As the 4th Industrial Revolution progresses, new social paradigms are emerging that have not been experienced before. The intelligent information society can be seen as one of them. Various new social utilities are created with the emergence of the intelligent information society in which the intelligent information technology represented by artificial intelligence plays a central role. But at the same time, new risks also are arising. Thus, how to respond to the risks posed by intelligent information technology is a new task to the legal system. In that situation, this article deals with the risks of intelligent information technology and the question of how it is desirable for the legal system to respond to those risks. To do this, the author use the legal theoretical method. Using this method, this article explores the risks of intelligent information technology and legal ways to respond to them. This article analyzes the risks of intelligent information technology based on the distinction of personal information, algorithms, and social use of intelligent information technology. Here risks related to collection and use of personal information, risks related to malfunction and bias of algorithms, and risks related to social use of intelligent information technology are investigated. In addition, it analyzes whether the current legal system has sufficient capacity to cope with these risks. Through this, this article presents the following regulatory principles for the risks of intelligent information technology. The practical harmony between the use and control of intelligent information technology, autonomous control, action-oriented control, pre-existing control, and reflective control. Based upon those, this article proposes the following regulatory measures. These include ethics, intelligent information technology certification, impact assessment, the right to explanation and complain, and the duty to improve intelligent information technology.