(영문) 창원지방법원 2014.6.20.선고 2014고단64 판결

beta

본 영문본은 리걸엔진의 AI 번역 엔진으로 번역되었습니다. 수정이 필요한 부분이 있는 경우 피드백 부탁드립니다.

Cases

Defendant

Prosecutor

Defense Counsel

Imposition of Judgment

Text

Reasons

Judges

텍스트 조절

글꼴

크기(pt)

굵기

줄 간격

자간(%)

(영문) 창원지방법원 2014.6.20.선고 2014고단64 판결

가.정보통신망이용촉진및정보보호등에관한법률위반(피고인A에대하여인정된죄명정보통신망이용촉진및정보보호등에관한법률위반(정보통신망침해등)}나.신용정보의이용및보호에관한법률위반(피고인B에대하여는공소취소)다.전자금융거래법위반(공소취소)라.정보통신망이용촉진및정보보호등에관한법률위반(정보통신망침해등)(피고인B에대하여일부인정된죄명정보통신망이용촉진및정보보호등에관한법률위반,피고인C에대하여는공소취소)

Cases

2014 Highest 64, 2014 Highest 602 (Joint), 2014 Highest 947 (Joint), 2014 Highest 2014 Highest 2014 Highest

948(Joint), 2014 Highest 1097(Joint)

(a) Violation of Act on Promotion of Information and Communications Network Utilization;

Promotion of Use of Information and Communications Network and Information Protection, etc., recognized as committing a crime

Violation of the Act (Violation of Information and Communications Network Act, etc.)

B. Violation of the Use and Protection of Credit Information Act (as to the defendant B

Revocation of Public Prosecution)

C. Violation of the Electronic Financial Transactions Act (Revocation of Prosecution)

(d) Violation of Act on Promotion of Information and Communications Network Utilization;

2) (Violation) The information and communications network consisting of partially recognized crimes against Defendant B

Act on Promotion of Utilization, etc. and Defendant C

institution of public action)

Defendant

1.(c)(d) A;

2.(a)(d) B, and other:

3.(a)(d) C, free of duty;

4.(a)D, self-employed

Prosecutor

Clerks (prosecutions) and unsatisfys (public trials)

Defense Counsel

Attorney Kim Jong-hee (Apon for Defendant A)

Law Firm International, Attorney-at-law in charge, Professor Chang-seop et al.

P.C.

Law Firm Multi-rate, Attorney Kim Jong-hwan (Defendant C, Defendant D)

Law Firm Dong-nam, Attorney Doh-ho et al. (Apon for defendant D)

Imposition of Judgment

June 20, 2014

Text

Defendant A shall be punished by imprisonment for three years, by imprisonment for three years and six months, by imprisonment for Defendant C, by imprisonment for one year and six months, and by imprisonment for Defendant D, respectively.

Nos. 4 through 9 (No. 9 of Changwon District Prosecutors' Office 2014) and 1 and 2 (No. 362 of Changwon District Prosecutors' Office 2014) of the seized evidence from Defendant A, No. 2 and 3 (No. 9 of Changwon Prosecutors' Office 2014) of the seized evidence from Defendant B, and No. 1 (No. 9 of Changwon District Prosecutors' Office 2014) of the seized evidence from Defendant C shall be forfeited, respectively.

Reasons

Criminal facts

[2014 Highest 64]

1. Defendant A

(a) E card-related

The Defendant, as an employee of the “F” credit information company, was in charge of the development and establishment of the card accident analysis system (FDS) entrusted by the E Bank Card Business Department from May 2012 to December 2012, the Defendant was provided with customer information processed, stored, and transmitted from the E Bank server and used it to develop and install the said system.

In the performance of the above duties, the defendant shall install a security program in the business PC, and shall not arbitrarily store or remove the above customer information from the USB, etc.

(1) Infringement around October 2012 and leakage around October 2012

No one shall damage another person's information processed, stored or transmitted through an information and communications network, or infringe, misappropriate or divulge another person's confidential information, and no person who is an executive or employee of a credit information company, etc. (hereinafter referred to as "person related to credit information business") shall divulge or use another person's credit information, etc.

