South Korea

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

China Issues Guidelines for Submitting the Personal Information Protection Impact Assessment for Data Exports | Privacy World

New Zealand Urges

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

The EU Approach to AI Regulation: Texts That Generative AI  Will Not Come Up With | Privacy World

Singapore Open-sources

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

The Philippines Consults on Draft Consent and Private Identification Cards Guidelines | Privacy World

Southeast Asia and the EU Publish

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

South Korea Consults on Draft Decree to Personal Information Protection Act | Privacy World

Bilingual Draft of China’s Standard Contract

On May 18, 2023, South Korea’s privacy regulator, the Personal Information Protection Commission (PIPC), released for public consultation a draft decree[1] under the Personal Information Protection Act (PIPA). The key changes proposed in the draft decree are as follows.

Consent

The draft decree seeks to enhance the right under the PIPA of citizens who are data subjects, to determine how their personal data may be processed. This is done by specifying that, where consent is the appropriate basis for processing personal data, such consent must be freely given by each data subject after it has been made explicitly clear to them that they can choose whether or not to consent. This includes ensuring that any personal data processing policy is implemented and disclosed in an easy-to-understand manner.

Where personal data is collected from a third party other than the data subject, the draft decree streamlines the requirement for notification that must be given, to the third-party source, of the details of use of the data subject’s personal data.
Continue Reading South Korea Consults on Draft Decree to Personal Information Protection Act

As 2018 picks up steam from its start, we are beginning to see traction in relation to various new regional data privacy and cybersecurity laws.  Many of the provisions seem designed to enable countries to seek an EU Adequacy Finding, which is akin to the Privacy Shield provisions between the EU and the US.  This would allow the easier transfer of EU data between the countries.
Continue Reading Security and Privacy: A View from Asia and the Middle East