Personal Information Protection Commission (South Korea)

The Personal Information Protection Commission is the national data protection authority of South Korea. It is formed as independent agency in year 2011 by 'Personal Information Protection Act(PIPA, Korean: 개인정보 보호법)',[2] and is now located in Government Complex Seoul. The Commission is constituted with 9 commissioners and one of them is the Chairperson, who is appointed by the President of South Korea.

Personal Information
Protection Commission
개인정보보호위원회
個人情報保護委員會
Gaein Jeongbo Boho Wiwonhoe

PIPC headquarters in Seoul
Independent agency overview
FormedSeptember 30, 2011; 13 years ago (2011-09-30)
TypeNational data protection authority
Jurisdiction KOR
HeadquartersSeoul Government Complex at Jongno-gu, Seoul, South Korea
37°34′30″N 126°58′31″E / 37.5748817°N 126.9752082°E / 37.5748817; 126.9752082
Employees163[1]
Annual budget58.5 billion KRW
(for 2023)[1]
Independent agency executive
Key document
Websitewww.pipc.go.kr

History

edit

The PIPA of South Korea was first enacted in year 2011 to establish general and comprehensive basis for regulation on data protection, overcoming formerly diffused and conflicting regulations around each type of data. The Act also had a goal to form PIPC as integrated apex authority governing over all data protection issues in South Korea. However, each of laws governing specified types of data continued to exist due to several legal issues, so PIPC was launched in 2011 with rather limited power to govern data protection issues. This limited position is reflected in organizational status of PIPC in 2011, as it was not an independent agency, yet rather an advisory panel for Ministry of the Interior and Safety which was in charge of enforcing PIPA at that time.[3]

Later in year 2020, the PIPA was amended to give complete power to PIPC as independent regulatory agency, with power to investigate personal data privacy failure cases and jurisdiction over adjudicating complaints and disputes on personal information.[4] Now under article 7-8 and 7-9 of the PIPA, the PIPC can impose administrative fines. Also by article 7(1), the PIPC is positioned as independent agency under Prime Minister, and article 7(2) guarantees that investigation and adjudication of the PIPC cannot be supervised by the Prime Minister.[2] This new power of the PIPC draws significant attempts to regulate big techs in South Korea. For example, the PIPC fined Facebook $6.1 million in November 2020 for sharing user's personal data without consent.[5] Also in September 2022, the PIPC fined Google $50 million and Meta Platforms $22 million for violating South Korean privacy regulations.[6]

Organization

edit

After amendement of the PIPA in 2020, the PIPC is now a 'central administrative agency (Korean: 중앙행정기관)', which is identical status as executive departments of the South Korean government. Among nine commissioners of the PIPC, its Chairperson is treated as one of minister in the government.[7] According to amended article 7-2(2) of the PIPA, both the Chairperson and the vice are only permanent commissioners among nine commissioners, and they are appointed by the President with proposition from the Prime minister. Under article 7-2(2) of the PIPA, other seven non-permanent commissioners are also appointed by the President via following recommendations; two by recommendation of the Chairperson, other two from recommendation of ruling party, and other three from recommendation of opposition parties.[2]

See also

edit

References

edit
  1. ^ a b 홍, 인택 (2022-09-13). "국가교육위 예산, 다른 위원회 5분의 1도 안 돼...유명무실 우려". Hankook Ilbo (in Korean). Retrieved 2022-09-14.
  2. ^ a b c "Personal Information Protection Act". Korea Legislation Research Institute. Retrieved 2022-09-02.
  3. ^ Ko, Haksoo; Leitner, John (2017). "Structure and enforcement of data privacy law in South Korea". International Data Privacy Law. 7 (2): 100–114. doi:10.1093/idpl/ipx004. Retrieved 2022-09-02.
  4. ^ Ko, Haksoo; Park, Sangchul (2020). "How to de-identify personal data in South Korea: an evolutionary tale". International Data Privacy Law. 10 (4): 385–394. doi:10.1093/idpl/ipaa015. Retrieved 2022-09-02.
  5. ^ Lee, Joyce (2020-11-25). "South Korean watchdog fines Facebook $6.1 million for sharing user info without consent". Reuters. Retrieved 2022-09-01.
  6. ^ Choi, Soo-hyang; Lee, Joyce (2022-09-16). "S.Korea fines Google, Meta billions of won for privacy violations". Reuters. Retrieved 2022-09-30.
  7. ^ 권, 수현 (2020-08-04). "'개인정보보호 콘트롤타워' 개인정보보호위 내일 공식 출범". Yonhap News Agency (in Korean). Retrieved 2022-09-01.
edit