Nevertheless, around October 2012, the Defendant connected the Defendant’s USB to the PC for business using the deletion of the security program installed in the PC due to the business use due to the PC format, and stored approximately 2,510,000 information (name, resident number, cell phone number, card number, card number, card amount, card amount, etc.) of the E Bank’s customer card stored in the PC for business use in the above USB, and carried it out. Thereafter, around October 2012, the Defendant sent it to the Defendant’s office located in Nowon-gu in Seoul Special Metropolitan City, Nowon-gu, and around 2,511,00 information (name, resident number, cell phone number, card number, card number, card number, maximum amount of card amount, etc.) of the E Bank’s customer card stored in the PC for business use, and sent it to BPC after connecting the Defendant’s personal card stored in B, and then storing it to BPC.

As a result, the Defendant, by the above method, deducted approximately 2,510,000 customers of the E Bank’s cards and delivered them to B, thereby infringing and divulging others’ secrets, and also divulging others’ credit information that they came to know in the course of performing duties as credit information-related persons.

(2) Infringement and leakage around December 2012

No one shall damage another person's information processed, stored, or transmitted through an information and communications network, or infringe, misappropriate, or divulge another person's confidential information, and no person related to credit information business shall divulge or use another person's credit information, etc. known to him/her in the course

Nevertheless, on December 2012, the Defendant used the PC for business in the above card company office and deleted the security program installed in the PC for business purpose. The Defendant connected the PC to the PC for business purpose, and stored approximately KRW 2,259,000 of the card customers of the E bank stored in the PC for business purpose (the main resident number, card limit, card use amount, etc.) at will in the above USB. Since then, around February 2013, the Defendant came to possess it. Afterwardly, at B’s house located in Eunpyeong-gu Seoul around February 2013, the Defendant provided approximately 2,259,000 information (resident number, card limit, card use amount, etc.) of the E bank’s card customers, which were deducted as above, to B, and stored the above information. Accordingly, the Defendant provided the information to B, as a customer card customers and 259,000 credit information dealers, and provided the information to B, and then, stored it.

(b)an infringement and leakage of J cards-related around June 2013;

The Defendant, as an employee of the “F” credit information company, was in charge of the development and installation of the card accident analysis system (FDS) entrusted by the J card from February 2013 to August 2013, the Defendant provided customer information processed, stored, and transmitted from the J card server and used it to develop and install the said system.

In the performance of the above duties, the defendant shall install a security program in the business PC, and shall not store or remove the above customer information from the USB, etc.

Nevertheless, around June 2013, at K Center located in Gangseo-gu Seoul Metropolitan Government, the Defendant connected the Defendant’s USB to the office PC without installing a security program, and kept approximately KRW 5,3780,00 of the J card customer (name, resident registration number, cell phone number, card number, card number, card limit, card use amount, etc.) stored in the above USB at will. After that, around June 2013, the Defendant sent it to B, around approximately 5,378,00 of the J card customer’s name (name, resident registration number, cell phone number, card number, card number, credit card limit, card use amount, etc.) stored in the above USB. After that, the Defendant accessed the Defendant’s external hard disc stored in BPC, and stored and delivered the above information to B.

Accordingly, the Defendant, by delivering approximately 5,378,00 J card customers to B after deducting information, divulged other's credit information that he/she became aware of in the course of performing his/her duties as a person related to credit information business.

C. L-related infringement around December 2013

The Defendant, as an employee of “M” from October 2009 to April 2010, was in charge of the credit card accident analysis system (FDS) development and installation work entrusted by L from September 2013 to December 2013, the Defendant was provided with customer information processed, stored, and transmitted from L servers, and used the system development and installation work.

Therefore, the defendant shall install a security program in the business PC in the performance of the above duties, and shall not arbitrarily store or remove customer information from the USB, etc., and all storage devices, such as office hard disks, etc., such shall be taken out after the format.

No person shall damage another person's information processed, stored, or transmitted through an information and communications network, or infringe, misappropriate, or divulge another person's confidential information.

Nevertheless, at around December, 2013, the Defendant had access to the Defendant’s USB to the office-use PC located in the NB in Seoul Jung-gu, Seoul, and had approximately KRW 2,689,00 of L customer information (name, resident number, cell phone number, card number, card number, card limit, card use amount, etc.) stored in the office-use PC.

Accordingly, the Defendant violated other's secrets by reducing approximately 2,689 thousand L customers' information through the above method.

2. Defendant B

No one shall knowingly receive any divulged personal information for profit or for any other wrongful purpose.

