TIME PROGRAM
09:00~09:30 Registration
09:30~09:40

Introduction

09:40~10:20 Keynote 1. GDPR response in Asian countries
Prof. Beomsoo Kim (Yonsei University, OECD SPDE Vice-Chairman)
10:20~11:00 Keynote 2. Ransomware's evolution, spread and response in the future
Tomohiro Iida(Trend Micro Director)
11:00~11:40 Keynote 3. New era of data and privacy
Takeshi Nakayama (LINE Japan CPO CISO DPO)
11:40~12:00 Opening Ceremony
  Track A
개인정보 활용
Track B
Casestudy
Track C
GDPR
Track D
Special Track
(Iris Hall 12F)
12:00~13:20 Lunch Break 제86차 Privacy Round Up
(한국CPO포럼 회원만
참석 가능)

13:20~14:00

Personal information non-discrimination policy direction and combination use casestudy
Donghyun Kim / Senior Researcher ,Korea Internet & Security Agency
Facebook, Cambridge Analytica Scandal
(Development Process and Policy Implications)

Changha Yoo ,tmon

'GDPR' - focusing on accident response
Jaesoo Kim / General Manager (ShinhanDS)

14:00~14:40

Safe use of personal information and casestudy
Kitae Kim / Manager, Fasoo
What if the personal information leak happened now? - Judgments from recent judgments
JaiWook Lee - Senior Foreign Counsel, Yulchon LLC
Cyber Threats and Privacy and CPO
Iksang Chung / Attorney, Kim&Chang
Personal information protection solution
(위즈디엔에스코리아)
14:40~15:00 Coffee Break
15:00~15:40 Big data platform requirements for privacy monitoring and compliance management
Daesoo Choi / Manager, Splunk Korea

Anti Privacy Against AI Periods: Ari! Read my KakaoTalk!
Taeeon Koo / Managing Partner, TEK&LAW

The geographical coverage of the GDPR and issues relating to off-EU transport
Sunghee Chae / Partner, Lee&Ko
[Debate Track]
( 30 persons limit)

15:40~16:20 Information Network Act, Personal Information Protection Act Virtual Experience - What if pending legislation passes?
Bongkwan Kang / CISO, SaraminHR
Blockchain and Cybersecurity and Privacy
Kyoungha Kim / CEO , JN Security

[Panel Discussion]
How to obtain DPO? (Future privacy position)

Lee, Jinkyu / Director (CPO/CISO), Naver Corporation
Lee, Sangyong / Partner ,EY Han Young Kang, Hyekyoung / Manager ,Korea Internet & Security Agency

16:20~

closing

* Program agenda might be changed without notification.


Keynote 1. GDPR response in Asian countries
Prof. Beomsoo Kim (Yonsei University, OECD SPDE Vice-Chairman)

On May 25, the "General Data Protection Regulation (GDPR)" was introduced regarding the handling and transfer of personal information. It is common law for all EU Member States to protect personal information, but it is not only the case where the activity involves the processing of personal information while operating an establishment in the EU, It also applies to service delivery, so it can be considered global. In each Asian country, it is necessary to design personal information protection application, designation of DPO, execution of personal information impact evaluation (DPIA), necessity of transferring personal information abroad, identification of senior supervisory organization, guarantee of right to delete personal information, We will look into what kind of responses you are making regarding automated decision making and ensuring profiling rights.


Keynote 2. Ransomware's evolution, spread and response in the future
Tomohiro Iida(Trend Micro Director)

Ransomware attacks from WannaCry to Petya resulted in production line downtime at Honda, Nissan, Renault, and even Cadbury. The likelihood and impact of these attacks increased 10 times with the convergence of capable ransomware and the wormlike capabilities of the EternalBlue exploit. These attacks, if nothing else, highlighted the need for CISOs to rethink and reassess their operational risk exposure. No longer can we look at these threats solely as an IT risk but rather as a combined IT and operational technology (OT) risk that could result in billions in losses globally.


Keynote 3 :New era of data and privacy
Takeshi Nakayama (LINE Japan CPO CISO DPO)

Nowadays, we have entered a "era of data" where we acquire and utilize data everywhere, but the data providers - users, companies and countries - have a dilemma of immaturity in manners, standards, and ethics regarding privacy. I will review history of data and privacy and recent events related to the country or region. I introduce the responsibility of a global social application- LINE and the approach of LINE to user's privacy.




Personal information non-discrimination policy direction and combination use casestudy
Donghyun Kim (Senior Researcher ,Korea Internet & Security Agency)

In the 4th Industrial Revolution, we will examine the domestic and overseas policy implementation status of the personal information non-discrimination measure which is the center of big data industry. A review of the Hackerton results of the 4th Industrial Revolution Commission will examine the efforts to create social empathy with the government, civic organizations, and industry. We will also look at reasons why we need to combine non-identifiable information and how to connect them in oversea countries.


Safe use of personal information and casestudy
Kitae Kim / Manager, Fasoo

1. Method for safe use of personal information
- Explore various ways of utilizing personal information, and find out the various risks that may arise in using personal information and how to eliminate them.
2. Safe non-identification use cases
- Focuses on cases where data are not identified and utilized and how to apply the technology.
- Learn how to use data by implementing an environment that can safely utilize the data.
3. NON-IDENTIFICATION FOR SAFE USE
- Introduce non-identification consulting for safe use of data and introduce non-identification solutions to make available data.


