The European Union is planning to implement the General Data Protection Regulation (GDPR) in May next year so that any company violating it is subject to a fine equivalent to the bigger one of 4% of its annual global sales and 20 million euros.
At present, South Korean small and medium-sized enterprises (SMEs) and startups are not preparing themselves for the regulation. Among large South Korean corporations, only a few such as Samsung Electronics and Hyundai Motor Company are preparing to cope with the regulation.
The GDPR, which consists of 99 articles, is to protect personal information and is applied to every company supplying its product or service to EU residents regardless of the presence or absence of its business in the EU region. Any business entity violating the GDPR has to face the penalty and its business in the EU region can be put on hold.
“Companies in Japan, Singapore and many other countries are currently making efforts to cope with the regulation whereas a large number of South Korean companies are not doing so although the Ministry of Security & Public Administration, the Korea Internet & Security Agency, and the Korea International Trade Association are trying to increase their awareness,” said a local IT firm supplying GDPR-related solutions, adding, “Given that terabytes of personal information are accumulated a day in industries, nine months is not much time for them to rebuild their systems.”