개인정보 보호 원칙 구현을 위한 입법절차 개선방안

As advanced information and communication technologies are widely utilized throughout society, the need to protect personal information is increasing due to the possibility of personal information being infringed upon in the provision of benefits and information research. The State can lawfully collect or process personal information by enacting or amending laws and regulations when necessary to implement policies, in particular. The State can strengthen the protection of personal information by considering whether there is a violation of personal information in the process of enacting or amending laws and regulations. States should enact or amend laws based on the constitutional principle of proportionality, lawfully and legitimately collect and process only the minimum amount of personal information to the extent necessary for the purpose of processing personal information from a privacy perspective, and strengthen the protection of personal information by anonymizing or pseudonymizing personal information. The Assessment of Personal Information Breach Incident Factors System is operated to minimize the possibility of personal information violation based on the principles of personal information processing in accordance with the Constitutional Principles and the Personal Information Protection Act. It is necessary to strengthen the control over parliamentary and autonomous legislation by the Personal Information Protection Commission in the future, since the Assessment of Personal Information Breach Incident Factors system is not operated for parliamentary and autonomous legislation, however. The principle of proportionality under the Constitution and the principle of protection of personal information under the Personal Information Protection Act should be considered when enacting or amending laws and regulations, as well as a review of system consistency between laws and regulations, in addition.