacy Commissioner of deliberation and voting rights, but it does not have a ministerial committee that is only good semblance. Thus, the original intent of the Privacy Act that people have the right to receive privacy established by the specific identification method and the abolition of privacy, Privacy Commissioner is able to function with different legal status of their permanent status and country Council also operates as same. If the committee of personal information protection can not function it as they described, the Human Rights Commissioner could possibly protect the basic human rights.

Information Privacy Concern in Context-Aware Personalized Services: Results of a Delphi Study

Lee, Yon-Nim,Kwon, Oh-Byung The Korea Society of Management Information System 2010 Asia Pacific Journal of Information Systems Vol.20 No.2

Personalized services directly and indirectly acquire personal data, in part, to provide customers with higher-value services that are specifically context-relevant (such as place and time). Information technologies continue to mature and develop, providing greatly improved performance. Sensory networks and intelligent software can now obtain context data, and that is the cornerstone for providing personalized, context-specific services. Yet, the danger of overflowing personal information is increasing because the data retrieved by the sensors usually contains privacy information. Various technical characteristics of context-aware applications have more troubling implications for information privacy. In parallel with increasing use of context for service personalization, information privacy concerns have also increased such as an unrestricted availability of context information. Those privacy concerns are consistently regarded as a critical issue facing context-aware personalized service success. The entire field of information privacy is growing as an important area of research, with many new definitions and terminologies, because of a need for a better understanding of information privacy concepts. Especially, it requires that the factors of information privacy should be revised according to the characteristics of new technologies. However, previous information privacy factors of context-aware applications have at least two shortcomings. First, there has been little overview of the technology characteristics of context-aware computing. Existing studies have only focused on a small subset of the technical characteristics of context-aware computing. Therefore, there has not been a mutually exclusive set of factors that uniquely and completely describe information privacy on context-aware applications. Second, user survey has been widely used to identify factors of information privacy in most studies despite the limitation of users' knowledge and experiences about context-aware computing technology. To date, since context-aware services have not been widely deployed on a commercial scale yet, only very few people have prior experiences with context-aware personalized services. It is difficult to build users' knowledge about context-aware technology even by increasing their understanding in various ways: scenarios, pictures, flash animation, etc. Nevertheless, conducting a survey, assuming that the participants have sufficient experience or understanding about the technologies shown in the survey, may not be absolutely valid. Moreover, some surveys are based solely on simplifying and hence unrealistic assumptions (e.g., they only consider location information as a context data). A better understanding of information privacy concern in context-aware personalized services is highly needed. Hence, the purpose of this paper is to identify a generic set of factors for elemental information privacy concern in context-aware personalized services and to develop a rank-order list of information privacy concern factors. We consider overall technology characteristics to establish a mutually exclusive set of factors. A Delphi survey, a rigorous data collection method, was deployed to obtain a reliable opinion from the experts and to produce a rank-order list. It, therefore, lends itself well to obtaining a set of universal factors of information privacy concern and its priority. An international panel of researchers and practitioners who have the expertise in privacy and context-aware system fields were involved in our research. Delphi rounds formatting will faithfully follow the procedure for the Delphi study proposed by Okoli and Pawlowski. This will involve three general rounds: (1) brainstorming for important factors; (2) narrowing down the original list to the most important ones; and (3) ranking the list of important factors. For this round only, experts were treated as individuals, not panels. Adapted from Okoli and Pawlowski, we out