(a) E card-related

(1) Acceptance at around October 2012

On October 2012, the Defendant, at the office of Nowon-gu in Seoul Special Metropolitan City, had the Defendant access to the Defendant’s PC by approximately 2,511 thousand card customers (name, resident number, cell phone number, card number, card number, credit card limit amount, etc.), and stored the said information in the Defendant’s PC with knowledge of the fact that A, an employee of the trustee company at the time, who was in charge of installing the card accident analysis system (FDS) of the card company of the E bank, was illegally collected, for loan brokerage business, etc.

Accordingly, even though the defendant's personal information was leaked, he was provided about 2,510,00 personal information for profit or illegal purpose.

(2) At around February 2013:

On February 2, 2013, at the defendant's office located in Eunpyeong-gu in Seoul, the defendant knew that the credit card accident analysis system (FDS) system (FDS) was illegally collected by the trustee company A, who was in charge of the installation of the E Bank Card Business Department at the time, had A access to the defendant's external hard disks with approximately 2,259 thousand customer card customers of the E Bank (resident number, card limit, card use amount, etc.) stored the above information to the defendant's PC for the purpose of loan brokerage, etc.

Accordingly, the Defendant was aware of the divulgence of personal information and received 2,259,000 personal information for profit or for an illegal purpose.

(b) Acceptance on June 2013 in relation to J cards;

On June 2013, the Defendant, despite being aware of the fact that the information was illegally collected by A, an employee of the trustee company, who was in charge of the installation of the J Card accident analysis system (FDS) at the time of the above Defendant’s home, had A access to A’s external hard disks with approximately 5,378 thousand information (name, resident registration number, cell phone number, card number, card number, card number, maximum credit number, card use amount, etc.) of the J Card customer, and had the Defendant store the said information in the Defendant’s PC with the knowledge of the fact that the personal information was leaked, received approximately 5,378 thousand personal information for profit or unjust purpose.

[2014 Highest 602]

No one shall knowingly receive any divulged personal information for profit or for any other wrongful purpose.

1. Defendant B

(a) Receiving L personal information;

The Defendant operated P, etc., a seller of borrowed goods.

On January 201, the Defendant, at the P Office located in Yeongdeungpo-gu Seoul Metropolitan Government, knew of the fact that A was illegally collected by an employee of the entrusted company in charge of the installation of the L Card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card's credit card'

As a result, the Defendant received approximately 250,000 personal information for profit or for an illegal purpose despite being aware of the divulgence of personal information.

(b) Receiving personal information of E cards;

(1) On June 2012, the Defendant: (a) knew of the fact that the Defendant was parked on the road near Man-dong, Jung-gu, Seoul; (b) provided the Defendant with approximately KRW 2,4310,00 customers of the E card; and (c) provided the Defendant with approximately KRW 2,431,00 (name, resident number, cellular phone number, address, workplace name, etc.) with the U.S. drive of A, in which the personal information (name, resident number, cell phone number, address, workplace name, etc.) was stored for loan brokerage business; and (d) provided approximately 2,431,00,000 personal information for commercial or unjust purposes, even with knowledge of the fact that the personal information was leaked.

(2) On July 2012, the Defendant: (a) had A’s house located in the Nowon-gu Seoul Special Metropolitan City, Nowon-gu, with knowledge of the fact that the personal information collected by A was illegally collected; (b) had A access to A’s PC with approximately 2,4310,00 customers of the E card as referred to in paragraph (1) of the said paragraph; and (c) had the Defendant store the said information in the Nompt; and (d) received approximately 2,431,00 personal information with knowledge of the fact that the personal information was leaked for profit or for an unlawful purpose.

(3) On July 2012, 2012, the Defendant: (a) informed of the fact that the personal information collected by A was illegally, and (b) had A access to A’s PC containing approximately KRW 2,4310,00 of the customers of the card as referred to in paragraph (1) of the said paragraph, and stored the said information in the Nopt North Korea, for the purpose of loan brokerage, etc.

Accordingly, the Defendant knowingly received approximately 2,431 thousand personal information for profit or for an illegal purpose with knowledge of the divulgence of personal information.

