Archivos de la etiqueta: Legislación Informática Corea del Sur

11Nov/21

Act. nº 6687, March 30, 2002. Consumer Protection Act on Electronic Transaction, Mar. 30, 2002

Act. nº 6687, March 30, 2002. Consumer Protection Act on Electronic Transaction, Mar. 30, 2002 (Amended by Act nº 7315, Dec. 31, 2004; Act nº 7344, Jan. 27, 2005; Act nº 7487, Mar. 31, 2005; Act nº 8538, Jul. 19, 2007; Act nº 8635, Aug. 3, 2007; Act nº 10172, Mar. 22, 2010; Act nº 10303, May 17, 2010; Act nº 11326, Feb. 17, 2012; Act nº 11461, jun. 1, 2012).

ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.

Article 1 (Purpose)

The purpose of this Act is to protect the rights and interests of consumers by prescribing matters relating to the fair trade of goods or services by means of electronic commerce transaction, mail order, etc. and to contribute to the sound development of national economy by enhancing market confidence.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 2 (Definitions)

The definitions of terms used in this Act shall be as follows: (Amended by Act nº 11461, Jun. 1, 2012)

1. The term “electronic commerce transaction” means conducting commercial activities by means of electronic commerce (referring to the electronic commerce as defined in subparagraph 5 of Article 2 of the Framework Act on Electronic Documents and Transactions; hereinafter the same shall apply);

2. The term “mail order” means providing information on the sale of goods or services (including the right to use a specific facility or to be provided with services; hereinafter the same shall apply) by means of mail, telecommunications or other methods prescribed by Ordinance of the Prime Minister and selling goods or services (hereinafter referred to as “goods, etc.”) after receiving a consumer’s order: Provided, That sale by telemarketing as defined in subparagraph 3 of Article 2 of the Door-to-Door Sales, etc. Act shall be excluded from the scope of mail order;

3. The term “mail order distributor” means a person who conducts sales by mail order as a business, or other person who is engaged in the mail order business in accordance with a contract with the former;

4. The term “mail order brokerage” means the act of intermediating mail order between both parties to a transaction by allowing the use of a cybermall (referring to a virtual shopping mall established to transact goods, etc. by using computers, etc. and information communications facilities; hereinafter the same shall apply), or by other methods prescribed by Ordinance of the Prime Minister;

5. The term “consumer” means any of the following persons:

(a) A person who consumes (including using; hereinafter the same shall apply) goods, etc. supplied by the business operators for everyday consumption;

(b) A person prescribed by Presidential Decree, who is not the one provided for in item (a) but conducts transactions virtually on the same standing and conditions as the one provided for in item (a);

6. The term “business operator” means a person who manufactures (including processing or packaging; hereinafter the same shall apply), imports, or sells goods or provides services.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 3 (Exclusion of Application)

(1) The provisions of this Act shall not apply to any transaction in which a business operator (excluding a multi-level salesman as defined in subparagraph 6 of Article 2 of the Door-to-Door Sales, etc. Act; hereafter the same shall apply in this paragraph) buys for the purpose of commercial activity: Provided, That this shall not apply where the transaction is actually conducted under the same terms of transaction as other consumers in the capacity of consumer despite being a business operator.

(2) The provisions relating to the duty to deliver documents (including electronic documents; hereinafter the same shall apply) on the contents of the contract pursuant to Article 13 (2) shall not apply to the following transactions: Provided, That in the case falling under subparagraph 1, the contents or the methods of delivery of the documents on the contents of contract may be made differently, as prescribed by Ordinance of the Prime Minister:

1. Transactions that the consumers conduct at any time in accordance with the already familiar terms and conditions, or standard methods of transaction, which are prescribed by Ordinance of the Prime Minister;

2. Transactions stipulated in other Acts (excluding the Civil Act and the Door-to-Door Sales, etc. Act) that the duty, etc. to deliver a contract document shall be fulfilled by a method different from the ones provided for in this Act.

(3) Articles 13 through 15 and 17 through 19 shall not apply to a mail order distributor conducting the mail order brokerage between persons, other than mail order distributors.

(4) Articles 12 through 15, 17 through 20, and 20-2 shall not apply to the transactions of securities by investment traders and investment brokers under the Financial Investment Services and Capital Markets Act, transactions of financial instruments by financial companies, etc. prescribed by Presidential Decree, and transactions for sale of daily necessities, food, beverage, etc. in the neighborhood.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 4 (Relations with other Acts)

Where this Act and other Acts are conflicting with each other in the consumer protection in the electronic commerce transactions or mail orders, this Act shall apply in preference: Provided, That where the application of other Acts is advantageous to consumers, such Acts shall apply.

(Article Amended by Act nº 11326, Feb. 17, 2012)

CHAPTER II.- ELECTRONIC COMMERCE TRANSACTIONS AND MAIL ORDERS

Article 5 (Utilization of Electronic Documents)

(1) Notwithstanding Article 6 (2) 2 of the Framework Act on Electronic Documents and Transactions, where a business operator fails to send an electronic document (referring to the electronic message as defined in subparagraph 1 of Article 2 of the Framework Act on Electronic Documents and Transactions; hereinafter the same shall apply) to the address (referring to the data processing system as defined in subparagraph 2 of Article 2 of the Framework Act on Electronic Documents and Transactions) designated beforehand in the agreement to make a transaction by means of electronic document), the business operator shall not assert his/her right out of such electronic document: Provided, That this shall not apply to cases prescribed by Presidential Decree, such as where it is of great urgency, the consumer also already anticipates the transaction shall be made by an electronic document, or the consumer has already printed the electronic document. (Amended by Act nº 11461, Jun. 1, 2012)

(2) Where a business operator intends to use an electronic document with a digital signature (referring to the digital signature as defined in subparagraph 2 of Article 2 of the Digital Signature Act; hereinafter the same shall apply), he/she shall notify the consumer of the validity, procedures and methods necessary for receipt, etc. of the relevant electronic document, as prescribed by Presidential Decree.

(3) In using electronic documents, a business operator shall neither compel (including de facto compulsion of any specific digital signature due to employment of special standards, etc.) the consumer to use a specific method of digital signature, and nor unreasonably limit the use of a certain method of digital signature chosen by the consumer.

(4) Where a business operator who conducts electronic commerce transactions makes it possible for a consumer to join a membership, to subscribe for a contract, or to provide information related to the consumer, etc. through an electronic document, he/she shall also make it possible to withdraw a membership, cancel an order, terminate, revoke or change a contract, or withdraw consent to the provision and use of information, etc. through an electronic document.

(5) If a business operator who conducts electronic commerce transactions is requested by a consumer to provide confirmation or certification concerning the transaction of goods, etc. through an electronic document, he/she shall comply with such request.

(6) Paragraphs (4) and (5) shall not apply where a business operator who conducts electronic commerce transactions notifies consumers beforehand of the difficulty of providing electronic documents due to any apparent technical or security reason.

(7) When a business operator who conducts electronic commerce transactions fulfills the obligations under paragraphs (4) and (5), business operators who are related to the establishment and operation of the relevant cybermall shall cooperate with him/her by taking measures for fulfilling such obligations or other necessary measures therefor.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 6 (Preservation, etc. of Transaction Records)

(1) A business operator shall preserve the records on transactions, such as marks, advertisements in the electronic commerce transactions and mail orders, contents of contracts and execution thereof, for a substantial period of time. In such cases, an easy way of perusal and maintenance for consumers shall be provided.

(2) Notwithstanding the provisions of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and other Acts related to the protection of personal information prescribed by Presidential Decree, a business operator may preserve the transaction records that he/she is liable to preserve under paragraph (1), and personal information (limited to the information to identify the subject of a transaction, such as name, address and resident registration number) relating thereto, even if the consumer withdraws consent to the use of personal information.

(3) Necessary matters regarding the object, scope, and period of transaction records to be preserved by a business operator under paragraph (1) and methods of perusal and maintenance made available to consumers shall be prescribed by Presidential Decree.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 7 (Prevention of Errors in Manipulation, etc.)

A business operator shall prepare procedures necessary for the confirmation and correction of contents, before the time of imposition of transaction amount or the placement of an order by a consumer, in order to prevent damage caused by discrepancies, etc. in the declaration of will due to consumer’s error in manipulation, etc. in the electronic commerce transaction.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 8 (Securing Confidence in Electronic Payment)

(1) Where a business operator uses an electronic means prescribed by Presidential Decree in the payment of transaction amount (hereinafter referred to as “electronic payment“), the persons related with the electronic payment who are prescribed by Presidential Decree, such as the business operator, issuer of means of electronic settlement and provider of electronic settlement service (hereinafter referred to as “electronic settlement business operator, etc.”) shall take measures necessary for maintaining security of the relevant information.

(2) Where an electronic payment is made, the business operator, electronic settlement business operator, etc. shall clearly notify the following matters to confirm whether the consumer’s intent of subscription is the declaration of his/her true will and shall prepare procedures for the consumer to confirm the notified matters, as prescribed by Presidential Decree:

1. Contents and kind of goods, etc.;

2. Prices of goods, etc.;

3. Service period.

(3) Where an electronic payment is made, the business operator, electronic payment business operator, etc. shall notify the consumer of such fact by a method prescribed by Ordinance of the Prime Minister, such as transmission of an electronic document, and make the consumer’s perusal of data on the electronic payment available at any time.

(4) An issuer of the means of settlement by way of making advance payment of the price for the purchase or use of goods, etc. as means of electronic payment used in a cybermall shall indicate or announce matters regarding the confirmation of confidence of such means of payment, restriction on the use, or other matters that require attention, as prescribed by Ordinance of the Prime Minister.

(5) Where a dispute between a business operator and a consumer arises on the electronic settlement, the electronic settlement business operator, etc. shall cooperate with the settlement of such dispute by allowing the perusal, etc. of the information regarding payment, as prescribed by Presidential Decree.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 9 (Cooperation of Delivery Business Operators, etc.)

(1) A business operator who conducts delivery (including electronic transmission through the information communications network (hereinafter referred to as “information communications network“) pursuant to Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.) of goods, etc. consequent upon electronic commerce transaction or mail order, shall cooperate in the settlement of dispute, as prescribed by Presidential Decree, if a dispute arises out of an accident or obstruction, etc. of delivery.

(2) Where a person who provides hosting services (referring to the services for the establishment of cybermalls, management of servers, etc. for business operators to conduct electronic commerce transactions; hereafter the same shall apply in this Article) concludes a contract for the use of hosting services with a business operator, he/she shall take measures for confirming the personal identity of the business operator.

(3) Where any dispute arises between a business operator and a consumer, a person who provides hosting services shall, upon request of any of the following persons, shall cooperate for the settlement of such disputes by providing the data prescribed by Presidential Decree, such as personal identification information of the business operator:

1. The Fair Trade Commission;

2. Any of the Special Metropolitan City Mayor, Metropolitan City Mayors, Do Governors or the Governor of a Special Self-Governing Province (hereinafter referred to as “Mayor/Do Governor“) or the head of a Si/Gun or Gu (referring to the head of an autonomous Gu; hereinafter the same shall apply);

3.  An investigation agency;

4. The consumer who is a party to the dispute;

5. Other entities prescribed by Presidential Decree as necessary for settlement of dispute.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 10 (Operation of Cybermalls)

(1) The operator of a cybermall conducting the electronic commerce transaction shall indicate the following matters, as prescribed by Ordinance of the Prime Minister, so that consumers can easily identify the business operator’s identity, etc.:

1. Trade name and name of the representative;

2. Address of the location of the business place (including the address where consumer’s complaint can be settled);

3. Telephone number and e-mail address;

4. Business registration number;

5. Contractual terms and conditions of service of the cybermall;

6. Other matters prescribed by Presidential Decree as necessary for consumer protection.

(2) The operator of a cybermall provided for in paragraph (1) shall cooperate in the measures necessary for correction in the part where the operator should take measures, if any violation of this Act is committed in the cybermall.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 11 (Utilization, etc. of Information on Consumers)

(1) When a business operator collects or utilizes information (including provision of such information to a third party; hereinafter the same shall apply) on consumers for an electronic commerce transaction or mail order, he/she shall fairly collect or utilize it pursuant to the relevant provisions, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

(2) Where property damage occurs to consumers or any special grounds exist for the possibility of occurrence of such damage due to fraudulent use of information on consumers in the transaction of goods, etc., the relevant business operator shall take necessary measures prescribed by Presidential Decree, such as verification of the person himself/herself or recovery from damage.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 12 (Reporting, etc. by Mail Order Distributors)

(1) A mail order distributor shall file a report on each of the following matters to the Fair Trade Commission, a Special Metropolitan City Mayor, or the head of a Si/Gun/Gu, as prescribed by Presidential Decree: Provided, That this shall not apply where the frequency, scale, etc. of mail order transactions falls below the criteria determined by the Fair Trade Commission in a public notification:

1. Trade name (including the name and resident registration number of the representative in the case of a corporation), address, and telephone number;

2. E-mail address, Internet domain name, and location of host server computers;

3. Other matters prescribed by Presidential Decree as necessary for the verification of identity of the business operator.

(2) Where a mail order distributor intends to modify the matters reported pursuant to paragraph (1), he/she shall report thereon, as prescribed by Presidential Decree.

(3) When a mail order distributor who has filed a report pursuant to paragraph (1) suspends or closes his/her business, or resumes his/her business after suspension, he/she shall report thereon, as prescribed by Presidential Decree.

(4) The Fair Trade Commission may make public the information on the mail order distributor who has filed a report pursuant to paragraph (1), as prescribed by Presidential Decree.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 13 (Provision of Information on Identity and Terms of Transaction)

(1) In placing indications or advertisements to take orders for transaction of goods, etc., a mail order distributor shall include therein each of the following matters:

1. Trade name and name of the representative;

2. Address, telephone number and e-mail address;

3. Matters by which the fact of reporting can be verified, such as the number of a report filed with the Fair Trade Commission, a Special Metropolitan City Mayor, or the head of a Si/Gun/Gu under Article 12 and the name of the agency which has accepted such report.

(2) A mail order distributor shall indicate, advertise, or notify the following matters in an appropriate manner so that the consumers can understand the terms of transaction of goods, etc. accurately before concluding a contract and make such a deal without any error or discrepancy, and, if the contract is concluded, issue documents stating the following matters regarding the contents of such contract to the other party of the contract before supplying the goods, etc.: Provided, That where any ground prescribed by Presidential Decree exists, the documents may be issued to a person who receives the goods, etc. in lieu of the other party to the contract to the extent that does not infringe upon the rights of the latter:

1. Trade names of the supplier and seller of the goods, and names, addresses, telephone numbers, etc. of representatives thereof;

2. Name, kind and contents of the goods, etc.;

2-2. Matters concerning the information on the goods, etc. In such cases, the description marked on the product may substitute the written description on the contents of contract;

3. Price (where the price is not decided, detailed method of decision thereof) of the goods, etc., method of payment and time to make payment;

4. Method and date of supply of the goods, etc.;

5. Matters regarding the time limit, method of excercise, and effect, of cancellation of an order or revocation of a contract (hereinafter referred to as “cancellation, etc. of an order“) (including forms necessary for exercising the right to withdraw an order, etc.);

6. Exchange, return and guarantee of the goods, etc., terms and procedures of refund thereof, and the payment of the compensation for delay of the refund;

7. Technical matters necessary for the electrical transmission, installation, etc. of the goods, etc. which can be supplied by means of electronic medium;

8. Matters concerning handling of compensation to consumers’ damage, settlement of complaint on the goods, etc. and settlement of dispute between consumers and business operators;

9. Terms and conditions of the transaction (including the ways to verify the details of such terms and conditions);

10. Fact that the consumer may choose to deposit funds for settling the price of goods, etc. with a third party prescribed by Presidential Decree until he/she is supplied with the goods, etc. (hereinafter referred to as “escrow system“) or to require the mail order distributor to conclude a contract, etc. of consumer damage compensation insurance under Article 24 (1) for the purpose of securing the safety of purchase (limited only to the prepaid mail order under Article 15 (1) and excluding a transaction falling under any subparagraph of Article 24 (3));

11. Other terms of transaction that may affect the consumer’s decision on the purchase or other matters prescribed by Presidential Decree as necessary for the relief of damage to consumer.

(3) When a mail order distributor concludes a contract on the transaction of goods, etc. with a minor, he/she shall inform the minor of the fact that if his/her legal representative does not agree to the contract, the minor himself/herself or his/her legal representative can cancel the contract.

(4) The Fair Trade Commission may determine and publicly notify the matters concerning the trade name, etc. of mail order distributors under paragraphs (1) and (2), the matters concerning the information on goods, etc. and contents and methods of indication, advertisement and announcement of the terms of transaction. In such cases, methods of indication, advertisement and announcement may be determined differently in consideration of the method of transaction or the characteristics of the goods, etc.

(5) A mail order distributor shall execute conscientiously with honor the terms of transaction indicated, advertised, or announced to the consumers pursuant to paragraph (2).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 14 (Confirmation, etc. of Orders)

(1) A mail order distributor shall promptly notify the consumer of the information regarding the confirmation of receipt of the declaration of will of order, and possibility of sale, if he/she takes an order from a consumer regarding the transaction of goods, etc.

(2) A mail order distributor shall have the adequate procedures that enable consumers to confirm, correct or cancel the contents of order before concluding a contract.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 15 (Supply, etc. of Goods, etc.)

(1) A mail order distributor shall take measures necessary for the supply of goods, etc. within seven days from the day the consumer orders, and, in the case of a mail order for which the consumer pays all or part of the price of such goods, etc. before being supplied with them (hereinafter referred to as “prepaid mail order“), he/she shall take measures necessary for the supply of the goods, etc. within three business days from the day the consumer pays all or part of the price: Provided, That this shall not apply where there is a separate agreement upon the supply timing of goods, etc. between the consumer and the mail order distributor.

(2) When finding difficulties in the supply of ordered goods, etc., a mail order distributor shall inform the consumer of the reason without delay, and, in the case of a prepaid mail order, refund the price or take the measures necessary for refund within three business days from the day the consumer pays all or part of the price.

(3) A mail order distributor shall take adequate measures so that consumers can confirm the supply procedure of goods, etc. and the processing status. In such cases, the Fair Trade Commission may determine and publicly notify matters necessary for such measures.

(4) Article 18 (1) through (5) shall apply mutatis mutandis to refunding or taking necessary measures for refund in the prepaid mail order under paragraph (2).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 16 Deleted (By act nº 7487, Mar. 31, 2005)

Article 17 (Cancellation, etc. of Orders)

(1) A consumer who has concluded a contract with a mail order distributor on the purchase of goods, etc. may cancel, etc. the order relating to the relevant contract within the period provided for in the following subparagraphs (referring to the period agreed by the parties to a transaction, if it exceeds the period prescribed in the following subparagraphs):

1. Seven days from the day a document on the contents of the contract provided for in Article 13 (2) was received: Provided, That where the supply of the goods, etc. has been performed later than the delivery of document, seven days from the day the goods, etc. have been supplied, or the supply of the goods, etc. has begun;

2. Where a document on the contents of a contract provided for in Article 13 (2) has not been handed over, a document not stating the address, etc. of the mail order distributor has been received, or the cancellation, etc. of order cannot be made within the period of subparagraph 1 due to the change of address of the mail order distributor or other reasons, seven days from the day he/she knew or he/she could have known the address.

(2) In any of the following cases, no consumer is entitled to cancel the order, etc. under paragraph (1) contrary to the will of a mail order distributor: Provided, That when the mail order distributor fails to take the measures under paragraph (6), the consumer may cancel the order, etc. even in cases falling under subparagraphs 2 through 4:

1. Where the goods, etc. have been destroyed or damaged due to a cause attributable to the consumer: Provided, That this shall not apply where the package, etc. has been damaged to confirm the contents of the goods, etc.;

2. Where the value of the goods, etc. has substantially decreased due to a cause attributable to the consumer;

3. Where the value of the goods, etc. has substantially decreased as to cause difficulty in resale due to the elapse of time;

4. Where the package of the reproducible goods, etc. has been destroyed;

5. Other cases prescribed by Presidential Decree for the safety of the transaction.

(3) Notwithstanding paragraphs (1) and (2), where the contents of the goods, etc. are different from the contents of indication or advertisement, or have been performed contrary to the contents of the contract, the consumer may cancel the order, etc. within three months from the day the goods, etc. have been supplied, or within 30 days from the day he/she knew or could have known the fact.

(4) Where the cancellation, etc. of order pursuant to paragraph (1) or (3) are made in writing, the declaration of will shall come into force on the day the document bearing the declaration of will was sent.

(5) In applying paragraphs (1) through (3), if a dispute arises as to whether the consumer is responsible for the damage to the goods, etc., whether and when the contract on the purchase of the goods, etc. was signed, and whether and when the goods, etc. were supplied, the mail order distributor shall testify it.

(6) In the case of the goods, etc. that are impossible to cancel the order thereof under paragraphs (2) 2 through 4, a mail order distributor shall employ the methods, such as writing expressly the fact on the package of the goods, etc. or a place where the consumer can easily recognize, or supplying test goods, or other methods, and take necessary measures not to encumber the exercise of right to cancel, etc. the order.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 18 (Effect of Cancellation, etc. of Orders)

(1) Where a consumer has performed the cancellation, etc. of an order pursuant to Article 17 (1) or (3), he/she shall return goods, etc. already supplied to him/her.

(2) A mail order distributor (including a person who has been paid the price of goods, etc., or a person who has concluded a contract on mail order with a consumer; hereafter in paragraphs (2) through (10), the same shall apply) shall refund the price of goods, etc., which was already paid, within three business days from the date he/she has received the returned goods, etc. In such cases, if the mail order distributor delays the refund of the price of the goods, etc. to the consumer, the mail order distributor shall pay interest on delay calculated by multiplying a delayed period by the interest rate prescribed by Presidential Decree within 40 percentage per annum (hereinafter referred to as “compensation for delay“), taking into consideration an overdue interest rate applied by banks under the Banking Act and economic situation.

(3) In refunding the price of goods, etc. pursuant to paragraphs (1) and (2), when a consumer has paid the price of goods, etc. with a credit card as defined in subparagraph 3 of Article 2 of the Specialized Credit Finance Business Act, or other means of settlement prescribed by Presidential Decree, a mail order distributor shall promptly request a business operator who has supplied the relevant means of settlement (hereinafter referred to as “settlement business operator“) to stop or cancel the request for the price of the goods, etc.: Provided, That if the mail order distributor has already received the price of the goods, etc. from the settlement business operator, he/she shall promptly refund it to the settlement business operator, and notify the consumer of this fact.

(4) A settlement business operator who has received the refund of the price of goods, etc. pursuant to the proviso to paragraph (3) shall promptly refund it to a relevant consumer or take measures necessary to refund.

(5) A mail order distributor who falls under the proviso to paragraph (3) and who had a consumer pay a price due to a delayed refund, shall pay compensation for delay for the delayed period to the consumer.

(6) Notwithstanding the proviso to paragraph (3), where a mail order distributor fails to refund a price to a settlement business operator without any justifiable ground, a consumer may request the settlement business operator to offset the amount to be refunded by other debt he/she owes to the relevant mail order distributor. In such cases, the settlement business operator may offset by other debt that he/she owes to the relevant mail order distributor, as prescribed by Presidential Decree.

(7) Where a settlement business operator delays an offset under paragraph (6) without any justifiable ground, the consumer may refuse to settle the price to the settlement business operator. In such cases, neither mail order distributor nor the settlement business operator shall do any act that gives disadvantage to the consumer, such as dealing the relevant consumer as a person who fails to fulfill his/her obligation within an agreed period because of the refusal of such settlement.

(8) In cases falling under paragraph (1) where goods, etc. have already been partially used or consumed, a mail order distributor may request a consumer to pay the amount within the extent prescribed by Presidential Decree equivalent to the profit the consumer gained by use or consumption of part of the goods, etc., or equivalent to the expense incurred in the supply of the goods, etc.

(9) In cases of cancellation, etc. of an order under Article 17 (1), the expense incurred in returning supplied goods, etc. shall be borne by a consumer and a mail order distributor shall not request the consumer either the penalty for breach of contract, or compensation for damage.

(10) In cases of cancellation, etc. of an order under Article 17 (3), the expense incurred in returning goods, etc. shall be borne by a mail order distributor.

(11) Where a mail order distributor, a person who has been paid the price of goods, etc., or a person who has concluded into a contract on a mail order with a consumer is not the same person, each one shall be liable jointly and severally to the fulfillment of obligation relating to the refund of the price of the goods, etc. pursuant to paragraphs (1) through (7) consequent upon the cancellation, etc. of an order pursuant to Article 17 (1) and (3).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 19 (Restriction, etc. on Amount of Compensation for Damage)

(1) Where a contract on the sale of goods, etc. is cancelled due to a cause attributable to the consumer, the compensation for damage the mail order distributor claims against the consumer shall not exceed the amount computed by adding the compensation for delay following the nonpayment of price to the amount classified in the following:

1. Where the supplied goods, etc. are returned: The amount whichever is bigger between the following items:

(a) The usual rental fee of the returned goods, etc. or the amount equivalent to the usual benefit from the use of them;

(b) The amount computed by subtracting the price of the returned goods, etc. at the time of return from the selling price of the goods, etc.;

2. Where the supplied goods, etc. are not returned: The amount equivalent to the selling price of the goods, etc.

(2) In order to smoothly resolve disputes following the claim on the compensation for damage between mail order distributors and consumers, the Fair Trade Commission may, if necessary, determine and publicly notify the standards to calculate the compensation amount for damage pursuant to paragraph (1).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 20 (Announcement, Provision of Information, etc. by Mail Order Brokers)

(1) Each mail order broker shall announce beforehand the fact that he/she is not a party to the mail order, in the manner prescribed by Ordinance of the Prime Minister for consumers to easily recognize it.

