Journal of Society for e-Business Studies

Personal information is a requisite for financial transactions as well as a core asset of financial companies. However, as a side effect of the information society, personal information infringements have emerged as significant social risks, causing realized loss to individuals and companies. This study analyzes results of financial and emotional loss in terms of consumer loss and also presents usefulness of insurance in order to minimize such actual damages as a means of risk transfer. In addition, this study investigates components and premium calculation principles of compensation insurance against personal information invasion and finally presents policies to activate these insurance product. As a method of risk management, insurance not only is a useful tool to guarantee consumer protection and companies’ financial soundness simultaneously but also provides a basis of quantitative measurement of IT risks.

Bae, B. H. and Min, K. S., “Policy recommendations on the activation plan of domestic information security insurance market,” Internet and Security Focus 2013 July, pp. 6-26, 2013.

Cha, G. S., “A Study on the Criteria to Estimate the Compensation from the Infringement of Personal Information,” Soongsil University, p. 22, p. 56, 2011.

Chai, S. W., Min, K. S., Hwang, S. W., and Won, S. J., “A study on the analysis of the economic value of private information,” Information Security Issue Report 2007-03, pp. 1-20, KISA, 2007.

CSI(Computer Security Institute), “15TH ANNUAL 2010/2011 COMPUTER CRIME AND SECURITY SURVEY,” p. 23, 2011.

Dieter Gollmann, COMPUTER SECURITY Third Edition, pp. 32-33, WILEY, 2011.

ENISA(European Network and Information Security Agency), Security Economics and The Internal Market, http:// www.enisa.europa.eu/, p. 85, 2008.

ENISA, Incentives and barriers of the cyber insurance market in Europe, http:// www. enisa.europa.eu/, pp. 19-20, p. 27, 2012.

FSC(Financial Services Commission), FSS, “Press release : Damage prevention comprehensive plan for new and variant telecommunications fraud,” 2013.

FSS(Financial Supervisory Service), DART (Data Analysis, Retrieval and Transfer System), http://dart.fss.or.kr.

FSS, “Press release : Analysis of the damage caused by phishing and notes on financial transactions,” 2013.

Han, C. H., Chai, S. W., Yoo, B. J., Ahn, D. H., and Park, C. H., “A Quantitative Assessment Model of Private Information Breach,” The Journal of Society for e-Business Studies, Vol. 16, No. 4, pp. 17-31, 2011.

KIDI(Korea Insurance Development Institute), Insurance statistics information services, http://www.insis.or.kr.

KIDI, “Activation plan of the liability insurance for personal information security breaches,” CEO REPORT KIDI 2012- 04, pp. 1-18, KIDI, 2012.

Kim, H. S., Theory of damage assessment, p. 83, 113, 119, pp. 145-149, p. 169, p. 306, LLOYDS, 2008.

Kim, K. S.(member of the National Assembly), Breaches of customer information of financial companies since 2008, http:// www.dreamk.kr, 2014.

Kim, Y. R., Lee, H. C., and Yoo, J. H., “A study on the methodology to estimate the personal information value using the Contingent Valuation Methods(CVM),” Information Security Issue Report 2007- 02, pp. 1-22, KISA, 2007.

Kim. D. H. PRINCIPLES OF INSURANCE, p. 16, p. 40, HAKHYUNSA, 2002.

Kwon, H., Lee, E. J., Kim, T. S., and Jun, H. J., “Estimating Compensation for Personal Information Infringement in Korea Using Contingent Valuation Methods,” Journal of The Korea Institute of Information Security and Cryptology, Vol. 22, No. 7, pp. 367-377, 2012.

Lee, H. C. and Ahn, K. A., “The evaluation of Personal Information Leakage Loss using the Contingent Valuation Methods,” Productivity Review, Vol. 22, No. 2, pp. 1-24, 2008.

Lee, J. B., Theory of damage assessment, p. 156, p. 398, DOOYANGSA, 2008.

Lee, J. K.(member of the National Assembly), Status of the illegal use of credit card, http://www.ljk.co.kr/, 2013.

Ponemon Institute, LLC, 2010 Annual Study : U.S. Cost of a data Breach, p. 32, 2011.

Son, J. H., Electronic Financial Transaction Act, p. 62, BOBMUNSA, 2008.

Yoo, J. H., Jie, S. H., and Lim, J. I., “Estimating Direct Costs of Enterprises by Personal Information Security Breaches,” Journal of The Korea Institute of Information Security and Cryptology, Vol. 19, No. 4, pp. 63-75, 2009.