ARTICLE
23 February 2015

South Korean Communications Commission Releases Guidelines On Data Protection For Big Data

RS
Reed Smith (Worldwide)

Contributor

Reed Smith (Worldwide) logo
Reed Smith is a dynamic international law firm helping clients move their businesses forward. By delivering smart, creative legal services, we enrich clients' experiences with us and support achievement of their business goals. Our longstanding relationships and collaborative structure enable the speedy resolution of complex disputes, transactions, and regulatory matters.
In December 2014, the Korea Communications Commission released the "Big Data Guidelines for Data Protection".
South Korea Privacy

In December 2014, the Korea Communications Commission (KCC) released the"Big Data Guidelines for Data Protection" (Guidelines). Aimed at Information and Communications Service Providers (ICSPs), they are designed to prevent the misuse of "publicly available information" to create and exploit new information. The Guidelines expressly permit ICSPs to collect and use "publicly available information", within certain parameters.

"Publicly available information" is defined as "code, letters, sounds and images" that are "lawfully disclosed"; however, the Guidelines also cover Internet log information and transaction records.

According to the Guidelines, where such information includes personal information, the data must be de-identified before it may be collected, retained, combined, analysed or sold. The Guidelines also include a number of specific measures for ICSPs to take in connection with their collection and use of such information.

These measures include a duty to disclose their big data processing activities and policies to users, and to inform users of their rights to opt out. Other provisions include a prohibition on the collection, analysis and exploitation of sensitive information, and an obligation to ensure that information collected and used remains de-identified.

Before the Guidelines were introduced, the right to collect and use such information in South Korea was widely considered to be a grey area. The KCC has therefore provided much-needed clarification in this area. The Guidelines strike a balance between protecting personal information, on the one hand, and recognising the growth of the big data industry on the other.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More