The Democratic Party of Korea and the government said they would strengthen corporations' statutory damages to respond to a series of personal data leaks at Coupang, Seoul's Ttareungi bike service, and SK Telecom. They also decided to create a new criminal provision to punish a transaction party when leaked personal information is distributed on the dark web and elsewhere.

Han Jeong-ae, chair of the Democratic Party of Korea's policy committee, speaks during a party-government meeting to strengthen responses to personal data leaks at the National Assembly Members' Office Building in Yeouido, Seoul, on the 4th./Courtesy of News1

Ruling party lawmakers on the National Policy Committee and the Personal Information Protection Commission held a party-government consultation on the morning of the 4th at the National Assembly Members' Office Building to respond to personal data leak incidents.

Han Jeong-ae, the Democratic Party policy committee chair, said in her opening remarks, "As large-scale personal data leaks repeat, the public's anxiety and concern are growing very high," and added, "Right now it is virtually impossible for an individual to prove negligence by corporations responsible for data leaks, so we need to strengthen statutory damages regardless of negligence."

At the meeting, the party and government discussed: ▲ deleting "negligence or intent" from the requirements for statutory damages ▲ establishing grounds to punish illegal distribution of personal information ▲ providing incentives for small and mid-sized enterprises to protect personal information.

Park Sang-hyeok, the Democratic Party policy committee senior vice chair, told reporters after the meeting, "We discussed a plan to delete intent and negligence from the conditions for statutory damages so that corporations and others bear the overall burden of proof regarding personal data leaks," and said, "We decided to ban buying, providing, and distributing information with knowledge that it is leaked personal data, and to eradicate illegal distribution by creating a new criminal penalty."

He continued, "We also discussed legislative tasks to ensure accountability through swift and effective investigations of corporations and others when a personal data leak occurs," and explained, "We will impose compulsory fines for noncooperation with investigations and failure to comply with corrective orders, introduce evidence preservation orders when an incident occurs, and conduct regular status inspections of large-scale processors."

Yang Cheong-sam, Secretary-General of the Personal Information Protection Commission (PIPC), said, "We are supporting small and mid-sized enterprises through a government budget support program so they can strengthen their security systems for safety management," and added, "We will work on next year's budget formulation to strengthen the support program."

※ This article has been translated by AI. Share your feedback here.