According to the Constitutional Court’s holding on the Right to Self-determination of Personal Information and its limitations, this is “the right of the data subject to determine for oneself when, to whom, and to what extent information concerning him or her is disclosed and used,” and “processing of personal data” in principle constitutes a “restriction” on this right. This article questions whether such reasoning by the Constitutional Court is indeed valid, and further, whether it remains applicable in the era of the intelligent information society. The above concept of the Right to Self-determination of Personal Information is closely similar to the definition of “privacy” presented in Alan Westin’s book 「Privacy and Freedom」 in 1967. It is clear that Westin’s philosophy has served as a foundation for data protection laws of countries around the world, but his definition of privacy is not limited to the right to informational privacy. Westin defined a general right to privacy, but the Constitutional Court replaced it with the Right to Self-determination of Personal Information, and as a result, it became established in Korean society as a right that has diverged from its original meaning. Furthermore, the principle that the processing of personal data automatically constitutes a restriction on the Right to Self-determination of Personal Information is excessive in that it presumes unconstitutionality even for the processing of data that poses no risk of harm to any legal interest, allowing such processing only when justified under constitutional principles. For example, if even the use of location data to find a missing person in a disaster situation is deemed to restrict that person’s Right to Self-determination of Personal Information, the mobility of the search authorities will be reduced, and they may miss the golden time. In addition, the processing of personal data is essential for the normal and efficient performance of state functions, such as military service, taxation, elections, and welfare, and that today’s operations are carried out through the processing of data via ICT. Based on this awareness of the problem, this article redefines the concept and content of the Right to Self-determination of Personal Information. It is not a “right of self-determination” over data concerning oneself, but rather a “right to participate” in the process of data processing, and a counter-surveillance right that can control the misuse and abuse of data processing by the state as a defensive mechanism against the surveillance society. Considering this concept, the processing of personal data should not be regarded as a restriction on the Right to Self-determination of Personal Information per se; rather, arbitrary processing of personal data that departs from the data subject’s reasonable expectations should be considered a restriction on that right.
Song-Ok Kim (Sun,) studied this question.