(4) On January 2013, the Defendant, despite being aware of the fact that the personal information was illegally collected by A, had A access to A’s PC where approximately 2,5110,000 customers of E Card customer’s personal information (name, resident number, mobile phone number, address, workplace name, etc.) had been stored in the Nowon-North Korea of the Defendant, and had the Defendant store the said information. Accordingly, the Defendant was knowingly provided with approximately 2,511,00 personal information for profit or unjust purpose.

On April 2013, the Defendant, at the office of the Defendant located in Eunpyeong-gu in Seoul, knew of the fact that the personal information was illegally collected by A, an employee of the trustee company in charge of the installation of the J-related Credit Card (FDS) at the time, provided that A had A access to the PC where approximately 5,378 thousand J Card customer’s personal information (name, resident number, mobile phone number, address, workplace name, etc.) was stored and stored the said information in the PC for the purpose of loan brokerage, etc.

2. Defendant D, C

Defendant D has overall control over the company's business as the representative of Q Q chain, and Defendant C was in charge of external business such as an entrustment contract with the financial authority as the head of the headquarters.

A. The Defendants’ co-principal

(1) Although the Defendants conspired to act as a broker on July 2012, 2012 and knew in Gangnam-gu Seoul Ro that it is personal information illegally collected by B, the purpose of the loan brokerage is to engage in loan brokerage, despite being aware that it is personal information collected by B

A. 2,4310,00 customers of the E card (name, resident number, cellular phone number, address, workplace name, etc.) was stored from B. The Defendant was aware of the divulgence of personal information, and received approximately 2,431,00 personal information from B for profit or unjust purpose.

(2) On June 2013, the Defendants conspired, despite being aware of the fact that the information was illegally collected by Defendant C’s passenger car parked in Gangnam-gu Seoul, Gangnam-gu, Seoul, the Defendants received approximately KRW 2,511,00 customers of the E card under subparagraph 1(b)(4) of the said subparagraph for the purpose of loan brokerage, and the PC in which approximately KRW 5,378,000 customers of the J card under subparagraph 1(c) was stored.

B. Defendant C’s sole criminal conduct

On November 2012, 2012, the Defendant, despite being aware of the fact that it was illegally collected personal information at the coffee shop set forth in the preceding paragraph, received the USB in which 5,000 personal information was included from B for the purpose of lending brokerage, as well as received the personal information of 95,000 credit card companies, from around three times in total, as shown in attached Table 1 (1) from August 2013.

[2014 Highest 947]

Although no one may damage another person's information processed, stored, or transmitted through an information and communications network, or infringe or divulge another person's secrets, Defendant B received information from the E Bank's cards, J cards, and L customers illegally collected by Defendant A, and attempted to provide it to loan brokers, etc.

1. Disclosure to D or C;

A. On July 2012, Defendant B, at the coffee shop near Gangnam-gu Seoul Roon, distributed approximately KRW 2,4310,00 of the card customers (name, resident number, cellular phone number, address, workplace name, etc.) of the E Bank to C, the head of the same enterprise headquarters, who received instructions from the representative of Q. D during the loan, and divulged other person’s secrets to D and S.

B. Defendant B, within C’s car parked in Gangnam-gu Seoul, on June 2013, issued to C instructions from the said D, divulged another’s secret to D and C by delivering approximately 2,510,000 information (name, resident number, cell phone number, card number, card number, card limit amount, card use amount, etc.) of the E Bank’s card customers and approximately 5,378 thousand information (name, resident number, cell phone number, cell phone number, address, workplace name, etc.) of J Card customers.

2. Disclosure to C:

Defendant B provided, at the above coffee shop on November 2012, 201, approximately KRW 95,000 of the customers of credit card companies, including the provision of 5,00 credit card companies’ information to C, from that time to that time, and provided, from August 2013, 201, information about KRW 95,00 of the customers of credit card companies, including the provision of 5,00 credit card companies’ information to C, and divulged others’ secrets.

3. Disclosure to T.

Defendant B, around January 2013, issued 2,5110,000 customers of the E Bank’s card (name, resident number, cell phone number, card number, card number, card limit, card use amount, etc.) to T disclose another’s confidential information to T by delivering approximately 2,510,000 information (name, resident number, cell phone number, card number, card number, card use amount, etc.).

