KITA News and Reports
  • EU’s Privacy Act (GDPR), Risks of Huge Penalty

    EU’s Privacy Act (GDPR), Risks of Huge Penalty


    - KITA held countermeasure forum ahead of its implementation on May 25 -


    The Korea International Trade Association (Chairman, Kim Young-joo) held ‘EU’s General Data Protection Regulation (GDPR) Countermeasure Forum’ in cooperation with the Korea Internet & Security Agency and the European Chamber of Commerce in Korea at the COEX in Seoul on April 11 ahead of the EU's General Data Protection Regulation (GDPR) which will be in effect on May 25.


    GDPR is an integrated regulation established to strengthen the protection of personal information of European citizens. It will be mainly applied to the business operators in the EU who deal with personal information or provide goods and services to the EU regions. In particular, Korean companies’ close attention is required as when GDPR is violated, the penalty of up to 20 million euro or 4 percent of the company's worldwide sales will be imposed.


    During the forum, an analysis of the major issues of the GDPR and the countermeasures of Korean companies were discussed. In the first session, Professor Park Noh-hyeong of the College of Law, Korea University, said, "The GDPR recognizes the use of personal information and personal information as the same value." The professor stressed, "It is necessary for Korean companies to have a proper understanding of the GDPR and prepare systematic countermeasures against the introduction of new concepts such as pseudonymisation process, personal information transfer, and the right to be forgotten, and imposition of penalties for violation."


    Lee Chang-bum, a professor of Dongguk University and Kim Sun-hee, an attorney at Yulchon LLC compared the GDPR and Korean law by each feature, and presented legal issues, the impacts on Korean companies, and countermeasures against risks. Professor Lee emphasized understanding of the difference between the GDPR and Korean law by exemplifying Article 27 of the GDPR 'a duty to designate representatives'.


    In the second session, Kwon Hyun-jun, the head of the personal information policy department of the Korea Internet & Security Agency, introduced the GDPR guidebook and guidelines and presented more concrete countermeasures of companies. Jang Ok-hee at SK Innovation said in her presentation, "Before the GDPR takes effect, we are identifying the management status of personal information and IT assets of the offices in Europe. At the same time, we are preparing a wide range of countermeasures, including having domestic and overseas legal advice and establishing implementation tasks, distributing our own guidelines, and supporting their jobs.


    Vice Chairman Han Jin-hyun of the Korea International Trade Association, the host of the forum, said As the importance of protection of personal information has been spreading, it has had a considerable impact on the companies’ business areas as well as practice manners around the world. We will actively support Korean companies to have better understanding of the GDPR and to be able to preemptively respond to it.

    KITA Held Welcome Banquet with President Andrej Kiska of Slovakia
    Digital Innovation and Cloud Service in Companies’ Success Stories
Family Site