(2) If a person who has requested the mail order brokerage (hereinafter referred to as “requester of mail order brokerage“) is a business operator, a mail order broker who is a mail order distributor shall confirm the name (where the business operator is a corporation, the name thereof and the name of its representative), address, telephone number and other matters prescribed by Presidential Decree, and provide them to consumers before concluding an order, and if a requester of mail order brokerage is not a business operator, he/she shall confirm the name, telephone number and other matters prescribed by Presidential Decree and provide each party to the transaction with the method to inspect the information on the other party.

(3) In order to resolve complaints or disputes occurring from the use of cybermalls, etc., a mail order broker shall find out the cause thereof, comprehend damage and take other necessary measures promptly. Detailed contents and method, etc. of measures to be taken in such cases shall be prescribed by Presidential Decree.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 20-2 (Responsibility of Mail Order Brokers and Requesters of Mail Order Brokerage)

(1) Where a mail order broker fails to make an announcement under Article 20 (1), he/she shall be jointly responsible with the requester of mail order brokerage for the compensation for the damage caused intentionally or negligently by the latter to the consumer’s property.

(2) A mail order broker shall be jointly responsible with the requester of mail order brokerage for the compensation for the damage caused to the consumer’s property by failing to provide information or a method to inspect information under Article 20 (2), or by providing untruthful information: Provided, That this shall not apply where he/she has paid due attention to prevent any damage to the consumers.

(3) Notwithstanding an announcement made under Article 20 (1), no mail order broker who is a mail order distributor shall be exempted from the responsibilities of a mail order distributor provided for in Articles 12 through 15, 17 and 18: Provided, That in conducting mail order brokerage on the mail order distributor’s request, the requester shall be responsible for the part agreed and announced to the consumer that the requester shall take the responsibility for such part.

(4) No requester of mail order brokerage (limited to business operators) shall be exempted from the damage caused intentionally or negligently by a mail order broker to the consumer’s property on the ground that the act has been done by the latter: Provided, That this shall not apply where he/she has paid due attention to prevent any damage to the consumers.

(Article Inserted by Act nº 11326, Feb. 17, 2012)

Article 21 (Prohibited Acts)

(1) Neither a business operator who conducts electronic commerce transactions nor a mail order distributor shall do any of the following acts:

1. Inducing or making a deal with consumers or interfering with cancellation, etc. of orders or termination of contracts by telling falsehood or exaggerated fact or using deceptive methods;

2. Changing or closing the address, telephone number, Internet domain name, etc. with the purpose of interfering with cancellation, etc. of orders;

3. Neglecting deficiency of human resources needed to resolve disputes or complaints, or lack of facilities as it stands for a considerable time, thereby inflicting damage on consumers;

4. Unilaterally supplying the goods, etc. without the consumer’s order and requesting the price thereof, or requesting only the price of the goods, etc. without supplying the goods, etc.;

5. Enforcing the consumer to buy goods or to receive services through telephone, facsimile, computer communications, electronic mail, etc. even though the consumer made clear that he/she had no intention to buy the goods or receive the services;

6. Using the information on a consumer without obtaining consent from the relevant person, or beyond the extent of such consent: Provided, That any of the following cases shall be excluded:

(a) Cases prescribed by Presidential Decree as inevitable for the execution of the contract with the consumer, such as delivery of the goods, etc.;

(b) Cases where such act is necessary for the settlement of accounts following the transaction of the goods, etc.;

(c) Cases prescribed by Presidential Decree as necessary for the confirmation of the person himself/herself to prevent any illegal use;

(d) Cases where any inevitable causes provided for in the provisions of the Act or in any Act exist;

7. Making computer programs, etc. installed without the consumer’s consent or without explanation and announcement to the consumers in an easy and distinctive way in accordance with the method prescribed by Ordinance of the Prime Minister.

(2) To prevent violations of this Act and damage to consumers, the Fair Trade Commission may determine and publicly notify the standards that the business operators of electronic commerce transaction or mail order distributor should observe.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 22 (Execution, etc. of Affairs Related to Cancellation, etc. of Orders during Closure, etc. of Business)

(1) A mail order distributor shall continue the business of cancellation, etc. of orders under Article 17 (1) and (3), and the business related to the refund of price following the cancellation, etc. of order under Article 18 (1) through (5) even during closure or suspension of business.

(2) Where a mail order distributor is deemed unable to practically continue business due to being declared bankrupt, etc. without reporting the closure of business, the Fair Trade Commission or the Governor of a Special Self-Governing Province or the head of a Si/Gun/Gu who has accepted reports filed under Article 12 (1) may cancel the reported matters ex officio.

(Article Amended by Act nº 11326, Feb. 17, 2012)

CHAPTER III.- PROTECTION OF CONSUMERS’ RIGHTS AND INTERESTS

Article 23 (Formulation, etc. of Consumer Protection Guidelines in Electronic Commerce Transactions, etc.)

(1) The Fair Trade Commission may hear the opinions of the parties to transactions, agencies and organizations of the related fields, and formulate guidelines (hereinafter referred to as “consumer protection guidelines“) to induce the spontaneous observance of business operator for the sound transaction order and consumer protection in the execution of electronic commerce transactions or mail orders.

(2) Where the terms and conditions of a contract that the business operator employs are more disadvantageous to the consumers than the contents of consumer protection guidelines, the business operator shall indicate or announce the terms and conditions of the contract formulated differently from the consumer protection guidelines so that the consumers can easily recognize them.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 24 (Contracts, etc. of Consumer Damage Compensation Insurance)

(1) The Fair Trade Commission may encourage the related business operators to conclude any of the following contracts (hereinafter referred to as “contract, etc. of consumer damage compensation insurance“) for the purpose of consumer protection in the electronic commerce transaction or mail order: Provided, That the issuer of settlement referred to in Article 8 (4) shall conclude a contract, etc. of consumer damage compensation insurance:

1. An insurance contract under the Insurance Business Act;

2. A contract of guarantee for payment against debt with the institution under Article 38 of the Act on the Establishment, etc. of Financial Services Commission to secure payment of consumer damage compensation;

3. A mutual aid contract with the mutual aid association established pursuant to paragraph (10).

(2) Notwithstanding paragraph (1), where a consumer chooses to use the escrow system under Article 13 (2) 10 or requires the mail order distributor to conclude a contract, etc. of consumer damage compensation insurance with respect to a prepaid mail order, the mail order distributor shall allow the consumer to use such system or conclude the contract, etc. of consumer damage compensation insurance.

(3) Paragraph (2) shall not apply where a consumer performs any of the following transactions:

1. A transaction of buying goods, etc. the price of which does not exceed the amount prescribed by Presidential Decree within the limit of 100,000 won;

2. A transaction of paying the price of goods, etc. by using a credit card as defined in subparagraph 3 of Article 2 of the Specialized Credit Finance Business Act. In such cases, if a consumer fails to receive the goods, etc., the credit card company as defined in subparagraph 2-2 of Article 2 of the Specialized Credit Finance Business Act shall cooperate for the prevention and recovery of damage to the consumer, such as cancellation of the settlement of purchase price;

3. A transaction of buying goods, etc. which are sent through information and communications networks or the forwarding of which is not confirmable by a third party referred to in Article 13 (2) 10;

4. A transaction of buying goods, etc. supplied by installments for a certain period of time;

5. Other transactions determined and publicly notified by the Fair Trade Commission as not requiring the escrow system or the conclusion of a contract, etc. of consumer damage compensation insurance or as having difficulty in the utilization of such escrow system or the conclusion of such contract because the safety of purchase is firmly secured by any other Act or there exists any other cause similar to those provided for in subparagraphs 1 through 4.

(4) Matters necessary for the use of the escrow system or the conclusion of a contract, etc. of consumer damage compensation insurance under paragraph (2) shall be prescribed by Presidential Decree.

(5) A contract, etc. of consumer damage compensation insurance shall reach an adequate level for the compensation of damage to consumers following any violation of this Act, or for securing the confidence of issuer of settlement means under Article 8 (4). In such cases, the detailed standards thereof shall be prescribed by Presidential Decree.

(6) A person who is responsible to pay the consumer damage compensation pursuant to the contract, etc. of consumer damage compensation insurance shall pay it without delay when a cause of payment arises, and, if he/she delays the payment, he/she shall pay the compensation for delay.

(7) A business operator who intends to conclude a contract, etc. of consumer damage compensation insurance shall not submit false data in submitting data on sales amount, etc. to conclude a contract, etc. of consumer damage compensation insurance.

(8) A business operator who has concluded a contract, etc. of consumer damage compensation insurance under paragraph (1) may use a mark indicating the fact, but the business operator who has not concluded such contract, etc. shall not use a mark as provided for in the former part, or make or use any other similar mark.

(9) Paragraph (8) shall apply mutatis mutandis to the use of the escrow system under paragraph (2).

(10) Business operators who conduct the electronic commerce transaction or the mail order distributors may establish a mutual aid association to protect consumers pursuant to paragraph (1). In such cases, Article 35 of the Door-to-Door Sales, etc. Act shall apply mutatis mutandis to the establishment and operation of the mutual aid association on condition that, in Article 35 (1) of the said Act, “business operators” who have filed the report under Article 5 or had each of their business registered under Article 13 shall be construed as “business operators who conduct the electronic commerce transaction or the mail order distributors” and “Article 34 (1) 3“, “Article 24 (1) 3 of the Act on the Consumer Protection in Electronic Commerce, Etc.”, and, in Article 35 (9) and (10) of the Door-to-Door Sales, etc. Act, “this Act” shall be construed as “the Act on the Consumer Protection in Electronic Commerce, Etc.”, respectively.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 24-2 (Matters to be Observed, etc. When Sending Commercial Advertisements)

(1) When a business operator or a mail order distributor does an act to solicit for the purchase of goods or being provided with services by means of telephone, facsimile, electronic mail, etc. (hereinafter referred to as “spam messages“), he/she shall comply with this Act and the provisions of related Acts, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

(2) In order to take corrective measures against a business operator conducting electronic commerce transactions or a mail order distributor who has sent spam messages in violation of paragraph (1), the Fair Trade Commission may request the Korea Communications Commission or other related agency to provide the identification information of the violator. In such cases, the request for identification information shall be allowed only where it is difficult for the Fair Trade Commission to secure the identification information of the violator, and the Korea Communications Commission or other related agency may provide the identification information of the violator to the Fair Trade Commission, notwithstanding Article 64-2 (1) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 25 (Assistance to Consumer Organizations on Electronic Commerce Transactions, etc.)

The Fair Trade Commission may, within budgetary limits, assist the agencies or organizations executing the business for the establishment of fair trade order and protection of consumers’ rights and interests in the electronic commerce transactions and mail orders.

(Article Amended by Act nº 11326, Feb. 17, 2012)

CHAPTER IV.- INSPECTION AND SUPERVISION

 Article 26 (Inspection, etc. Of Violations)

(1) When the Fair Trade Commission, a Mayor/Do Governor or the head of a Si/Gun/Gu acknowledges the fact that a violation of this Act exists, it or he/she may conduct necessary inspections ex onduc.

(2) Where a Mayor/Do Governor or the head of a Si/Gun/Gu intends to onducta n inspection pursuant to paragraph (1), in the case of the Mayor/Do Governor, such intention shall be notified to the Fair Trade Commission, and in the case of the head of a Si/Gun/Gu, such intention shall be notified to the Fair Trade Commission and the relevant Mayor/Do Governor in advance of such intention, and where the inspection, etc. Is likely to be overlapped, the Fair Trade Commission may request the Mayor/Do Governor or the head of a Si/Gun/Gu to stop such inspection. In such cases, the Mayor/Do Governor or the head of a Si/Gun/Gu who is requested to stop the inspection shall stop it unless any reasonable ground exists.

(3) Where the Fair Trade Commission, a Mayor/Do Governor or the head of a Si/Gun/Gu has conducted an inspection pursuant to paragraph (1) or (2), it or he/she shall notify the parties to the relevant case of the result (including the contents of disposition, where a disposition, such as an order, etc. For corrective measures is intended as a onducta  the inspection) in writing.

(4) Anyone who finds a violation of the provisions of this Act may report such violation to the Fair Trade Commission, a Mayor/Do Governor or the head of a Si/Gun/Gu.

(5) Where five years have elapsed since the completion of a violation of this Act, the Fair Trade Commission shall neither order the corrective measures pursuant to Article 32, nor impose penalty surcharge, etc. Pursuant to Article 34 to such violation: Provided, That this shall not apply where the parties concerned have accepted but failed to execute the recommendation or arbitration of the dispute arbitration organization on the consumer damage under Article 33 (1).

(6) To onducta n inspection under paragraph (1), the Fair Trade Commission may organize an inspection team jointly with the Korea Consumer Agency established under Article 33 of the Framework Act on Consumers. In such cases, the methods and procedures for the composition of the inspection team and the inspection, and other necessary matters shall be prescribed by Presidential Decree.

(7) The Fair Trade Commission may pay allowances or travel expenses within budgetary limits to the executives and employees of the Korea Consumer Agency who participates in an inspection conducted under paragraph (6).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 27 (Search, etc. of Open Information)

(1) If necessary for securing fair trade order and preventing damage to the consumers in the electronic commerce transaction or mail order, the Fair Trade Commission may, through the use of electronic means, search and collect the open information made public via the information communications network by the business operators or organizations relating to consumer protection in the electronic commerce transaction or mail order.

(2) No business operators or related organizations shall refuse or interfere with the search and collection of information by the Fair Trade Commission conducted under paragraph (1) without any justifiable ground.

(3) If necessary for the efficient collection and use of information with respect to damage to consumers, the Fair Trade Commission may request agencies or organizations performing the businesses relating to consumer protection in the electronic commerce transaction or mail order to submit or share the relevant data, as prescribed by Presidential Decree.

(4) Agencies or organizations requested for data by the Fair Trade Commission pursuant to paragraph (3) shall not refuse to submit or share the data unless any justifiable ground exists.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 28 (Disclosure of Information on Violations, etc.)

In order to secure fair trade order and prevent damage to consumers in the electronic commerce transaction and mail order, the Fair Trade Commission may, as prescribed by Presidential Decree, disclose violations of this Act by business operators and other relevant information necessary for the prevention of damage to consumers among the information searched and collected under Article 27 (1).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 29 (Fairness of Evaluation and Authentication Business)

(1) Regardless of title, a person who operates the business of evaluation and authentication of related business operators for fairness and consumer protection in the electronic commerce transaction and mail order (hereinafter referred to as “evaluation and authentication business operator“) shall, as prescribed by Presidential Decree, announce the standards, methods, etc. of such evaluation and authentication, and conduct evaluation and authentication in an impartial manner pursuant thereto.

(2) Standards for, and methods of evaluation and authentication referred to in paragraph (1) shall be adequate to convey information on the effort and outcome exerted by the business operators for the fairness of transaction and consumer protection.

(3) The Fair Trade Commission may require the evaluation and authentication business operator to submit data on the operation state, etc.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 30 (Reporting and Supervision)

(1) Where a Mayor/Do Governor or the head of a Si/Gun/Gu recommends a correction pursuant to Article 31, in the case of the Mayor/Do Governor, the results thereof shall be reported to the Fair Trade Commission, and in the case of the head of a Si/Gun/Gu, the results thereof shall be reported to the Fair Trade Commission and the relevant Mayor/Do Governor, as prescribed by Presidential Decree.

(2) When deemed necessary for the effective enforcement of this Act, the Fair Trade Commission may request a Mayor/Do Governor or the head of a Si/Gun/Gu to conduct an inspection or confirmation, or to submit data or take other measures necessary for correction with respect to the matters under its jurisdiction. In such cases, the relevant Mayor/Do Governor or the head of the relevant Si/Gun/Gu shall comply with the request unless any special circumstance arises.

(Article Amended by Act nº 11326, Feb. 17, 2012)

CHAPTER V.- CORRECTIVE MEASURES AND IMPOSITION OF PENALTY SURCHARGES

Article 31 (Recommendation to Correct Violations)

(1) Where a business operator commits a violation of this Act or fails to fulfill his/her duty under this Act, the Fair Trade Commission, a Mayor/Do Governor, or the head of a Si/Gun/Gu may, before issuing an order to take corrective measures under Article 32, formulate a correction plan to stop such violation, or to fulfill the duty prescribed in this Act or take necessary corrective measures under Article 32, and recommend the business operator to comply with it. In such cases, the purport that accepting such recommendation shall be construed as issuing an order to take corrective measures under paragraph (3) shall also be notified.

(2) A business operator in receipt of a recommendation for correction pursuant to paragraph (1) shall notify the administration agency which has issued it whether he/she accepts it or not within ten days from the day such recommendation is received.

(3) If a business operator in receipt of a recommendation of correction pursuant to paragraph (1) accepts such recommendation, it shall be deemed that the corrective measures under Article 32 are ordered.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 32 (Corrective Measures, etc.)

(1) Where a business operator does any of the following acts or fails to fulfill a duty under this Act, the Fair Trade Commission may order him/her to take corrective measures:

1. A violation of Articles 5 (2) through (5), 6 (1), 7, 8, 9 through 11, 12 (1) through (3), 13 (1) through (3) and (5), 14, 15, 17 (1) through (3) and (5), 18, 19 (1), 20, 20-2, 22 (1), 23 (2), 24 (1), (2) and (5) through (9), 27 (2) and (4), and 29 (1) and (2);

2. Any prohibited act falling under any subparagraph of Article 21 (1).

(2) The corrective measures referred to in paragraph (1) mean any of the following measures:

1. Discontinuance of the relevant violation;

2. Fulfillment of the duty stipulated in this Act;

3. Public announcement of the fact that the corrective measures are imposed;

4. Measures necessary for the prevention and relief of damage to consumers;

5. Other measures necessary for the correction of the violation.

(3) Matters necessary for the public announcement of the fact that the corrective measures are imposed under paragraph (2) 3 and details of measures necessary for the prevention and relief of damage to consumers under paragraph (2) 4 shall be prescribed by Presidential Decree.

(4) In any of the following cases, the Fair Trade Commission may order to suspend all or part of the business for a fixed period not exceeding one year, as prescribed by Presidential Decree:

1. Where a violation is repeated despite an order to take corrective measures issued under paragraph (1);

2. Where an order to take corrective measures is not complied with;

3. Where corrective measures alone are deemed significantly impractical to prevent damage to consumers.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 33 (Requests for Arbitration of Consumer Damage Disputes)

(1) Where a request for relief relating to a violation of this Act in an electronic commerce transaction or mail order is filed by a consumer, the Fair Trade Commission, Mayor/Do Governor, or the head of a Si/Gun/Gu may, before making a recommendation for correction pursuant to Article 31 or taking corrective measures pursuant to Article 32, request a dispute arbitration organization on consumer damage prescribed by Presidential Decree, such as the agencies or organizations which perform the business relating to consumer protection in the electronic commerce transaction or mail order, to arbitrate the request.

(2) Where the parties concerned accept and fulfill the recommendation or arbitration prepared by a dispute arbitration organization on the consumer damage, the Fair Trade Commission, Mayor/Do Governor, or the head of a Si/Gun/Gu shall notify the parties concerned of the purport that the corrective measures under Article 32 shall not be taken.

(3) Where the parties concerned accept and fulfill the recommendation or arbitration of a dispute arbitration organization on the consumer damage pursuant to paragraph (1), the corrective measures under Article 32 shall not be taken, as prescribed by Presidential Decree.

(4) Where the Fair Trade Commission requests an arbitration of dispute pursuant to paragraph (1), it may subsidize the funds needed for the arbitration of dispute within budgetary limits.

(5) Where an agreement is reached in an arbitration of dispute, the dispute arbitration organization on the consumer damage shall report the result thereof, or where no agreement is reached therein, it shall report the process of arbitration, to the Fair Trade Commission, Mayor/Do Governor, or the head of a Si/Gun/Gu without delay.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 34 (Penalty Surcharges)

(1) Where business suspension under Article 32 (4) is deemed likely to cause serious inconvenience to consumers, etc., the Fair Trade Commission may, in lieu of the suspension of all or part of the business, impose upon the relevant business operator a penalty surcharge within the extent not exceeding the sales amount related to the violation prescribed by Presidential Decree. In such cases, if the relevant sales amount is nonexistent or impossible to calculate, etc., a penalty surcharge within the extent not exceeding 50 million won may be imposed.

(2) The Fair Trade Commission may determine and publicly notify the criteria for determination under which a penalty surcharge can be imposed in lieu of the suspension of all or part of the business.

(3) In imposing penalty surcharges pursuant to paragraph (1), the Fair Trade Commission shall deliberate on the following matters:

1. Degree of damage to consumers incurred by the relevant violation;

2. Degree of compensation effort made by the business operator on the damage to consumers;

3. Scale of profit obtained on account of the relevant violation;

4. Details, period, frequency, etc. of the relevant violation.

(4) Where a company which is the business operator who has violated this Act merges with another company, the Fair Trade Commission may impose a penalty surcharge on, and collect it from, the company surviving the merger or newly established in the course of the merger, deeming the relevant violation has been committed by such company.

(5) Articles 55-4 through 55-6 of the Monopoly Regulation and Fair Trade Act shall apply mutatis mutandis to the extension of payment deadline and payment of the penalty surcharges in installments, and disposition on collection, default and refund thereof under paragraph (1).

(Article Amended by Act nº 11326, Feb. 17, 2012)

CHAPTER VI.- SUPPLEMENTARY PROVISIONS

Article 35 (Prohibition of Contracts Disadvantageous to Consumers)

A contract that violates Articles 17 through 19 and is disadvantageous to consumers shall become void.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 36 (Exclusive Jurisdiction)

A lawsuit related to a transaction with a mail order distributor shall exclusively be governed by the district court having jurisdiction over the consumer’s address at the time of filing the lawsuit, but, in cases of nonexistence of address, the district court having jurisdiction over the consumer’s residence shall have the exclusive jurisdiction: Provided, That this shall not apply where the address or residence of the consumer at the time of filing the lawsuit is not evident.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 37 (Registration of Business Operator Organizations)

(1) Business operator organizations, established for the sound development of electronic commerce transaction and mail order, enhancement of consumers’ confidence, and promotion of mutual profit, may register at the Fair Trade Commission, as prescribed by Presidential Decree.

(2) The requirements, methods and procedures for registration under paragraph (1) and other matters shall be prescribed by Presidential Decree.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 38 (Delegation and Entrustment of Authority)

(1) Part of the authority of the Fair Trade Commission under this Act may be delegated to the heads of the agencies affiliated with it or a Mayor/Do Governor, or entrusted to the head of other administrative agency, as prescribed by Presidential Decree.

(2) Part of the authority of a Mayor/Do Governor under this Act may be delegated to the head of a Si/Gun/Gu, as prescribed by Presidential Decree.

(3) If necessary for the effective enforcement of this Act, the Fair Trade Commission may entrust part of its administrative affairs to the business operator organizations registered pursuant to Article 37 (1).

(4) Where the Fair Trade Commission entrusts part of its administrative affairs to the business operator organizations pursuant to paragraph (3), it may fully or partially subsidize expenses incurred in performing the entrusted administrative affairs within budgetary limits.

(5) Those entrusted with the administrative affairs under Article 26 (6) and paragraph (3) of this Article and perform, or have performed, the relevant affairs shall be deemed public officials for the purposes of penal provisions prescribed in Articles 127 and 129 through 132 of the Criminal Act.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 39 (Application Mutatis Mutandis of the Monopoly Regulation and Fair Trade Act)

(1) Articles 42, 43, 43-2, 44, 45 and 52 of the Monopoly Regulation and Fair Trade Act shall apply mutatis mutandis to deliberation and decision of the Fair Trade Commission under this Act.

(2) Article 50 (1) through (4) of the Monopoly Regulation and Fair Trade Act shall apply mutatis mutandis to the inspection, etc. of the Fair Trade Commission, Mayor/Do Governor, or the head of a Si/Gun/Gu on violations of this Act.

(3) Articles 53, 53-2, 54, 55 and 55-2 of the Monopoly Regulation and Fair Trade Act shall apply mutatis mutandis to filing objections to the dispositions of the Fair Trade Commission pursuant to this Act, filing objections to the dispositions of the Mayor/Do Governor who has been delegated pursuant to Article 38, suspension of execution of orders of corrective measures, and exclusive jurisdiction of, filing of lawsuits, and lawsuits of dissatisfaction.

(4) Article 62 of the Monopoly Regulation and Fair Trade Act shall apply mutatis mutandis to the commissioners of the Fair Trade Commission, or public officials who perform or have performed the duties prescribed in this Act.

(Article Amended by Act nº 11326, Feb. 17, 2012)

CHAPTER VII.- PENAL PROVISIONS

Article 40 (Penal Provisions)

A person who fails to comply with an order to take corrective measures issued under Article 32 (1) shall be punished by imprisonment for not more than three years or by a fine not exceeding 100 million won.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 41 (Penal Provisions)

A person who carries on business in violation of a business suspension order issued under Article 32 (4) shall be punished by imprisonment for not more than two years or by a fine not exceeding 50 million won.

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 42 (Penal Provisions)

Any of the following persons shall be punished by a fine not exceeding 30 million won:

1. A person who fails to file a report or files a false report, in violation of Article 12 (1);

2. A person who uses a mark indicating the fact of having concluded a contract, etc. of consumer damage compensation insurance or of being allowed to use the escrow system, or makes or uses other similar marks, in violation of Article 24 (8) and (9).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 43 (Penal Provisions)

Any of the following persons shall be punished by a fine not exceeding ten million won:

1. A person who provides false information on the identification information of a business operator prescribed in Article 13 (1);

2. A person who provides false information regarding the terms of transaction prescribed in Article 13 (2).

(Article Amended by Act nº 11326, Feb. 17, 2012)

Article 44 (Joint Penal Provisions)

If a representative of a corporation or an agent, employee, or other servant of a corporation or an individual commits a violation under Articles 40 through 43 in connection with the business of the corporation or the individual, in addition to punishment of the violator, the corporation or individual shall be punished by a fine under each relevant Article: Provided, That this shall not apply where such corporation or individual has not been negligent in giving due attention and supervision concerning the relevant duties to prevent such violation.

