European security rule ¡®here¡¯¡¦ Korean companies without solution
Lim Seong Yeop | starleaf@ | 2017-08-16 11:17:45
European high-level security rules are emerging as a risk factor for all Korean industries. However, they do not respond as much except for some large companies. All companies doing business against Europe are regulated. It is pointed out that even though companies are required to pay at least several hundred billion won in penalties in case of violation, many companies do not even make legal analysis.
According to the Korean government and industry on August 15, the European Union (EU) is expected to implement the European Privacy Protection Act, which enforces the protection of personal information, in May, next year 4% of global sales and EUR 20 million (about KRW 27 billion) which will be charged as a penalty. However, it is understood that only a few big companies such as Samsung Electronics and Hyundai Motor have consulted with domestic and foreign law firms through holding internal teams, among the companies that have already got branch offices or direct factory in EU or 9 months after enforcement, exporting products. Meanwhile, most companies, including mid-sized companies and start-ups, are holding hands.
So called GDPR is an EU regulation on privacy protection, which should be obeyed by all companies providing goods or services to EU residents even if they do not have a place in the EU. The bill stipulates compliance with 99 items such as personal information management, movement, billing, and response to infringement. The problem is that in spite of the large amount of penalties and violation of regulations, EU businesses may be banned. However, the level of awareness and response of domestic companies is very low. Even if a lawsuit is filed against the government of the EU, it will be seriously damaged in the local market.
In this regard, Chung Hee-chul, director of the Korea International Trade Association`s Eurasia, pointed out, "If the private information of the citizens of the EU member states held by the company after the enforcement of the regulation is violated, the company will immediately violate the GDPR. Once the company does not respond properly, we must prepare as thoroughly as possible. "
Veritas Korea, the global head of the company, stated, "Despite a company is involved in a court battle with the EU, its value or reputation will fall and the costs of litigation will be incurred.
However, the industry is not fully aware of the seriousness. Currently, the Ministry of Public Administration and Security (KISA) cooperates with the Korea Internet Promotion Agency and the Korea International Trade Association (KITA) to hold corporate seminars and issue brochures.
Meanwhile, another expert of the Korea Trade Association said, "We know that Samsung Electronics and Hyundai are setting up countermeasures at the level of group and local corporations. However, most of the remaining companies did not understand the information themselves.¡±
A representative of an IT company supplying GDPR-related solutions said, "An airline in Asia is inquiring about introducing GDPR-related solutions, and companies such as Japan and Singapore are already actively responding to it. The business system must be constructed in accordance with the GDPR regulations in order to respond properly to industrial sites where tens of terabytes (TB) of personal information accumulate per day, and the remaining nine months are not long. It is also needed to understand the regulations and reorganize internal business systems prior to system construction. Experts point out that it is not easy to get started now to finish the work before May next year.
In a situation like this, a survey conducted by a market researcher, Vanson Bournne, on 100 business executives who are dealing with the EU from February to March this year, found that 61 % of businessmen will not finish their GDPR in May next year. In particular, 40% of business people said that DB management is impossible because there is no real-time DB management tool inside.
Manager Park pointed out, "If we do not manage personal information data in accordance with GDPR, it may be difficult to erase private information at will."
By Lim Seong Yeop starleaf@
¡Þ Europe General Data Protection Regulation (GDPR)= The European Union is the General Data Protection Regulation (GDPR) aimed at strengthening the privacy rights of citizens of the member countries. The EU will enact the GDPR in May 2016, and after a two-year notice period. It will take effect from May 25, 2018, replacing the EU`s 1995 Privacy Directive. The GDPR consists of a total of 173 texts, a total of 11 texts and 99 texts, which, unlike the existing guidelines on privacy protection, are themselves legally binding to all EU member states.
[ copyright ¨Ï The Digitaltimes ]
According to the Korean government and industry on August 15, the European Union (EU) is expected to implement the European Privacy Protection Act, which enforces the protection of personal information, in May, next year 4% of global sales and EUR 20 million (about KRW 27 billion) which will be charged as a penalty. However, it is understood that only a few big companies such as Samsung Electronics and Hyundai Motor have consulted with domestic and foreign law firms through holding internal teams, among the companies that have already got branch offices or direct factory in EU or 9 months after enforcement, exporting products. Meanwhile, most companies, including mid-sized companies and start-ups, are holding hands.
So called GDPR is an EU regulation on privacy protection, which should be obeyed by all companies providing goods or services to EU residents even if they do not have a place in the EU. The bill stipulates compliance with 99 items such as personal information management, movement, billing, and response to infringement. The problem is that in spite of the large amount of penalties and violation of regulations, EU businesses may be banned. However, the level of awareness and response of domestic companies is very low. Even if a lawsuit is filed against the government of the EU, it will be seriously damaged in the local market.
In this regard, Chung Hee-chul, director of the Korea International Trade Association`s Eurasia, pointed out, "If the private information of the citizens of the EU member states held by the company after the enforcement of the regulation is violated, the company will immediately violate the GDPR. Once the company does not respond properly, we must prepare as thoroughly as possible. "
Veritas Korea, the global head of the company, stated, "Despite a company is involved in a court battle with the EU, its value or reputation will fall and the costs of litigation will be incurred.
However, the industry is not fully aware of the seriousness. Currently, the Ministry of Public Administration and Security (KISA) cooperates with the Korea Internet Promotion Agency and the Korea International Trade Association (KITA) to hold corporate seminars and issue brochures.
Meanwhile, another expert of the Korea Trade Association said, "We know that Samsung Electronics and Hyundai are setting up countermeasures at the level of group and local corporations. However, most of the remaining companies did not understand the information themselves.¡±
A representative of an IT company supplying GDPR-related solutions said, "An airline in Asia is inquiring about introducing GDPR-related solutions, and companies such as Japan and Singapore are already actively responding to it. The business system must be constructed in accordance with the GDPR regulations in order to respond properly to industrial sites where tens of terabytes (TB) of personal information accumulate per day, and the remaining nine months are not long. It is also needed to understand the regulations and reorganize internal business systems prior to system construction. Experts point out that it is not easy to get started now to finish the work before May next year.
In a situation like this, a survey conducted by a market researcher, Vanson Bournne, on 100 business executives who are dealing with the EU from February to March this year, found that 61 % of businessmen will not finish their GDPR in May next year. In particular, 40% of business people said that DB management is impossible because there is no real-time DB management tool inside.
Manager Park pointed out, "If we do not manage personal information data in accordance with GDPR, it may be difficult to erase private information at will."
By Lim Seong Yeop starleaf@
¡Þ Europe General Data Protection Regulation (GDPR)= The European Union is the General Data Protection Regulation (GDPR) aimed at strengthening the privacy rights of citizens of the member countries. The EU will enact the GDPR in May 2016, and after a two-year notice period. It will take effect from May 25, 2018, replacing the EU`s 1995 Privacy Directive. The GDPR consists of a total of 173 texts, a total of 11 texts and 99 texts, which, unlike the existing guidelines on privacy protection, are themselves legally binding to all EU member states.