제2세대 프라이버시보호법으로서의 개인정보보호법에 대한 이해

이인호 사법발전재단 2009 사법 Vol.1 No.8

The privacy law should strike a balance between the value of preservation of private domain and the need of social circulation of private affairs. This balancing process is very interesting one in which new legal apparatus is developed and applied to meet a challenge of changed circumstances and to restore the broken equilibrium. The article is intended to elucidate and solve the problem of how to treat data subject's consent in the data protection law. How much control should data subject retain in the course of processing his personal information by other entities. The idea that a citizen's private domain should be protected had not arisen until the end of the 18th century. In the latter half of 19th century, that idea had gradually emerged. The right to privacy was the result of accepting the value of private domain. From that time down to 1970s, the first generation of privacy law had directly prohibited unwarranted access, disclosure or divulgence of some legally valuable private information of data subject. At that time, the legal approach of privacy law was the model of seclusion. The approach was a passive one that protected a person's private domain from outer intrusion or public disclosure. But this approach had struck a balance between the value of privacy and the need of social circulation of private affairs. The emergence of computer and digital technology in 1960s had begun to break the equilibrium. Having started to record and process personal information in digital code, new threats to personal privacy had emerged. The new situation is now that my genuine personality could be defined by a digital personality which someone had collected and recorded. Someone who has my digital personality would make a decision about me based on the collected data related to me. Therefore, I could be suffered by wrong and old information which he has and uses. This problem was the same in the manual filing system. But the digital information technologies have lifted the limits of manual filing system. Some data controllers maybe know about me much more than I know myself. The second generation of privacy law, data protection law, has emerged in order to respond this new challenges. The new threats to privacy are very different from former threats in terms of their contents and nature. The legal response must be different. The approach and method of data protection law is the so-called model of participation. The model is that the data subject shall participate in the processing of digital information by data controller. It can play an important role of anti-surveillance. This model does not prohibit any collection, use or disclosure of personal information. It does not provide the data subject with a full authority of consent concerning the data controller's processing of personal information. The article emphasizes that the seclusion model and participation model should be distinguished and the data protection law should not be understood as a form of seclusion model. 프라이버시보호법은 개인의 사적 영역의 보호의 가치와, 서로 간에 교류해야 하는 사회적 커뮤니케이션의 필요성을 조화롭게 조정해내어야 한다. 이러한 조정의 과정은 이익의 균형을 깨뜨리는 새로운 상황변화에 대응하여 균형을 복원시키기 위한 새로운 법적 수단의 개발과 적용이라는 흥미로운 과정이다. 이 글은 제2세대 프라이버시보호법인 개인정보보호법에서 정보주체의 동의를 어떻게 위치지울 것인가 하는 문제를 해명하기 위한 것이다. 정보주체는 타인의 개인정보처리에 어느 정도의 통제권을 가지는 것이 합리적인가? 18세기까지 사적 영역을 법적으로 보호해야 한다는 관념은 형성되지 않았다. 이때까지만 해도 프라이버시의 이익은 법적으로 승인되지 못하였다. 그러나 19세기 후반 미국에서 신문산업이 활성화되고 일부 황색신문(yellow journalism)이 유명인의 사생활을 들추어내어 그 정보를 상업적으로 악용하는 새로운 상황이 발생하면서 그에 대응하여 사생활보호의 관념이 형성되고 그러한 보호의 가치를 법적으로 승인한 결과가 프라이버시권(right to privacy)이었다. 이후 1970년대까지 제1세대 프라이버시보호법은 “보호할 가치 있는” 개인의 사적 정보(private information)나 비밀정보(confidential information)에 “부당하게” 접근(access)하거나 혹은 그것을 “부당하게” 공표(public disclosure) 또는 누설(divulge)하는 행위를 형사적 또는 민사적 제재로써 “직접” 금지하여 왔다. 이 시기의 법적인 보호방식은 “은둔 모델”(seclusion model)이었다. 개인의 사적 영역을 외부의 침입이나 외부에의 공표로부터 소극적으로 보존하는 방식이었다. 이러한 방식으로 사생활보호의 이익과 사회적 커뮤니케이션의 필요성은 균형 있게 조정될 수 있었다. 그러나 1960년대에 시작된 컴퓨터와 디지털정보기술은 이러한 균형을 깨기 시작하였다. 개인에 관한 정보가 디지털로 기록되기 시작하면서 사생활보호의 가치에 대한 새로운 위협이 등장하였다. 디지털정보기술에 힘입어 누군가에 의해서 광범위하게 기록되는 나의 디지털인격은 나의 실존인격과 분리된 채 그 기록된 인격이 나의 진짜 인격을 규정하는 상황이 발생하였다. 나의 디지털인격을 가진 자는 그 기록된 인격을 보고 나에 관한 판단과 결정을 내리게 되었다. 때문에 틀리거나 낡은 개인정보는 나의 실존인격에 치명적인 피해를 줄 수도 있다. 사실 이 점에서는 종래 개인에 관한 수기파일도 동일한 문제점을 안고 있었다. 그러나 그 위험성이란 수기파일의 기술적 한계에 의해 매우 제한적이었다. 그런데 디지털기술은 수기파일의 기술적 한계를 없애버렸다. 무한대로 기록ㆍ축적할 뿐만 아니라 그 데이터들을 가공하여 나에 관한 또 다른 새로운 정보를 생산해낼 수 있게 되었다. 어쩌면 내가 나를 아는 것보다 나에 관해 더 많은 것을 알지도 모른다. 제2세대 프라이버시보호법인 개인정보보호법은 이러한 새로운 위협에 대응하기 위하여 생겨났다. 그 위험의 내용과 성격이 다른 만큼 그 대응방식도 다르게 나타난다. 개인정보보호법의 대응방식은 “참여 모델”(participation model)이다. 개인정보처리의 과정에 당해 정보주체를 참여시키는 방식이다. 그리하여 감시에 대한 역감시의 기능을 수행하게 한다. 이 참여방식은 개인정보의 처리(=수집ㆍ가공ㆍ이용ㆍ제공) 자체를 무단히 금지시키는 것은 아니다. 물론 부분적인 처리의 금지는 필요한 경...

