공공데이터의 연구목적 제공에 있어 개인정보보호의 문제: 익명화를 중심으로

Disclosing data held by government and public institutions would in general provide a valuable opportunity to usefully utilize the information contained in the disclosed data. At the same time, however, disclosing a large-scale data would raise significant privacy and data protection issues. In this article, we analyze issues on privacy and data protection that may arise in the context of providing public data for research purposes. Conclusions, in particular regarding issues related to anonymization and re-identification, are as follows. First, considering relevant legal regulations and the practical difficulty of obtaining explicit consents from data subjects, anonymization is crucial and inevitable. Second, although there are legal provisions on anonymization, no details or specifics have been stipulated. As such, continued interest and further examination is required to develop a consensus view or standard. Third, in the case of the cohort DB of the Korean national health insurance service which was made available temporarily for pilot research purposes, among other things, address information which was provided at a provincial level is very broad. This made the level of anonymization very high and re-identification all but impossible. At the same time, this may have reduced the usefulness of the disclosed data. Fourth, in the case of health information, which is fairly complex and requires a certain degree of expertize to understand, even if re-identification takes place, such re-identification would be a small scale one-off event. Large scale systematic re-identification would almost impossible if one assumes a “motivated intruder.”