Big data platform requirements for privacy monitoring and compliance management
Daesoo Choi / Manager, Splunk Korea

Every company and organization is strengthening technical protection measures for personal information. However, personal information leakage accidents occur frequently. Therefore, there is an increasing demand for analysis of large amounts of data in order to analyze the abuse of personal information and the signs of leakage by applying machine learning techniques and to monitor compliance status. In this session, I present the requirements of the Big Data Analysis Platform, which is the basis of personal information anomaly detection and compliance management, and present the insights that personal information protection officers can use.


Information Network Act, Personal Information Protection Act Virtual Experience - What if pending legislation passes?
Bongkwan Kang / CISO, SaraminHR

Although not well known, there are still a lot of legal amendments pending in the National Assembly. Especially, the number of personal information protection law and information communication network law amendment which are directly connected with protection of personal information reach dozens. These amendments may be subject to change, may be merged with other similar legislation, or may be terminated due to expiration of the National Assembly. Let's imagine that this law was passed in accordance with the presently proposed bill. We will look at what privacy law and information network law will be, and how corporate privacy protection will change.




Facebook, Cambridge Analytica Scandal (Development Process and Policy Implications)
Changha Yoo(tmon)

Find out about the business and technical background of Facebook's extensive privacy practices, and see in a timely fashion the Facebook personal information leak by Cambridge Analytica. Next, I would like to discuss the policy implications of the GDPR and the Korea Personal Information Protection Act after considering the potential risks associated with the Facebook personal information outbreak.


What if the personal information leak happened now? - Judgments from recent judgments
JaiWook Lee - Senior Foreign Counsel, Yulchon LLC

대규모 개인정보유출사고가 잇달아 발생하면서 그에 대한 판례도 축적되고 있습니다. 그와 더불어 관계법령과 고시 개정을 통해 기업의 개인정보 관리 책임을 더 무겁게 하는 쪽으로 변해가고 있습니다. 현재까지의 판례로만 보면 기업에게 책임을 물을 수 없다는 것으로 보이기는 하지만, 그 움직임은 변화하고 있습니다. 현재의 강화된 법령과 각종 행정규칙 하에서 당시의 그 사고가 똑같이 발생했다면 그 판결은 어떻게 바뀔 것인가를 살펴봅니다.


Anti Privacy Against AI Periods: Ari! Read my KakaoTalk!
Taeeon Koo / Managing Partner, TEK&LAW

Artificial intelligence (AI) has arrived. In Korea, which has a legal system to use personal information that can process personal information only when it has to obtain prior, explicit, individual, specific agreement about the consent such as the purpose of using personal information, The ultimate task is to replace it with information that is close to personal information. Without AI's paradigm shift in privacy protection, information entities will be reluctant to use artificial intelligence services in Korea, resulting in the exodus of personal information, and Korea will become an information zombie nation.


Blockchain and Cybersecurity and Privacy
Kyoungha Kim / CEO , JN Security

Experts predict that blockchain technology will change the structure of the Internet by enabling trust on P2P without a central trusted intermediary. The results of the blockchain will come to us as innovation and convenience, but it seems that there are still vague illusions, worries and misunderstandings about new technologies. We investigate how the characteristics of blockchain represented by anonymity and irreversibility affect privacy, and find ways to enjoy harmony with privacy and block chain technology development.




'GDPR' - focusing on accident response
Jaesoo Kim (General Manager, ShinhanDS)

It introduces companies' curiosity about protection of personal information protection by EU GDPR implementation and action to be urgently carried out. We explain the extent of the damages that each company incurred in the event of an infringement and the measures to be taken by the regulatory authorities and the information subjects presented in the GDPR regulations related to the compensation of damages,


Cyber Threats and Privacy and CPO
Iksang Chung / Attorney, Kim&Chang

The analysis of the recent hacking cases and the results of the inspection of the actual situation of the personal information of the Ministry of the Interior and Safety will be practically examined as to what technical and administrative measures should be taken by the CPOs and what the responsibilities of the CPO should be in case of actual leakage of personal information .


The geographical coverage of the GDPR and issues relating to off-EU transport
Sunghee Chae / Partner, Lee&Ko

Article 3 of the GDPR, which sets the geographic coverage of GDPR, is a provision that should be reviewed first to determine whether GDPR applies to Korean companies. However, since it is difficult to grasp the contents of the above regulations, it will be more concrete based on the existing CJEU judgment and local commentary. In addition, the provisions on the requirements for the transmission of information outside the EU, as stipulated in Articles 46, 47 and 49 of the GDPR, must also be verified in order to process personal information transmitted from Europe in Korea. In this presentation, we review what the above allowable requirements are and the contents of the regulations and their interpretation.


[Panel Discussion] How to obtain DPO? (Future privacy position)
Lee, Jinkyu / Director (CPO/CISO), Naver Corporation Lee, Sangyong / Partner ,EY Han Young Kang, Hyekyoung / Manager ,Korea Internet & Security Agency

GDPR requires companies operating in the EU to have a Data Protection Officer (DPO) in their core business based on personal information processing. In particular, it is necessary to identify the mandatory DPO appointments for personal information processing and to have the DPO's capabilities (professional qualifications, knowledge of privacy laws, experience with collaborating with regulators, and ability to communicate with stakeholders) Discuss how to obtain people. In addition, I would like to discuss the relationship between the CISO and the CPO as well as the future prospect of personal information protection.





[Debate Track]
 

※ Debate Track 주제와 신청방법은 추후 안내될 예정입니다.


 
koreanenglish 찾아오시는길 프로그램안내 letsprivacy
개인정보처리방침 KISA 한국CPO포럼 방송통신위원회 개인정보보호위원회