(Article Amended by Act nº 10172, Mar. 22, 2010)

Article 45 (Fines for Negligence)

(1) Any of the following persons shall be punished by a fine for negligence not exceeding ten million won:

1. A person who commits any violation falling under Article 21 (1) 1 through 5;

2. A person who, as an issuer of the settlement means under Article 8 (4), fails to conclude a contract, etc. of consumer damage compensation insurance, in violation of the proviso to Article 24 (1);

3. A person who, as a mail order distributor carrying out the prepaid mail order under Article 15 (1), violates Article 24 (2);

4. A person who, as an issuer of the settlement means under Article 8 (4), submits false data and concludes a contract, etc. of consumer damage compensation insurance, in violation of Article 24 (7);

5. A person who, as a mail order distributor carrying out the prepaid mail order under Article 15 (1), submits false data and concludes a contract, etc. of consumer damage compensation insurance, in violation of Article 24 (7);

6. A person who fails to appear on at least two occasions without any justifiable ground and violates this Act, among the parties to whom a summon is issued under Article 50 (1) 1 of the Monopoly Regulation and Fair Trade Act, which is applied mutatis mutandis under Article 39 (2);

7. A person who fails to submit a report, necessary data or things prescribed in Article 50 (1) 3 or (3) of the Monopoly Regulation and Fair Trade Act which is applied mutatis mutandis under Article 39 (2) or submits false report thereof;

8. A person who refuses, interferes with, or evades an inspection prescribed in Article 50 (2) of the Monopoly Regulation and Fair Trade Act which is applied mutatis mutandis under Article 39 (2).

(2) Any of the following persons shall be punished by a fine for negligence not exceeding five million won:

1. A person who fails to preserve the transaction records, or fails to provide the consumers with the methods of inspection and preservation of transaction records, in violation of Article 6;

2. A person who fails to indicate the information on the identity of the business operator prescribed in Article 10 (1) or 13 (1);

3. A person who fails to report under Article 12 (2) and (3);

4. A person who fails to indicate, advertise, or notify the stipulated matters or fails to hand over documents regarding the contents of contract, in violation of Article 13 (2);

5. A person who fails to inform the other party to a transaction who is a minor of the fact that a contract on the transaction of goods, etc. can be cancelled, in violation of Article 13 (3).

(3) Fines for negligence prescribed in paragraphs (1) and (2) shall be imposed and collected by the Fair Trade Commission, Mayor/Do Governor, or the head of a Si/Gun/Gu in accordance with the criteria prescribed by Presidential Decree.

(Article Amended by Act nº 11326, Feb. 17, 2012)

ADDENDA

Article 1 (Enforcement Date)

This Act shall enter into force on July 1, 2002.

Article 2 (Transitional Measures concerning Report, etc. of Mail Order Distributor)

(1) A person who has reported the mail order business pursuant to Article 17 of the previous Door-to-Door Sales, etc. Act shall be deemed to have reported to the Mayor/Do Governor pursuant to Article 12: Provided, That he/she shall complement the reported matters pursuant to Article 12 within two months from the enforcement of this Act

(2) The mail order distributor, who has reported on the cessation, closedown of business, restart of business after cessation, etc., at the time of enforcement of this Act, pursuant to Article 24 of the previous Door-to-Door Sales, etc. Act, shall be deemed to have reported pursuant to this Act, and where he/she intends to restart business after cessation, he/she shall report pursuant to the provisions of this Act.

Article 3 (Transitional Measures concerning Cancellation of Order)

The cancellation, effect, etc. of order, which have been made pursuant to the provisions of the previous Door-to-Door Sales, etc. Act at the time of enforcement of this Act, shall be subject to the previous provisions.

Article 4 (Transitional Measures concerning Suspension of Business)

The disposition of suspension of business due to an act before the enforcement of this Act shall be subject to the provisions of the previous Door-to-Door Sales, etc. Act.

Article 5 (Transitional Measures concerning Penal Provisions and Fine for Negligence)

The application of penal provisions and fine for negligence to an act before the enforcement of this Act shall be subject to the provisions of the previous Door-to-Door Sales, etc. Act.

Article 6 (Relations with Other Acts and Subordinate Statutes)

In case where other Acts and subordinate statutes cite the previous Door-to-Door Sales, etc. Act or the provisions thereof at the time of enforcement of this Act, they are deemed to have cited this Act or the equivalent provisions of this Act in lieu of the previous provisions, if there are provisions equivalent to the previous ones in this Act.

ADDENDA (Act nº 7315, Dec. 31, 2004)

Article 1 (Enforcement Date)

This Act shall enter into force on April 1, 2005. (Proviso Omitted.)

Articles 2 through 10 Omitted.

ADDENDA (Act nº 7344, Jan. 27, 2005)

Article 1 (Enforcement Date)

This Act shall enter into force three months after the date of its promulgation.

Article 2 Omitted.

ADDENDA (Act nº 7487, Mar. 31, 2005)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That the amended provisions of Articles 13 (2) 10, 24 (2) through (4), and 24-2 (2) shall take effect one year after the date of its promulgation; and the amended provisions of Articles 13 (3), 17 (2) and (6), and 32 (1), three months after the date of its promulgation, respectively.

Article 2 (Applicability to Provision of Information on Identities of Mail Order Distributors and Terms of Transactions)

The amended provisions of Articles 13 (1) 3 and (2) and 32 (1) shall apply to any indication or advertisement which is put by a mail order distributor for the purpose of taking orders for transaction of goods, etc. or to the indication, advertisement, or notification of the matters regarding the terms of transaction which is made by a mail order distributor before making a contract with consumers and the hand-over of documents stating the terms of transaction regarding the contents of contract pursuant to Article 13 (2) on or after the enforcement date of this Act.

Article 3 (Applicability to Duty of Mail Order Distributors to Inform Minors)

The amended provisions of Articles 13 (3) and 32 (1) shall apply to a contract on the transaction of goods, etc. which the mail order distributor intends to conclude with a minor on or after the enforcement date of this Act.

Article 4 (Applicability to Measures for Supply of Goods, etc. and Refund of Prices by Mail Order Distributors)

The amended provisions of Article 15 (1) and (2) shall apply to any contract for transaction of goods, etc. all or part of whose price is paid by a consumer to the mail order distributor, before being supplied with them, on or after the enforcement date of this Act.

Article 5 (Applicability to Dispatch, etc. of Invoices by Mail Order Distributors)

The amended provisions of Article 16 shall apply to any goods, etc. which are supplied by a mail order distributor on a consumer’s order on or after the enforcement date of this Act.

Article 6 (Applicability to Cancellation, etc. of Orders Relating to Contracts Concluded by Consumers with Mail Order Distributors)

The amended provisions of Article 17 (2) and (6) shall apply to the cancellation, etc. of the order relating to the contract for purchase of goods, etc. which is concluded by a consumer with a mail order distributor on or after the enforcement date of this Act.

Article 7 (Applicability to Contracts, etc. of Consumer Damage Compensation Insurance Concluded by Business Operators Who are Engaged in Electronic Commerce Transactions or Mail Orders)

The amended provisions of Article 24 (1) and (10) shall apply to any contract, etc. of consumer damage compensation insurance which the Fair Trade Commission encourages a business operator engaged in the electronic commerce transaction or mail order to conclude or which is concluded by the issuer of settlement means pursuant to Article 8 (4) on or after the enforcement date of this Act.

Article 8 (Applicability to Use of Escrow System by Consumers or Conclusion of Contracts, etc. of Consumer Damage Compensation Insurance by Mail Order Distributor in Prepaid Mail Orders)

The amended provisions of Article 24 (2) through (4) shall apply to a contract on the transaction of goods, etc. with respect to which a consumer chooses to use the escrow system or requires the mail order distributor to conclude a contract, etc. of consumer damage compensation insurance in relation to the terms of transaction of such goods, etc. on or after the enforcement date of this Act.

Article 9 (Applicability to Use of Marks on Which Mail Order Distributors Indicate Fact of Allowing Use of Escrow System)

The amended provisions of Article 24 (9) shall apply to the use of a mark on which a mail order distributor indicates the fact of allowing the use of the escrow system on or after the enforcement date of this Act.

Article 10 (Applicability to Transmission of Spam Messages)

The amended provisions of Articles 24-2 (2) and 32 (1) shall apply to spam messages which a mail order distributor sends consumers on or after the enforcement date of this Act.

Article 11 (Applicability to Recommendation of Correction of Acts of Violation)

The amended provisions of Article 31 (1) shall apply to the cases where a business operator commits an act in violation of the provisions of this Act or fails to fulfill his/her duty pursuant to the provisions of this Act on or after the enforcement date of this Act.

Article 12 (Applicability to Additional Payment for Refund of Penalty Surcharges)

The amended provisions of Article 34 (4) shall apply to the penalty surcharge which is refunded on or after the enforcement date of this Act.

ADDENDUM (Act nº 8538, Jul. 19, 2007)

This Act shall enter into force three months after the date of its promulgation.

ADDENDA (Act nº 8635, Aug. 3, 2007)

Article 1 (Enforcement Date)

This Act shall enter into force one year and six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 through 44 Omitted.

ADDENDUM (Act nº 10172, Mar. 22, 2010)

This Act shall enter into force on the date of its promulgation.

ADDENDA (Act nº 10303, May 17, 2010)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 through 10 Omitted.

ADDENDA (Act nº 11326, Feb. 17, 2012)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability to Joint Responsibility of Mail Order Distributors)

The amended provisions of Article 20-2 (1) and (2) shall apply from the first mail order brokerage conducted after this Act enters into force.

Article 3 (Applicability to Deemed Public Officials)

The amended provisions of Article 38 (5) shall apply from the first person who conducts the entrusted administrative affairs after this Act enters into force.

Article 4 (Transitional Measures concerning Small-Scale Mail Order Distributors’ Obligation to Report)

A mail order distributor required to file a new report under the amended provisions of Article 12 (1) shall file such report within one year from the date this Act enters into force.

ADDENDA (Act nº 11461, Jun. 1, 2012)

Article 1 (Enforcement Date)

This Act shall enter into force three months after the date of its promulgation.

Articles 2 through 10 Omitted.

11Nov/21

Act nº 7929, Apr. 28, 2006, Electronic Financial Transactions Act

Act nº 7929, Apr. 28, 2006, Electronic Financial Transactions Act. (Amended by Act nº 8387, Apr. 27, 2007, Act nº 8863, Feb. 29, 2008, Act nº 9325, Dec. 31, 2008, Act nº 10303, May 17, 2010, Act nº 11087, Nov. 14, 2011, Act nº 11407, Mar. 21, 2012, Act nº 11461, jun. 1, 2012, Act nº 11814, May 22, 2013, Act nº 12837, Oct. 15, 2014, Act nº 13929, Jan. 27, 2016, Act nº 14132, Mar. 29, 2016, Act nº 14828, Apr. 18, 2017, Act nº 14839, Jul. 26, 2017).

ELECTRONIC FINANCIAL TRANSACTIONS ACT

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)

The purpose of this Act is to ensure the safety and reliability of electronic financial transactions by clarifying their legal relations and to promote financial conveniences for people and contribute to national economic development by creating a foundation for the sound development of the electronic financial industry.

Article 2 (Definitions)

The definitions of terms used in this Act shall be as follows: (Amended by Act nº 8387, Apr. 27, 2007; Act nº 8863; Feb. 29, 2008; Act nº 11407, Mar. 21, 2012; Act nº 11461, Jun. 1, 2012; Act nº 11814, May 22, 2013)

1. The term “electronic financial transaction” means any transaction whereby a financial company or an electronic financial business entity provides financial products and services through electronic apparatus (hereinafter referred to as “electronic financial business“) and users use them in a non-facing and automated manner without any direct contact with employees of the financial company or electronic financial business entity;

2. The term “electronic payment transaction” means any electronic financial transaction whereby a person providing a payment (hereinafter referred to as “payer“) requires a financial company or an electronic financial business entity to transfer money to another person receiving the payment (hereinafter referred to as “payee“) by electronic payment means;

3. The term “financial company” means any of the following institutions, organizations or business entities:

(a) An institution referred to in subparagraphs 1 through 5, 7 and 8 of Article 38 of the Act on the Establishment, etc. of Financial Services Commission;

(b) A specialized credit financial company established under the Specialized Credit Finance Business Act;

(c) A postal service agency under the Postal Savings and Insurance Act;

(d) A community credit cooperative and Korean Federation of Community Credit Cooperatives established under the Community Credit Cooperatives Act;

(e) Any other person prescribed by Presidential Decree, which is an institution, organization, or a business entity carrying on financial business and other finance-related business pursuant to Acts;

4. The term “electronic financial business entity” means any person who has obtained permission or whose business has been registered (excluding any financial company) pursuant to Article 28;

5. The term “subsidiary electronic financial business entity” means any person prescribed by the Financial Services Commission established under Article 3 of the Act on the Establishment, etc. of Financial Services Commission (hereinafter referred to as the “Financial Services Commission“), who assists in electronic financial transactions; or vicariously performs the part of such transactions for a financial company or an electronic financial business entity; or who operates a payment gateway system;

6. The term “payment gateway system” means any financial data processing system that deals with business affairs relating to the settlement of accounts and payments by transmitting electronic financial transaction information between a financial company and an electronic financial business entity;

7. The term “user” means any person who conducts an electronic financial transaction under a contract concluded with a financial company or an electronic financial business entity for facilitating electronic financial transactions (hereinafter referred to as “electronic financial transaction contract“);

8. The term “electronic apparatus” means any apparatus used to transmit or process electronic financial transaction information by electronic means, such as a cash dispenser, automatic teller machine, debit terminal, computer, telephone, or other devices that transmit or process information by electronic means;

9. The term “electronic document” means any information prepared, transmitted, received or stored pursuant to subparagraph 1 of Article 2 of the Framework Act on Electronic Documents and Transactions;

10. The term “means of access” means any of the following means or information which is used to issue a transaction request in electronic financial transactions or to secure the authenticity and accuracy of users and the details of such transaction:

(a) An electronic card or other electronic information equivalent thereto;

(b) An electronic signature creating key defined in subparagraph 4 of Article 2 of the Digital Signature Act and a certificate referred to in subparagraph 7 of the said Article;

(c) A user number registered with a financial company or an electronic financial business entity;

(d) Biological information of users;

(e) A password required to use the means or information referred to in item (a) or (b);

11. The term “electronic payment means” means an electronic funds transfer, electronic debit payment means, electronic prepayment means, electronic currency, a credit card, an electronic bond or other means of payment by electronic means;

12. The term “electronic funds transfer” means any transfer of funds by any of the following methods from an account opened with a financial company or an electronic financial business entity (limited to any account linked to a financial company; hereinafter the same shall apply) to another account through electronic apparatus for the purpose of transferring funds between a payer and a payee:

(a) A payment request made by a payer to a financial company or an electronic financial business entity;

(b) A collection request made by a payee (hereinafter referred to as “collection transfer“) to a financial company or an electronic financial business entity;

13. The term “electronic debit payment means” means any certificate (excluding any certificate available for loans), or information on such certificate, issued by a financial company or an electronic financial business entity to simultaneously supply goods or services and pay their prices by the method of transferring funds from the account of a financial company between a user and a chain store by electronic means;

14. The term “electronic prepayment means” means any certificate, or information on such certificate, issued with transferable monetary values stored by electronic means, which meets all of the following requirements: Provided, That this shall not include any electronic currency:

(a) It shall be used to purchase goods or services from a third person other than the issuer (including specially related persons prescribed by Presidential Decree) and pay their prices;

(b) It shall be able to purchase goods or services in at least two business categories (referring to mid-classification business categories in the Korean Standard Industrial Classification publicly announced by the Commissioner of the National Statistical Office pursuant to Article 22 (1) of the Statistics Act; hereafter the same shall apply in this Article);

15. The term “electronic currency” means any certificate, or information on such certificate, issued with transferable monetary values stored by electronic means, which meets all of the following requirements:

(a) It shall be used in the areas and chain stores which meet the standards prescribed by Presidential Decree;

(b) It shall meet the requirements referred to in subparagraph 14 (a);

(c) It shall be able to purchase goods or services in at least five business categories and the number of such business categories shall be at least that prescribed by Presidential Decree;

(d) It shall be issued in exchange for the same value of cash or deposits;

(e) It shall be exchangeable for cash or deposits under guarantee of the issuer;

16. The term “electronic bond” means any creditor’s monetary claims stated in an electronic document, which meets the following requirements:

(a) The debtor shall designate the creditor;

(b) It shall include the contents of debts;

(c) It shall include the certified digital signature defined in subparagraph 3 of Article 2 of the Digital Signature Act;

(d) It shall be registered with an electronic bond management agency under Article 29 (1) (hereinafter referred to as “electronic bond management agency“) via a financial company;

(e) The debtor shall transmit an electronic document which meets all requirements referred to in items (a) through (c) to the creditor pursuant to Article 6 (1) of the Framework Act on Electronic Documents and Transactions and the creditor shall receive it in accordance with Article 6 (2) of the said Act;

17. The term “transaction request” means any request whereby a user asks a financial company or an electronic financial business entity to process electronic financial transactions pursuant to the electronic financial transaction contract;

18. The term “error” means any case where an electronic financial transaction fails to be made pursuant to the electronic financial transaction contract or the user’s transaction request neither intentionally nor with negligence;

19. The term “electronic payment settlement agency service” means any service to transmit or receive payment settlement information in purchasing goods or using services by electronic means or to execute as an agent or mediate the settlement of prices thereof;

20. The term “chain store” means any person, other than a financial company or an electronic financial business entity, who supplies goods or services to users in transactions conducted by an electronic debit payment means, electronic prepayment means or electronic currency under a contract concluded with a financial company or an electronic financial business entity;

21. The term “electronic financial infrastructure” means any information processing system used in electronic financial transactions and information and communication network defined in Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.;

22. The term “electronic infringement” means any attack on electronic financial infrastructure by means of hacking, computer virus, logic bomb, mail bomb, denial of service, high-powered electromagnetic wave, etc.

Article 3 (Scope of Application)

(1) Except as otherwise expressly provided for in other Acts, this Act shall apply to all electronic financial transactions: Provided, That this Act shall not apply to the electronic financial transactions prescribed by Presidential Decree among those conducted under a separate contract between a financial company and an electronic financial business entity. (Amended by Act nº 11814, May 22, 2013)

(2) The provisions of Chapter V shall not apply to the financial companies referred to in subparagraph 3 (c) and (d) of Article 2. (Amended by Act nº 11814, May 22, 2013)

(3) The following shall not apply to the financial companies prescribed by Presidential Decree, considering the frequency of electronic financial transactions, size of company, etc. among financial companies: (Inserted by Act nº 11814, May 22, 2013)

1. Meeting the standards set by the Financial Services Commission for the information technology sector, in terms of human resources, facilities, electronic apparatus, etc. and electronic financial business under Article 21 (2);

2. Establishing and submitting plans for the information technology sector under Article 21 (4);

3. Appointing the chief information security officer under Article 21-2;

4. Analyzing and assessing the vulnerability of electronic financial infrastructure under Article 21-3.

Article 4 (Reciprocity)

This Act shall also apply to a foreigner or foreign corporation: Provided, That with respect to any foreigner or foreign corporation of the State which fails to provide protections corresponding to this Act for any national or corporation of the Republic of Korea, any protection under this Act or the treaties acceded to or concluded by the Republic of Korea may be restricted commensurately therewith.

CHAPTER II.- RIGHTS AND DUTIES OF PARTIES TO ELECTRONIC FINANCIAL TRANSACTIONS

SECTION 1.- Common Provisions

Article 5 (Use of Electronic Documents)

(1) Articles 4 through 7, 9, and 10 of the Framework Act on Electronic Documents and Transactions shall apply to electronic documents used for electronic financial transactions. (Amended by Act nº 11461, Jun. 1, 2012)

(2) Each electronic document received by a financial company or an electronic financial business entity in relation to a transaction request shall be deemed independent, respectively: Provided, That where the financial company or electronic financial business entity and a user undergoes the procedures for confirmation on an electronic financial transaction contract concluded among them, such procedures shall prevail. (Amended by Act nº 11814, May 22, 2013)

Article 6 (Selection, Use and Management of Means of Access)

(1) A financial company or an electronic financial business entity shall select, use and manage the means of access necessary for electronic financial transactions and confirm the identity and authority of a user, the details of a transaction request, etc. (Amended by Act nº 11814, May 22, 2013)

(2) A financial company or an electronic financial business entity shall issue the means of access only if an application is made by the user after verifying the identity of such user: Provided, That it may be also issued without the user’s application nor the verification of the user’s identity in any of the following cases: (Amended by Act nº 11814, May 22, 2013)

1. In case of an electronic prepayment means or electronic currency referred to in the proviso to Article 16 (1);

2. Where a user’s consent is obtained for the renewal, replacement, etc. of the means of access, as prescribed by Presidential Decree.

(3) No one shall commit any of the following acts unless otherwise expressly provided for in other Acts with respect to the use and management of a means of access: Provided, That the same shall not apply to cases (excluding the act referred to in subparagraph 3 and other acts of assisting the said act) where it is necessary to transfer an electronic prepayment means or electronic currency, or to offer it as security under Article 18: (Amended by Act nº 9325, Dec. 31, 2008; Act nº 13069, Jan. 20, 2015; Act nº 13929, Jan. 27, 2016)

1. Transferring or taking over a means of access;

2. Borrowing or lending a means of access, or storing, delivering or distributing a means of access, accompanied by receipt, demand or promise of any compensation;

3. Borrowing or lending a means of access, or storing, delivering or distributing a means of access, for the purpose of using it for any crime or with the knowledge of the fact that it will be used for any crime;

4. Providing a means of access as the object of pledge;

5. Arranging or advertizing any act referred to in subparagraphs 1 through 4.

Article 6-2 (Suspension, etc. of Using Telephone Numbers Used in Illegal Advertisements)

(1) When the Prosecutor General, Commissioner of the National Police Agency, or Governor of the Financial Supervisory Service (referring to the Governor of the Financial Supervisory Service under Article 29 of the Act on the Establishment, etc. of Financial Services Commission; hereafter the same shall apply) identifies a telephone number used in illegal advertisements referred to in Article 6 (3) 5, he/she may request the Minister of Science and Information and Communications Technology (ICT) to suspend provision of telecommunications services related to the relevant telephone number. (Amended by Act nº 14839, Jul. 26, 2017)

(2) A person to whom provision of telecommunications services is suspended following a request made pursuant to paragraph (1) may raise an objection to the person who requested suspension of provision of telecommunications services.

(3) Matters necessary for the procedures, etc. regarding raising of an objection under paragraph (2) shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 13929, Jan. 27, 2016)

Article 7 (Confirmation of Transaction Details)

(1) Any financial company or electronic financial business entity shall ensure that a user can confirm the transaction details through an electronic apparatus (including electronic apparatus, if any, stipulated in advance between the financial company or electronic financial business entity and the user) used for electronic financial transactions. (Amended by Act nº 11814, May 22, 2013)

(2) Any financial company or electronic financial business entity shall, upon a user’s request to deliver relevant transaction details in writing (excluding any electronic document; hereinafter the same shall apply), deliver to him/her a document stating the details of his/her transaction within two weeks after receipt of such request. (Amended by Act nº 11814, May 22, 2013)

(3) Matters concerning the coverage period, types and scope of the transaction details offered pursuant to paragraphs (1) and (2) and other matters shall be prescribed by Presidential Decree.

Article 8 (Correction, etc. of Errors)

(1) When a user recognizes the existence of any error in electronic financial transactions, he/she may request the relevant financial company or electronic financial business entity to correct such error. (Amended by Act nº 11814, May 22, 2013)

(2) Upon receipt of a request to correct an error under paragraph (1), any financial company or electronic financial business entity shall immediately investigate and effect appropriate corrections to the processed transaction, and inform the user of the causes of the error and the results of correction by the methods prescribed by Presidential Decree within two weeks after receipt of such request. (Amended by Act nº 9325, Dec. 31, 2008; Act nº 11814, May 22, 2013)

(3) When any financial company or electronic financial business entity recognizes the existence of any error in electronic financial transactions, it or he/she shall immediately investigate and effect appropriate corrections to the processed transaction, and inform the user of the causes of the error and the results of correction in the methods prescribed by Presidential Decree within two weeks after recognizing such error. (Amended by Act nº 9325, Dec. 31, 2008; Act nº 11814, May 22, 2013)

Article 9 (Liability of Financial Companies or Electronic Financial Business Entities)

(1) When a user suffers any loss due to any of the following incidents, the relevant financial company or electronic financial business entity shall be liable for indemnifying him/her for the loss: (Amended by Act nº 11814, May 22, 2013)

1. An incident caused by the forgery or alteration of the means of access;

2. An incident caused in the course of electronically transmitting or processing the conclusion of a contract or a transaction request;

3. An incident caused by the use of a means of access acquired by fraudulent or other illegal means by invading electronic apparatus for electronic financial transactions or an information and communication network defined in Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.

(2) Notwithstanding paragraph (1), a financial company or an electronic financial business entity may require a user to fully or partially bear the liability for any loss in any of the following cases: (Amended by Act nº 11814, May 22, 2013)

1. Where, with respect to any incident caused by the intention or gross negligence of the user, a prior agreement is made with the user to the effect that all or part of the loss may be borne by the user;

2. Where a corporate user (excluding any small enterprise defined in Article 2 (2) of the Framework Act on Small and Medium Enterprises) suffers any loss although the financial company or electronic financial business entity fulfills the duty of due care reasonably required to prevent incidents, such as the establishment and strict observance of security procedures.

(3) The intention or gross negligence of the user referred to in paragraph (2) 1 shall be limited to that stipulated in the terms and conditions of electronic financial transactions (hereinafter referred to as “terms and conditions“) within the limits prescribed by Presidential Decree.

