South Korea plans huge fines for major data breaches

Public concern over major data breaches is pushing South Korea to introduce fines of up to 10 percent of sales for companies that repeatedly fail to protect customer information.
Government leaders in South Korea want tougher penalties for serious privacy violations, with proposals including record financial fines and stronger enforcement powers following the Coupang and Shinhan Card data leaks.

Prime Minister Kim Min-seok has called for punitive fines of up to 10 percent of company sales for repeated and serious data breaches, as public anger grows over large-scale leaks.

The government is seeking swift legislation to impose stronger sanctions on firms that fail to safeguard personal data, reflecting President Lee Jae Myung’s stance that violations require firm penalties instead of lenient warnings.

Kim said corporate responses to recent breaches had fallen far short of public expectations and stressed that companies must take full responsibility for protecting customer information.

Under the proposed framework, affected individuals would receive clearer notifications that include guidance on their rights to seek damages.

The government of South Korea also plans to strengthen investigative powers through coercive fines for noncompliance, while pursuing rapid reforms aimed at preventing further harm.

The tougher line follows a series of major incidents, including a leak at Shinhan Card that affected around 190,000 merchant records and a large-scale breach at Coupang that exposed the data of 33.7 million users.

Officials have described the Coupang breach as a serious social crisis that has eroded public trust.

Authorities have launched an interagency task force to identify responsibility and ensure tighter data protection across South Korea’s digital economy instead of relying on voluntary company action.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!