4. Disclosure to V and W.

Defendant B came to know of the e-mail account and passwords used by V at the P office of the Defendant’s lending sales company operated by the Defendant in Yeongdeungpo-gu Seoul, on January 2013, through W upon request from V to receive credit card companies information, and provided information (name, resident registration number, cell phone number, address, workplace name, etc.) of approximately 10,00 credit card companies by accessing the said e-mail and making it available. From that time to December 2, 2013, Defendant B provided approximately 4,890,000 credit card companies’ total sum of customers by making it business, as shown in Attached Table 2 (2).

5. Divulgence to W.

Defendant B, at the above P Office on August 2013, known of W’s e-mail account and password from W, provided approximately KRW 100,00 of the credit card company customer information (name, resident number, cell phone number, address, workplace name, etc.) by accessing the said e-mail and making it available to W. Defendant B disclosed the other person’s confidential information.

6. Disclosure to X.

Defendant B came to know of the e-mail account and password used by X from the above P office on November 2012, 201, and provided approximately 3,00 credit card companies customer information (name, resident registration number, cell phone number, address, workplace name, etc.) by accessing the above e-mail and making it available, and provided 3,000 credit card companies’ confidential information from November 201, 2013, including, from that time, about 10 times in total, 4,780,00 credit card companies’ total customers’ confidential information, as shown in attached Table 3 Crime List (3).

7. Divulgence to Y;

Defendant B provided approximately 5,00 credit card companies customers (name, resident number, cell phone number, address, work name, etc.) with information (name, resident registration number, address, etc.) at the above P P P Office on March 2013 by ordering the Z, who is an employee of the above P PP office, and by transmitting Y with Y's 'A's 'A' to the Y in compliance with the instructions. From that time to May 2013, Defendant B provided information about 78,00 credit card companies' total sum of 780,000 credit card companies around 4 times in total, as shown in attached Table 4 (4). In collusion with the above 2, Defendant B disclosed confidential information to Y.

8. Disclosure to AB.

Defendant B, at the above P Office on February 2013, became aware of the e-mail account and password used by AB from AB, provided approximately KRW 100,000 of the customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) by accessing the said e-mail and making it available. From that time, Defendant B provided information of approximately seven hundred and sixty thousand customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) on a total of seven occasions, such as the list of crimes (5) in attached Table 5 (5) from September 2013.

9. Disclosure to AC;

Defendant B, in the vicinity of the Seoul Northern-gu AD office on November 2012, 201, provided information on approximately 280,00 credit card holders’ customers (name, resident number, cell phone number, address, workplace name, etc.) to AC, and provided information on the sum of 540,00 credit card holders’ customers, as shown in attached Table 3 (6) from that time up to March 2013, Defendant B divulged the confidential information to AC by providing information about three times in total, as shown in attached Table 3 (6).

10. Disclosure to AE;

Defendant B, on September 2013, at a loan brokerage office for the operation of AE located in the Gyeonggi-do Government-si AF of the Government of Gyeonggi-do, provided information on approximately 500,00 credit card holders' customers (name, resident number, mobile phone number, address, work name, etc.) to AE, thereby divulging the confidential information of others to AE.

11. Divulgence to AG;

Defendant B, at the early December 2012 P office, became aware of the e-mail account and password used by AG from AG, provided approximately 20,00 credit card companies’ customer information (name, resident number, cell phone number, address, workplace name, etc.) by accessing the said e-mail and making it available. From then on June 2013, Defendant B provided approximately 410,00 credit card companies’ total customers’ confidential information on five occasions, such as the list of crimes (7) in attached Table 7, from that time to June 2013.

12. Disclosure to AH;

Defendant B, at the above AI office on March 2013, known of the e-mail account and password used by AH from AH, provided approximately 30,00 credit card companies’ customer information (name, resident number, cell phone number, address, workplace name, etc.) by means of accessing the said e-mail and making it available. From that time, Defendant B provided approximately 30,000 information totaling six times, as shown in the [Attachment 8 Crime List (8] up to September 2013, 200, and disclosed the confidential information to AH.

13. Divulgence to AI;

Defendant B, at the above P Office on November 2012, known of the e-mail account and password used by AI, provided approximately 50,00 credit card companies customer information (name, resident number, cell phone number, address, workplace name, etc.) by accessing the above e-mail and making it available. From that time, Defendant B provided approximately 195,00 credit card companies’ total sum of customers of credit card companies at the beginning of August 2013, 201, as shown in attached Table 9 Crime List (9). Defendant B disclosed other person’s secrets to AI.

