국내외 개인정보보호정책의 비교분석을 통한 프로파일링 관련 소비자 이슈의 고찰과 적용

With the passage of the revision bill of the ‘Data 3 Act’ aimed at the development of domestic companies in the recent 4th industrial revolution, research on the rights and interests of individual consumers who provide personal information at the same time needs to be expanded. Therefore, this study was to define profiling by comparing the GDPR and the revised Personal Information Protection Act, and to analyze the privacy policies and conditions of major domestic and global IT companies based on consumer privacy literacy and possible consumer issues. To this end, through reviewing and comparing GDPR and revisioned personal privacy protection law, the elements of profiling as well as specific characteristics to guarantee privacy protection were discovered. Also, with reviewing privacy policies and related services of 10 leading domestic and international companies which utilizes profiling technology, the defects of domestic companies were investigated. Specifically, the issues were articulated in the five sectors such as 1) type of protected personal information 2) method of consent to the collection of information generated and behavior, 3) method of notifying the purpose of profiling, 4) notification of inferred information, finally 5) method of providing permission to view and delete profiling information. Based on the analysis results, we analyzed how domestic companies’ terms and conditions and service provision method should be improved. In addition, I tried to give implication to the government and related policy organizations should make efforts to pursue privacy by design in order to improve the level of personal information protection of consumers who use the services of domestic companies.