KISA-Financial Security Institute Adopt International Standard for 'Data De-identification Assurance Requirements'

International Standardization Organization in Information and Communication Field Adopted
Expected to Serve as International Benchmark Guaranteeing Data De-identification

The Korea Internet & Security Agency (KISA) announced on the 14th that the "Data De-identification Assurance Requirements" jointly proposed by KISA and the Financial Security Institute (FSI) have been adopted as an international standard by the International Telecommunication Union Telecommunication Standardization Sector (ITU-T). ITU-T is a subsidiary organization of the International Telecommunication Union (ITU), the world's leading international organization for telecommunications, responsible for establishing international standards in the information and communication technology field.

KISA-Financial Security Institute Adopt International Standard for 'Data De-identification Assurance Requirements'

KISA and FSI attended the ITU-T standardization meeting held at KINTEX in Goyang City from the 29th of last month to the 8th of this month, and as a result of their response, the proposed standard was adopted as an international standard. In this regard, after proposing the "Data De-identification Assurance Requirements (X.rdda)" as a new ITU-T item, KISA and FSI, together with Soonchunhyang University, have been submitting papers and responding for over five years to achieve the adoption of the standard.

Meanwhile, prior to the adoption of this standard, KISA and FSI jointly developed the ITU-T international standard "De-identification Processing Framework (X.1448)." The "Data De-identification Assurance Requirements (X.Suppl.39 (X.rdda))," developed as a follow-up to this standard, is the first international standard for evaluating the adequacy of de-identified data.

Lee Won-tae, Director of KISA, stated, "Until now, there was no recognized international criterion for evaluating the adequacy of de-identified data, but the newly adopted ITU-T international standard 'Data De-identification Assurance Requirements (X.Suppl.39 (X.rdda))' is expected to serve as an international reference for companies and institutions that intend to perform de-identification processing to review the adequacy of their processes." He added, "KISA will continue to actively work to create an environment where de-identified data can be safely utilized in response to the increasing demand for data in the AI era."