(4) Every financial company or electronic financial business entity shall take measures necessary to discharge the liability provided for in paragraph (1), such as purchasing insurance, joining a mutual aid society or accumulating reserves, pursuant to the standards determined by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

Article 10 (Liability for Loss or Theft of Means of Access)

(1) Upon receipt of a user’s notification of the loss or theft of the means of access, the relevant financial company or electronic financial business entity shall be liable for compensating the user for any loss he/she might suffer due to the use of such means of access by a third party from the time such notification is received: Provided, That the same shall not apply to cases prescribed by Presidential Decree where any damage is caused by the loss, theft, etc. of electronic prepayment means or electronic currency. (Amended by Act nº 11814, May 22, 2013)

(2) Notwithstanding paragraph (1) of this Article and Article 9, if any provision of other Acts and subordinate statutes applicable favorably to the user exists, such provision shall prevail.

Article 11 (Status of Subsidiary Electronic Financial Business Entities)

(1) The intention or negligence of a subsidiary electronic financial business entity (including any electronic bond management agency; hereafter the same shall apply in this Chapter) in relation to electronic financial transactions shall be deemed the intention or negligence of the relevant financial company or electronic financial business entity. (Amended by Act nº 11814, May 22, 2013)

(2) When any financial company or electronic financial business entity compensates the user for any loss caused by the intention or negligence of its or his/her subsidiary electronic financial business entity, it or he/she may exercise the right of indemnity over the subsidiary electronic financial business entity. (Amended by Act nº 11814, May 22, 2013)

(3) Any user may give various notifications he/she is obligated to give to a financial company or an electronic financial business entity to its or his/her subsidiary electronic financial business entity pursuant to an agreement made with the financial company or electronic financial business entity. In such cases, a notification given to the subsidiary electronic financial business entity shall be deemed to have been given to the relevant financial company or electronic financial business entity. (Amended by Act nº 11814, May 22, 2013)

SECTION 2.- Electronic Payment Transactions, etc.

Article 12 (Validity of Electronic Payment Transaction Contracts)

(1) Any financial company or electronic financial business entity shall make a payment by transmitting the amount requested by a payer or payee on a transaction request to the payee or his/her financial company or electronic financial business entity, pursuant to an agreement made with the payer or payee to facilitate electronic payment transactions. (Amended by Act nº 11814, May 22, 2013)

(2) When any financial company or electronic financial business entity becomes unable to transmit the amount requested pursuant to paragraph (1), it or he/she shall return to the payer the amount received for electronic payment transactions. In such cases, when the failure to transmit the amount is caused by the negligence of the payer, the expenses incurred in relation to such transmission may be deducted. (Amended by Act nº 11814, May 22, 2013)

Article 13 (Time when Payment Takes Effect)

(1) Where a payment is made by electronic payment means, such payment shall take effect at the time set forth in the following: (Amended by Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

1. For electronic funds transfers: When the information on the amount transferred on a transaction request is completely recorded on the ledger of the account of a financial company or an electronic financial business entity with which the payee’s account is opened;

2. For withdrawal of cash directly from electronic apparatus: When the payee receives such cash;

3. For payments made by an electronic prepayment means or electronic currency: When the information on the amount requested on a transaction request gets to the electronic apparatus designated by the payee;

4. For payments made by other electronic payment means: When the information on the amount requested on a transaction request is completely input in the electronic apparatus of a financial company or an electronic financial business entity with which the payee’s account is opened.

(2) The financial companies or electronic financial business entities prescribed by Presidential Decree in consideration of their total assets, etc. shall, upon their user’s request, ensure that payment of electronic funds transfer takes effect after a certain time has elapsed since such user makes such transaction request, in accordance with the procedures and methods prescribed by Presidential Decree. (Inserted by Act nº 12837, Oct. 15, 2014)

Article 14 (Withdrawal of Transaction Requests)

(1) Any user may withdraw his/her transaction request before the payment takes effect pursuant to each subparagraph of Article 13 (1). (Amended by Act nº 12837, Oct. 15, 2014)

(2) Notwithstanding paragraph (1), a financial company or an electronic financial business entity and its user may, pursuant to a prior agreement, determine differently the timing for withdrawing a transaction request with respect to any batch transaction, reserved transaction, etc. (Amended by Act nº 11814, May 22, 2013)

(3) Any financial company or electronic financial business entity shall include in its or his/her terms and conditions the matters relating to the methods and procedures for withdrawing a transaction request under paragraph (1) and the prior agreement under paragraph (2). (Amended by Act nº 11814, May 22, 2013)

Article 15 (Consent to Withdraw Deposits by Transfer)

(1) Any financial company or electronic financial business entity shall obtain consent from the payer in advance to the withdrawal of deposits to effect a collection transfer, as prescribed by Presidential Decree. (Amended by Act nº 11814, May 22, 2013)

(2) Any payer may request a financial company or an electronic financial business entity to revoke his/her consent to withdrawal under paragraph (1) before the withdrawal of deposits is completely recorded on the ledger of the payer’s account pursuant to a transaction request of the payee. (Amended by Act nº 11814, May 22, 2013)

(3) Notwithstanding paragraph (2), a financial company or an electronic financial business entity may, pursuant to a prior agreement made with the payer, determine differently the timing for revoking the consent with respect to any batch transaction, reserved transaction, etc. (Amended by Act nº 11814, May 22, 2013)

(4) Any financial company or electronic financial business entity shall include in its or his/her terms and conditions the matters relating to the methods and procedures for revoking the consent and the prior agreement under paragraphs (2) and (3). (Amended by Act nº 11814, May 22, 2013)

Article 16 (Issuance, Use and Exchange of Electronic Currencies)

(1) Any financial company or electronic financial business entity that issues an electronic currency (hereinafter referred to as “electronic currency issuer“) shall, in issuing the electronic currency, assign identifiable numbers to the means of access and manage it by linking the numbers to the user’s real name (hereinafter referred to as “real name“) defined in subparagraph 4 of Article 2 of the Act on Real Name Financial Transactions and Confidentiality or deposit account: Provided, That the same shall not apply to any electronic currency, the upper limit of whose face value does not exceed the amount prescribed by Presidential Decree. (Amended by Act nº 11814, May 22, 2013)

(2) The electronic currency issuer shall issue the electronic currency in exchange for the same value of cash or deposits.

(3) The electronic currency issuer shall take necessary measures to keep and use the issued electronic currency so that electronic currency holders can use it.

(4) The electronic currency issuer shall, upon a request by its holder, have the duty to exchange such electronic currency for cash or deposits.

(5) The methods and procedures for the issuance and exchange of electronic currency under paragraphs (1) through (4) shall be prescribed by Presidential Decree.

Article 17 (Validity of Payment by Electronic Currencies)

When an electronic currency holder pays the prices of goods or services by electronic currency pursuant to an agreement with the payee, the duty to pay such prices shall be deemed fulfilled.

Article 18 (Transferability of Electronic Currencies, etc.)

(1) The holder of an electronic prepayment means or electronic currency may transfer it to a third party or offer it as a security pursuant to an agreement with its issuer.

(2) When an electronic prepayment means or electronic currency is transferred to a third party or offered as a security under paragraph (1), it shall be necessarily done via the issuer’s central computer system: Provided, That the same shall not apply to any electronic prepayment means whose real name is not confirmed or the electronic currency referred to in the proviso to Article 16 (1).

Article 19 (Refund of Electronic Prepayment Means)

(1) Any financial company or electronic financial business entity that issues an electronic prepayment means shall, upon a request by its holder, refund the balance recorded on such electronic prepayment means pursuant to a prior agreement. (Amended by Act nº 11814, May 22, 2013)

(2) Any financial company or electronic financial business entity shall enter, in the terms and conditions, the agreement on the refund under paragraph (1) and the fact that it or he/she will fully pay the balance recorded on the electronic prepayment means in any of the following cases: (Amended by Act nº 11814, May 22, 2013)

1. Where the electronic prepayment means becomes unavailable because it is impracticable for a chain store to supply goods or services due to an act of God, etc.;

2. Where a chain store cannot supply goods or services due to any defect in the electronic prepayment means;

3. Where the balance recorded on the electronic prepayment means falls below a fixed rate. In such cases, the fixed rate shall be less than 20/100.

Article 20 (Requisite for Setting Up Transfer of Electronic Bonds)

(1) The transfer of electronic bonds shall be deemed to satisfy the requisite for setting up against the obligor referred to in Article 450 (1) of the Civil Act when meeting all the following requirements:

1. The notice made by the transferor to transfer the electronic bonds or the obligor’s consent thereto shall be given through an electronic document bearing the certified digital signature provided for in subparagraph 3 of Article 2 of the Digital Signature Act;

2. The electronic document stating the notice or consent referred to in subparagraph 1 shall be registered with an electronic bond management agency.

(2) The electronic document stating the notice or consent referred to in paragraph (1) shall be deemed to satisfy the requisite for setting up against the obligor referred to in Article 450 (2) of the Civil Act when completing the time-stamp stipulated in Article 20 of the Digital Signature Act and meeting all the requirements referred to in paragraph (1).

CHAPTER III.- ENSURING SAFETY OF ELECTRONIC FINANCIAL TRANSACTIONS AND PROTECTION OF USERS

Article 21 (Duty to Ensure Safety)

(1) A financial company or an electronic financial business entity and its or his/her subsidiary electronic financial business entity (hereinafter referred to as “financial company, etc.”) shall perform its or his/her duties of a good manager to ensure the safe processing of electronic financial transactions. (Amended by Act nº 11814, May 22, 2013)

(2) In order to ensure the safety and reliability of electronic financial transactions, a financial company etc. shall comply with the standards determined by the Financial Services Commission with respect to the information technology sector, such as human resources, facilities, electronic apparatus, and expenses for conducting electronic transmissions or processing, the electronic financial affairs and certification methods including the use of certificates under the Digital Signature Act. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

(3) The Financial Services Commission shall not compel the use of any specific technology or service when determining the standards referred to in paragraph (2) and shall endeavor to promote the fair competition of security technologies and certification technologies. (Amended by Act nº 12837, Oct. 15, 2014)

(4) For safe electronic financial transactions, the financial companies or electronic financial business entities prescribed by Presidential Decree shall annually establish a plan for the information technology sector and submit it to the Financial Services Commission after obtaining confirmation and signature of its or his/her representative, as prescribed by Presidential Decree. (Inserted by Act nº 11814, May 22, 2013)

Article 21-2 (Appointment of Chief Information Security Officers)

(1) Any financial company or electronic financial business entity shall appoint a chief information security officer to be responsible for managing electronic financial business and information technology security which forms the basis of electronic financial business. (Amended by Act nº 11814, May 22, 2013)

(2) A financial company or an electronic financial business entity prescribed by Presidential Decree in consideration of its or his/her total assets, number of employees, etc. shall appoint one of the executives (including any person prescribed in Article 401-2 (1) 3 of the Commercial Act) as a chief information security officer. (Amended by Act nº 11814, May 22, 2013)

(3) The chief information security officer of the financial companies or electronic financial business entities prescribed by Presidential Decree in consideration of its or his/her total assets, number of employees, etc. shall not concurrently perform duties in the information technology sector other than those referred to in paragraph (4). (Inserted by Act nº 12837, Oct. 15, 2014)

(4) A chief information security officer under paragraph (1) shall perform the following duties: (Amended by Act nº 12837, Oct. 15, 2014)

1. Establishing strategies and plans for securing the stability of electronic financial transactions and protecting the users thereof;

2. Protecting the information technology sector;

3. Managing human resources and forming a budget, which are necessary for the security of the information technology sector;

4. Preventing electronic financial transaction accidents, and taking measures therefor;

5. Other matters prescribed by Presidential Decree for securing the stability of electronic financial transactions.

(5) Matters necessary for qualifications, etc. for a chief information security officer shall be prescribed by Presidential Decree. (Amended by Act nº 12837, Oct. 15, 2014)

(Article Inserted by Act nº 11087, Nov. 14, 2011)

Article 21-3 (Analyzing and Assessing Vulnerability of Electronic Financial Infrastructure)

(1) To ensure the safety and reliability of electronic financial transactions, a financial company and an electronic financial business entity shall analyze and assess the following matters with respect to its or his/her electronic financial infrastructure and report the findings therefrom (referring to the findings from analysis and assessment of vulnerability, where conducted under Article 9 of the Act on the Protection of Information and Communications Infrastructure) to the Financial Services Commission:

1. Matters relating to the organization, facilities, and internal control of the information technology sector;

2. Matters relating to electronic apparatus and the means of access of the information technology sector;

3. Matters relating to measures to respond to infringements in order to maintain electronic financial transactions;

4. Other matters prescribed by Presidential Decree.

(2) A financial company and an electronic financial business entity shall establish and implement a plan to take necessary complementary measures based on the findings from analysis and assessment of vulnerability in the electronic financial infrastructure under paragraph (1).

(3) The Financial Services Commission may require public officials under its control to inspect the findings from analysis and assessment of vulnerability in the electronic financial infrastructure under paragraph (1) and the actual status of implementing complementary measures pursuant to paragraph (2).

(4) Details of and procedures for analysis and assessment of vulnerability in the electronic financial infrastructure under paragraph (1) and the establishment and implementation of the plan under paragraph (2) and other necessary matters shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 11814, May 22, 2013)

Article 21-4 (Prohibition against Electronic Infringement, etc.)

No person shall commit any of the following offences:

1. For anyone without access authority to access electronic financial infrastructure, or for anyone with access authority to fabricate, destroy, hide or lose the stored data beyond his/her authority;

2. Installing programs, such as computer virus, logic bomb, or mail bomb, for the purpose of destroying data of electronic financial infrastructure or obstructing the operation of electronic financial infrastructure;

3. Causing errors or hindrance to electronic financial infrastructure by methods, such as sending mass signal, high-powered electromagnetic wave or data simultaneously or having fraudulent commands be processed, for the purpose of obstructing the stable operation of electronic financial infrastructure.

(Article Inserted by Act nº 11814, May 22, 2013)

Article 21-5 (Notification, etc. of Infringement Incidents)

(1) If an incident, such as disturbance or paralysis of electronic financial infrastructure, occurs due to an electronic infringement (hereinafter referred to as “infringement incident”), the relevant financial company and electronic financial business entity shall, without delay, inform the Financial Services Commission thereof.

(2) If an infringement incident occurs, the relevant financial company and electronic financial business entity shall analyze the causes thereof and take necessary measures to prevent the spread of damage.

(Article Inserted by Act nº 11814, May 22, 2013)

Article 21-6 (Response to Infringement Incidents)

(1) The Financial Services Commission shall perform the following duties to respond to infringement incidents:

1. Collecting and disseminating information on infringement incidents;

2. Issuing preannouncements and warnings about infringement incidents;

3. Taking emergency measures against infringement incidents;

4. Other matters prescribed by Presidential Decree for responding to infringement incidents.

(2) Procedures and methods necessary for performing the duties referred to in paragraph (1) and other matters shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 11814, May 22, 2013)

Article 22 (Creation, Preservation and Destruction of Electronic Financial Transaction Records)

(1) A financial company, etc. shall create the records (hereafter referred to as “electronic financial transaction records” in this Article) necessary to trace and search the details of electronic financial transactions or to verify or correct any error in such details and shall preserve them for a period prescribed by Presidential Decree within up to five years. (Amended by Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

(2) If the preservation period under paragraph (1) elapses and any commercial transaction relation, including financial transactions, is terminated, a financial company, etc. shall, within five years, destroy the relevant electronic financial transaction records (excluding credit information under the Credit Information Use and Protection Act; hereafter the same shall apply in this paragraph): Provided, That this shall not apply in any of the following cases: (Inserted by Act nº 12837, Oct. 15, 2014)

1. Where it is inevitable to meet any obligation under other Acts;

2. Other cases determined by the Financial Services Commission, where it is necessary to preserve electronic financial transaction records.

(3) The types, preservation methods, destruction procedures and methods of electronic financial transaction records to be preserved by financial companies, etc. in accordance with paragraphs (1) and (2), and the standards for determining the day when a commercial transaction relation is terminated shall be prescribed by Presidential Decree. (Amended by Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

Article 23 (Issuance and Limit of Use of Electronic Payment Means, etc.)

(1) The Financial Services Commission may require a financial company or an electronic financial business entity to set the following limits or take other necessary measures, in consideration of the characteristics of electronic payment means, as prescribed by Presidential Decree: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

1. The upper limit of the face value of an electronic currency and electronic prepayment means to be issued;

2. The limit of use of electronic funds transfer;

3. The limit of use of electronic debit payment means.

(2) The Financial Services Commission may require a financial company or an electronic financial business entity to set the upper limit of cash withdrawal from electronic apparatus or may take other necessary measures, as prescribed by Presidential Decree. (Inserted by Act nº 11814, May 22, 2013)

Article 24 (Clarification of Terms and Conditions and Notification of Alterations thereof)

(1) Any financial company or electronic financial business entity shall clarify the terms and conditions in concluding a contract for electronic financial transactions with a user, and, at the request of a user, deliver a copy of the terms and conditions to the user, along with explaining the details thereof, in the manner prescribed by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(2) No financial company or electronic financial business entity shall, if it or he/she has concluded a contract in violation of paragraph (1), assert that the details of the terms and conditions are included in the relevant contract. (Amended by Act nº 11814, May 22, 2013)

(3) Any financial company or electronic financial business entity shall, if it or he/she has altered the terms and conditions, publish the altered terms and conditions and inform the users thereof by one month prior to the enforcement of the altered terms and conditions, in the manner prescribed by the Financial Services Commission: Provided, That if the terms and conditions are urgently altered due to any amendment to Acts and subordinate statutes, it or he/she shall promptly publish the terms and conditions so altered and inform the users thereof in such manner prescribed by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(4) Any user may terminate a contract for electronic financial transactions by no later than the business day immediately preceding the enforcement date of the altered terms and conditions after the details of the altered terms and conditions are published or informed pursuant to paragraph (3). When the user fails to raise an objection against the details of the altered terms and conditions within the period referred to in the first sentence, he/she shall be deemed to have approved the altered terms and conditions.

Article 25 (Preparation and Alteration of Terms and Conditions)

(1) When a financial company or an electronic financial business entity intends to prepare or alter the terms and conditions for electronic financial transactions, it or he/she shall in advance report thereon to the Financial Services Commission: Provided, That in cases determined by the Financial Services Commission which do not adversely affect the rights, interests or duties of users, a report may be file to the Financial Services Commission within ten days after the terms and conditions is prepared or altered. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(2) The Financial Services Commission may recommend a financial company or an electronic financial business entity to alter the terms and conditions under paragraph (1) if necessary to maintain orderly electronic financial transactions. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(3) The Financial Services Commission may determine the period and procedures for reporting the preparation or alteration of the terms and conditions under paragraph (1) and other necessary matters. (Amended by Act nº 8863, Feb. 29, 2008)

(4) Paragraphs (1) through (3) shall not apply to the financial companies defined in subparagraph 3 (c) and (d) of Article 2. (Amended by Act nº 11814, May 22, 2013)

Article 26 (Provision, etc. of Electronic Financial Transaction Information)

No one who recognizes the existence of any of the following matters in the course of performing duties relating to electronic financial transactions shall provide or disclose such information to any third party or use it for any purpose other than his/her duties without the consent of the relevant user: Provided, That the same shall not apply to cases provided for in the proviso to Article 4 (1) of the Act on Real Name Financial Transactions and Confidentiality or in any other Act:

1. The matters relating to the identity of the user;

2. The information or materials relating to the accounts, the means of access, and the details and results of electronic financial transactions of the user.

Article 27 (Settlement and Mediation of Disputes)

(1) Any financial company or electronic financial business entity shall prepare procedures to reflect reasonable opinions or complaints presented by users in relation to electronic financial transactions and to compensate for any loss sustained by users in the course of conducting electronic financial transactions, as prescribed by Presidential Decree. (Amended by Act nº 11814, May 22, 2013)

(2) When a user has an objection to the processing of electronic financial transactions, he/she may demand the settlement of dispute, such as compensation for losses, pursuant to the procedures determined under paragraph (1) or file an application for mediation of dispute with the Financial Supervisory Service, the Korea Consumer Agency, etc. (Amended by Act nº 11814, May 22, 2013)

(3) Detailed procedures and methods for the settlement of disputes and the application for mediation of disputes under paragraphs (1) and (2) and other matters shall be prescribed by Presidential Decree.

(4) Any financial company or electronic financial business entity shall clarify the procedures referred to in paragraphs (1) through (3) in concluding a contract for electronic financial transactions. (Amended by Act nº 11814, May 22, 2013)

CHAPTER IV.- PERMISSION, REGISTRATION AND FUNCTIONS OF ELECTRONIC FINANCIAL BUSINESS

Article 28 (Permission and Registration of Electronic Financial Business)

(1) Any person who intends to engage in a business issuing and managing electronic currencies shall obtain permission therefor from the Financial Services Commission: Provided, That the same shall not apply to the banks provided for in the Banking Act and other financial companies prescribed by Presidential Decree. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 10303, May 17, 2010; Act nº 11814, May 22, 2013)

(2) Any person who intends to provide any of the following services shall register himself/herself with the Financial Services Commission: Provided, That the same shall not apply to the banks provided for in the Banking Act and other financial companies prescribed by Presidential Decree: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 10303, May 17, 2010; Act nº 11814, May 22, 2013)

1. Electronic funds transfer services;

2. Issuance and management of electronic debit payment means;

3. Issuance and management of electronic prepayment means;

4. Electronic payment settlement agency services;

5. Other electronic financial services prescribed by Presidential Decree.

(3) Notwithstanding paragraph (2), any of the following persons may provide the services referred to in each subparagraph of the said paragraph without registering himself/herself with the Financial Services Commission: (Amended by Act nº 8863, Feb. 29, 2008)

1. Any person who issues an electronic prepayment means falling under any of the following cases:

(a) Where it is only used at chain stores meeting the standards prescribed by Presidential Decree, such as the chain stores located within specially designated buildings;

(b) Where the total balance of its issued amount does not exceed the amount prescribed by Presidential Decree;

(c) Where it is an electronic prepayment means, the price of which has not been pre-paid directly by a user and is covered by a refund guarantee insurance, etc. as prescribed by Presidential Decree to discharge the liability for monetary values stored by the user;

2. Any person who performs the electronic payment settlement agency services prescribed by Presidential Decree, such as delivering information only for the electronic processing of electronic payment transactions without direct involvement in the transfer of funds.

(4) Article 4, Chapters II (excluding Article 19) and III (excluding Articles 21 (4), 21-2, 21-3, 23 and 25), and Articles 37, 38, 39 (1) and (6), 41 (1), 43 (2) and (3), 46, 46-2, and 47 concerning electronic financial business entities shall apply mutatis mutandis to the persons who issue electronic prepayment means exempted from registration under paragraph (3) 1 (c): Provided, That Articles 25, 39 (2) through (5), and 40 (2) and (3) shall apply mutatis mutandis where the financial incidents prescribed by Presidential Decree occur, such as insolvency due to any illegal or unjust act committed by the relevant employees or officers. (Amended by Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

(5) The Financial Services Commission may attach a condition to the permission granted under paragraph (1). (Amended by Act nº 8863, Feb. 29, 2008)

Article 29 (Registration of Electronic Bond Management Agencies)

(1) Any person who intends to engage in a business registering and managing electronic bonds shall register himself/herself with the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008)

(2) Articles 21, 22, 39, 41, and 43 shall apply mutatis mutandis to the electronic bond management agencies which are registered to carry out the business of registering and managing electronic bonds pursuant to paragraph (1).

(3) The procedures and methods for the registration of electronic bonds by electronic bond management agencies and other necessary matters shall be prescribed by Presidential Decree.

Article 30 (Capital)

(1) Any person who intends to obtain permission pursuant to Article 28 (1) shall be a stock company with a capital of at least five billion won.

(2) Either of the following entities is eligible for registration pursuant to Article 28 (2) 1 through 3, and its capital or total investment shall exceed the amount prescribed by Presidential Decree, which is at least two billion won for each category of business: (Amended by Act nº 11814, May 22, 2013)

1. A company provided for in Article 170 of the Commercial Act;

2. A corporation incorporated under a special Act (limited to the issuance and management of electronic prepayment means under Article 28 (2) 3 to perform the duties provided for in the relevant Act).

(3) An entity eligible for registration pursuant to Article 28 (2) 4 and 5 and Article 29 shall be a company provided for in Article 170 of the Commercial Act or a corporation stipulated in Article 32 of the Civil Act, the capital, total investments or fundamental property of which exceeds the amount prescribed by Presidential Decree, which is at least the amount referred to in the following subparagraphs for each category of business: (Amended by Act nº 14132, Mar. 29, 2016)

1. A person who intends to operate below the standard defined by the Financial Services Commission, within the scope in which the total amount of electronic financial transactions per quarter does not exceed three billion won (excluding a person who intends to register pursuant to Article 29): An amount prescribed by Presidential Decree of at least 300 million won;

2. A person not falling under subparagraph 1: An amount prescribed by Presidential Decree of at least 500 million won.

(4) Where a person falling under paragraph (3) 1 registers pursuant to Article 28 and continues to exceed the standard defined by the Financial Services Commission under paragraph (3) 1 for at least two consecutive quarters, he/she shall report the relevant details to the Financial Services Commission, and shall satisfy the requirements for capital under paragraph (3) 2 within the period set by the Financial Services Commission. (Inserted by Act nº 14132, Mar. 29, 2016)

Article 31 (Requirements for Permission and Registration)

(1) Any person who intends to obtain permission or file for registration pursuant to Articles 28 and 29 shall meet all of the following requirements. Subparagraphs 4 and 5 shall only apply to permission:

1. He/she shall hold the capital or fundamental property referred to in Article 30;

2. He/she shall be equipped with professional human resources and physical installations, such as computer equipment, sufficient to protect users and carry out the intended business;

3. He/she shall meet the standards of financial soundness prescribed by Presidential Decree;

4. He/she shall have a proper and sound plan necessary to execute the business concerned;

5. He/she shall secure the major investors prescribed by Presidential Decree, with sufficient investment capability, sound financial state and social credit.

