With the convergence of information and communication technology, the era of hyper-connectivity has begun, and the lawful methods to process and use data including personal information is now more important than ever. The recent amendments to the ‘three data privacy laws’ would accelerate distribution and use of data in terms of speed, scope and depth. In addition, the development of the big data industry would increase the risk of infringement on our right of self-determination over personal information. Korea’s personal information laws and regulations impose obligations on not only conglomerates but also small- and medium-sized enterprises. Personal information infringement gives rise to risks of civil or criminal action, and it is very closely linked with business reputation. Further, as the issues in the internet-based industry may occur to any business regardless of the border, the need to monitor compliance with the laws and regulations in the country where the services are provided is becoming ever more imperative.
Jipyong’s Privacy and Data Protection Team has focused on this area before implementation of the Personal Information Protection Act (“PIPA”) and has gained unparalleled experiences. Our Team consists of attorneys who are well known for extensive experiences, quick response and client-tailored consultation services have excelled in providing legal advice and consulting services on personal information compliance and responding to personal information leakage. We will use our best efforts to update the trends of the fast-changing privacy and data sector and provide our clients with practical approach to support their business management.
Key Practice Areas Close
- Advised clients on information protection issues (including personal information) and provided compliance and consulting services
- Advised clients on the establishment of and amendments to a privacy policy and terms and conditions of use
- Advised clients on the information protection management system and authorization methods for the information protection management system (including but not limited to ISMS and ISMS-P)
- Advised clients on their response to an on-site personal information protection inspection
- Advised clients on their response to personal information leakage and hacking and represented clients in a dispute resolution procedure
- Advised clients on the personal information risk analysis upon introduction of new and integrated services
- Advised clients on the due diligence on and processing of data (including personal information) upon M&A
Experience Close
- Advised organizations and companies including Korea Employment Information Service, Company D (a lottery ticket outsourcee), Company G (an e-commerce company), Company S (a global coffee franchise), and Company M (an e-book subscription service provider) on their response to the personal data breach cases and represented such organizations and companies in the regulatory agency’s investigation
- Provided consulting services regarding the establishment of data/personal data protection system to 20 clients including Company M (a company with an online platform-based business model)
- Represented enterprises in civil proceedings related to personal information leakage caused by portal or messenger server hacking
- Advised a card company on its response to the customer information leakage incident and representing the company in the criminal proceeding
- Advised and represented a global company in its response to on-site investigations related to personal information issues
- Advised a major Korean financial online platform operator on compliance related to its personal credit information processing and “my data” business in connection with the launch of a new service
- Advised a major Korean insurance company on compliance in relation to the use of customer information, insurance marketing and personal information processing
- Advised a major Korean insurance company on compliance in relation to the processing of personal medical information for its healthcare business
- Advised on major privacy issues such as unauthorized processing of personal information for AI chatbot service and unauthorized provision of personal information in connection with comprehensive income tax refund service
- Conducted research for the Personal Information Protection Commission and Korea Internet & Security Agency on ‘Legal and Institutional Research to Improve the Personal Information Protection Act on Pseudonym Information Processing’; conducted research for the Personal Information Protection Commission on ‘How to Improve the Personal Information Processing and Protection System on Digital Platforms’; and participated as a member of the Research Committee for the Revision of the Personal Information Protection Act and its Enforcement Decree under the Personal Information Protection Commission
- Provided consulting services related to regulatory clearances to the Artificial Intelligence Industry Cluster Agency and AI companies
- Provided consulting on business structure design and legality of AI short form platform for Company A (an AI company)
- Advised multiple clients, including Company B (an AI company), on copyright law issues such as the legality of crawling and scraping in the data collection process and temporary reproduction
