Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
South Korean companies that do business in the European Union, including Samsung Electronics Co. and LG Electronics Inc., must prepare for the bloc’s new privacy regime to avoid becoming international noncompliance targets, privacy professionals told Bloomberg BNA.
There are mixed perceptions about South Korean companies’ level of preparedness for the EU General Data Protection Regulation (GDPR)—even though the country has one of the strictest privacy framework laws in the world. Companies should monitor official guidance on the GDPR to identify differences between it and South Korea’s Personal Information Protection Act (PIPA), the privacy pros said.
The GDPR is the first significant overhaul of European data protection laws in a generation. It dramatically raises potential fines for any single infraction to as much as 20 million euros ($22.4 million) or up to 4 percent of a company’s worldwide revenue, whichever is higher. Those fines will be immediately available to EU privacy regulators as a sanction when the GDPR takes effect May 25, 2018.
Sang Woo Kim, a partner at Ernst & Young Hanyoung Corp., who specializes in cybersecurity risk, told Bloomberg BNA that most South Korean companies doing business in Europe will be able to meet the compliance deadline. A joint task force of over 30 data protection professionals from the public, private, and academic sectors has been preparing Korea for adequate compliance while bringing the country’s existing regulations in line with the GDPR, he said.
Park Jong-hyun, chief of the Personal Information Protection Cooperation Division in South Korea’s Ministry of Interior, said the government is taking a wait-and-see approach before exploring enforcement policies to help prepare companies for the GDPR.
“Rather than unconditionally following the GDPR, we will take our time to adjust what’s right for us. It’s unnecessary to amend all the rules we already have,” Park said.
South Korea is among the least prepared countries to adopt the GDPR standards, according to a recent survey report commissioned by Veritas Technologies LLC. More than half of businesses in South Korea said they felt unprepared for the GDPR, the report said.
But many of those companies may actually be better prepared than they think because Korea’s PIPA closely aligns with the GDPR, the privacy pros said.
“Korea is rated highly for having a globally advanced personal data protection law,” Kang Hye-kyung, a researcher at the state-run Korea Internet and Security Agency (KISA), told Bloomberg BNA. She cited the country’s personal data leak reporting system, privacy impact assessment, and certification system. “I assume we are in an advantageous position compared to other countries in preparing for the GDPR,” she said.
Ted Taeeon Koo, managing partner at Tek & Law LLP in Seoul, told Bloomberg BNA that South Korean companies are accustomed to strong privacy laws, “so they are most likely to be well prepared for the GDPR.”
Oh Byoung-il, a researcher at the independent Institute for Digital Rights, told Bloomberg BNA that internet and information technology companies that handle European citizens’ data, especially those relying on big data analysis, should be the most concerned about the GDPR.
Tech companies that sell consumer electronics, including smart TVs, refrigerators, washing machines, and internet-connected devices that process and transfer personally identifiable information, may also be affected, the privacy pros said.
Koo said he advises South Korean companies looking to prepare for the GDPR to expand the authority of their data protection officers and monitor guidance from EU privacy regulators.
LG spokesman Ken Hong told Bloomberg BNA that the company is carefully monitoring GDPR guidance “as we work toward compliance.”
Samsung spokeswoman Kelly Yeo told Bloomberg BNA that the company is teaming with its local offices in Europe to keep a close eye on the guidelines.
The South Korean government's latest guidelines for GDPR preparation are available, in Korean, at http://bit.ly/2sjLiKQ.
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)