Abstract
As the demand for artificial intelligence services using personal information increases worldwide, personal information infringement accidents are continuously occurring. In this regard, the government and corporations are trying to suggest countermeasures against infringement to resolve the incident of personal information infringement, but the standards for this are ambiguous. Accordingly, in this study, by linking the AI service provision process and personal information processing process, it is divided into service planning, data design, collection process, data pre-processing and purification process, algorithm development and utilization process, and personal information collection and use in the process. And, personal information infringement factors and protective factors for steps such as provision, consignment, and destruction were derived based on literature research. The infringement factors and protection factors derived in this way were summarized by conducting FGI and Delphi surveys for experts, and the importance of the experts was investigated using the 5-point scale survey. Accordingly, the risk level of each intrusion factor was calculated and presented as a crisis management compliance for each service process and step-by-step response to personal information infringement incidents.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Table Impact of personal information (Asset Value).
Rank
Explanation
Asset value
1st grade
• Personally identifiable or sensitive personal information.
• Personal information whose processing is strictly restricted in accordance with relevant laws.
• Information directly available to the crime in the event of a leak
5
2nd grade
• Personal information that can clearly identify an individual when combined
• Information that can be held legally liable in case of leakage
3
3rd grade
• Information that can provide additional information in combination with personal information
• Information that can be used illegally in limited areas
1
- 2.
Personal Information Infringement Risk = Personal Information Impact (Asset Value) + (Possibility of Infringement X Legal Compliance) × 2.
References
Kug, K.W.: Application examples by artificial intelligence technology and industry. Wkly. Trend. 15–27 (2019)
Personal Information Protection Committee: Artificial Intelligence (AI) Personal Information Protection Self-Checklist (2021)
The legislative power plant: overseas discussions on AI privacy issues (2018). http://blog.naver.com/PostView.nhn?blogId=legislationpp&logNo=221408527453. Last accessed 22 April 2022
Goosen, R., Rontojannis, A., Rogg, J., Bohmayi, W., Mkrtchian, D.: Artificial intelligence is a threat to cybersecurity. It’s also a solution. Technol. Digit. BCG. (2018). https://www.bcg.com/publications/2018/artificial-intelligence-threat-cybersecurity-solution.aspx. Last accessed 22 April 2022
National Information Society Agency: Korea AI Company Status Survey Report, pp. 1–119 (2017)
Kim, D.H.: AI guidelines' from around the world will compete... A small step domestically. News Tomato (2021). http://m.gobest.news.dreamwiz.com/NEWSAXmV7Is1a3AFLjqbk89k. Last Accessed 22 April 2022
Biometrics and Forensics Ethics Group: ethical issues arising from the police use of live facial recognition technology. In: Interim Report of the Biometrics and Forensics Ethics Group Facial Recognition Working Group (2019)
Australian Government, Department of Industry, Science, Energy, and Resource: Artificial Intelligence: Australia's Ethics Framework, A Discussion Paper, pp. 1–76 (2019)
Korea Internet & Security Agency: A Study on Improvement Plans for Personal Information Protection Policy for Fostering the Artificial Intelligence Industry. Service Proposal Request Form (2020)
Personal Information Protection Committee and Korea Internet & Security Agency: Artificial Intelligence and Personal Information Protection. The 6th Pseudonym Information Expert Training Materials (2021)
National Information Society Agency: Threats, and countermeasures against the exploitation of artificial intelligence. NIA Special Report (2018)
Shin, Y.J.: The improvement plan for personal information protection for artificial intelligence (AI) service in South Korea. J. Converg. Inf. Technol. 11(3), 20–33 (2021)
Comiter, M.: Attacking artificial intelligence. Harvard Kennedy School Belfer Center for Science and International Affairs (2019)
Ministry of Science, Technology, and Information and National Information Society Agency: a guide to building datasets for artificial intelligence learning (2021)
Personal Information Protection Commission: Analysis of personal information infringement factors in the Internet of Things era and investigation of actual cases. Personal Information Protection Committee (2015)
Shim, H.J.: The Paradox of Artificial Intelligence (AI) and Privacy: Focusing on AI Voice Assistants. KISDI Premium Report (2018)
Lee, B.G.: The final report on the development of AI dysfunction prevention technology by deceptive attacks. Information and Communication Planning and Evaluation Institute, Ministry of Science, and ICT (2021).
Kim, D.H., Yoon, S.W., Lee, Y.P.: Security for IoT service. J. Korean Inst. Commun. Sci. 30(8), 53–59 (2013)
Jeon, J.H.: Analysis on the security threat factors of the Internet of Things. Converg. Secur. J. 15(7):47–53 (2015)
Shin, Y.J.: A study on developing and applying framework and assessment standard of its conformity of personal information protection for iot service subject. J. Korean Assoc. Reg. Inf. Soc. 23(2), 83–117 (2016)
Sohn, S.J., Ahn, S.J.: A study on the artificial intelligence ethical principal classification model. Proc. Korean Assoc. Comput. Educ. 25(2), 111–114 (2021)
Internet, K., Agency, S.: Main contents of EU artificial intelligence (AI) regulation and protection of personal information. Mon. Trend Anal. Pers. Inf. Prot. 5, 1–15 (2021)
Choi, K.J.: A study for developmental change of personal information protection law system in the age of big data and Internet of Things (IoT). CHUNG_ANG LAW REVIEW 17(4), 7–50 (2015)
Kim, Y.D., Jang, W.C.: Direction of improvement of privacy protection regulation for promoting artificial intelligence industry. J. Law Econ. Regul. 9(2), 161–176 (2016)
Lim, C.H., Kim, J.Y., Choi, J.H.: Profiling of cyber-crime by psychological view. J. Korea Inst. Inf. Secur. Cryptol. 19(4), 115–124 (2009)
EU.: General Data Protection Regulation (GDPR) (2016)
Personal Information Protection Commission and Korea Internet & Security Agency. Personal Information Impact Assessment Performance Guide (2020)
Cyber Security Strategic Headquarters. Severity evaluation criteria (draft) for critical infrastructure service failures due to cyber-attacks (2018). https://www.nisc.go.jp/conference/cs/ciip/dai14/pdf/14shiryou12-2.pdf. Last accessed 22 April 2022
Internet, K., Agency, S.: Main contents of EU artificial intelligence (AI) regulation and protection of personal information. Pers. Inf. Prot. Mon. Trend. Anal. 5, 1–15 (2021)
Acknowledgements
This work was supported by the Ministry of Education of the Republic of Korea and the National Research Foundation of Korea (NRF-2021S1A5A2A01069913).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Shin, Y.J. (2023). A Study on the Development of Crisis Management Compliance by Personal Information Infringement Factors in Artificial Intelligence Service. In: Onwubiko, C., et al. Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Springer Proceedings in Complexity. Springer, Singapore. https://doi.org/10.1007/978-981-19-6414-5_16
Download citation
DOI: https://doi.org/10.1007/978-981-19-6414-5_16
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-6413-8
Online ISBN: 978-981-19-6414-5
eBook Packages: Physics and AstronomyPhysics and Astronomy (R0)