JIPYONG LLC
KOREA LEGAL INSIGHT
Key Regulatory Developments in Korea’s Data Protection and ICT Laws
April 20, 2026

Following a series of large-scale data breaches in 2025, Korea has enacted significant amendments to the Personal Information Protection Act (the “PIPA”), the Act on Promotion of Information and Communications Network Utilization and Information Protection (the “ICNA”), and the Telecommunications Business Act (the “TBA”).  These reforms collectively mark a shift toward heightened enforcement, expanded management liability, and earlier regulatory intervention, including at the stage of potential incidents.  For foreign companies operating in or targeting the Korean market, these changes increase compliance exposure and require alignment of governance, incident response, and data handling practices with Korean regulatory standards.   

 
1. Personal Information Protection Act (PIPA)
2. Act on Promotion of Information and Communications Network Utilization and Information Protection (ICNA)
3. Telecommunications Business Act (TBA)
 
More

 

 

KLI Editors

26F, Grand Central A, 14 Sejong-daero, Jung-gu, Seoul T. +82-2-6200-1600 E. master@jipyong.com

 

Subscribe | Unsubscribe

Seoul | Suncheon | Busan | Shanghai | Ho Chi Minh City | Hanoi | Jakarta | Phnom Penh | Vientiane | Yangon | Moscow | Budapest

This message was prepared for our clients for the purpose of providing real-time updates on general legal information only, and should not be relied on as legal advice or the opinion of the firm. Please contact the relevant authors for further information regarding an article's contents.

ⓒ JIPYONG LLC. ALL RIGHTS RESERVED.

View Web