Republic of Korea: Personal Information Protection Commission investigation into Amazon Web Services, Azure, and Naver Cloud Platform over Personal Information Protection Act compliance

Progress

Current status

concluded

11 Jun 2025 under investigation

Scope

Implementers

Republic of Korea

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

infrastructure provider: cloud computing, storage and databases

Government Branch

executive

Government Body

data protection authority

Implementation Level

national

Timeline of events

11 Jun 2025

under investigation

Personal Information Protection Commission issued a report following security assessment of AWS, Azure, and NCP

On 11 June 2025, the Personal Information Protection Commission (PIPC) of the Republic of Korea announced the results of its security assessment concerning Amazon Web Services (AWS), Azure, and Naver Cloud Platform (NCP) cloud services. The assessme…

Source

Event type investigation

Action type interim ruling

Government branch executive

Government body data protection authority

Progress

Scope

Timeline of events

Personal Information Protection Commission issued a report following security assessment of AWS, Azure, and NCP

Related changes