소비자의 정보프라이버시 우려와 개인정보 피해 심각성 인지가 간편결제 서비스 이용에 미치는 영향 - 개인정보 보호행동의 매개효과를 중심으로

이성림 ( Lee Seonglim ),송효석 ( Song Xiaoxi ) 한국소비자학회 2019 소비자학연구 Vol.30 No.6

본 연구는 소비자의 정보프라이버시 우려와 개인정보 피해 심각성 인지가 개인정보 보호행동을 매개로 간편결제 서비스 이용에 미치는 영향을 고찰하였다. 2017년 정보보호실태 개인대상 자료에서 모바일 기기 이용자 3986명의 표본이 분석에 사용되었으며, 매개효과를 분석하기 위하여 Hick & Tingley의 매개효과 추정방법과 부트트랩 방법을 적용하였다. 주요 결과는 다음과 같다. 첫째, 개인정보 피해 심각성 인지, 개인정보 무단 활용 우려, 개인정보 제3자 제공 우려는 개인정보 보호행동에 유의한 양의 영향이 있다. 둘째, 개인정보 피해 심각성 인지, 개인정보 무단활용 우려, 개인정보 제3자 제공 우려는 개인정보 보호행동을 매개로 간편결제 서비스 이용에 유의한 양의 효과가 나타났다. 셋째, 개인정보 피해 심각성 인지와 개인정보 무단 활용 우려는 간편결제 서비스 이용에 유의한 양의 영향을 미치는 것으로 나타났는데, 소비자들이 개인정보 피해의 심각성을 인지하고 개인정보 무단 활용을 우려하면서도 이를 감수하고 간편결제 서비스를 이용하는 현실이 반영된 결과로 해석된다. 이상의 결과는 개인정보 보호행동이 간편결제 서비스 이용을 확산시키는 효과가 있음을 나타내는 것으로서 소비자의 개인정보 보호 역량을 증진하는 방안을 마련할 필요가 있음을 시사한다. 간편결제 서비스 이용에 개인정보 무단 활용 우려가 유의한 양의 효과가 나타난 결과는 간편결제 서비스를 이용하는 소비자는 동시에 개인정보의 무단 활용을 우려함을 시사하는 것으로서 간편결제 서비스를 이용하는 소비자의 정보프라이버시 우려를 경감시키기 위하여 사업자의 개인정보 활용에 대한 투명성을 제고하는 개인정보정책이 수립될 필요가 있다. Easy payment service has merits to reduce transaction costs, and with its simple and easy procedure for payment, consumers using easy payment service can enjoy improved convenience in the market. However, in order to use easy payment service, consumers are required to provide a wide spectrum of personal information including name and phone number, credit card number and expiration date, and IP information, etc. which may be shared with multiple parties who are involved in the provision of easy payment service to consumers. Numerous prior research has shown a negative relationship between personal information risk and use of easy payment service, and consumers’ concern on information privacy and information security is known as one of the important factors which hinders consumers’use of easy payment service. Based on reasoning that consumers’information privacy protection behavior may mitigate this negative relationship and contribute to spreading consumers’ use of easy payment service, this study examined the mediating effects of information privacy protection behavior on the relationship between use of easy payment service, and consumers’information privacy concern and perceived severity of private information damage. The sample of 3986 smart phone users from 2017 information protection individual survey conducted by Statistics Korea was used for the analysis. First, the effects of independent variables (consumers’information privacy concern and perceived severity of private information damage) on the mediation variable (information privacy protection behavior) were examined by applying multiple regression analysis. In the second stage, the effects of independent variables and mediation variable on the dependent variable (use of easy payment service) were examined by applying probit analysis, because use of easy payment service was measured in dichotomous scale which was coded as 1 if consumers used service, otherwise 0. To estimate and test the mediation effect, Hick & Tingley’s estimation method and bootstraping procedure were applied. The major results were as follows. First, perceived severity of private information damage, information privacy concern of unauthorized use of personal information, and that of sharing personal information with a third party without consent were positively associated with consumers’ privacy protection behavior. Second, information privacy protection behavior mediated the relationship between use of easy payment service, and consumers’information privacy concerns and perceived severity of private information damage. Third, perceived severity of private information damage and concerns on unauthorized use of personal data had a direct effect on the use of easy payment services, which suggested that use of easy payment services entailed information privacy concerns and threats. These findings suggest that enhancing information privacy protection behavior has a positive effect on spreading use of easy payment services, and therefore the related consumer education programs need to be developed and implemented. To relieve consumer’s information privacy concerns, the public policy needs to focus on fostering transparency of entrepreneur’s using personal information.