14. Disclosure to AJ;

Defendant B issued 67,00 credit card holders’ information (name, resident number, mobile phone number, address, work name, etc.) to AJ on October 2012, 201, and continuously issued USB to AJ on November 2012 where approximately 120,00 credit card holders’ customer information (name, resident number, cell phone number, cell phone number, address, and workplace name, etc.) were stored at the above AK cafeteria, and provided 187,000 credit card holders’ customer information (name, resident number, cell phone number, address, workplace name, etc.) on two occasions in total.

15. Divulgence to AL;

Defendant B provided approximately 50,00 customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) with approximately 50,00 customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) by means of accessing the said e-mail and making it available at the above e-mail at the above P office on August 2012, Defendant B provided approximately 10,00 customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) in the same manner at the early police station on January 2013, and provided information on the total sum of customers of credit card companies twice in total, and divulged confidential information to AL.

16. Disclosure to AM;

Defendant B provided approximately 40,00 customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) with approximately 50,00 customers of credit card companies (name, resident number, cell phone number, address, workplace name, etc.) by means of accessing the said e-mail and making it available at the above P Office on February 2013. Defendant B provided information (name, resident number, cell phone number, cell phone number, address, workplace name, etc.) by the same method at the Hamannman Office on August 2013. Defendant B provided approximately 90,00 credit card companies’ total customers with information twice in total, and divulged information to AM.

17. Divulgence toN;

Defendant B provided approximately fifty thousand credit card holders’ information (name, resident number, cell phone number, address, workplace name, etc.) by transmitting e-mail at the above P P office on September 2013, 201, and by e-mail used by N, and divulged another person’s confidential information.

18. Disclosure to AO;

Defendant B provided approximately 9,00 information (name, resident number, cell phone number, address, workplace name, etc.) to a credit card company customer by means of accessing the said e-mail and providing approximately 29,00 credit card company customer information (name, resident number, cell phone number, address, workplace name, etc.) at the above P office on January 2013, Defendant B provided approximately 20,00 credit card company customer information (name, resident number, cell phone number, address, workplace name, etc.) in the same manner at the above office on January 1, 2013, and provided approximately 29,000 credit card company customer information twice in total.

19. Divulgence to AP;

Defendant B provided approximately 10,00 customers of credit card companies with approximately 3,00 information (name, resident number, cell phone number, address, work name, etc.) by transmitting e-mail used by AP from the above P P P office on January 2013, and provided approximately 3,00 credit card companies customer information (name, resident number, cell phone number, cell phone number, address, work name, etc.) by the same method at the above P office on July 2013, and provided approximately 13,000 customers of credit card companies with approximately two occasions in total, and disclosed confidential information to AP.

20. Disclosure to A Q

Defendant B, at the above P Office on January 2013, 201, sent approximately 5,00 information (name, resident number, mobile phone number, address, work name, etc.) of credit card company customers by accessing the e-mail used by the Defendant, and provided Q with the above information by informing A of the above e-mail account and password and allowing Q to download the above information to the USSB of Q, thereby divulging disclosed another’s secrets.

[2014 Highest948]

1. From October 2009 to April 2010, Defendant A’s employees of “M” around April 2010, Defendant A was in charge of the development and installation of the card accident analysis system (FDS) entrusted by the said companies from September 2013 to December 2013, while receiving customer information processed, stored, and transmitted from L servers, and used them for the development and installation of the said system.

Nevertheless, around April 2010, the Defendant stored the above information in the Defendant’s PC around July 2010, at the L Card head office located in the Yeongdeungpo-gu Seoul Metropolitan Government AR Building without a format of 1,023 thousand LL customers’ 1,023 information (name, resident number, cell phone number, address, workplace name, card limit, etc.), and stored the above information in the Defendant’s PC while keeping it in the Defendant’s home. On January 2011, the Defendant, at the P office located in Yeongdeungpo-gu Seoul Metropolitan Government, saved the above information from approximately 1,023 thousand customers’ information (name, resident number, cell phone number, address, workplace name, etc.) and stored the above information to the North Rot, and then distributed it to the Defendant’s 250,000 customers’ information (name, resident number, cell phone number, address, and workplace name, etc.) and then, stored the above information to the two hundred and fifty thousand customers’ information.

