손해배상(기)
1. The defendants' appeal is dismissed.
2. The costs of appeal are assessed against the Defendants.
Purport of claim and appeal
1..
1. The reasoning of the court's explanation concerning this case is the same as the reasoning of the judgment of the court of first instance, except for the addition or dismissal as follows. Thus, it is acceptable to accept this as it is in accordance with the main sentence of Article 420 of the Civil Procedure Act.
2. The following shall be added at the 10th end of the first instance judgment and at the 21st end of the said judgment:
Standards for Measures to Secure Personal Information Safety (Public Notice No. 2011-43, hereinafter the same shall apply)
Article 9 is related to the installation and operation of a security program to cope with any malicious program inside the outside, and is irrelevant to the restriction on the use of the USB meta. Article 6(3) of the Criteria for Measures to Secure the stability of personal information is irrelevant to the act, etc. of sharing the instant card customer information within the country by a person in charge of FDS development, such as D, to prevent the disclosure of personal information directly to a non-authorized person. Article 6(4) of the Standards for Measures to Secure the stability of personal information is irrelevant to the act, etc. of sharing the instant card customer information within the country, and Article 6(4) of the Standards for Control of Access to Non-authorized Personal Information is not a provision for preventing the leakage of personal information already secured or accessible to the person with the authority of FDS development, such as D, by regulating access to the personal information of a non-authorized person. Even if the person violated this, D, as a person in charge of FDS development, has no choice but to know the password password identification as a matter of course, and thus there is no causal link between the foregoing mistake and the occurrence.
Article 13(1)13 of the Act provides that “The purpose of preventing access to and leakage of information by a person who has no access authority is to prevent a device from sharing any key information, such as user information, by prescribing that “the device shall not be kept on the device, and shall not be shared with the device.” This case is that a DNA with access authority, stored personal information in a device and leaked it by himself/herself.