(2) Matters necessary for the detailed requirements for permission and registration under paragraph (1) shall be determined by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008)

Article 32 (Disqualification for Permission and Registration)

None of the following persons are entitled to permission or registration under Articles 28 and 29: (Amended by Act nº 8863, Feb. 29, 2008)

1. A corporation for which one year has not yet passed since its registration was cancelled pursuant to Article 34, and a person who was a large stockholder (referring to any such investor prescribed by Presidential Decree; hereinafter the same shall apply) of the corporation at the time of cancellation of such registration and for whom one year has not yet passed since the registration was cancelled;

2. A corporation for which three years have not yet passed since its permission or registration was revoked pursuant to Article 43 (1), and a person who was a large stockholder of the corporation at the time of such revocation and for whom three years have not yet passed since such revocation;

3. A company which is in process of the rehabilitation procedure pursuant to the Debtor Rehabilitation and Bankruptcy Act and the large stockholders of such company;

4. Any person who has failed to pay a debt within an agreed period in financial transactions and other commercial transactions and who is determined by the Financial Services Commission;

5. Any person who has been punished by a fine or heavier punishment for violating the finance-related Acts or subordinate statutes prescribed by Presidential Decree within the three years preceding the date of application for permission or registration;

6. A corporation whose large stockholder falls under any of subparagraphs 1 through 5.

Article 33 (Applications, etc. for Permission, Registration and Authorization)

(1) Any person who intends to obtain permission or authorization or file for registration pursuant to Article 28, 29, or 45 shall submit an application therefor to the Financial Services Commission, as prescribed by Presidential Decree. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(2) Upon receipt of an application under paragraph (1), the Financial Services Commission shall grant permission, registration, or authorization and notify the applicant of the results, as prescribed by Presidential Decree. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(3) When the Financial Services Commission grants permission, registration or authorization pursuant to Articles 28, 29, and 45, it shall, without delay, publish the details thereof in the Official Gazette and inform the general public thereof through computer communications, etc. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

Article 33-2 (Preliminary Permission)

(1) Any person who intends to obtain permission under Article 28 (1) (hereafter referred to as “final permission” in this Article) may, in advance, file an application for preliminary permission with the Financial Services Commission.

(2) When the Financial Services Commission decides whether to grant preliminary permission under paragraph (1), it shall verify that the person who intends to obtain preliminary permission meets all requirements for final permission.

(3) The Financial Services Commission may attach a condition to preliminary permission under paragraph (2).

(4) When any person who obtained preliminary permission files an application for final permission, the Financial Services Commission shall verify whether he/she has fulfilled the condition to preliminary permission under paragraph (3) and has met all requirements for final permission, before it decides whether to grant final permission.

(5) Article 33 (1) and (2) shall apply mutatis mutandis to preliminary permission.

(Article Inserted by Act nº 11814, May 22, 2013)

Article 34 (Cancellation of Registration Subject to Application)

(1) Any person who has been granted registration pursuant to Articles 28 (2) and 29 may file an application for the cancellation of such registration, as prescribed by Presidential Decree.

(2) The Financial Services Commission shall, upon receipt of an application under paragraph (1), cancel the registration without delay. (Amended by Act nº 8863, Feb. 29, 2008)

(3) When the Financial Services Commission has cancelled registration pursuant to paragraph (2), it shall, without delay, publish the details thereof in the Official Gazette and inform the general public thereof through computer communications, etc. (Amended by Act nº 8863, Feb. 29, 2008)

Article 35 (Restriction on Concurrent Businesses)

(1) Any electronic financial business entity who has obtained permission pursuant to Article 28 (1) shall be prohibited from concurrently engaging in any business other than the following:

1. Services provided for in the subparagraphs of Article 28 (2) (limited to registered ones);

2. Business permitted pursuant to Article 28 (1) and other business prescribed by Presidential Decree and necessary to provide the services referred to in subparagraph 1.

(2) Notwithstanding paragraph (1), any electronic financial business entity who has obtained permission pursuant to Article 28 (1) may engage in the business other than those referred to in the subparagraphs of paragraph (1), if it or he/she is provided with payment guarantee by the financial companies prescribed by Presidential Decree or purchase refund guarantee insurance for all of the non-refunded portions of electronic currency. (Amended by Act nº 11814, May 22, 2013)

Article 36 (Prohibition against Use of Similar Names)

(1) The name ‘electronic currency’ shall be used only for the electronic currency referred to in subparagraph 15 of Article 2.

(2) Any person who has failed to obtain permission pursuant to Article 28 (1) may not use the phrase ‘electronic currency’ in his/her trade name.

Article 37 (Matters to be Observed by Chain Stores)

(1) No chain store shall refuse to provide goods or services, or treat any user unfavorably, on the grounds that transactions are conducted by electronic debit payment means, electronic prepayment means or electronic currency (hereinafter referred to as “electronic currency, etc.”).

(2) No chain store shall charge users a merchant fee to be borne by such store.

(3) No chain store shall commit any of the following offences:

1. Pretending that a transaction is conducted by electronic currency, etc. without providing goods or services;

2. Conducting transactions by electronic currency, etc. in excess of actual turnover;

3. Conducting transactions by electronic currency, etc. under the name of another chain store;

4. Lending the name of the chain store to a third party;

5. Conducting, as an agent, transactions by electronic currency, etc.

(4) A person other than a chain store shall not conduct any transaction by electronic currency, etc. under the name of a chain store.

Article 38 (Recruitment, etc. of Chain Stores)

(1) In recruiting a chain store, any financial company or electronic financial business entity shall confirm whether the store seeking membership actually carries on its own business: Provided, That the same shall not apply to a chain store which has already been confirmed pursuant to Article 16-2 of the Specialized Credit Finance Business Act. (Amended by Act nº 11814, May 22, 2013)

(2) No financial company or electronic financial business entity shall have its or his/her chain store bear a loss incurred by either of the following transactions: Provided, That the same shall not apply where a financial company or an electronic financial business entity concludes a contract with its or his/her chain store to the effect that such loss shall be fully or partially borne by the chain store when the financial company or electronic financial business entity proves the intention or gross negligence of the chain store in connection with the transaction: (Amended by Act nº 11814, May 22, 2013)

1. A transaction conducted using a lost or stolen electronic currency, etc.;

2. A transaction conducted using a forged or altered electronic currency, etc.

(3) Any financial company or electronic financial business entity shall inform its or his/her chain stores of the following matters, in the manner prescribed by the Financial Services Commission: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

1. A merchant fee to be borne by chain stores;

2. Liability for chain stores under paragraph (2);

3. Matters to be observed by chain stores under Article 37.

(4) When a chain store is sentenced to a punishment for violating Article 37 or receives a written notification of such violation from the relevant administrative agency, and thus falls under the grounds prescribed by Presidential Decree, the relevant financial company or electronic financial business entity shall, without delay, terminate the contract with the said chain store unless any special ground exists to the contrary. (Amended by Act nº 11814, May 22, 2013)

CHAPTER V.- SUPERVISION OF ELECTRONIC FINANCIAL BUSINESS

Article 39 (Supervision and Inspection)

(1) The Financial Supervisory Service (referring to the Financial Supervisory Service established under Article 24 (1) of the Act on the Establishment, etc. of Financial Services Commission; hereinafter the same shall apply) shall supervise whether financial companies and electronic financial business entities abide by this Act or orders issued under this Act, following instructions from the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(2) The Governor of the Financial Supervisory Service may require a financial company or an electronic financial business entity to report on its or his/her business operations and financial conditions if necessary to conduct supervision under paragraph (1). (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013; Act nº 13929, Jan. 27, 2016)

(3) The Governor of the Financial Supervisory Service may inspect the electronic financial business and other related financial conditions of a financial company and an electronic financial business entity and, if deemed necessary to conduct such inspection, ask the financial company and the electronic financial business entity to submit data relating to its or his/her business operations and financial conditions or to order the attendance of all relevant persons. (Amended by Act nº 11814, May 22, 2013)

(4) Any person who conducts an inspection pursuant to paragraph (3) shall carry an identification indicating his/her authority and present it to relevant persons.

(5) Upon conducting an inspection pursuant to paragraph (3), the Governor of the Financial Supervisory Service shall report the findings therefrom to the Financial Services Commission, as determined by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008)

(6) When a financial company or an electronic financial business entity is deemed likely to undermine the sound operation of the financial company or electronic financial business entity in violation of any provision of this Act or any order issued under this Act, the Financial Services Commission may, upon recommendation of the Governor of the Financial Supervisory Service, take any of the following measures or authorize the Governor of the Financial Supervisory Service to take any measure referred to in subparagraphs 1 through 3: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013; Act nº 14828, Apr. 18, 2017)

1. Issuing an order to correct the relevant offence;

2. Issuing a caution or warning against a financial company or an electronic financial business entity;

3. Demanding caution, warning or reprimand against an executive officer or employee;

4. Recommending dismissal of an executive officer (excluding an operating officer under subparagraph 5 of Article 2 of the Act on Corporate Governance of Financial Companies; hereafter the same shall apply in Article 39-2) or suspending performance of his/her duties.

Article 39-2 (Notification of Details of Measures against Retired Executive Officer, etc.)

(1) Where, if a retired executive officer or employee (including an operating officer under subparagraph 5 of Article 2 of the Act on Corporate Governance of Financial Companies) of a financial company or electronic financial business entity held office as such, he/she would be deemed to be subject to any measure falling under Article 39 (6) 3 or 4, the Financial Services Commission (including the Governor of the Financial Supervisory Service authorized to take measures pursuant to Article 39 (6)) may notify the head of such financial company or electronic financial business entity of the details of such measure.

(2) The head of a financial company or electronic financial business entity in receipt of a notification under paragraph (1) shall notify the retired executive officer or employee of such fact, and keep and maintain the content of such notification.

(Article Inserted by Act nº 14828, Apr. 18, 2017)

Article 40 (Supervision and Inspection of Outside Orders, etc.)

(1) Where a financial company or an electronic financial business entity concludes or alters a contract with its or his/her subsidiary electronic financial business entity for affiliation, entrustment or outside orders (hereafter referred to as “outside order, etc.” in this Article) in relation to electronic financial transactions (including where a subsidiary electronic financial business entity concludes or alters a contract with another subsidiary electronic financial business entity for outside orders, etc.), it or he/she shall meet the standards determined by the Financial Services Commission to ensure the safety and reliability of electronic financial transactions and the soundness of the financial company and electronic financial business entity. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(2) Where the contents of a contract under paragraph (1) are deemed likely to undermine the operational soundness of a financial company or an electronic financial business entity and the rights and interests of users, the Financial Services Commission may direct the financial company or electronic financial business entity to correct or supplement the relevant contents of the contract. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(3) When the Governor of the Financial Supervisory Service conducts an inspection of a financial company or an electronic financial business entity in relation to outside orders, etc. under paragraph (1), he/she may request its or his/her subsidiary electronic financial business entity to submit data pursuant to the standards determined by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29. 2008; Act nº 11814, May 22, 2013)

(4) When a subsidiary electronic financial business entity fails to submit data under paragraph (3) or submit insufficient data, the Governor of the Financial Supervisory Service may investigate the relevant subsidiary electronic financial business entity. (Inserted by Act nº 11814, May 22, 2013)

(5) The Governor of the Financial Supervisory Service may request the following from a subsidiary electronic financial business entity, if deemed necessary for conducting an investigation under paragraph (4): (Inserted by Act nº 11814, May 22, 2013)

1. Submitting a written statement relating to matters subject to such investigation;

2. Submitting a ledger, document or other articles necessary for such investigation;

3. Attendance of a relevant person.

(6) A subsidiary electronic financial business entity entrusted with any duties related to the data protection of the information technology sector shall not re-entrust such duties to a third party: Provided, That this shall not apply to cases recognized by the Financial Services Commission within the extent not impairing the protection and safe processing of electronic financial transaction information. (Inserted by Act nº 12837, Oct. 15, 2014)

(7) Article 39 (4) shall apply mutatis mutandis to investigations conducted under paragraph (4). (Inserted by Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

Article 41 (Requests, etc. for Submission of Data by Bank of Korea)

(1) When the Monetary Policy Committee deems it necessary for implementing monetary credit policies and facilitating the smooth operation of payment and settlement systems in relation to electronic payment transactions, the Bank of Korea may request a financial company or an electronic financial business entity to submit data. In such cases, the scope of data so requested shall be limited to a necessary minimum in consideration of the work burden of the relevant financial company and electronic financial business entity. (Amended by Act nº 11814, May 22, 2013)

(2) When the Monetary Policy Committee deems it necessary for implementing monetary credit policies, the Bank of Korea may request the Financial Supervisory Service to inspect the electronic currency issuer and the financial company and electronic financial business entity registered to provide the service referred to in Article 28 (2) 1 or to conduct a joint inspection thereof with the Bank of Korea. (Amended by Act nº 11814, May 22, 2013)

(3) Articles 87 and 88 of the Bank of Korea Act and Article 62 of the Act on the Establishment, etc. of Financial Services Commission shall apply mutatis mutandis to the methods and procedures for making requests under paragraphs (1) and (2). (Amended by Act nº 8863, Feb. 29, 2008)

Article 42 (Keeping Separate Accounts and Guidance for Sound Management)

(1) A financial company and an electronic financial business entity shall keep separate accounts by the category of business provided for in Article 28 (1) and (2) to analyze the performance of business relating to fund management and electronic financial transactions, and prepare a report on the business relating to electronic financial transactions and the outcomes of management and submit it to the Financial Services Commission, as determined by the Financial Services Commission. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

(2) The Financial Services Commission may set the standards for management guidance for the following matters to direct the sound management of a financial company or an electronic financial business entity that performs the business relating to electronic financial transactions and to prevent electronic financial incidents, as prescribed by Presidential Decree: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

1. Matters relating to the appropriateness of capital;

2. Matters relating to the soundness of assets;

3. Matters relating to liquidity;

4. Other matters necessary to ensure the soundness of management.

(3) Where any financial company or electronic financial business entity that has obtained permission under Article 28 (1) is deemed likely to severely undermine the soundness of its or his/her own management, such as failing to meet the standards for management guidance under paragraph (2), the Financial Services Commission may request it or him/her to take necessary measures to improve its or his/her own management, such as increasing capital and limiting dividends. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

(4) Articles 10, 11 (1), (4) and (5), 13-2, 14, 14-2 through 14-4, 14-7, 15 through 19, 27, and 28 of the Act on the Structural Improvement of the Financial Industry shall apply mutatis mutandis to the measures, etc. necessary to be taken when the financial standing of the financial company or electronic financial business entity that has obtained permission under Article 28 (1) falls short of the standards for management guidance under paragraph (2) or is evidently deemed to fall short of the said standards due to any serious financial incident or insolvency claims. (Amended by Act nº 11814, May 22, 2013)

Article 43 (Revocation, etc. of Permission or Registration)

(1) When a financial company or an electronic financial business entity falls under any of the following cases, the Financial Services Commission may revoke permission or registration under Article 28: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

1. Where it or he/she has obtained permission or registration under Article 28 by fraudulent or other illegal means;

2. Where it or he/she falls under any of subparagraphs 1 through 5 of Article 32;

3. Where it or he/she has violated an order to suspend business issued under paragraph (2);

4. Where it or he/she has failed to run a business for one or more consecutive years without any just ground;

5. Where it or he/she has virtually closed its or his/her business due to the merger, bankruptcy or business closure of the relevant corporation or on other grounds.

(2) When a financial company or an electronic financial business entity falls under any of the following cases, the Financial Services Commission may order it or him/her to wholly or partially suspend the relevant business with a given period of up to six months: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013; Act nº 14132, Mar. 29, 2016)

1. Where it or he/she has violated Article 6 (1) or (2), 16 (1) through (4), 19 (1), 21 (1) or (2), 21-5 (2), 35, 36, or 38 (3) or (4);

2. Where it or he/she has failed to investigate an error and effect appropriate corrections, in violation of Article 8 (2) and (3);

3. Where it or he/she has failed to comply with any measure, direction or order taken or issued by the Financial Services Commission under Article 23, 39 (6), 40 (2) or 42 (3).

4. Where it or he/she fails to file a report under Article 30 (4) or fails to satisfy the requirements within the period.

(3) A financial company or an electronic financial business entity, whose business is wholly or partially suspended or permission or registration is revoked under paragraphs (1) and (2), may even so continue to perform the payment and settlement business of electronic financial transactions conducted prior to such disposition. (Amended by Act nº 11814, May 22, 2013)

(4) When the Financial Services Commission revokes permission or registration under paragraph (1), it shall, without delay, publish the details thereof in the Official Gazette and inform the general public thereof through computer communications, etc. (Amended by Act nº 8863, Feb. 29, 2008)

Article 44 (Hearings)

When the Financial Services Commission intends to revoke permission or registration under Article 43 (1), it shall hold a hearing thereon. (Amended by Act nº 8863, Feb. 29, 2008)

Article 45 (Authorization for Merger, Dissolution, Business Closure, etc.)

(1) When any electronic financial business entity who has obtained permission pursuant to Article 28 (1) intends to engage in any of the following activities, he/she shall obtain authorization therefor from the Financial Services Commission, as prescribed by Presidential Decree: (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013)

1. A merger with another financial company or electronic financial business entity;

2. Dissolution or the closure of electronic financial business;

3. Transfer and takeover all or part of business.

(2) The Financial Services Commission may attach a condition to authorization under paragraph (1). (Amended by Act nº 8863, Feb. 29, 2008)

Article 45-2 (Preliminary Authorization)

(1) Any person who intends to obtain authorization under Article 45 (1) (hereafter referred to as “final authorization” in this Article) may, in advance, file an application for preliminary authorization with the Financial Services Commission.

(2) When the Financial Services Commission decides whether to grant preliminary authorization under paragraph (1), it shall verify whether the person who intends to obtain preliminary authorization meets all requirements for final authorization.

(3) The Financial Services Commission may attach a condition to preliminary authorization under paragraph (2).

(4) When any person who obtained preliminary authorization files an application for final authorization, the Financial Services Commission shall verify whether he/she has fulfilled the condition to preliminary authorization under paragraph (3) and has met all requirements for final authorization before it decides whether to grant final authorization to him/her.

(5) Article 33 (1) and (2) shall apply mutatis mutandis to preliminary authorization.

(Article Inserted by Act nº 11814, May 22, 2013)

Article 46 (Penalty Surcharges)

(1) Where a financial company or an electronic financial business entity provides or discloses any electronic financial transaction information to any other person, or uses it for any purpose other than its duties in violation of Article 21 (1) or (2), the Financial Services Commission may impose a penalty surcharge not exceeding five billion won. (Inserted by Act nº 12837, Oct. 15, 2014)

(2) Where a financial company or an electronic financial business entity comes to fall under any of the subparagraphs of Article 43 (2) (excluding cases where a penalty surcharge is imposed under paragraph (1)), the Financial Services Commission may, as prescribed by Presidential Decree, impose a penalty surcharge not exceeding 50 million won in lieu of an order to suspend business. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

(3) The amount of a penalty surcharge for each type, severity, etc. of violations subject to the imposition of a penalty surcharge under paragraph (1) or (2) and other necessary matters shall be prescribed by Presidential Decree. (Amended by Act nº 12837, Oct. 15, 2014)

(4) Where a penalty surcharge under paragraph (1) or (2) is not paid within a prescribed period, the Financial Services Commission shall collect it in the same manner as delinquent national taxes are collected. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 12837, Oct. 15, 2014)

(5) The Financial Services Commission may entrust duties concerning both collection of penalty surcharges and dispositions on default to the Commissioner of the National Tax Service, as prescribed by Presidential Decree. (Amended by Act nº 8863, Feb. 29, 2008; Act nº 12837, Oct. 15, 2014)

Article 46-2 (Refund of Overpayments or Erroneous Payments)

(1) Where a person obliged to pay a penalty surcharge requests a refund of the overpaid or erroneously paid penalty surcharge on grounds of adjudication on the objection or a court ruling, the Financial Services Commission shall, without delay, make a refund thereof, and shall refund the overpaid or erroneously paid penalty surcharge confirmed by the Financial Services Commission, even without a request from the person obliged to pay such penalty surcharge.

(2) If a person entitled to a refund has to pay other penalty surcharges to the Financial Services Commission, the Financial Services Commission may appropriate the refund for such penalty surcharges when making a refund of overpayments or erroneous payments under paragraph (1).

(3) When making a refund of overpayments or erroneous payments under paragraph (1), the Financial Services Commission shall refund additional money calculated by applying the interest rate on additional money prescribed by Presidential Decree, for the period from the day following the payment date of the penalty surcharge to the date of refund.

(Article Inserted by Act nº 11814, May 22, 2013)

CHAPTER VI.- SUPPLEMENTARY PROVISIONS

Article 47 (Statistical Surveys of Electronic Financial Transactions)

(1) The Bank of Korea may conduct a statistical survey of electronic financial businesses and electronic financial transactions to apprehend the current status of electronic financial transactions and to establish and implement effective monetary credit policies. In such cases, it may request necessary data from a government agency, financial company, etc., and a corporation and organization related to electronic financial transactions. (Amended by Act nº 11814, May 22, 2013)

(2) Upon receipt of a request for data under paragraph (1), a government agency, financial company, etc., and a corporation and organization related to electronic financial transactions shall comply with such request unless any just ground exists to the contrary. (Amended by Act nº 11814, May 22, 2013)

(3) Matters necessary for the subject matter, methods and procedures of the statistical survey under paragraph (1) shall be prescribed by Presidential Decree.

Article 48 (Entrustment of Authority)

The Financial Services Commission may entrust the Governor of the Financial Supervisory Service with part of its authority under this Act, as prescribed by Presidential Decree. (Amended by Act nº 8863, Feb. 29, 2008)

CHAPTER VII.- PENALTY PROVISIONS

Article 49 (Penalty Provisions)

(1) Any of the following persons shall be punished by imprisonment with labor for not more than ten years, or by a fine not exceeding 100 million won: (Inserted by Act nº 12837, Oct. 15, 2014)

1. A person who accesses any electronic financial infrastructure or fabricate, destroy, conceal, or leak any stored data, in violation of subparagraph 1 of Article 21-4;

2. A person who destroys any data or installs programs, such as a computer virus, a logic bomb, a mail bomb, in violation of subparagraph 2 of Article 21-4;

3. A person who sends mass signal, high-powered electromagnetic wave or data simultaneously or causes errors or hindrance to electronic financial infrastructure, in violation of subparagraph 3 of Article 21-4;

4. A person who provides or leaks any electronic financial transaction information to any other person or uses such information for any purpose other than his/her duties (including a person issuing an electronic prepayment means applicable mutatis mutandis pursuant to Article 28 (4)), in violation of Article 26.

(2) Any of the following persons shall be punished by imprisonment with labor for not more than seven years, or by a fine not exceeding 50 million won: (Amended by Act nº 11814, May 22, 2013; Act nº 12837, Oct. 15, 2014)

1. A person who forges or alters a means of access;

2. A person who intermediates the sale of, sells, exports, imports, or uses a forged or altered means of access;

3. A person who intermediates the sale of, sells, exports, imports, or uses a lost or stolen means of access;

4. A person who intrudes into any electronic financial infrastructure or any electronic apparatus for electronic financial transactions to acquire a means of access by fraud or other unjustifiable means, or conducts electronic financial transactions by using the means of access so acquired;

5. A person who intermediates the sale of, sells, exports, imports or uses a means of access which was extorted, embezzled, or acquired by deceiving or blackmailing other person;

6. Deleted (By Act nº 12837, Oct. 15, 2014)

(3) Electronic currencies shall be deemed valuable securities with respect to which a person might be charged with any of the crimes prescribed in Articles 214 through 217 of the Criminal Act, and a crime involving with electronic currencies shall be subject to the punishment provided for in each of such Articles, correspondingly. (Amended by Act nº 12837, Oct. 15, 2014)

(4) Any of the following persons shall be punished by imprisonment with labor for not more than three years, or by a fine not exceeding 20 million won: (Amended by Act nº 9325, Dec. 31, 2008; Act nº 13069, Jan. 20, 2015; Act nº 13929, Jan. 27, 2016)

1. Any person who acquires or transfers a means of access in violation of Article 6 (3) 1;

2. Any person who borrows or lends a means of access, or storing, delivering or distributing a means of access, in violation of Article 6 (3) 2 or 3;

3. Any pledger or pledgee who violates Article 6 (3) 4;

4. Any person who arranges or advertises any act in violation of Article 6 (3) 5;

5. Any person who performs the duties without permission or registration under Article 28 or 29;

6. Any person who obtains permission or registration under Article 28 or 29 by fraudulent or other illegal means;

7. Any person who conducts a transaction by electronic currency, etc. under the name of another chain store in violation of Article 37 (3) 3;

8. Any person who has conducted, as an agent, transactions by electronic currency, etc. in violation of Article 37 (3) 5;

9. Any person who conducts a transaction by electronic currency, etc. under the name of another chain store in violation of Article 37 (4);

10. Any person who peruses or is provided with electronic financial transaction information by fraudulent or other illegal means.

(5) Any of the following persons shall be punished by imprisonment with labor for not more than one year, or by a fine not exceeding ten million won:

1. Deleted (By Act nº 9325, Dec. 31, 2008)

2. Deleted; (By Act nº 11814, May 22, 2013)

3. Any person who refuses to provide goods or services, or treats any user unfavorably, on grounds of transaction by electronic currency, etc. in violation of Article 37 (1);

4. Any person who charges a user a merchant fee to be borne by the relevant chain store in violation of Article 37 (2);

5. Any person who lend the name of a chain store to a third party in violation of Article 37 (3) 4;

6. Any person who engages in an activity falling under any subparagraph of Article 45 (1) without authorization under Article 45 (1).

(6) An attempt to commit the crimes referred to in paragraphs (1) 1, 2, and 3 and (2) 1, 2, and 4 shall be subject to punishment. (Amended by Act nº 12837, Oct. 15, 2014)

(7) The imprisonment with labor and fines referred to in paragraphs (1) through (6) may be concurrently imposed.