2. Defendant A’s E- Card

The Defendant, as an employee of the “F” credit information company, has been in charge of the development and installation of the card accident analysis system (FDS) entrusted by the E Bank Card Business Department from May 2012 to December 2012, the Defendant provided customer information processed, stored, and transmitted from the E Bank server and used it to develop and install the said system.

Accordingly, in the performance of the above duties, the defendant shall install a security program in the business PC, and shall not arbitrarily store or remove customer information from USB, etc.

(a) Infringement and leakage around June 2012;

Nevertheless, on June 2012, the Defendant had access to the Defendant’s USB to the E Bank Card Business Department Office located in Seodaemun-gu Seoul, Seodaemun-gu, Seoul, and had access to the business PC for which no security program was installed, and had approximately 2,4310,00 information (name, resident number, cell phone number, address, workplace name, etc.) on the E Bank’s card customer stored in the business PC.

(1) After that, on June 2012, the Defendant: (a) connected the Defendant’s USB, which was stored with approximately KRW 2,4310,00 of the customers of the E Bank’s cards (name, resident number, mobile phone number, address, work name, etc.) cut off, and stored the said information in the Ept North Korea; and (b) delivered it to B.

(2) On July 2012, the Defendant: (a) connected the Defendant’s PC in transit of Nowon-gu in Seoul Special Metropolitan City to the Nowon-gu’s office; (b) stored the said information on the Nowon-gu’s PC; and (c) delivered it to B.

(3) On July 2012, the Defendant continued to have access to the Defendant’s PC, in which such information was stored, to B’s PC, stored the said information in the npt, and then delivered it to B.

Accordingly, the Defendant infringed upon and leaked the confidential information of the E Bank by making a deduction of approximately 2,4310,000 customers of the E Bank’s card, and by delivering it to B.

(b) Infringement around October 2012 and leakage around January 2013;

Nevertheless, at the above card business division office around October 2012, the defendant connected the defendant's USB to the business PC using those whose security program installed in the business PC was deleted due to the business PC format, and he stored approximately 2,510,000 card customers (name, resident registration number, cell phone number, card number, card number, card limit amount, card use amount, etc.) of the E bank stored in the business PC in the above USB and carried it out. After that, the defendant, around January 2013, sent it to the defendant's house, approximately 2,511,00 information (name, resident registration number, cell phone number, card number, card number, card limit, card amount, etc.) of the E bank's credit card customers (name, resident registration number, card number, card number, credit card amount, etc.) stored in the PC, and stored and delivered it to B.

As a result, the Defendant, through the above methods, divulged others’ secrets and disclosed other persons’ credit information obtained in the course of performing duties as credit information dealers by releasing approximately 2,511,00 credit cards customers of the E Bank, and then transmitting them to B.

3. Violation and leakage of J cards around February 2013.

Accordingly, in the performance of the above duties, the defendant shall install a security program in the business PC, and shall not arbitrarily store or remove customer information from USB, etc.

Nevertheless, around February 2013, the Defendant visited the Defendant’s USB to the Jongno-gu Seoul J Card Center, and kept approximately KRW 5,378 thousand information (name, resident number, mobile phone number, address, workplace name, etc.) stored in the PC for business purposes, and possessed it at will. On April 2013, the Defendant sent it to B after accessing the Defendant’s outer hard disk drive (name, resident number, cell phone number, address, workplace name, etc.) stored in the PC. At the above B’s house, around 5,378 information (name, resident number, cell phone number, address, workplace name, etc.), which had been deducted as above, was connected to the Defendant’s outer hard disc stored in the PC and stored it in the PC, and then delivered it to B.

As a result, the Defendant violated and disclosed the secrets of others by delivering them to B after deducting approximately 5,378,00 customers of J Card in the above manner. [2014 Highest 1097]

Although no one may damage another person’s information processed, stored, or transmitted through an information and communications network, or infringe, use, or divulge another person’s secrets, the Defendant was able to sell or provide illegally collected personal information of a credit card company provided by B to a lending solicitor, etc. Around February 2013, Defendant C divulged disclosed another person’s secrets by delivering output containing approximately three hundred thousand personal information of a credit card company’s customer to AU andV, a lending solicitor, at the Songpa-gu Seoul Metropolitan Government coffee shop.

On September 2013, Defendant C continued to divulge others’ secrets by delivering to the above AU andV the USB, which contains approximately one million personal information (on hand) of credit card companies customers, at the above AT coffee shop.

