Support Centre

South Korea: National Assembly passes Data 3 Act

The National Assembly of the Republic of Korea ('the National Assembly') announced, on 9 January 2020, that it had passed proposed amendments (collectively, 'the Data 3 Act') to the Personal Information Protection Act 2011 ('PIPA'), the Act on Promotion of Information and Communications Network Utilization and Information Protection 2001 ('ICNA'), and the Credit Information Use and Protection Act 2008 ('the Credit Act'). In particular, the National Assembly noted that the proposed amendments to ICNA focus on transferring personal information protection provisions to PIPA.

In addition, the Ministry of Science and ICT ('MSIT'), the Financial Services Commission ('FSC'), and the Ministry of the Interior and Safety ('MOIS') released notices on the Data 3 Act. The MSIT highlighted that the proposed amendments to PIPA would clarify the criteria for assessing anonymous information, develop the concept of pseudonymisation, and strengthen personal information processor responsibilities. Moreover, the MOIS outlined that the Data 3 Act would alleviate certain burdens related to obtaining additional consent, expand the scope of the Personal Information Protection Commission, and encourage developments in blockchain, artificial intelligence, autonomous vehicles, and FinTech, among other sectors.

Furthermore, the FSC clarified that proposed amendments to the Credit Act include, among other things, provisions relating to pseudonymous and anonymous information, and strengthening of personal information protection in the financial sector. The MSIT, the MOIS, and the FSC analysed how the Data 3 Act would benefit South Korea's efforts towards obtaining adequacy recognition from the European Commission.

You can read the National Assembly press release here, the MSIT notice here, the MOIS notice here, and the FSC notice here, all only available in Korean.