South Korea to establish personal information protection system after major breaches

In the wake of a series of high profile data breaches, South Korea’s data privacy watchdog, the Personal Information Protection Commission (PIPC), is setting out to establish a “personal information protection system that provides citizens with peace of mind,” as one of 123 newly confirmed national tasks.

In a translated article, ChosunBiz reports that the system will “strengthen corporate accountability and expand citizens’ privacy rights in response to large-scale personal information leaks.”

To achieve this, it has laid out five key action plans: “strengthening sanctions for major accidents and providing victims with compensation, guaranteeing the right to self-determination of personal information, reestablishing a prevention-focused protection system, strengthening the role of the control tower in the AI ​​and data era, and establishing a secure personal information utilization system.”

It aims to bolster its system for detecting and deleting illegal distribution of personal information, pivoting to a system built on “standards for securing dedicated personnel and budgets for companies,” and a more robust certification process for personal information protection management systems.

“To ensure the right to self-determination of personal information, the scope of protection for children and adolescents will be expanded from under 14 to under 18, and the digital right to be forgotten, which supports the deletion of online posts, will be activated.” So, too, will the ability to request the takedown and deletion of deepfakes on established grounds.

The personal information utilization system will provide a “foundation for utilizing high-quality data for AI training, promote innovation in the pseudonymized information system, develop Personal Information Protection Enhancement Technology (PET), and cultivate specialized personnel.”

This week, the PIPC launched an investigation into a cyberattack on major payment card provider Lotte Card, which exposed the personal data of about 3 million customers. As reported in the Korea Times, Prime Minister Kim Min-seok has promised “a complete overhaul of data protection systems at telecoms and financial companies so that similar hacking incidents do not recur.”

Article Topics

data protection  |  Personal Information Protection Commission (PIPC)  |  South Korea