Summary of Evidence

1. Defendants’ respective legal statements

1. Evidence list (2-5, 14, 15, 22, 24, 25, 27, 35, 36, 40, 43-45 Nos. 2-5, 201, 23-45

1. The evidence list (2014 order602) Nos. 1 to 8, 11, and 12 submitted by the prosecutor;

1. The evidence list submitted by the prosecutor (2014 highest947) Nos. 4-14, 18-36

1. The list of evidence submitted by the prosecutor (2014 senior group948) No. 12-16

1. The list of evidence submitted by the prosecutor (2014, 1097, hereinafter referred to as "the list") Nos. 1 and 2;

Application of Statutes

1. Article relevant to the facts constituting an offense and the selection of punishment;

(a) Defendant A: Articles 50(1)6 and 42(1) of the Act on the Use and Protection of Credit Information; Articles 71 subparag. 11 and 49 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.;

B. Defendant B: Articles 71 subparag. 6 and 28-2(2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.; Articles 71 subparag. 11 and 49 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.; and choice of imprisonment

(c) Defendant C: Articles 71 subparag. 6 and 28-2(2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.; Article 30 of the Criminal Act; Articles 71 subparag. 5 and 28-2(1) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.; Articles

D. Defendant D: Article 71 Subparag. 6 and Article 28-2(2) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.; Article 30 of the Criminal Act; the choice of imprisonment

1. Commercial concurrence and the choice of punishment (defendant A);

Articles 40 and 50 of the Criminal Act, Selection of Imprisonment

1. Aggravation of concurrent crimes;

Articles 37 (former part), 38 (1) 2, and 50 of the Criminal Act

1. Confiscation (Defendant A, B, and C);

1. The reason for sentencing under Article 48(1) of the Criminal Act: (a) where a customer’s personal information managed and protected by a credit card company, etc. is illegally leaked, damage therefrom is merely an infringement of personal legal interests and interests arising from the divulgence of personal information without relation to the victim’s will; (b) the victim’s identity information is not an infringement of the victim’s own identity information; and (c) the victim’s risk of various crimes, such as a financial crime or scaming, which uses another’s personal information; and (d) the scope and duration of damage can not be measured; and (e) the leaked information has a characteristic of widely spreading the scope and duration of damage; and (e) the scope of damage is not clear about the information and communications network dealing with personal information, including a financial institution, and thus, personal and social expenses that should be paid for recovery are enormous. Accordingly, imposing strict criminal liability on the crime of this case where most Korean population individuals in economic life are seen to have leaked. Accordingly, it is necessary to protect and manage such information as a legitimate punishment of social harm caused by the crime.

2. In light of the risk of the leakage of personal information, in particular, in the case of a person who has leaked or received personal information for the first time, such an act is the starting point of all crimes resulting from the divulgence of personal information, and the person who intends to conduct business operations in a sound manner, the need to impose a more severe punishment is affirmed. Furthermore, the party who illegally leaked personal information is rapidly and widely spread regardless of one’s own will to deliver such information to another person, and the information is sufficiently expected to be used for unlawful purposes. As such, the party who has leaked personal information cannot be said to be held liable on the ground that the party who received the information was promised to prevent the divulgence of personal information, and thus, the party who has leaked the personal information is obliged to take the promise to prevent the divulgence of

3. In addition to the fact that the Defendants made confessions and reflects as the grounds for sentencing against the Defendants, the Defendants’ age, character and conduct, environment, family relationship, motive, means and consequence of the crime, as well as the various circumstances constituting the conditions for sentencing as indicated in the records of the instant case, including the circumstances before and after the crime, the grounds for sentencing individually considering the Defendants are as follows.

(a) Defendant A: The first offender, and the fact that the amount of 16 million won is received from B in return for committing the instant crime;

(b) Defendant B: The sales of customer information leaked by Defendant A to a third party engaged in lending or brokerage business, etc. and the sales of a large amount of profit, and cooperation with investigation by an investigative agency, etc.

C. Defendant C: Defendant B received personal information from Defendant B for the purpose of using it for a loan brokerage business between Defendant C, an accomplice, and performed a leading role in using it; Defendant C returned the personal information that he received to a third party; and Defendant C cooperatedd with investigation by an investigative agency.

(d) Defendant D: A person who has no other criminal records, except for a fine imposed on one occasion;