Internet Promotion Agency Holds Personal Data Protection Seminar for Korean Companies in China

by Lim Hyeseon

Published 04 Nov.2022 10:00(KST)

On the 3rd (Thursday), KISA held the 'China Personal Information Protection Law Seminar' in Beijing, China.

[Asia Economy Reporter Lim Hye-seon] The Korea Internet & Security Agency (KISA) announced on the 4th that it held a seminar on China's Personal Information Protection Law in Beijing, China, targeting Korean companies based in China, in collaboration with the Personal Information Protection Commission.

KISA organized this seminar to assist Korean small and medium-sized enterprises (SMEs) and mid-sized companies operating in China in responding to the 'Standard Contract for Cross-border Transfer of Personal Information.' The main topics covered included the obligations and rights based on the standard contract when transferring personal information overseas, and recent key issues related to China's three major data laws (focusing on cross-border data transfers). The seminar was part of compliance management support to raise awareness of personal information protection laws to prevent Korean companies from facing penalties or other disadvantages under Chinese personal information protection regulations.

Recently, the Chinese government has further specified regulations on personal information and data cross-border transfers processed within the region by announcing the 'Measures for Security Assessment of Cross-border Data Transfer,' 'Standard Contract Provisions for Cross-border Transfer of Personal Information,' and 'Safety Certification Norms for Cross-border Transfer Processing Activities of Personal Information.' Additionally, the Chinese government classifies cross-border transfers of personal information and data according to processing scale and importance, applying different regulatory methods and procedures accordingly, which has increased compliance management challenges for Korean companies based in China.

There are mainly three methods for cross-border transfer of personal information in China, and it is expected that most SMEs will use the 'Standard Contract for Cross-border Transfer of Personal Information' method.