Republic of Korea: Adoption of Self-Regulatory Code for Public-Private Cooperation in Personal Information Protection in the Field of Order Delivery Platforms

On 22 February 2022, the Personal Information Protection Commission (PIPC) of the Republic of Korea adopted a voluntary self-regulatory code which should aid the protection of personal information in the field of order delivery platforms. The public-private partnership which established this code consisted of 13 order delivery platform companies that make up more than 90% of the market in the Republic of Korea, as well as the Korean Internet Business Association and the Delivery Service Mutual Assistance Association. One of the main measures of the code is that restaurants and delivery persons need to have additional authentication measures in place before inquiring about a consumer's personal information. Immediately after receiving personal information, the information has to be disguised to restrict the viewing of personal information by delivery persons and others. Companies participating in this self-regulatory code further receive penalty reductions in case of data breaches or other violations.