[Seminar] Current Issues on Data Protection in Korea

On December 21, 2018, a data protection (DP) seminar was held at Jeonnam University Law School in Gwangju.

The seminar was co-organized by the Law Institute of Jeonnam University and the Public Interest and Industrial Law Center of Seoul National University regarding the "Latest Developments of Data Protection Regime and Current Issues".

 

The detailed subjects and speakers were:

* Legal aspects of trans-border data flow in EU and Japan

  by Prof. Hahm In-seon at Jeonnam University.

* Administrative system for data protection in Korea and related legal reform

  by Pro. Kwon Heon-young at Korea University

* Data portability under GDPR focused on My Data project

  by Prof. Kim Tae-o at Changwon University

* Latest developments of DP regime in Korea

  by Prof. Lim Gyu-chul at Dongguk University<

* Comprehensive discussions

  moderated by ex-Prof. Park Whon-il of Kyung Hee University Law School

 

* 제2세션의 좌장 이원우 교수와 마지막 발표자인 임규철 교수, 토론자 전학선, 정하명 교수(오른쪽부터)

I was invited as a moderator of the last session, Comprehensive discussions, though I retired from academia several months ago.

The topics were so complicated and globally dispersed that debate time was more or less insufficient. That's why more than 40 minutes were allotted for the proposed comprehensive discussions.

 

* 오른쪽부터 종합토론의 좌장과 패널리스트 이창범 박사(김앤장), 양환정 실장(과기부), 권현준 단장(KISA)

I started my session with an introduction to the main subject matter of today's seminar.

First, why is Korea required to observe the global DP criteria including those of the EU GDPR?

It's because Korea was admitted to the OECD, which demands the Member States to comply with the Privacy Principles. That's why Korea hasted to establish the Public Agency Data Protection Act in the late 1990s.

Second, what's the importance of the adequacy assessment based on the EU GDPR?

The criteria of the GDPR is highly respected global standards, and trade volume and data flows between Korea and EU are on the increase.

Most of all, Japan is also applying for the said adequacy taking on the occasion of FTA negotiations with EU almost at the same time as Korea.

* For further information, see Prof. Graham Greenleaf's article "Japan and Korea: Different paths to EU adequacy" on PLBI Report No.156.

 

Third, what's the role which I personally took in the course of the government process for the said adequacy taking?

I was committed to prepare for the self-assessment report - in 2016 for the Ministry of the Interior and Safety (MOIS) and in 2017 for the Korea Communications Commission (KCC) with a limited scope. The frameworks for the two reports were designed by Prof. Greenleaf of New South Wales University, Australia.

 

I expressed my opinion that the Korea's DP regime may satisfy those EU criteria except such critical issues as government access to personal communications data and data exports, which will be properly tackled by the government bills to amend the existing laws proposed to the National Assembly.

 

However, the situations have been largely changed because the ruling party has proposed new bills to overhaul the supervisory authorities into single authority with full power.

In short, Korea's DP laws are somewhat praised by foreign scholars as the toughest one in Asia with such innovative remedies as pecuniary compensation for data breach incidents, streamlined data protection dispute mediation procedure, compulsory data breach notification, etc.

However, the biggest problems remain to be solved. First and foremost, the penal provisions of DP Acts require strict interpretation and application of the relevant provisions. The typical case is the definition of personal information. That's the source of all problems.

 

Secondly, the purpose of data protection and privacy has changed from the initial right to be let alone, to the right to self-determinism of one's personal data. Now it really matters to yield the right to privacy to some extent for enhanced convenience in the 4th Industrial Revolution age.

* In my article "Government Access to Personal Data and ISPs' Response", I asserted that "the right to privacy has turned out to be an individual privilege to enhance IT convenience."

For the in-depth discussion on the current issues, the above two questions should be first answered. As a retired scholar, I earnestly ask for concerted and leveled-up efforts of colleagues and junior scholars to solve these problems.

 

* 멀리서 온 참석자들을 위해 주최측은 저녁식사와 숙소를 제공하였다. 그 이튿날은 팥죽을 먹는 동지였다.

* 광주 종합터미널에서 거리의 악사가 연주하는 피아노곡을 듣고 전라도식 팥죽과 찰밥을 먹을 수 있었다.

The next day I traveled around Jeollanam-do - Jindo Island and Gangjin.

Uldolmok (울돌목), a narrow strait separating the land and the island, is the famous naval battle area where Admiral Yi Sun-sin fought and defeated hundreds of Japanese war ships with only 13 ships. The Battle of Myeongnyang was an unbelievable victory for the Korean Navy under the command of Admiral Yi. 

 

* 정유재란(1597) 때 왜 함선이 쳐들어 오자 이순신 장군은 13척만으로 이곳 울돌목에서 대첩을 거두었다.

* 임진/정유왜란 일본군의 침략에 대처한 상황을 상세히 기록한 충무공의 난중일기 중 명량대첩 부분

The next destination was Gangiin where three kinds of treasure were found: Goryeo celadon klin cite, Hendrick Hamel detained for a while before escape and Jeong Yakyong on exile.

Alas, all of them were treated ill when they were alive, and  assessed as treasure hundreds years later. So they had no chance to contribute to the development of Gangjin and Korea.

See the next part of this journey, "Different stories between Korea and Japan".