Article 50 (Joint Penalty Provisions)

(1) If the representative of a corporation, or any agent, employee or other employed persons of a corporation or individual has committed any offence falling under Article 49 (1), (2), (3) (limited to where any person is subject to the punishment prescribed in Article 216 of the Criminal Act) and (4) through (6) in connection with the duties of such corporation or individual, not only shall such offender be punished, but also such corporation or individual shall be punished by the fines prescribed in the relevant Article: Provided, That where such corporation or individual has not been negligent in giving due attention and supervision concerning the relevant duties to prevent such offense, this shall not apply. (Amended by Act nº 12837, Oct. 15, 2014)

(2) If the representative of a corporation, or any agent, employee or other employed persons of a corporation or individual has committed any offense falling under Article 49 (3) (limited to where any person is subject to the punishment prescribed in Article 214, 215, or 217 of the Criminal Act) in connection with the duties of such corporation or individual, not only shall such offender be punished, but also such corporation or individual shall be punished by a fine not exceeding 50 million won: Provided, That where such corporation or individual has not been negligent in giving due attention and supervision concerning the relevant duties to prevent such offense, this shall not apply. (Amended by Act nº 12837, Oct. 15, 2014)

(Article Amended by Act nº 11087, Nov. 14, 2011)

Article 51 (Administrative Fines)

(1) Any of the following persons (in cases falling under subparagraph 3, including persons who issue electronic prepayment means to which the relevant provisions apply mutatis mutandis pursuant to the proviso to Article 28 (4)) shall be subject to an administrative fine not exceeding 50 million won: (Amended by Act nº 12837, Oct. 15, 2014; Act nº 14828, Apr. 18, 2017)

1. A person who fails to either perform his/her duties with the due care of a good manager or comply with the standards determined by the Financial Services Commission, in violation of Article 21 (1) or (2);

2. A person who uses the name ‘electronic currency’, in violation of Article 36;

3. A person who refuses, obstructs or evades an inspection, data submission, a request for attendance and an investigation under Article 39 (3) (including cases where Article 39 (3) applies mutatis mutandis in Article 29 (2)) or Article 40 (3) and (4);

4. A person who fails to submit a report or submits a false report, in violation of Article 42 (1).

(2) Any of following persons (including a person issuing an electronic prepayment means applicable mutatis mutandis pursuant to Article 28 (4), in cases falling under subparagraph 2) shall be subject to an administrative fine not exceeding 20 million won: (Amended by Act nº 12837, Oct. 15, 2014; Act nº 14828, Apr. 18, 2017)

1. A person who fails to have the payment of electronic funds transfer take effect, in violation of Article 13 (2);

2. A person who fails to appoint the chief information security officer or appoint an executive officer as the chief information security officer, in violation of Article 21-2 (1) or (2);

3. A person who has the chief information security officer concurrently perform duties in the information technology sector other than those under Article 21-2 (4) or himself/herself concurrently performs duties in such sector, in violation of paragraph (3) of that Article;

4. A person who fails to analyze and assess the vulnerabilities of the electronic financial infrastructure, in violation of Article 21-3 (1);

5. A person who fails to formulate and implement a plan for complying with complementary measures, in violation Article 21-3 (2);

6. A person who fails to destroy any record of electronic financial transactions, in violation of Article 22 (2);

7. A person who makes a re-entrustment to a third party, in violation of Article 40 (6).

(3) Any of the following persons (including any person issuing an electronic prepayment means applicable mutatis mutandis pursuant to Article 28 (4), in cases falling under subparagraphs 1, 6 through 8, and 10) shall be punished by an administrative fine not exceeding ten million won: (Amended by Act nº 14828, Apr. 18, 2017)

1. Any person who fails to deliver a document stating the details of a transaction, in violation of Article 7 (2);

2. Any person who fails to inform the relevant user of the causes of an error and results of correction, in violation of Article 8 (2) and (3);

3. Any person who transfers an electronic prepayment means or electronic currency to a third party or provides it as a security, in violation of Article 18 (2);

4. Any person who fails to submit a plan for the information technology sector, in violation of Article 21 (4);

5. Any person who fails to report the findings from analysis and assessment of vulnerability in electronic financial infrastructure, in violation of Article 21-3 (1);

6. Any person who fails to inform the Financial Services Commission of an infringement incident, in violation of Article 21-5 (1);

7. Any person who fails to create or keep records in violation of Article 22 (1) (including where it is applicable mutatis mutandis under Article 29 (2));

8. Any person who fails to clarify, explain, deliver, publish or notify the terms and conditions, in violation of Article 24 (1) or (3);

9. Any person who fails to report to the Financial Services Commission, in violation of Article 25 (1);

10. Any person who fails to prepare the procedures for the settlement of disputes, in violation of Article 27 (1);

11. Deleted (By Act nº 14828, Apr. 18, 2017)

12. Any person who fails to keep separate accounts by the category of business provided for in Article 28 (1) and (2), in violation of Article 42 (1).

(4) The administrative fines under paragraphs (1) through (3) shall be imposed and collected by the Financial Services Commission, as prescribed by Presidential Decree. (Amended by Act nº 14828, Apr. 18, 2017)

(Article Amended by Act nº 11814, May 22, 2013)

ADDENDA

Article 1 (Enforcement Date)

This Act shall enter into force on January 1, 2007.

Article 2 (Transitional Measures concerning Means of Access, etc.)

The means of access and electronic payment means issued as at the time this Act enters into force shall be deemed to have been issued pursuant to this Act.

Article 3 (Transitional Measures concerning Permission and Registration)

(1) Any person who is engaged in issuing or managing electronic currency as at the time this Act enters into force shall obtain permission therefor from the Financial Supervisory Commission pursuant to Article 28 (1) within three months from the date when this Act takes effect.

(2) Any person who is engaged in performing electronic funds transfer services, the issuance and management business of electronic debit payment means or electronic prepayment means or electronic payment settlement agency services, etc. as at the time this Act enters into force shall file a registration with the Financial Supervisory Commission pursuant to Article 28 (2) within six months from the date when this Act takes effect.

(3) Any person who is engaged in the business of electronic bond management agency as at the time this Act enters into force shall file a registration with the Financial Supervisory Commission pursuant to Article 29 within three months from the date when this Act takes effect.

Article 4 Omitted.

ADDENDA (Act nº 8387, Apr. 27, 2007)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Articles 2 through 9 Omitted.

ADDENDA (Act nº 8863, Feb. 29, 2008)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Articles 2 though 5 Omitted.

ADDENDUM (Act nº 9325, Dec. 31, 2008)

This Act shall enter into force three months after the date of its promulgation.

ADDENDA (Act nº 10303, May 17, 2010)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 though 10 Omitted.

ADDENDUM (Act nº 11087, Nov. 14, 2011)

This Act shall enter into force six months after the date of its promulgation.

ADDENDA (Act nº 11407, Mar. 21, 2012)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation. (Proviso Omitted.)

Articles 2 and 3 Omitted.

ADDENDA (Act nº 11461, Jun. 1, 2012)

Article 1 (Enforcement Date)

This Act shall enter into force three months after the date of its promulgation.

Articles 2 through 10 Omitted.

ADDENDA (Act nº 11814, May 22, 2013)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability to Submission of Plans for Information Technology Sector)

The submission of a plan for the information technology sector under the amended provisions of Article 21 (4) shall begin to apply from the business year beginning after this Act enters into force.

Article 3 (Transitional Measures concerning Penalty Provisions and Administrative Fines)

The application of penalty provisions and the imposition of administrative fines for violations committed before this Act enters into force shall be governed by the former provisions.

ADDENDA (Act nº 12837, Oct. 15, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation: Provided, That the amended provisions of Articles 13 (2) and 21 (2) and (3) shall enter into force one year after the date of its promulgation.

Article 2 (Applicability to Prohibition against Concurrent Position of Chief Information Security Officers)

The amended provisions of Article 21-2 (3) shall apply beginning with the first chief information security officer appointed (including cases where he/she is reappointed) after this Act enters into force.

Article 3 (Applicability to Prohibition against Re-Entrustment of Duties Related to Information Protection)

The amended provisions of Article 40 (6) shall apply beginning with the first case where any duty is re-entrusted or a re-entrustment period is extended after this Act enters into force.

Article 4 (Applicability to Imposition of Penalty Surcharges)

The amended provisions of Article 46 (1) shall apply beginning with the first financial company or electronic financial business entity who commits any violation after this Act enters into force.

Article 5 (Transitional Measures concerning Penalty Provisions and Administrative Fines)

The application of penalty provisions and the imposition of an administrative fine for any violation committed before this Act enters into force shall be governed by the former provisions of this Act.

ADDENDA (Act nº 13069, Jan. 20, 2015)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Article 2 (Transitional Measures concerning Penalty Provisions)

The application of penalty provisions to any violation committed before this Act enters into force shall be governed by the former provisions of this Act.

ADDENDUM (Act nº 13929, Jan. 27, 2016)

This Act shall enter into force on the date of its promulgation: Provided, That the amended provisions of Article 6-2 shall enter into force six months after the date of its promulgation.

ADDENDUM (Act nº 14132, Mar. 29, 2016)

This Act shall enter into force three months after the date of its promulgation.

ADDENDA (Act nº 14828, Apr. 18, 2017)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability to Notification of Details of Measures against Retired Executive Officer)

The amended provisions of Article 39-2 shall also apply to the executive officers and employees who have committed an violation before this Act enters into force, but resign or retire thereafter.

Article 3 (Transitional Measures concerning Demand for Suspension of Performance of Duties)

Notwithstanding the amended provisions of Article 39 (6) 4 (limited to the suspension of performance of duties), the former provision shall apply to the violations committed before this Act enters into force.

ADDENDA (Act nº 14839, Jul. 26, 2017)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That among the Acts amended pursuant to Article 5 of the Addenda, amendments to the Acts which have been promulgated before this Act enters into force, but the enforcement dates of which have not yet arrive, shall enter into force on the enforcement dates of the relevant Acts, respectively.

Articles 2 through 6 Omitted.

10Nov/21

Act nº 9705, May 22, 2009, Electronic Government

Act nº 9705, May 22, 2009, Electronic Government (Amended by: Act nº 10012, Feb. 4, 2010, Act nº 10303, May 17, 2010, Act nº 10465, Mar. 29, 2011, Act nº 10580, Apr. 12, 2011, Act nº 11461, jun. 1, 2012, Act nº 11688, Mar. 23, 2013, Act nº 11690, Mar. 23, 2013, Act nº 11735, Apr. 5, 2013, Act nº 12346, Jan. 28, 2014, Act nº 12592, May 20, 2014, Act nº 12738, jun. 3, 2014, Act nº 13459, Aug. 11, 2015, Act nº 14474, Dec. 27, 2016, Act nº 14914, Oct. 24, 2017).

ELECTRONIC GOVERNMENT ACT

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)

The purpose of this Act is to facilitate the efficient realization of electronic government, enhance productivity, transparency and democracy in the public administration, and improve the quality of life of citizens by providing for fundamental principles, procedures, methods of promotion, and other relevant matters for the electronic processing of administrative affairs.

Article 2 (Definitions)

The terms used in this Act shall be defined as follows: (Amended by Act n º 11690, Mar. 23, 2013; Act nº 12346, Jan. 28, 2014; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. The term “electronic government” means a government that efficiently coordinates administrative affairs between administrative agencies and public institutions (hereinafter referred to as “administrative agencies, etc.“) or conducts administrative affairs for citizens by digitalizing administrative affairs of administrative agencies, etc. using information technology;

2. The term “administrative agency” means an agency responsible for the processing of administrative affairs of the National Assembly, the Judiciary, the Constitutional Court, or the National Election Commission; a central administrative agency (including agencies under the jurisdiction of the President or of the Prime Minister; hereinafter the same shall apply) and an affiliate thereof; a local government;

3. The term “public institution” means any of the following:

(a) A corporation, organization, or institution under Article 4 of the Act on the Management of Public Institutions;

(b) A local government-invested public corporation or local government public corporation under the Local Public Enterprises Act;

(c) A special corporation established under a special-purpose Act;

(d) Any level of school, established under the Elementary and Secondary Education Act, the Higher Education Act, or any other Act;

(e) Other corporations, organizations, or institutions specified by Presidential Decree;

4. The term “central agency responsible for administrative affairs” means the National Assembly Secretariat for affiliates of the National Assembly, the National Court Administration for affiliates of the Judiciary, the Department of Court Administration of the Constitutional Court for affiliates of the Constitutional Court, the National Election Commission Secretariat for affiliates of the National Election Commission, and the Ministry of the Interior and Safety for central administrative agencies, their affiliates, and local governments;

5. The term “electronic government service” means any administrative service rendered by administrative agencies, etc., to other administrative agencies, etc. and citizens, enterprises, etc., through access to electronic government;

6. The term “administrative information” means data prepared or acquired and managed by administrative agencies, etc. within the scope of their duties, which have been processed by means of digital technology to be expressed in code, characters, voice, sound, images, or any other mode;

7. The term “electronic document” means standardized information prepared and transmitted, received, or stored in digital format by devices capable of processing information, such as computers;

8. The term “digitized document” means a document converted from a hard-copy or any other non-electronic version to a format that can be processed on information systems;

9. The term “administrative digital signature” means information by which one can verify the identity of any of the following agencies that have prepared an electronic document or the person directly in charge of the relevant work in any of such agencies as well as any modification to the electronic document, which is specific to the electronic document:

(a) An administrative agency;

(b) An auxiliary agency or support agency of an administrative agency;

(c) An institution, corporation, or organization that exchanges electronic documents with an administrative agency;

(d) An institution, corporation, or organization under Article 36 (2);

10. The term “information and communications network” means an information and communications system through which information is collected, processed, stored, searched, transmitted, or received by using telecommunications systems under subparagraph 2 of Article 2 of the Framework Act on Telecommunications or by utilizing telecommunications systems, computers, and computer technologies;

11. The term “information resources” means administrative information held by administrative agencies, etc.; information systems constructed so as to facilitate the collection, processing, and search of administrative information by electronic means; information technologies for the establishment of information systems; budgets and human resources for informatization and other related resources;

12. The term “information technology architecture” means a systematic framework formulated following the comprehensive analysis of the components of an entire organization, including the scope of its work, applications, data, technologies, and security, conducted based on specific guidelines and processes, and methodologies for optimizing the components through informatization, etc. based on such framework;

13. The term “information system” means a systematic network of devices and software for collecting, processing, storing, searching, transmitting, receiving, or using information;

14. The term “supervision of information system” means the comprehensive monitoring of matters regarding the construction, operation, etc., of the information system to resolve its problems from the third-person perspective by a person independent of the interests of the person awarding the contract for supervision and the person subject to supervision, with the aim of improving efficiency and ensuring safety of the information system;

15. The term “supervisor” means a person who meets the requirements specified in Article 60 (1) to perform supervision of an information system (hereinafter referred to as “supervisory duty”).

Article 3 (Duties of Administrative Agencies, etc. and Public Officials, etc.)

(1) The head of each administrative agency, etc. shall implement this Act and improve related systems with the aim of facilitating the realization of electronic government and improving the quality of life of citizens and shall actively cooperate in interlinking information and communications networks, sharing administrative information, etc.

(2) Public officials and employees of public institutions shall be capable of utilizing information technologies necessary for the electronic processing of their work and give priority to citizens’ convenience over the convenience of the relevant agencies in electronically processing their work.

Article 4 (Principles of Electronic Government)

(1) Each administrative agency, etc. shall consider, among other things, the following matters in materializing, operating, and developing electronic government, and take measures necessary therefor:

1. Digitizing public services and improving citizens’ convenience;

2. Innovating administrative affairs and improving their productivity and efficiency;

3. Ensuring the security and reliability of information systems;

4. Protecting personal information and privacy;

5. Expanding disclosure and sharing of administrative information;

6. Preventing duplicative investment and improving interoperability.

(2) Each administrative agency, etc. shall promote the realization, operation, and development of electronic government, based on an information technology architecture.

(3) Each administrative agency, etc. shall not require civil petitioners to submit matters that can be electronically verified through the sharing of administrative information between the agencies, etc.

(4) No personal information maintained and managed by administrative agencies, etc. shall be used against the wishes of the relevant person, unless otherwise provided for in other Acts or subordinate statutes.

Article 5 (Formulation of Master Plans for Electronic Government)

(1) The head of each central agency responsible for administrative affairs shall formulate a master plan for electronic government every five years combining the plans of each of administrative agencies, etc. referred to in Article 5-2 (1) to realize, operate, and develop electronic government.

(2) A master plan for electronic government under paragraph (1) (hereinafter referred to as “master plan for electronic government“) shall include the following matters:

1. Basic direction-setting for the realization and mid- and long-term development of electronic government;

2. Modification of related Acts and subordinate statutes and systems for the realization of electronic government;

3. Facilitation of the delivery and utilization of electronic government services;

4. Electronic administrative management;

5. Increased sharing and securement of safety of administrative information;

6. Adoption and utilization of information technology architecture;

7. Integration, sharing, and efficient management of information resources;

8. Standardization of electronic government, ensuring interoperability and expansion of services for sharing;

9. Promotion of electronic government projects and local informatization projects and the management of the outcomes thereof;

10. Re-design of work process for realization of electronic government;

11. International cooperation on electronic government;

12. Other matters necessary for the realization, operation, and development of electronic government, such as training of human resources for informatization.

(3) When the head of each related central administrative agency intends to formulate and implement an implementation plan for national informatization pursuant to Article 7 of the Framework Act on National Informatization, he/she shall take a master plan for electronic government into consideration.

(4) Matters necessary for the procedure, etc. for formulation of master plans for electronic government shall be prescribed by National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, and Presidential Decree.

(Article Amended by Act nº 12346, Jan. 28, 2014)

Article 5-2 (Formulation and Evaluation of Plan for Each Agency)

(1) The head of an administrative agency, etc. shall formulate a master plan for the realization, operation, and development of electronic government in a relevant agency (hereinafter referred to as “plan for each agency”) every five years and submit such plan to the head of the relevant central agency responsible for administrative affairs.

(2) The head of each administrative agency, etc. shall endeavor to secure financial resources necessary for the implementation of the plan for each agency.

(3) The head of each central agency responsible for administrative affairs may examine the current status of the plan for each administrative agency, etc. and the outcomes thereof.

(4) Matters necessary for the standards for formulation of the plan for each agency, procedures for the formulation and examination of the current status therof, etc. shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, and Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 5-3 (Electronic Government Day)

(1) In order to continuously accelerate the development of electronic government by, for example, informing the public about the excellence and convenience of electronic government and enhancing the national status of the Republic of Korea, June 24 shall be designated as the Electronic Government Day.

(2) The State may host events that meet the intent of the Electronic Government Day.

(Article Inserted by Act nº 14914, Oct. 24, 2017)

Article 6 (Relationship with other Acts)

Except as otherwise provided for in other Acts, this Act shall govern the realization, operation, and development of electronic government, such as digitization of public services and administrative management of administrative agencies, etc. and the sharing of administrative information.

CHAPTER II.- PROVISION AND UTILIZATION OF ELECTRONIC GOVERNMENT SERVICES

SECTION 1.- Electronic Processing of Civil Petitions

Article 7 (Application, etc. for Electronic Processing of Civil Petitions)

(1) The head of an administrative agency, etc. (including any person to whom administrative authority has been entrusted: hereafter the same shall apply in this Section) may allow citizens to file, report, or submit a civil application or petition (hereinafter referred to as “application, etc.”) in electronic form even where relevant Acts and subordinate statutes (including ordinances and municipal rules of a local government; hereinafter the same shall apply) require application, etc. for a civil petition, etc. subject to processing of the said agency in paper form, such as a written document, statement, or form.

(2) When the head of an administrative agency, etc. processes a civil petition, etc., he/she may give notice or notification (hereinafter referred to as “notice, etc.”) of the results of the processing in electronic form, if the petitioner wishes to receive such results in such manner or files an application, etc, for the civil petition, etc. in electronic form, even where relevant Acts and subordinate statutes require notice, etc. of the results of the processing in paper form, such as a written document, statement, or form.

(3) When filing an application, etc. or giving notice, etc. pursuant to paragraph (1) or (2), a digitized document may serve as a document to be attached to the electronic document.

(4) An application, etc. filed or notice, etc. provided in electronic form pursuant to paragraph (1) or (2) shall be deemed to have been filed or provided in compliance with the procedures provided for by relevant Acts and subordinate statutes.

(5) When the head of an administrative agency, etc. allows citizens to file an application, etc. or gives notice, etc. in electronic or digitized form pursuant to paragraphs (1) through (3), he/she shall publish the type of such application, etc. for or notice, etc. of the civil petition, etc. and the processing procedure therefor in advance via the Internet.

(6) Matters necessary for the utilization of digitized documents, verification of their authenticity, and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 8 (Electronic Verification, etc. of Required Documentation)

(1) The head of each administrative agency, etc. shall process relevant work after directly receiving an electronic document from an administrative agency, etc., if any document or certificate required to be attached or submitted by the civil petitioner is to be issued by the administrative agency, etc. in electronic form.

(2) A civil petition may be processed in accordance with paragraph (1) only where the civil petitioner pays the full fees prescribed by relevant Acts and subordinate statutes (including expenses incurred by an administrative agency, etc. in remitting fees to the issuing agency) to the administrative agency, etc. for the civil petition and required documents.

(3) If the head of an administrative agency, etc. can verify information about required documents by sharing administrative information pursuant to Article 36 (1), he/she may substitute such verification for the issuance of the documents. In such cases, the head of the administrative agency, etc. may waive or reduce fees for the relevant documents, subject to consultation with the heads of issuing agencies.

(4) Where the head of an administrative agency, etc. has processed required documents pursuant to paragraphs (1) through (3), such required documents are deemed processed in compliance with the procedures provided for by relevant Acts and subordinate statutes.

(5) When the head of each administrative agency, etc. intends to process required documents in a way specified in paragraphs (1) through (3), he/she shall publish the types and the scope of such required documents, related civil petitions, and other necessary matters in advance via the Internet.

(6) The procedure for processing work pursuant to paragraphs (1) through (5) and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 9 (Processing of Civil Petitions without Appearance)

(1) In order for civil petitioners to have their civil petitions, etc. processed without necessarily appearing in person at the relevant agency, the head of each administrative agency, etc. shall take measures, such as the improvement of relevant Acts and subordinate statutes and the establishment of facilities and systems as necessary.

(2) The head of an administrative agency, etc. may open and operate a window for electronic civil petitions on the Internet to implement a system for processing civil petitions without appearance pursuant to paragraph (1): Provided, That if a window has yet to be opened for electronic civil petitions, the head of the administrative agency, etc. may authorize an integrated electronic civil petition window under paragraph (3) to process electronic civil petitions, etc.

(3) The head of a central agency responsible for administrative affairs may provide support for administrative agencies, etc. to open and operate electronic civil petition windows and may open and operate an integrated electronic civil petition window by interlinking such windows.

(4) An application, etc. filed by a civil petitioner through an electronic civil petition window under paragraphs (2) and (3) is deemed an application, etc. filed in person with the competent agency responsible for the civil petition prescribed by relevant Acts and subordinate statutes.

(5) The head of an administrative agency, etc. may charge additional fees for processing civil petitions, etc. filed through an electronic civil petition window under paragraphs (2) and (3), apart from the fees prescribed by related Acts and subordinate statutes, if such fees are required by means prescribed in Article 14.

(6) The head of an administrative agency, etc. may waive or reduce fees for processing civil petitions, etc. submitted through an electronic civil petition window under paragraphs (2) and (3), notwithstanding the provisions of other Acts and subordinate statutes.

(7) Necessary matters concerning the opening and operation of an electronic civil petition window under paragraphs (1) through (4), processing fees under paragraph (5), and the scope of civil petitions, etc. subject to waiver or reduction of processing fees under paragraph (6), the rates of such waiver or reduction, and other related matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 9-2 (Provision of Daily Life Information through Integrated Electronic Civil Petition Window)

(1) The Minister of the Interior and Safety may provide civil petitioners with the services through which such daily life information as the their health examination dates, vaccination dates, renewal dates of drivers’ license, etc. can be perused (hereinafter referred to as “life information viewing services” in this Article). In such cases, the Minister of the Interior and Safety may interlink the integrated electronic civil petition window under Article 9 (3) with information systems of other central administrative agencies, etc. following consultation with the heads of other central administrative agencies, etc. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) The types of daily life information viewing services provided under paragraph (1) shall be determined and publicly announced by the Minister of the Interior and Safety following consultation with the heads of related central administrative agencies, etc. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) In order to provide daily life information viewing services, the Minister of the Interior and Safety may request the heads of other central administrative agencies, etc. to provide data. In such cases, the related central administrative agencies, etc. upon receipt of such request for provision of data shall comply with such request, except in extenuating circumstances. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) The Minister of the Interior and Safety may provide daily life information viewing services only where the relevant civil petitioner agrees to do so. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 10 (Verification of Identities of Civil Petitioners, etc.)

Whenever it is necessary to verify the identity of a civil petitioner in processing a civil petition, etc., the head of an administrative agency, etc. may verify the identity with the petitioner’s officially authenticated digital signature under subparagraph 3 of Article 2 of the Digital Signature Act (hereinafter referred to as “authenticated digital signature“) or in ways prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 11 (Electronic Notice or Information)

(1) The head of an administrative agency, etc. may provide notice, etc. to a citizen by an electronic document, even where relevant Acts and subordinate statutes require to give such notice, etc. by a paper document, such as a written notice or information.

(2) Any notice, etc. given by an electronic document pursuant to paragraph (1) shall be deemed notice, etc. provided in compliance with the procedure provided for by relevant Acts and subordinate statutes.

(3) The head of each administrative agency, etc. shall, when he/she intends to provide notice, etc. by an electronic document pursuant to paragraph (1), publish the types of and procedure for giving such notice, etc. in advance via the Internet.

(4) Necessary matters concerning the provision of notice, etc. by an electronic document shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 12 (Electronic Provision of Administrative Information)

(1) The head of each administrative agency, etc. shall separately provide citizens with information related to civil petitions, such as Acts relevant to civil petitions and subordinate statutes thereof, manuals related to the processing of civil petitions, and the guidelines for processing civil petitions, and other administrative information specified by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree as administrative information related to citizens’ lives, by posting them on the Internet.

