South Korea’s parliament should promptly pass an amendment on personal information protection to comply with EU regulations, European Union’s top diplomat in Seoul urged last week.

The revised Personal Information Protection Act is one of three bills on big data regulations pending at the National Assembly.

In May 2018, the EU implemented the General Data Protection Regulation stipulating stricter oversight to protection personal information of EU residents, fining companies that fail to act in accordance.

“Discussions with Korean authorities over the last two years have shown Korea is going into the same direction (as the EU). … The amended law (Personal Information Protection Act) is waiting in the National Assembly. … We have to push that the National Assembly accelerate as quickly as possible,” said Ambassador of the European Union to South Korea Michael Reiterer at a year-end press briefing in central Seoul on Dec. 5.

South Korean companies operating the EU have faced complications, unable to send relevant information back to Seoul.

The pending revision of the Personal Information Protection Act mandates the setup of an independent watchdog on personal information here among other details that will fulfill the EU’s requirements.

“The European Union adopted the so called GDPR to be applicable within the European Union. We (the EU) made it clear to, for example, foreign businesses that if they wanted to do business in Europe or if they had to process personal data of European citizens, they had to abide by the rules that are contained in the GDPR,” said Joelle Hivonnet, minister-deputy of the EU Delegation in Seoul. Hivonnet is also the head of political, press and information section.

“Colleagues from the European Commission have been looking at the laws in force in a number of countries to make sure that their legislation is fully complying with the GDPR,” she added.

Of companies that handle personal information of EU residents, those that fail to abide by the GDPR are fined 20 million euro or up to 4 percent of their global turnover in case of an undertaking. Countries that pass the EU’s assessment are not subject to GDPR fines. 

By Kim Bo-gyung (lisakim425@heraldcorp.com)