On March 30, 2021, the European Commission (the “Commission”) announced the successful conclusion of the adequacy talks with the Republic of Korea.
The adequacy talks confirmed the convergence between European and South Korean data protection laws, particularly with the recent entry into force of the South Korean Personal Data Protection Act (“PIPA”) and the strengthening of the Commission’s powers to protect personal data (“PIPC”). ), the Korean Data Protection Agency ..
An adequacy assessment covering both commercial operators and the public sector will enable the free and secure flow of data between the EU and the Republic of Korea. The adequacy decision will also complement the EU-Korea Free Trade Agreement.
So far, the EU has recognized that organizations in Andorra, Argentina and Canada, which are subject to PIPEDA, the Faroe Islands, Guernsey, Israel, the Isle of Man, Japan, Jersey, New Zealand, Switzerland and Uruguay, offer an adequate level of data protection.
The Commission will now start the decision-making process to adopt its adequacy assessment in the coming months. This includes (1) obtaining an opinion from the European Data Protection Board and (2) obtaining the green light from a committee made up of representatives from EU Member States. Thereafter, the Commission will make the adequacy decision on the Republic of Korea.
Read the joint statement by Commissioner Reynders and PIPC Chairman Yoon Jong In.