July 15, 2012 § Leave a comment
The Personal Information Protection Act was enacted in Korea, March 2011 and went into effect at March 2012. The legislation of the Personal Information Protection Act streamlined various Acts related personal information like Act on the protection of Personal Information maintained by Public Institutions, Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and Use the Protection of Credit Information Act.
The purpose of this Act is to prescribe matters concerning the management of personal information in order to protect the rights and interests of all citizens and further realize the dignity and value of each individual by protecting personal privacy, etc. from collection, leakage, misuse and abuse of individual information.
There are some features we didn’t have before enactment The Personal Information Protection Act.
1. This Act is applicable to not only a public institution but also corporate body, organization, individual, etc. who manages personal information directly or via another person to administer personal information files as part of his/her duties.
2. A personal information manager may collect personal information and use it for the intended purpose of collection only in some cases like 1) where he/she has obtained the consent of subject of information, 2) where there exist special provision in any Act, and so on.
3. A personal information manager shall establish personal management policies containing purpose, period, matters concerning providing a third person with personal information, the rights and duties of a subjects of information. And when a personal information manager establishes or amends the personal information management policies, he/she shall disclose them in accordance with methods prescribed so that a subject of information can readily use them.
4. A committee for mediation of disputes on personal information is established to mediate disputes over personal information. The Dispute Mediation Committee didn’t cover public institution things before, but now it will manage both of the civil and public disputes.
5. A Personal Information Protection Committee (referred to as ‘Protection Committee) is established under the direct jurisdiction of the President to deliberate and resolve on matters concerning the protection of personal information.
6. There are penalties on a person who provides a third person with personal information without obtaining the consent of a subject , who uses personal information or provides a third person with personal information beyond the scope, and who uses in another way in violation of this Act. A person who fails under any of the cases shall be punished by imprisonment for not more than five years or by a fine not exceeding 50 million won.
And a person who serious hinders, interrupts or paralyzes a public institution in performing its business by altering or erasing personal information managed by the public institution with the intention of interfering with the management affairs of personal information shall be punished by imprisonment for not more than ten years, or by a fine not exceeding 100 million won.