Description

Closed consultation on PIPC Draft Guidance on Privacy Policy Evaluation

On 6 October 2023, the public consultation closed on the Personal Information Protection Commission (PIPC) Draft Guidance on Privacy Policy Evaluation. The guidance outlines the criteria and policies for selecting and evaluating targets regarding their personal information processing. The policies are based on the Personal Information Protection Act and the amended Enforcement Decree. The criteria for selecting and prioritising targets (entities) of evaluation are found in article 4. The targets of evaluation include entities that process the data of more than 1 million individuals and have an annual turnover of more than KRW 150 billion or process the sensitive personal data of more than 50'000 data subjects. The other criteria include processing data with or without data subject consent, using automated processing systems (including Artificial Intelligence), whether more than 2 data breaches occurred in the last 3 years and processing the data of minors and adolescents. In articles 3, 5, and 7, the evaluation procedure is outlined, which includes establishing and disclosing plans for evaluating targets, the formation of evaluating committees, reviewing documents, and filing appeals. The guidance will enter into force on the date of its promulgation.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2023-09-13
in consultation

On 13 September 2023, the Personal Information Protection Commission (PIPC) issued the Guidance on …

2023-10-06
processing consultation

On 6 October 2023, the public consultation closed on the Personal Information Protection Commissio…

2024-02-19
adopted

On 19 February 2024, the Personal Information Protection Commission (PIPC) adopted the guidelines o…

2024-02-20
in force

On 19 February 2024, the guidelines on Evaluation of Privacy Policies issued by the Personal Infor…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.