Financial Crime World

Here is the rewritten article in markdown format:

South Korea Passes Significant Amendments to Data Protection Laws

=====================================================

SEOUL, REPUBLIC OF KOREA - In a move aimed at securing an adequacy decision from the European Commission, South Korea’s National Assembly has passed major amendments to its most important data protection laws.

Key Provisions

The changes, which went into effect on August 5, 2020, are part of South Korea’s ongoing efforts to bring its data protection regime in line with that of the European Union. The new regulations aim to reduce overlap and inconsistencies in existing laws and introduce a framework for the use of pseudonymized data.

  • Clarification of Definitions: The amendments clarify definitions for personal data, pseudonymized data, and anonymized data.
  • Restriction on Pseudonymized Data Processing: The permissible scope of pseudonymized data processing is restricted to statistical, scientific research, or public record-keeping purposes.
  • Authorization for Personal Data Controllers: Personal data controllers are authorized to combine pseudonymized data through specialized agencies.
  • Permitted Use and Release of Personal Data: Specified circumstances in which use and release of personal data without consent are permitted.

Increased Protection and Consolidation

The amendments also consolidate the status and powers of South Korea’s Personal Data Protection Commission (PDPC) and incorporate special provisions from ICNA into PIPA. Additionally, the Korean Communications Commission’s authority is explicitly delegated to the Korean Communications Office.

Impact on Businesses

The changes are expected to have a significant impact on businesses operating in South Korea and those that trade with European companies. Companies will need to ensure compliance with GDPR requirements and develop strategies for increased involvement in the EU market.

Adequacy Decision

As a result of these amendments, the European Commission announced the successful conclusion of adequacy talks between the EU and South Korea on March 30, 2021. Once formal approval is granted by an EU committee, the European Commission can adopt an adequacy decision, allowing for the free flow of personal data between the two regions.

Compliance and Strategy

South Korean companies are advised to ensure compliance with GDPR requirements and strategize for increased involvement in the EU market.