Republic of Korea: Personal Information Protection Commission investigation into 3 cloud service providers over Personal Information Protection Act compliance

Progress

Current status

processing consultation

11 Jun 2025 concluded

Scope

Implementers

Republic of Korea

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

infrastructure provider: cloud computing, storage and databases

Government Branch

executive

Government Body

data protection authority

Implementation Level

national

Timeline of events

11 Jun 2025

concluded

Personal Information Protection Commission issued a report following security assessment of AWS, Azure, and NCP

On 11 June 2025, the Personal Information Protection Commission (PIPC) of the Republic of Korea announced the results of its security assessment concerning Amazon Web Services (AWS), Azure, and Naver Cloud Platform (NCP) cloud services. The assessme…

Source

Event type inquiry

Action type closure

Government branch executive

Government body data protection authority

Progress

Scope

Timeline of events

Personal Information Protection Commission issued a report following security assessment of AWS, Azure, and NCP

Related changes