(2) The head of an administrative agency, etc. may separately provide citizens with information published in the Official Gazette, newspapers, bulletins, etc. by posting them on the Internet.

Article 12-2 (Designation of Public Services and Notification, etc. of Lists)

(1) The head of a central administrative agency, etc. shall designate the goods, services, etc. provided to those who fulfill prerequisites, such as the elderly, the disabled, and persons entitled to veterans benefits, as public services (hereinafter referred to as “public services”) in accordance with the Acts and subordinate statutes (including ordinances and regulations of local governments) under his/her jurisdiction, and shall notify the Minister of the Interior and Safety of such list. The same shall also apply to cases where a list of public services is modified. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) Matters necessary for the standards for designation of public services and notification, etc. of lists shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 12-3 (Construction, Operation, etc. of Registration System)

(1) The Minister of the Interior and Safety may construct and operate a system for the registration, management, and utilization of lists of public services (hereinafter referred to as “registration system“). In such cases, such system can be interlinked with information systems of other central administrative agencies, etc., and consultations thereon shall be held with the relevant agencies. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) For the construction, operation, etc. of a registration system, the Minister of the Interior and Safety may request the provision of data on resident registration, family registration, national taxes, local taxes, finance, real estate, national pension, health insurance, etc. held by other administrative agencies, etc. after obtaining prior consent from the relevant civil petitioner. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Article 42 (1) shall apply mutatis mutandis to prior consent set forth in paragraph (2).

(4) Where a civil petitioner’s individual consent to a request for provision of data under paragraph (2) is obtained, an application filed by a civil petitioner under Article 12-4 (1) shall be deemed a prior consent the Minister of the Interior and Safety is required to obtain from the civil petitioner under the same paragraph. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(5) Where necessary for the construction and operation of a registration system, the Minister of the Interior and Safety may advance pilot projects. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(6) Matters necessary for the construction and operation of a registration system shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 12-4 (Provision, etc. of Lists of Public Services)

(1) If any civil petitioner applies for the perusal of lists of public services, the head of a local government (referring to the Mayor of a Special Self-Governing City, the Governor of a Special Self-Governing Province, the head of a Si/Gun/Gu (referring to an autonomous Gu); hereafter the same shall apply in this Article) may provide the lists of public services required by the civil petitioner through a registration system.

(2) When a civil petitioner provided with the lists of public services under paragraph (1) files an application for the provision of any civil services, the head of a local government shall forward the relevant application to the head of the relevant central administrative agency, etc.

(3) Matters necessary for the provision of lists of public services, application for public services, transfer, etc. shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 13 (Bearing Expenses Incurred in Electronic Provision of Administrative Information)

(1) The head of an administrative agency, etc. may collect fees from a person, if any, who gains special benefits from administrative information provided via the Internet.

(2) Necessary matters concerning the criteria for collecting fees under paragraph (1), the procedures therefor, and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 14 (Electronic Payment of Taxes, etc.)

The head of an administrative agency, etc. may allow citizens to pay taxes, fees, administrative fines, penalty surcharges, penalties, fines, minor fines, etc. by means of electronic money, electronic payment, etc. through information and communications networks, even where other Acts and subordinate statutes require payment thereof by cash, revenue stamp, or other means.

Article 15 (Electronic Payment of Grants and Benefits)

When the head of an administrative agency, etc. pays specific grants and benefits to citizens pursuant to the provisions of any Act and subordinate statutes, he/she may pay such specific grants and benefits via information and communications networks.

SECTION 2.- Provision of Electronic Government Services and Promotion of Their Utilization

Article 16 (Development and Provision of Electronic Government Services)

(1) The head of each administrative agency, etc. shall develop and provide electronic government services for enhancing public welfare and convenience, ensuring people’s security, and facilitating business activities such as starting a business and establishing factories, and take measures to continuously supplement and improve such services.

(2) The head of each administrative agency, etc. shall ensure that users of its electronic government services have easy access to such services and utilize them in a safe and convenient manner and shall keep its electronic government services up-to-date.

(3) When the head of each administrative agency, etc. develops electronic government services, he/she shall take into account the demands and convenience of users of such services.

Article 17 (Increased User Involvement)

When the head of each administrative agency, etc. provides electronic government services, he/she shall guarantee opportunities for their users to participate in the relevant process and express various opinions by means, such as discussions, recommendations, and policy suggestions, and shall actively reflect such recommendations, policy suggestions, etc. in the process of amending relevant Acts and subordinate statutes and systems, improving the electronic government services, etc.

Article 18 (Introduction and Utilization of Ubiquitous Electronic Government Services)

(1) The head of each administrative agency, etc. shall deliver services for public administration, transportation, welfare, environment, disaster safety, etc. (hereafter referred to as “ubiquitous electronic government services” in this Article) that can be utilized by citizens, enterprises, etc. anywhere anytime, using advanced information and communications technologies, and shall formulate policies necessary therefor.

(2) The Minister of the Interior and Safety may pursue pilot projects, if necessary, to facilitate the introduction and utilization of ubiquitous electronic government services under paragraph (1). (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Necessary matters concerning the introduction and utilization of ubiquitous electronic government services under paragraph (1) and pilot projects under paragraph (2) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 19 (Measures for Broader Use of Electronic Government Services)

The head of each administrative agency, etc. shall take necessary measures to ensure that citizens do not have difficulty accessing or utilizing electronic government services due to their economic, regional, physical, or social conditions.

Article 20 (Operation of Electronic Government Portal)

(1) The State shall establish, manage, and facilitate the use of an Internet-based integrated information system (hereinafter referred to as “electronic government portal“) to efficiently deliver electronic government services.

(2) Matters necessary for the establishment, management, and facilitation of the use of the electronic government portal shall be prescribed by Presidential Decree.

Article 21 (Engagement and Use of Private Sector in Electronic Government Services)

(1) The head of an administrative agency, etc. may develop and provide a new service in combination with a service delivered by an individual, enterprise, organization, etc. by entering into a memorandum of understanding, etc. therewith, in order to facilitate the use of electronic government services.

(2) The head of an administrative agency, etc. may provide necessary assistance to individuals, enterprises, organizations, etc. to develop and provide new services using specific technologies or administrative information of a highly public nature delivered as part of electronic government services (excluding personal information as defined in subparagraph 1 of Article 2 of the Personal Information Protection Act). (Amended by Act nº 10465, Mar. 29, 2011)

(3) Necessary matters concerning the memorandum of understanding under paragraph (1) and the criteria, procedures, etc. for assistance under paragraph (2) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 22 (Investigation and Analysis of Actual Use of Electronic Government Services)

(1) The head of an administrative agency, etc. shall, at regular intervals, investigate, analyze, and manage the actual use, etc. of the electronic government services delivered by the agency, and prepare measures to improve such use.

(2) Detailed matters necessary for the investigation, analysis, and management of the actual use of electronic government services under paragraph (1) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 23 (Efficient Management of Electronic Government Services)

(1) Where electronic government services provided by administrative agencies, etc. are similar to, or overlap with, one another, or their operational value is considered not high, the head of a central agency responsible for administrative affairs may recommend the integration or scrapping thereof, or other measures to improve such services. (Amended by Act nº 11688, Mar. 23, 2013)

(2) Necessary matters concerning the criteria and procedures for the integration or scrapping, etc. of electronic government services under paragraph (1) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 24 (Security Measures for Electronic Public Services)

(1) The Minister of the Interior and Safety shall formulate security measures related to electronic public services through prior consultation with the Director of the National Intelligence Service. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) The head of each central administrative agency, each affiliate thereof, and each local government shall formulate and implement security measures for his/her agency in accordance with the security measures provided for in paragraph (1).

CHAPTER III.- ELECTRONIC ADMINISTRATIVE MANAGEMENT

Article 25 (Preparation, etc. of Electronic Documents)

(1) Documents of each administrative agency, etc. shall be prepared, dispatched, received, stored, preserved, and utilized basically in electronic form: Provided, That the same shall not apply where the nature of specific work requires any other format, or under exceptional circumstances.

(2) Each administrative agency, etc. shall make the forms of documents sent or received by such agency appropriate for electronic documents.

(3) Necessary matters concerning the preparation, delivery, receipt, storage, preservation, and utilization of electronic documents of each administrative agency, etc., the method of preparing forms of electronic documents, and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 26 (Formation, Effects, etc. of Electronic Documents, etc.)

(1) An electronic document prepared by an administrative agency, etc. shall be duly formed when it is approved (referring to approval by electronic means specified by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree).

(2) An electronic document that has been approved by an ancillary agency or support agency of an administrative agency, etc. with power delegated by the administrative agency or vicariously for and on behalf of the administrative agency may be delivered with the administrative digital signature of the ancillary or support agency under Article 29.

(3) Any electronic document and digitized document under this Act shall have the same effect as a paper document, except as otherwise provided for in other Acts.

Article 27 (Transmission and Receipt of Electronic Documents)

(1) Any individual, corporation, or organization seeking to transmit to an administrative agency, etc. an electronic document that requires verification of the identity of the transmitter shall transmit such document with an authenticated digital signature or by electronic means recognized by other Acts and subordinate statutes as means that may be used for the verification of the identity of a person: Provided, That any public institution seeking to exchange electronic documents with an administrative agency shall use its administrative digital signature in transmitting and receiving such electronic documents.

(2) If clarification of the time of delivery or arrival of an electronic document is required, the electronic document shall be transmitted or received by electronic means specified by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree so that the time of delivery or arrival can be objectively verified.

Article 28 (Timing of Delivery or Arrival of Electronic Documents)

(1) An electronic document transmitted to an administrative agency, etc. shall be deemed delivered by the transmitter at the time the transmission of the electronic document is electronically recorded by using an information system.

(2) An electronic document transmitted by an administrative agency, etc. shall be deemed to arrive at the addressee at the time it is entered in the information system, etc. designated by the addressee: Provided, That if the information system, etc. is not designated, such electronic document is deemed to arrive at the addressee at the time it is entered in the information system, etc. under the control of the addressee.

(3) If a transmitter had delivered a document, etc. required to arrive by a specific deadline in electronic form by electronic means described in Article 27 (2) prior to the deadline, but the document did not arrive by the deadline due to failure of the information system or related device of the addressee, the deadline that applies only to the transmitter is deemed to fall on the day immediately following the date on which the failure is eliminated.

(4) If an electronic document that arrives at, and is received by, an administrative agency, etc. is illegible, the administrative agency, etc. shall regard it as a defective document and shall demand the transmitter correct the defect within a period reasonably prescribed as necessary for such correction, while if an electronic document delivered by an administrative agency, etc. that arrives at the addressee is illegible, such document shall not be deemed a document that duly arrives.

Article 29 (Authentication of Administrative Digital Signatures)

(1) Each electronic document prepared by an administrative agency shall bear an administrative digital signature: Provided, That any administrative agency may use an authenticated digital signature to efficiently operate electronic transactions under subparagraph 5 of Article 2 of the Framework Act on Electronic Documents and Transactions. (Amended by Act nº 11461, Jun. 1, 2012)

(2) The head of each central agency responsible for administrative affairs shall authenticate administrative digital signatures.

(3) In authenticating administrative digital signatures under paragraph (2), the head of each central agency responsible for administrative affairs shall prepare technical standards for administrative digital signatures in consultation with the Minister of the Interior and Safety to increase compatibility with authenticated digital signatures and shall also prepare measures to link administrative digital signatures with authenticated digital signatures. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) An administrative digital signature authenticated pursuant to paragraph (2) and applied to an electronic document shall be deemed the official seal or official authentication of the administrative agency or public institution indicated in the electronic document or the signature of the person in direct charge of relevant affairs in the relevant agency, and the content thereof shall be presumed not to have been modified after the administrative digital signature was applied thereto.

(5) Necessary matters concerning the authentication of administrative digital signatures shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 30 (Electronic Management of Administrative Knowledge)

The head of an administrative agency, etc. may establish and operate an electronic processing system for utilizing matters deemed considerably valuable as data that can be used to make decisions on important policies thereof, out of administrative information relevant to duties under his/her jurisdiction, personal experiences, practical knowledge and techniques produced and circulated within the agency.

Article 30-2 (Inter-Linkage and Integration of Electronic Systems)

(1) For improving administrative efficiency and the integrated and efficient provision of services to the public, the head of a central administrative agency, etc., may interlink or integrate the electronic systems under his/her jurisdiction with those of other central administrative agencies, etc.

(2) Necessary matters concerning the standards for inter-linkage and integration of electronic systems and the procedures, methods, etc. therefor, shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 30-3 (Construction and Utilization of Data-Sharing Hub)

(1) The Minister of the Interior and Safety may construct and operate a system for sharing data collected and managed through electronic systems (hereinafter referred to as “data-sharing hub“). (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) The head of a central administrative agency, etc., may, through the data-sharing hub, jointly use the data collected and managed by the heads of other central administrative agencies, etc.

(3) Necessary matters concerning the scope of data and sharing procedures set forth in paragraphs (1) and (2) shall be prescribed by Presidential Decree. (Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 30-4 (Collection and Utilization of Disclosed Internet Data)

(1) For the formulation of policies, decision-making, etc., the head of an administrative agency, etc. may collect and utilize disclosed Internet data, other than the personal information defined in subparagraph 1 of Article 2 of the Personal Information Protection Act, through the data-sharing hub.

(2) Necessary matters concerning the scope of collection of open Internet data, procedures for utilization thereof, etc. under paragraph (1), shall be prescribed by Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 31 (Gathering Opinions through Information and Communications Networks)

(1) With regard to the enactment and amendment of an Act or a subordinate statute relevant to affairs under the control of an administrative agency, etc., the matters that require pre-announcement of administration pursuant to Article 46 (1) of the Administrative Procedures Act, and other matters that require holding of a public hearing, poll, or others pursuant to relevant Acts and subordinate statutes, the head of the responsible administrative agency, etc. shall proceed in tandem to gather opinions through information and communications networks.

(2) The head of each administrative agency, etc. shall allow a party or any interested party who has an opinion with regard to a disposition made by the agency to present his/her opinion through an information and communications network.

(3) The head of each administrative agency, etc. shall readjust relevant Acts and subordinate statutes and take other measures in order to facilitate the gathering and presentation of opinions under paragraphs (1) and (2).

(4) The head of each administrative agency, etc. shall, when he/she conducts any statistical survey subject to citizens, a survey on citizens’ satisfaction with the processing of civil petitions, or any similar survey, actively take measures to utilize information and communications networks.

 Article 32 (Electronic Performance of Work, etc.)

(1) The head of an administrative agency, etc. may adopt an online video conferencing method using information and communications networks in conducting administrative affairs. In such cases, the head of an administrative agency, etc. shall endeavor to preferentially utilize such online video conferencing when conducting business between distant locations. (Amended by Act nº 12346, Jan. 28, 2014)

(2) The head of a central agency responsible for administrative affairs may provide necessary assistance for the adoption, utilization, etc. of online video conferencing under paragraph (1). (Inserted by Act nº 12346, Jan. 28, 2014)

(3) The head of an administrative agency, etc. may, whenever necessary, allow his/her employees to conduct some form of remote work through information and communications networks without necessarily designating a specific place of service. In such cases, the head of an administrative agency, etc. shall formulate measures to prevent illegal access to information and communications networks and other security measures. (Amended by Act nº 12346, Jan. 28, 2014)

(4) The head of an administrative agency, etc. may provide online remote educational and training programs for his/her employees through information and communications networks. (Amended by Act nº 12346, Jan. 28, 2014)

(5) Matters necessary to facilitate the performance of remote work under paragraphs (1) through (4) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree. (Amended by Act nº 12346, Jan. 28, 2014)

Article 33 (Reduction of Paper Documents)

(1) The head of each administrative agency, etc. shall minimize the formulation, receipt, circulation, and storage of paper documents by digitalizing administrative affairs and civil petitions, sharing administrative information with other agencies, or by other means, and shall formulate plans to continuously reduce paper documents in the relevant agency.

(2) The head of each administrative agency, etc. shall revise its methods of working, etc. in the relevant agency in a manner that minimizes unnecessary printing of paper documents in the process of formulating and reporting documents.

(3) With the aim of reducing paper documents, the head of each administrative agency, etc. shall amend or supplement Acts and subordinate statutes, directives, etc. that stipulate application, reports, submission, notice, or notification in paper form to allow such application, etc. by electronic means as well, except under exceptional circumstances.

(4) The head of a central agency responsible for administrative affairs may, if necessary, formulate and implement directives to reduce paper documents or investigate the actual use, etc. of paper documents.

Article 34 (Identities of Persons in Charge and their Rights of Access)

The head of each administrative agency, etc. shall manage and check the identity, rights of access, etc. of a person in charge of relevant work, seeking to access an information system or to use administrative information for electronically processing civil petitions or conducting relevant affairs, in a manner prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 35 (Prohibited Acts)

No person shall commit any of the following acts when handling or utilizing administrative information: (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. Forging, altering, damaging, or deleting administrative information for the purpose of interfering with affairs related to the processing of such information;

2. Forging, altering, damaging, or using an information system for the sharing of administrative information without good cause;

3. Disclosing or disseminating, to the public, any method or program by which administrative information can be altered or deleted;

4. Divulging administrative information, the disclosure of which is prohibited, without good cause;

5. Processing administrative information without due authority or beyond the authority accorded;

6. Aiding or abetting another person, without due authority, to use administrative information;

7. An agency having obtained the approval for sharing administrative information from the Minister of the Interior and Safety pursuant to Article 39 (2), but sharing administrative information in a manner that has not been approved or storing administrative information in an information system or storage device that has not been approved;

8. Receiving administrative information from an administrative agency, etc. or accessing administrative information by fraud or other improper means.

CHAPTER IV.- SHARING ADMINISTRATIVE INFORMATION

Article 36 (Efficient Management and Use of Administrative Information)

(1) The head of each administrative agency, etc. shall share administrative information collected and held by such agency with other administrative agencies, etc. that need such information and shall not endeavor to separately gather identical information where he/she can be provided with reliable administrative information from other administrative agencies, etc.

(2) The head of each administrative agency, etc. collecting and possessing administrative information (hereinafter referred to as “agency in possession of administrative information“) may allow other administrative agencies, etc., banks authorized to engage in banking business pursuant to Article 8 (1) of the Banking Act, and legal entities, organizations, or institutions specified by Presidential Decree to share administrative information held by the agency in possession of such administrative information. (Amended by Act nº 10303, May 17, 2010)

(3) The Minister of the Interior and Safety may publicly announce the detailed examination of the lists of administrative information held by administrative agencies, etc. and the outcomes thereof through information systems and conduct research on demand for the administrative information that administrative agencies, etc. need to share with each other. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12346, Jan. 28, 2014; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) The head of each central agency responsible for administrative affairs shall promote the readjustment of relevant Acts, subordinate statutes, and systems in order to ensure the effective management of administrative information, such as production, processing, utilization, provision, storing, scrapping, etc. of administrative information.

(5) The Minister of the Interior and Safety may establish and publish guidelines for the criteria, procedures, etc. for sharing administrative information, in consultation with the heads of other central agencies responsible for administrative affairs. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(6) Necessary matters concerning the methods, etc. for examination of lists of administrative information under paragraph (3) shall be prescribed by Presidential Decree. (Inserted by Act nº 12346, Jan. 28, 2014)

Article 37 (Administrative Information-Sharing Center)

(1) In order to ensure the effective sharing of administrative information, the Minister of the Interior and Safety may establish an Administrative Information-Sharing Center (hereinafter referred to as the “Sharing Center“) under his/her jurisdiction to implement policies necessary to share administrative information, as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) Any agency sharing administrative information pursuant to Article 36 (2) shall share such information through the Sharing Center unless good cause exists.

Article 38 (Administrative Information Subject to Sharing)

(1) Administrative information that can be shared through the Sharing Center pursuant to Articles 36 and 37 shall be as follows:

1. Administrative information necessary to process civil petitions, etc.;

2. Administrative information that can be used as reference to carry out administrative affairs, such as statistical information, bibliographic information, and policy information;

3. Administrative information deemed essential by an administrative agency, etc. to carry out its official duties prescribed by any Act and subordinate statutes, etc.

(2) Administrative information related to national security of the State, administrative information classified as confidential under any Act or subordinate statute, or any similar administrative information may be excluded from information subject to sharing.

(3) Each agency in possession of administrative information shall ensure that it provides the most up-to-date and accurate administrative information for sharing.

(4) Administrative information shall be shared to the extent necessary for satisfying the specific purpose of its use.

(5) The type, scope, category, etc. of information subject to sharing in the scope of administrative information under paragraph (1) shall be prescribed by Presidential Decree.

Article 39 (Applications for Sharing Administrative Information and Approvals thereof)

(1) Any agency intending to use administrative information through the Sharing Center pursuant to Article 37 (2) shall apply for the sharing of administrative information to the Minister of the Interior and Safety by specifying the administrative information to be subject to sharing and the scope thereof, the purpose and method of sharing, the agency in possession of such administrative information, etc., as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) Upon receipt of an application for the sharing of administrative information under paragraph (1), the Minister of the Interior and Safety may approve such application by specifying conditions for sharing, etc. as prescribed by Presidential Decree: Provided, That he/she shall not approve an application for sharing in any of the following cases: (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. Where the administrative information, the sharing of which has been applied for, is defined as confidential or non-disclosable by any other Act or an order delegated by such other Act (limited only to the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, the Board of Audit and Inspection Regulations, Presidential Decrees, ordinances of the Prime Minister, Ministerial ordinances, and municipal ordinances and rules);

2. Where the administrative information, the sharing of which has been applied for, is related to the guarantee of national security or the national defense, unification of the two Koreas, diplomatic relations, etc. and deemed likely to significantly harm the material national interest if it is so shared;

3. Where the administrative information, the sharing of which has been applied for, is deemed as unnecessary for the performance of inherent duties of the agency that has applied for the sharing (hereinafter referred to as “applicant agency“);

4. Other cases deemed likely to defeat the purpose of sharing administrative information under this Act or the security and reliability of administrative information prescribed by Presidential Decree.

(3) The Minister of the Interior and Safety shall, prior to the grant of the approval pursuant to paragraph (2), obtain the consent of the head of the agency holding relevant administrative information, and in such cases, the head of the agency holding relevant administrative information shall cooperate in sharing administrative information, except under exceptional circumstances. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) Where administrative information that an applicant agency intends to share is a personal information file described in Article 32 of the Personal Information Protection Act, the Minister of the Interior and Safety shall grant the approval therefor pursuant to paragraph (2) after deliberation and resolution by the Personal Information Protection Committee referred to in Article 7 of the said Act: Provided, That this shall not apply where otherwise provided for in any other Act. (Amended by Act. nº 10465, Mar. 29, 2011; Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(5) The Minister of the Interior and Safety may approve the sharing of administrative information by simplifying or skipping the procedures described in paragraphs (1) through (4), in either of the following cases: (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 13459, Aug. 11, 2015; Act nº 14839, Jul. 26, 2017)

1. Where, with regard to an administrative affair, the sharing of which has already been approved, a simple change in its name, department in charge, etc. is to be made due to enactment or amendment of an Act or subordinate statutes;

2. Where sharing administrative information is required to process civil petitions listed in the standards for performing clerical services for civil petitions referred to in Article 36 (1) of the Civil Petitions Treatment Act.

(6) Where an administrative affair subject to sharing is an affair common to several administrative agencies, etc. as prescribed by Acts and subordinate statutes, the Minister of the Interior and Safety may approve the sharing of such administrative affair among all the agencies handling such affair, even though no separate application therefor is filed by individual agencies. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(7) Each agency that has obtained approval pursuant to paragraph (2) shall designate any of the following persons to operate the relevant business as prescribed by Presidential Decree:

1. A person with the right to engage in overall management of matters related to the sharing in the relevant agency;

2. A person with the right to grant authority to access administrative information to responsible persons in the relevant agency;

3. A person with the right to access relevant work and administrative information processed by such sharing.

Article 40 (Constructive Review, Approval and Consultations)

(1) Where an applicant agency has obtained approval for sharing pursuant to Article 39 (2) with regard to administrative information set forth in the main sentences of the provisions referred to in each of the following subparagraphs, it shall be deemed capable of providing such administrative information to the applicant agency pursuant to the provisos to the corresponding provisions: (Amended by Act nº 12346, Jan. 28, 2014; Act nº 14474, Dec. 27, 2016)

1. Article 81-13 (1) of the Framework Act on National Taxes;

2. Article 116 (1) of the Customs Act;

3. Article 86 (1) of the Framework Act on Local Taxes.

(2) Where an applicant agency has obtained approval to share administrative information pursuant to Article 39 (2) and such administrative information contains any of the following, the following review, approval, consultations, etc. corresponding thereto shall be deemed done, obtained, or provided for such administrative information: (Amended by Act. nº 10580, Apr. 12, 2011; Act nº 12592, May 20, 2014; Act nº 12738, Jun. 3, 2014)

1. Review, approval, or consultation with regard to the use or utilization of computerized registration data as prescribed in Article 109 (2) of the Registration of Real Estate Act;

2. Review, approval, or consultation with regard to the use or utilization of computerized data on registration as prescribed in Article 13 (1) of the Act on the Registration, etc. of Family Relationships;

3. Review or approval with regard to the use or utilization of computer processing information data on resident registration as prescribed in Article 30 of the Resident Registration Act;

4. Review or approval with regard to the use or utilization of cadastral computerized data as prescribed in Article 76 of the Act on the Establishment, Management, etc. of Spatial Data;

5. Review or approval with regard to the use of computerized data as prescribed in Article 69 (2) of the Motor Vehicle Management Act;

6. Review or approval with regard to the use of computerized data as prescribed in Article 32 of the Building Act;

7. Review, approval or consultation with regard to the use or utilization of computerized registration data as prescribed in Article 21 (2) of the Commercial Registration Act.

