「개인정보 보호법」에 규율된 합리성 심사의 합리적 이해

It can not solve the conflict of interest harmoniously, but could disturb the rights and obligation relationship and harms the legal stability, provided that the term and legal category of personal information as the prerequisite for passing through the legal relationship on personal information. However it is inevitable that norms of the laws and regulations on personal information are difficult to exclude the indefinite concept of law at the source, which is ruled out from judicial review in constructing the requirements even though. In PDPA(「Personal Data Protection Act」), if the essential important matters to be reserved in the law are not fully reflected due to the complexity of the object regulated or the inevitability of the legislative technique, it is converged in one meaning and so the indefinite concept of law on legal requirements is exceptionally allowed, although it does not conflict with the doctrine of vagueness. Aiming to gauge the monolithic notion of the standard requirements of the so-called ‘rationality’ test of ‘reasonably considering time, cost, and technology, etc.’, this article reaches to the following conclusion by referring to the interpretation of Directive 95/46/EC and GDPR(General Data Protection Regulation) in the European Union. First, the revised PDPA provides that the reasonable judgment is determined by easiness of combination and potentialities of identifiability as to ‘whether the information might be easily combined with other information to identify a particular individual’. And demonstrates it the correspondence to possibility of acquisition as ‘whether or not there is ease of combination shall be determined by reasonably considering the time, cost, technology, etc. used to identify the individual such as likelihood that the other information can be procured’. In so far, easiness of combination and potentialities of identifiability actually run to the same decision standard. Therefore the reasonability test should be evaluated as the conditionally dissolved mechanism passive reasoning reflecting the subjective position of the processor concerning easiness of combination. Second, it should be considered that the legal processing of personal information can be controlled within a fair and transparent range on the supposition that the concept of personal information is established even if illegal acquisition is not subject to extra post-constraint after reasonability test. As the term ‘processing’ means the collection, generation, connecting, interlocking, recording, storage, retention, value-added processing, and other similar activities, the legitimacy of the processing of personal information is separate from the reasonability test, which should be considered additionally after the coming into existence of personal information. Third, adjudication on the possibility of identification is upon the perspective of the processor in principle on the ground that the judgment on the possibility of identification in various situations due to internal and external variables is not determined only by objective situations where the subjective factors of the processor are completely excluded. Because the concept of reasonability is an objective term to exclude excessive time, effort, and cost, and does not subsume a subjective position on the possibility of identification, the function that can be filtered according to the reason of reasoning is not exercised in the reasonability test by adjusting the choice appropriate from the viewpoint of the processor when assuming how are efficient the means for achieving the purpose among the meanings of indefinite reasonability. Consequently, the reasonability test related to the criteria on potentialities of identifiability is distinguished from the legitimacy evaluation in which the subjective estimates extracted as an objective factor. It will be confirmed that the criteria for violation of the punishable norms, of which sanctions are made in terms of illegal acquirement of rights, are different from the reasonability test unless procure of personal information is limited to establishment of rights according to the transfer of personal information. This is the reason why the reasonability is an indefinite concept of law, which is assessed by socially accepted ideas in the standard of the average general person with common sense in the reasonability test.