Since technologies such as the Internet and sensors have been improved, information has been easily collected. Information has been actively collected, analyzed and used for a diverse business. In the past, a bank has analyzed an action history of a customer so as to decide the customer's credit. Recently, online shopping sites using the Internet have analyzed buying histories of customers so as to recommend new products. In addition, more direct business that collects and sells personal information of users and gives a part of profit back to the users has appeared.
As described above, information has been easily collected. On the other hand, issues of privacy of users have been exposed, and many cases such as leaking of personal information and violation of privacy have happened. Examples of advanced violation of privacy include specifying of privacy information of an attack target by using common information of the attack target registered in a plurality of databases and gathering a name (see Non-Patent Literature 1).
Such issues of privacy have been pointed out clearly since around 2000. Accordingly, many studies have been carried out actively, and diverse preventive technologies have been developed (for example, see Non-Patent Literature 2). However, the preventive technologies have been used for only a part of the issues.
Meanwhile, legislation has been developed. In the EU that is said to be the area most aggressive in preserving individual privacy, a regulation using an opt-in rule as a basic principle has been proposed, the opt-in rule seeking prior consent with regard to use of personal information for business.