개인정보의 기술적⋅관리적 보호조치에 대한 공적집행과 사적집행

In Korea, the government preemptively presents information protection standards through the administrative rule. This is uniform standards established to impose sanctions such as penalty surcharges. But this is equated with negligence criterion of consumer privacy in civil proceedings was caused defect of the victim relief. This is the Auction hacking case where the Supreme Court ruling was imposed in 2015. The Supreme Court's ruling in the case of Cyworld hacking in January 2018 corrected the previous law by claiming that the standard of sanction in public law and the standard of civil liability for damages are different. However, the court still tends to identify the two criteria. This is the case of the KT MyOlleh Hacking case, in which the ruling of the administrative cases and the civil cases of 2018 were repeatedly sentenced. In addition, information protection regulations have been strengthened recently. It was judged that Cyworld in 2011, when it was attacked by Advanced Persistent Threat which is usually difficult to defend, is not liable. However, the ruling of the Seoul Administrative Court that the Interpark in 2016, which had been hacked by the same manner, was held responsible, was sentenced in July 2018. Code provided by the government should operate as a minimum standard needed in the area of public enforcement. On the other hand, in the field of private enforcement, the civil court must examine the level of information protection of the industry field. The flexibility of law enforcement is directly linked to precise regulation of information technology and specific validity in individual cases. To achieve this, it must complement the technical expertise of the judiciary through specialized institutions such as hearing committee.