개인정보의 비식별화 방안에 대한 연구 – 형사공탁에서의 피해자 개인정보 중심으로

The importance of personal information is growing by the day. On the one hand, some argue for maximizing the use of personal information and other various data to advance the Fourth Industrial Revolution with machine learning, AI, and the like. On the other hand, owing to advanced information processing technologies, there are widespread, large-scale breaches of personal information causing significant damage, hence the need to protect personal information more rigorously. Personal information de-identification has emerged as an excellent solution that encompasses both conflicting ideals of utilizing and protecting personal information, and various improved methods have appeared as a result of technological advancements. De-identification has mainly been discussed by those wanting to utilize personal information. The Pharmaceutical Information Center case, which is assessed as the first lawsuit related to data use, was also an example of this. However, de-identification can also be sufficiently utilized as a method for minimizing personal information leaks and breaches in areas where re-identification is absolutely necessary for specific tasks performed by courts and investigative agencies. In particular, when serious issues arose due to secondary damage from leaks and breaches of personal information against the victim’s wishes during criminal deposits by offenders, practices shifted to withhold personal information from the offender’s side without the victim’s consent. This deprives offenders of the opportunity for criminal deposits. To improve this, discussions were held on revising the Deposit Act to introduce special case for criminal deposits, and the Deposit Act was amended to include a special provision that allows defendants in criminal cases to make criminal deposits without listing the victim’s personal information. However, this special provision, unlike the general deposit procedures conducted under the depositor’s responsibility, passes certain issues, such as victim identification, entirely to the courts and prosecutors. Furthermore, it is difficult to align it with public legal sentiments and victim protection, and could lead to unnecessary misunderstandings among victims regarding criminal procedures. Rather than introducing such special procedures, courts, prosecutors, and deposit offices could maintain the general deposit procedures that are under the depositor's responsibility by utilizing encryption methods of de-identification methods to share the victim's personal information without leaking or disclosing it to the offender. This study examines various encryption methods that could be used in deposit procedures and proposes a model for deposit procedures using the public key encryption system. Research is needed on de-identification methods in other areas as well, such as criminal compensation orders, civil lawsuits, and criminal electronic litigation where the victim's personal information is disclosed. Moreover, this research is expected to extend to the personal information issues of defendants, witnesses, and other related individuals. As criminal electronic litigation is fully introduced, various areas directly related to the tasks of courts and investigative agencies, such as the scope of personal information, management methods and standards, and realistic management possibilities, will require urgent material and personnel preparations. The encryption methods discussed in this paper could also serve as a useful option.