Informatization Policy (정보화정책)

National Information Society Agency (한국지능정보사회진흥원)
권호 표지
DOI QR코드

DOI QR Code

A Study on the Determinants of Personal Information Protection Activities: With a Focus on Personal Information Managers

개인정보보호 활동 결정요인 연구: 개인정보처리자를 중심으로

  • Jang, Chul-Ho (Personal Data Strategy Team, Korea Internet & Security Agency) ;
  • Cha, Yun-Ho (Personal Data Strategy Team, Korea Internet & Security Agency)
  • Received : 2020.12.22
  • Accepted : 2021.02.02
  • Published : 2021.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

The purposes of this study are to identify factors that affect personal information protection activities from the perspective of personal information managers and explore ways of promoting such activities. The main factors examined by threat and response assessments were selected based on the protection motivation theory, and the effects of each factor were analyzed using a multinomial logit model. The analysis results show that small-scale personal information managers need to be provided with both educational support to enhance their awareness and technical support, such as protection inspection tools, to help them carry out their own personal information protection activities. Personal information managers larger than a certain size also require tax support, including tax cuts, to support their budgets for and investments in personal information protection activities. In addition, they need professional education that emphasizes practice.

본 연구는 개인정보처리자 관점에서 개인정보보호 활동에 영향을 미치는 요인을 확인하고, 개인정보처리자 스스로 보호 활동을 강화하기 위한 방안을 모색하는데 있다. 요인 탐색을 위해 보호동기이론을 바탕으로 위협평가와 대처평가요인으로 대표되는 주요 요인을 선정하였으며, 요인별 영향분석을 위해 다항로짓모형을 활용하였다. 분석결과, 소규모 개인정보를 보유한 영세 개인정보처리자는 스스로 개인정보 보호 활동을 수행할 수 있도록 보호조치 점검도구 등 시스템 및 기술지원과 인식제고를 위한 교육지원이 필요하다. 그리고 대규모 개인정보를 보유한 개인정보처리자는 예산 및 조세지원 등 개인정보 보호 강화를 위한 투자를 장려하며, 실무 중심의 전문교육 지원이 필요한 것으로 나타났다.

Keywords

References

  1. Bae, J. (2016). "An empirical study on the effect of leakage threat of personal information on protective behavior intention in big data environment : Based on health psychology theory and protection motivation theroy." The e-business studies, 17(3), 191-208. https://doi.org/10.20462/TeBS.2016.06.17.3.191
  2. Bandura, A. (2001). "Social Cognitive theory : An Agentive Perspective" Annual Review of Psychology, 52, 1-26. https://doi.org/10.1146/annurev.psych.52.1.1
  3. Bulgurcu, Burcu Cavusoglu, Hasan Benbasat & Izak (2010). "Information Security Policy Compliance : An Empirical Study of Rationality-Based Beliefs and Information Security Awareness." MIS Quarterly, 34(3), 523-A7. https://doi.org/10.2307/25750690
  4. Crossler, R. & Blanger, F. (2014). "An extended perspective on individual security behavior : Protection motivation theory and a unified security practices(USP) instrument." ACM SIGMIS Databases, 45(4), 51-71. https://doi.org/10.1145/2691517.2691521
  5. Floyd, D. L., Prentice-Dunn,S. & Rogers, R.W. (2000). "A meta analysis of research on protection motivation theory." Journal of Applied Social Psychology, 30, 407-429. https://doi.org/10.1111/j.1559-1816.2000.tb02323.x
  6. Gurung, Anil, Xin Luo & Qinyu Liao (2009). "Consumer motivations in taking action against spyware : an empirical investigation." Information Management & Computer Security, 17(3), 276-289. https://doi.org/10.1108/09685220910978112
  7. Ifinedo, P. (2012). "Understanding information systems security policy compliance : An integration of the theory of planned behavior and the protection motivation theory." Computers & Security, 31(1), 83-95. https://doi.org/10.1016/j.cose.2011.10.007
  8. Kim, M. & Kim, S. (2014). "A study on Intention to Accept the Right to be Forgotten Associated with Exposure of Personal Data." Korean Journal of Journalism & Communication Studies, 58(2), 307-336.
  9. Kim, S & Lee, K. (2011). An empirical study on perception factors influencing information security behavior. Paper prsented at the Korea IT service society, Nov.30.
  10. Kim, S. & Park, H. (2013). "An Analysis of Influence Factor on Privacy Protection Awareness and Protection Behavior and moderating Effect of Privacy Invasion Experience." Internet e-commerce Studies, 13(4), 79-105.
  11. Kim, J. & Kim, S. (2013). "Privacy Behavioral Intention in Online Environment : Based on Protection Motivation Theory." Informatization policy, 20(3), 63-85.
  12. Kim, J., Kim, S. & Kwon, D. (2016), "Study on Social Network Service(SNS) Users' Privacy Protection Behavior : Focusing on the protection motivation theory." Journal of information systems, 25(3), 1-30. https://doi.org/10.5859/KAIS.2016.25.3.1
  13. Lee, H., Roh, E. & Han, K. (2018). "A study on factors affecting the investment intention of information security." Korea digital contents society, 19(8), 1515-1525. https://doi.org/10.9728/dcs.2018.19.8.1515
  14. Lee, K., Han, K. & Jung, J. (2016). "A study of influencing factors for compliance intention of personal information protection policy of public institution employees." Entrue Journal of Information Technology, 15(1), 75-94.
  15. Ministry of the Interior and Safety & Personal Information Protection Commission (2020). 2019 Survey on the Personal information Protection. Seoul
  16. Park, J. (2019). "A study on the influence of the perception of personal information security of youth on security attitude and security behavior." Journal of the Korea industrial information systems society, 24(4), 79-98.
  17. Park, C. & Lee, S. (2014). "A study of the user privacy protection behavior in online Environment : Based on protection motivation theory." Journal of Internet Computing and Services, 15(2), 57-71. https://doi.org/10.7472/jksii.2014.15.4.57
  18. Rogers, R. W. (1975). "A protection motivation theory of fear appeals and attitude change." Journal of Psychology, 91(1), 93-114. https://doi.org/10.1080/00223980.1975.9915803
  19. Rogers, R. W. (1983). "Cognitive and physiological processes in fear appeals and attitude change : A revised theory of protection motivation." Social Psychophysiology : A sourcebook. 153-177. New York : Guilford Press.
  20. Tian, Y., Park, M. & Chai, S. (2020). "A Study on the Factors of Online Information Security Behavior Failure : Focused on the Elderly." Journal of information systems, 29(1), 51-74. https://doi.org/10.5859/KAIS.2020.29.1.51
  21. Wooldridge, J. (2010). Econometric analysis of cross section and panel data. MIT press.
  22. Workman, M. & Bommer, W. H. & Straub, D. (2009). "The Amplification Effects of Procedural Justice on a Threat Control Model of Information Systems Security Behaviours." Behaviour & Information Technology, 28(6), 563-575. https://doi.org/10.1080/01449290802556021
  23. Youn, Seounmi (2005). "Teenagers' perceptions of online privacy and coping behaviors : a risk-benefit appraisal approach." Journal of Broadcasting & Electronic Media, 49(1), 86-110. https://doi.org/10.1207/s15506878jobem4901_6