-DATA PROTECTION AND PRIVACY-
The Significance of Data Protection In Korea
Korea JoongAng Daily reports on a new version of the Data Protection Act currently before the Korean National Assembly and experts’ calls for the reforms. Prof. Park Whon-il describes Korea’s data protection legislation history and the effect of current technological advances extending personal information from “the data of a living person such as character, voice, sound and image…to include data such as e-mail addresses, credit card numbers and log files.” With proposed revisions to the act aimed at regulating the public and private sector, Park notes the importance of an independent data protection authority and provisions for breach notifications.
South Korea Passes New Data Protection Law
South Korean President Lee Myung-Bak approved on March 29, 2010, the Act on the Protection of Personal Data, a comprehensive privacy law that will require nearly all businesses and government agencies to protect personal information in databases and prevent damage caused by leaked and misused personal data. The law follows established data protection principles that require prior consent for the collection, use, sharing and disposal of personal data. Lisa Sotto, head of the privacy and information management practice at Hunton& Williams in New York City, said “[under the new act individuals will have improved legal recourse for privacy infringement, such as (1) privacy telephone hotline centers to register the data protection complaints; (2) a dispute mediation committee that can seek out-of-court privacy settlements; and (3) the option of filing a class-action lawsuit,” Sotto said.
Personal Information Protection Act: Issues for Employers
Korea recently enacted the Personal Information Protection Act in order to protect rights and interests in connection with personal information. Although the act went into effect on September 30 2011, the Ministry of Public Administration and Security has provided for a six-month transition period, allowing time to educate companies. If any person processing personal information fails to comply with the obligations set out in the act, such person may be subject to penalties including criminal punishment up to 10 years or an administrative fine of up to KRW50 million (approximately $44,000). Under the act, ‘personal information’ includes general, family, communication, location, and hobby/habit information and now extends beyond customer information to employees as well. Previously in Korea, it was common practice for employers to collect, use and provide their employees’ personal information with almost no restrictions. With the implementation of the act and the consequent penalties therein, employers will be required to obtain consent from employees throughout the different stages of employment and to adopt a systematic approach to the management of personal information.
Privacy Laws to be Overhauled Korea To Ban Online Collection Of Resident Numbers
Resident registration numbers will no longer be requested by websites and companies as the government announced measures for better data protection. The announcement came amid privacy concerns after a series of large-scale hackings into major portals and other data related crimes such as identity theft and voice phishing here. Aimed at minimizing the collection and use of resident registration numbers, the new plan contains stronger measures to prevent potential data leakage. More specific regulations will be finalized through the pending revision to the personal information protection law that is scheduled in the second half of the year, officials said.
Criminal Past Checks to be Conducted on Taxi Drivers
Seoul City is planning to check every taxi driver to see whether they have a criminal record by next year as part of measures to protect passengers from crimes committed by cabbies. The plan, however, may bring controversy over human rights infringements, because drivers claim that the step treats all of them as potential criminals. In the past, only drivers with a newly obtained license were subject to having their records checked. The revised law, which took effect on August 2, expands the monitoring to all drivers. Officials of the city government said they are talking with police to see whether cabbies in the capital were previously convicted of certain felonies in order to cancel their licenses. The revised law also bans a former convict from driving taxis for 20 years after their release from prison ― a huge extension from the previous two years. But police said the monitoring is only available for drivers who obtained a license after the revised law’s implementation. Taxi drivers have protested the plan, which they claim infringes on their human rights and is not a fundamental solution to prevent crime.