The Personal Information Protection Act, which was written to be a general law defining the principles of personal information policy and a countermeasure for the victims of personal information infringement, became effective on September 30, 2011. The subjects obligated to take personal information protection measures have been increased to include all public institutions, enterprises, and nonprofit organizations. The new act covers a wider range of material including not only information in digital format but also handwritten documents.

The implementation of the Act greatly tightens the protection criteria and safety measures to be taken upon the collection, use, and destruction of personal information. Countermeasures against personal information leakage will be reinforced as well.

A subject of the law must take appropriate safety measures for the protection of personal information and assign a person in charge of supervising the personal information security system. As the act imposes restrictions on the processing of an individual's unique identification numbers such as his or her social security number, public institutions and private Internet sites with a daily number of hits exceeding 10,000 must offer a means of signing up for access other than putting in one's social security number, such as an I-PIN or electronic signature.

The Act also delineates a variety of measures and restrictions in support of its objective, and toughens the penalties for personal information infringement and leakage, which are now a maximum 5 years of imprisonment or a fine of fifty million won.

Institutions under SNU will comply with the Act, undertaking the protection measures such as prohibition of posting personal information on intraschool networks and employing an encryption upon the storage of confidential information. The SNU homepage administrator will be fully prepared with the implementation of safety measures to avoid violating the Act.

The SNU Office of Information Systems and Technology will endeavor to educate personnel on information security and to be equipped with proper technical measures. Nevertheless, the cooperation of all members of the SNU community will be required to fully ensure the security of every individual's personal information.

Written by LEE Chanwoo, SNU English Editor, cwl726kr@snu.ac.kr
Proofread by Brett Johnson, SNU English Editor, morningcalm2@gmail.com