Abstract
The purpose of this study is to present a legal system in which information is actively collected and utilized to monitor the location and health of self-quarantined persons through IT, to identify loopholes in the law and regulatory system in view of data protection and utilization, and to propose a legislative solution for those loopholes. In Korea, the Infectious Disease Control and Prevention Act ("the Prevention Act") regulates all matters related to the prevention and management of infectious diseases, including the use of information on self-quarantine apps. Article 42(2) of the Prevention Act states that local governments are authorized to collect the location and health information of a quarantined citizen; however, the law does not elaborate on how this information can be used and what other information can be used in combination with the collected information. Thus, the Personal Information Protection Act ("the Protection Act"), as a general privacy law, is applied supplementarily. However, since the Protection Act is very general and does not have accumulated cases, there is uncertainty about how governments can utilize the collected information. Therefore, it is necessary to consider a legislative solution that includes a direct and clear basis for the use of personal information collected under the Prevention Act in consideration of Korean privacy regulations.