Article 41 (Withdrawal or Suspension of Approval for Sharing Administrative Information)

(1) Where an agency using administrative information after obtaining the approval for sharing pursuant to Article 39 (2) (hereinafter referred to as “user agency“) or an employee belonging to such agency falls under any of the following, the Minister of the Interior and Safety may withdraw the approval granted to the relevant user agency: (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. Where the agency or employee violates the conditions for sharing determined pursuant to Article 39 (2);

2. Where an event corresponding to any of the subparagraphs of Article 39 (2) arises after the agency files an application for sharing;

3. Where the agency or employee commits a prohibited act under Article 35 or violates the duty to comply under Article 74;

4. Other cases similar to subparagraphs 1 through 3 where there is any unavoidable reason to justify prohibiting the sharing of administrative information, as prescribed by Presidential Decree.

(2) Where it is deemed that a reason falling under any of the subparagraphs of paragraph (1) arises temporarily, the Minister of the Interior and Safety may temporarily suspend the relevant user agency’s sharing of administrative information until the cause for the event is settled, notwithstanding paragraph (1). (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Where any user agency sharing administrative information or any employee belonging to such agency falls under any of the subparagraphs of paragraph (1), an agency in possession of such administrative information may request the Minister of the Interior and Safety to withdraw the approval granted to the relevant agency for the sharing of administrative information under its jurisdiction or to temporarily suspend the relevant user agency’s sharing of such information. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) Where the Minister of the Interior and Safety withdraws the approval for the sharing of administrative information under paragraph (1) or suspends such sharing under paragraph (2), he/she shall notify the relevant user agency and the agency in possession of such administrative information of the detailed grounds therefor. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(5) Matters necessary for the withdrawal or suspension of sharing administrative information, and other relevant matters shall be prescribed by Presidential Decree.

Article 42 (Prior Consent of Owners of Information)

(1) When any user agency shares administrative information containing personal information through the Sharing Center, it shall obtain the prior consent of the owner of the said information as defined in subparagraph 3 of Article 2 of the Personal Information Protection Act (hereinafter referred to as “owner of information“) so that he/she is aware of the following matters. In such cases, the consent under Article 18 (2) 1, subparagraph 1 of Article 19 or Article 24 (1) 1 shall be deemed obtained. (Amended by Act. nº 10465, Mar. 29, 2011; Act nº 12346, Jan. 28, 2014)

1. The purpose of sharing the information;

2. The administrative information subject to sharing and the scope of sharing;

3. The name of the user agency sharing the information.

(2) Notwithstanding paragraph (1), where it is impossible for a user agency to obtain prior consent from the owner of information or it is deemed improper to obtain such prior consent in any of the following cases, the user agency shall make the matters listed in the subparagraphs of paragraph (1) known to the said owner of information after the relevant administrative information is shared, as prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree: Provided, That where a user agency shares administrative information for a criminal investigation in the case of subparagraph 3, it shall make those listed in the subparagraphs of paragraph (1) known to the owner of information on or after the date public prosecution is initiated or a disposition not to arrest or initiate public prosecution (except for a decision to suspend indictment) is made with regard to the relevant case:

1. Where sharing the relevant information is urgently required to protect the life or body of the owner of information;

2. Where sharing the relevant information is unavoidable to impose a duty on the owner of information or revoke or withdraw any right or interest of the owner of information pursuant to any Act or subordinate statute;

3. Where sharing the relevant information is unavoidable to perform affairs related to sanctions on the owner of information who has violated any Act or subordinate statute, such as investigation or punishment of the owner of information;

4. Other cases deemed considerably improper to obtain the consent of the owner of information in performing affairs stipulated by an Act or subordinate statute, in consideration of the nature of the relevant affairs or information, as prescribed by Presidential Decree.

(3) The Minister of the Interior and Safety shall disclose the detailed scope of affairs and administrative information that can be shared without the prior consent of the owner of information pursuant to paragraph (2), as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

Article 43 (Rights of Owners of Information to Request Access)

(1) Any owner of information may apply to the Minister of the Interior and Safety or the head of the relevant user agency for access to the following matters with regard to the administrative information about him/herself, among the information shared through the Sharing Center: (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. The user agency;

2. The purpose of sharing the information;

3. The type of the information shared;

4. The time of sharing the information;

5. Legal grounds for sharing the administrative information.

(2) Upon receipt of an application filed by an owner of information under paragraph (1), the Minister of the Interior and Safety and the head of each user agency shall notify the owner of information about the matters listed in the subparagraphs of paragraph (1) within ten days from the date of filing an application, unless any good reason exists. In such cases, if there is any good reason making it impossible to give notice within ten days, he/she shall notify without delay when the relevant reason ceases to exist. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Where a user agency shares administrative information for a criminal investigation in cases under paragraph (2), it shall notify the owner of information thereof within 30 days of the date public prosecution is initiated or a disposition not to arrest or initiate public prosecution (except for a decision to suspend indictment) is made with regard to the relevant case.

(4) If a user agency fails to give notice under paragraph (2), the owner of information may directly apply to the Minister of the Interior and Safety for access to the matters listed in the subparagraphs of paragraph (1) related to him/herself, among the information shared by the user agency. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(5) Matters necessary for the procedures for the access, etc. under paragraphs (1) through (4) shall be prescribed by Presidential Decree.

(6) The Minister of the Interior and Safety shall keep, manage, and disclose records related to the administrative information shared through the Sharing Center, such as its title and frequency of sharing, as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

Article 44 (Charges for Sharing Administrative Information)

(1) Any agency that provides administrative information through the Sharing Center may charge fees therefor, to the agency that uses the information.

(2) Necessary matters concerning the subject matters and scope of the charges for providing administrative information and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

CHAPTER V.- STRENGTHENING OPERATIONAL BASIS FOR ELECTRONIC GOVERNMENT

SECTION 1.- Introduction and Utilization of Information Technology Architecture

Article 45 (Formulation, etc. of Master Plan for Information Technology Architecture)

(1) The Minister of the Interior and Safety shall formulate a master plan to introduce and disseminate an information technology architecture (hereinafter referred to as the “Master Plan“) in a systematic manner in consultation with the heads of related administrative agencies, etc. (Amended by Act nº 11688, Mar. 23, 2013; Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) The Minister of the Interior and Safety shall formulate a pan-Governmental information technology architecture in compliance with the Master Plan. (Amended by Act nº 11688, Mar. 23, 2013; Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) The Minister of the Interior and Safety shall establish and publish guidelines for the introduction and operation of an information technology architecture as well as the construction and operation of an information system, and the head of each administrative agency, etc. shall comply with such guidelines. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) The Minister of the Interior and Safety shall formulate policies for interlinking an information technology architecture with related systems, such as budgets and performance, and for developing them in consultation with the heads of related central administrative agencies, and the head of each administrative agency, etc. shall endeavor to reflect such policies in any work under his/her jurisdiction, except under exceptional circumstances. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

Article 46 (Introduction and Operation of Information Technology Architecture for each Agency)

(1) The head of each administrative agency, etc. prescribed by Presidential Decree (hereinafter referred to as “agency to introduce an architecture“) shall formulate a plan for the introduction of an information technology architecture and submit such plan to the Minister of the Interior and Safety, as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) The head of each agency to introduce an architecture shall introduce and operate the information technology architecture in accordance with the plan under paragraph (1) and maintain and develop the architecture, to ensure the efficient work processing and facilitation of informatization in the relevant agency.

Article 47 (Facilitating Introduction and Operation of Information Technology Architecture)

(1) In order to facilitate the introduction and operation of an information technology architecture, the Minister of the Interior and Safety may develop and disseminate a reference model for an information technology architecture jointly usable by administrative agencies, etc. (referring to a model for securing consistency, compatibility, etc. by defining the components of an information technology architecture in line with the standardized classification system and format; hereinafter the same shall apply). (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) The Minister of the Interior and Safety may provide administrative agencies, etc. seeking to introduce and operate an information technology architecture, with technology relating to the introduction and operation of such architecture, education and training, and other necessary assistance, as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) In order to make information relating to an information technology architecture available to every administrative agency, etc., the Minister of the Interior and Safety shall establish and operate a system for managing and providing information relating to the reference model, pan-Governmental information technology architecture, the current status of implementation and operation of the information technology architecture for each agency, and other relevant matters. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) The Minister of the Interior and Safety may recommend that the private sector in close relationship with an administrative agency, etc., which establishes or operates an information system in connection with the information system of administrative agency, etc., implement and operate an information technology architecture. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

Article 48 (Re-Design of Work Processes Compatible with Information and Communications Technologies)

(1) When the head of each administrative agency, etc. introduces information and communications technologies to any work under his/her jurisdiction, he/she shall re-design its pre-existing organization, placement of manpower, work processes, etc. in a manner compatible with the implementation of the information and communications technologies, and shall implement such re-design.

(2) If the scope of work process re-designed pursuant to paragraph (1) involves work of two or more administrative agencies, etc., the head of a relevant administrative agency, etc. may request the heads of related administrative agencies, etc. to cooperate in such re-design, and the heads of related administrative agencies, etc. so requested shall comply with such request, except under exceptional circumstances.

(3) The head of each administrative agency, etc. shall, if necessary, readjust Acts, subordinate statutes, and systems relevant to work under his/her jurisdiction in accordance with the re-design of work processes under paragraphs (1) and (2) and may request improvement of Acts, subordinate statutes, and systems under jurisdiction of other administrative agencies, etc.

SECTION 2.- Laying Groundwork for Efficient Management of Information Resources

Article 49 (Technical Evaluations for Securing Interoperability, etc.)

(1) When the head of an administrative agency, etc. intends to undertake a project to build an information system, the characteristics and the project size of which meet the criteria prescribed by Presidential Decree, he/she shall conduct technical evaluations of each of the following in accordance with the guidelines under Article 45 (3) before confirming the project plan:

1. Interoperability of the information system;

2. Information sharing;

3. Efficiency of the information system;

4. Technical convenience of access to information;

5. Technical suitability of establishment and operation of the information system.

(2) The head of an administrative agency, etc. may, if necessary, allow an agency meeting the qualifications prescribed by Presidential Decree to conduct technical evaluations under paragraph (1) before formulating the project plan.

Article 50 (Standardization)

The head of each central agency responsible for administrative affairs may take necessary measures for the standardization of official electronic documents, administrative codes, and computers and other devices commonly used by administrative agencies, etc., as prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 51 (Designation and Utilization of Services for Sharing)

(1) The head of a central agency responsible for administrative affairs may designate, modify, or revoke standardized information resources that can be utilized by multiple administrative agencies, etc. or the private sector (hereinafter referred to as “services for sharing“), among the information resources held by administrative agencies, etc., in consultation with the heads of related administrative agencies, etc. and may find and select outstanding information resources among them and distribute such resources to other administrative agencies, etc.

(2) The head of a central agency responsible for administrative affairs may build and operate a system to manage services for sharing to facilitate the efficient distribution and utilization of such services.

(3) The head of each administrative agency, etc. shall prioritize utilizing the services for sharing designated under paragraph (1) in building its information system, and register services that can be utilized by other administrative agencies, etc. or the private sector, among the services developed by the agency, with the system to manage services for sharing under paragraph (2) and continue to manage them.

(4) Any agency developing and distributing outstanding information resources may charge fees therefor to the agency that uses the information resources.

(5) The head of each central agency responsible for administrative affairs shall formulate policies for distributing and disseminating services for sharing.

(6) Detailed matters concerning the provisions of paragraphs (1) through (5) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 52 (Establishment of Information and Communications Networks)

(1) The head of each central agency responsible for administrative affairs shall formulate a plan for the establishment and operation of an information and communications network through which administrative agencies, etc. are integrated and interlinked, in consultation with the Minister of the Interior and Safety. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) When the head of an administrative agency, etc. intends to establish and operate an information and communications network, he/she shall design and operate such network in a manner that can be linked to the information and communications networks of other administrative agencies, etc. to ensure the efficient operation of the networks and the smooth flow of various kinds of administrative information.

(3) The Minister of the Interior and Safety shall establish and implement a system for the use of information and communications services, necessary to enable administrative agencies, etc. to use information and communication networks at a minimum cost. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

Article 53 (Formulation, etc. of Plans for Fostering Experts on Informatization)

(1) The head of a central agency responsible for administrative affairs may formulate and promote plans for fostering experts on informatization, developing experts on informatization, qualification systems, etc. with the aim of enhancing informatization capability of public officials and facilitating the efficient management of information resources.

(2) The head of each central administrative agency and the head of each local government shall formulate and implement its own action plan in accordance with the plans for fostering experts on informatization referred to in paragraph (1).

(3) Necessary matters concerning the development of experts on informatization, etc. other than those provided for in paragraphs (1) and (2) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 54 (Integrated Management of Information Resources)

(1) The head of each administrative agency, etc. shall systematically prepare and manage the current status of the information resources possessed by the relevant agency and statistical data thereon (hereinafter referred to as “current status of information resources, etc.”).

(2) The Minister of the Interior and Safety may survey the demand for informatization in order to facilitate the sharing of information resources between administrative agencies, etc. and their efficient management, and may establish integrated standards, principles, etc. for information resources (hereinafter referred to as “standards for integrating information resources“) for the comprehensive integration and management of information resources. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12346, Jan. 28, 2014; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for the preparation and management of the current status of information resources, etc., matters to be included in the standards for integrating information resources, and other relevant matters shall be prescribed by Presidential Decree.

Article 55 (Establishment and Operation of Local Information Integration Centers)

(1) A local government may establish and operate a Local Information Integration Center to efficiently manage information resources and promote informatization at the local level on an integrated basis and may, if necessary, establish and operate the Local Information Integration Center together with the State or any other local government or governments.

(2) The State may provide administrative, financial, technical, and other necessary assistance in establishing and operating the Local Information Integration Centers referred to in paragraph (1).

(3) The head of a local government intending to establish a Local Information Integration Center shall have prior consultation with the Minister of the Interior and Safety to prevent duplicative investment, etc, pursuant to Article 67 (1). (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) Matters necessary for the establishment and operation of the Local Information Integration Centers, other than those provided for in paragraphs (1) through (3), shall be prescribed by Presidential Decree.

SECTION 3.- Improving Safety and Reliability of Information Systems

Article 56 (Formulation and Implementation of Security Measures for Information and Communications Networks)

(1) The National Assembly, the Judiciary, the Constitutional Court, the National Election Commission, and the Executive Branch shall prepare security measures for ensuring the safety and reliability of information and communications networks, administrative information, etc. necessary for the realization of electronic government.

(2) The head of each administrative agency shall formulate and implement security measures for information and communications networks, administrative information, etc. under his/her jurisdiction in conformity with the security measures under paragraph (1).

(3) The head of each administrative agency shall take security measures, the safety of which has been confirmed by the Director of the National Intelligence Service, to prevent electronic documents from being forged, altered, damaged, or leaked in the course of preserving and circulating electronic documents through an information and communications network, and the Director of the National Intelligence Service may conduct an inspection to ensure such measures have been taken.

(4) Paragraph (3) shall be applicable to an agency responsible for processing administrative affairs of the National Assembly, the Judiciary, the Constitutional Court, or the National Election Commission, only if the head of the agency deems it necessary to take such measures: Provided, That the head of the agency shall, when he/she deems it unnecessary, take security measures similar to those provided for in paragraph (3).

Article 56-2 (Prevention of, Responses to, etc. System Failures)

(1) The head of each administrative agency shall formulate measures for preventing and responding to system failures for the stable operation and management of the information systems belonging to the relevant agency and the agencies under its jurisdiction.

(2) Matters necessary for the prevention of and response to system failures under paragraph (1), shall be prescribed by National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, and Presidential Decree.

(Article Inserted by Act nº 12346, Jan. 28, 2014)

Article 57 (Supervision of Information Systems in Administrative Agencies, etc.)

(1) The head of each administrative agency, etc. shall request a supervisory corporation under Article 58 (1) to supervise its information system, the characteristics and the project size of which meet the criteria prescribed by Presidential Decree: Provided, That the same shall not apply to electronic government projects prescribed by Presidential Decree the management of which is entrusted under Article 64-2. (Amended by Act nº 12346, Jan. 28, 2014)

(2) The head of each administrative agency, etc. shall, with regard to a project subject to supervision, allow his/her employees and the business operator constructing the relevant information system to provide necessary assistance to supervisors in performing their duties, and shall not intervene in, nor interfere with, their work without good cause.

(3) The head of each administrative agency, etc. shall, with regard to a project subject to supervision under paragraph (1), allow the business operator constructing the relevant information system to reflect the results of the supervision in the project.

(4) Notwithstanding paragraph (1), the head of an agency dealing with information prescribed by Presidential Decree, such as information for guaranteeing national security, may allow an institution determined by the head of the agency to supervise its information system.

(5) The Minister of the Interior and Safety shall determine and publicly announce standards necessary for carrying out supervision of information systems, such as the scope of supervision, procedures for supervision, matters to be observed, etc. (hereinafter referred to as “supervision standards“): Provided, That for matters relating to the security of information systems, he/she shall consult in advance with the heads of relevant agencies. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(6) A corporation or institution carrying out supervision pursuant to paragraphs (1) and (4) shall verify whether the relevant information system is being developed and constructed appropriately, in compliance with the supervision standards.

(7) The scope of duty of a corporation or institution carrying out supervision pursuant to paragraph (6), procedures for supervision, and other necessary matters shall be prescribed by Presidential Decree.

Article 58 (Registration of Supervisory Corporations)

(1) Any person intending to carry out supervision of an information system shall register him/herself with the Minister of the Interior and Safety as a corporation after meeting requirements prescribed by Presidential Decree, such as technical and financial capability and other matters necessary for supervision of an information system. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(2) When a corporation registered under paragraph (1) (hereinafter referred to as “supervisory corporation“) intends to modify any registered matters, he/she shall report such modification to the Minister of the Interior and Safety in advance: Provided, That this shall not apply to modification of any insignificant matters prescribed by Presidential Decree, such as modification of equity capital within the extent of registration requirements. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for the registration of supervisory corporations, modification of registered matters, and other relevant matters shall be prescribed by Presidential Decree.

Article 59 (Matters to be Observed by Supervisory Corporations)

(1) Each supervisory corporation shall require supervisors under Article 60 (1) to perform supervisory duties.

(2) No supervisory corporation shall prepare a false report on supervision, and it shall carry out supervision of information systems in good faith.

(3) No supervisory corporation shall allow another person to carry out supervision of information systems using its own name.

Article 60 (Supervisors)

(1) Any person intending to work as a supervisor shall meet specific requirements for qualification prescribed by Presidential Decree, such as technical requirements for each grade, and shall receive education necessary for performing supervisory duties, as prescribed by Presidential Decree.

(2) The Minister of the Interior and Safety shall issue supervisor’s certificates to persons satisfying the requirements for qualification under paragraph (1) and manage those certificates, as prescribed by Presidential Decree. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) No supervisor shall allow another person to perform supervisory duties using his/her own name, or lend his/her supervisor’s certificate to another person.

Article 61 (Disqualification of Supervisory Corporations, etc.)

(1) No corporation with either of the following persons serving as its executive officer shall be registered as a supervisory corporation under Article 58 (1): (Amended by Act nº 12346, Jan. 28, 2014)

1. An incompetent under the adult guardianship or a quasi-incompetent under the limited guardianship;

2. An executive officer of a supervisory corporation of which registration has been revoked pursuant to Article 62, for whom two years have not elapsed from the date the registration was revoked (referring to a person who has committed an act constituting a cause for such revocation and its representative).

(2) No person corresponding to paragraph (1) 1 shall become a supervisor under Article 60.

(3) Matters necessary to confirm grounds for disqualification of supervisory corporations, etc. shall be prescribed by Presidential Decree.

Article 62 (Revocation of Registration of Supervisory Corporations, etc.)

(1) When any supervisory corporation falls under any of the following subparagraphs, the Minister of the Interior and Safety may revoke its registration or order suspension of its business for a prescribed period not exceeding one year: Provided, That he/she shall revoke the registration of a supervisory corporation where it falls under subparagraphs 1 through 3 or subparagraph 10: (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. Where its registration is made by fraud or other improper means;

2. Where it has been subject to a disposition for suspension of business on at least three occasions for the last three years;

3. Where it carries out supervision of an information system during the period of suspension of business: Provided, That this shall not apply where it carries out supervision during the period of suspension of business pursuant to Article 63;

4. Where it carries out supervision in breach of the supervision standards, in violation of Article 57 (6);

5. Where it falls short of the requirements for registration under Article 58 (1);

6. Where it fails to report, or falsely reports, modified matters under Article 58 (2);

7. Where it allows persons other than supervisors to perform supervisory duties, in violation of Article 59 (1);

8. Where it prepares a false report on supervision, in violation of Article 59 (2);

9. Where it allows another person to carry out supervision of information systems using its own name, in violation of Article 59 (3);

10. Where any of its executive officers falls under a ground for disqualification provided for in Article 61 (1): Provided, That this shall not apply where it appoints another executive officer instead of the relevant executive within six months of the date such executive officer falls under disqualification requirements.

(2) The Minister of the Interior and Safety shall hold a hearing if he/she intends to revoke the registration pursuant to paragraph (1). (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Necessary matters concerning the standards and procedures for dispositions under paragraph (1) and other relevant matters shall be prescribed by Presidential Decree.

Article 63 (Continuance of Business, etc. of Supervisory Corporations on which Disposition of Revocation of Registration, etc. has been Imposed)

(1) Any supervisory corporation on which a disposition of revocation of registration or suspension of business has been imposed pursuant to Article 62 (1) may continue to perform its supervisory duties under a contract concluded before the relevant disposition was imposed. In such cases, the supervisory corporation shall, without delay, notify the relevant person awarding the contract of the details of such disposition.

(2) Where a person awarding a contract for the supervision of an information system is notified pursuant to paragraph (1) or learns the fact that revocation of registration or suspension of business has been imposed on the relevant supervisory corporation, he/she may terminate the contract only within 30 days from the date he/she learns such fact, except under exceptional circumstances.

CHAPTER VI.- PROMOTION OF POLICIES, ETC. FOR REALIZATION OF ELECTRONIC GOVERNMENT

Article 64 (Promotion of and Support for Electronic Government Projects)

(1) The head of each administrative agency, etc. shall actively pursue projects for the realization, operation, and development of electronic government (hereinafter referred to as “electronic government projects“).

(2) The Minister of the Interior and Safety may provide the heads of administrative agencies, etc. with administrative, financial, technical, or other support necessary to help them efficiently pursue electronic government projects. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for the selection and management of electronic government projects supported under paragraph (2) (hereinafter referred to as “supported electronic government projects“), and other relevant matters shall be prescribed by Presidential Decree.

Article 64-2 (Entrustment of Management of Electronic Government Projects)

(1) In order to efficiently implement electronic government projects, the heads of administrative agencies, etc. may entrust all or part of their business concerning the management and supervision of any of the following projects (hereinafter referred to as “management of electronic government projects“) to a person equipped with expertise and technical capacity, and the specific scope of electronic government projects which may be entrusted and the qualifications of a person eligible for being entrusted with the management of electronic government projects shall be prescribed by Presidential Decree:

1. Projects that significantly affect the efficiency in pubic services and public administration;

2. Projects that require special management because of a high level of difficulty;

3. Other cases where the heads of administrative agencies, etc. deem it necessary to entrust the management of electronic government projects.

(2) When the head of an administrative agency selects a person to whom he/she intends to entrust the management of electronic government projects (hereinafter referred to as “manager of electronic government projects“) pursuant to paragraph (1), he/she shall take into consideration human resources capable of managing such projects, a plan for conducting business, the past records of management of electronic government projects, etc., and detailed criteria for the selection shall be prescribed by Presidential Decree.

(3) No manager of electronic government projects shall give advice to anyone to have relevant electronic government projects subcontracted to him/herself or his/her affiliated company (referring to an affiliated company defined under subparagraph 3 of Article 2 of the Monopoly Regulation and Fair Trade Act).

(4) Where the head of an administrative agency entrusts the management of electronic government projects, he/she shall submit data about relevant electronic government projects, entrusted services, and performance of such services to the Minister of the Interior and Safety. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(5) The Minister of the Interior and Safety may determine and publicly notify matters necessary for the management of electronic government projects, including the guidelines for the calculation of fees for the entrustment under paragraph (1) and the submission of data under paragraph (4). (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(Article Inserted by Act nº 11735, Apr. 5, 2013)

Article 64-3 (Liability, etc. of Manager of Electronic Government Projects)

The manager of electronic government projects shall be liable for any loss or damage suffered by a person from or in connection with his/her placing an order, which has been inflicted due to breach of contract or by intention or negligence in the course of the management of electronic government projects.

(Article Inserted by Act nº 11735, Apr. 5, 2013)

Article 65 (Promotion of and Support for Local Informatization Projects)

(1) The State and a local government may pursue the following local informatization projects with the aim of enhancing regional competitiveness and improving the quality of life for local residents:

1. Development and dissemination of local information services covering the history, culture, welfare, environment, etc. of the relevant region;

2. Construction of information systems and laying the foundations for informatization of the relevant region;

3. Intensive support for regions lagging behind in informatization;

4. Efficient management of information resources, such as integrated management of information systems and information services;

5. Other matters necessary for local informatization.

(2) A local government may pursue a local informatization project under paragraph (1) in collaboration with central administrative agencies or other local governments, if it is necessary to prevent duplicative investment, etc.

(3) The State and a local government may establish and operate a commonly applicable operating foundation for the efficient provision of services through integrated linkage between the public and private sector information systems in the relevant region. In such cases, they shall prepare measures to prevent unlawful access to information networks and other protective measures.

(4) In order to pursue local informatization projects under paragraphs (1) through (3), the State may provide administrative, financial, technical, and other necessary support, as prescribed by Presidential Decree.

(5) Matters necessary for the promotion of and support for local informatization projects, other than those provided for in paragraphs (1) through (4), shall be prescribed by Presidential Decree.

Article 66 (Promotion of Pilot Projects)

(1) The head of an administrative agency, etc. may promote a pilot project if necessary for the realization, operation, and development of electronic government and the facilitation of efficient informatization at the local level.

(2) Matters necessary for the implementation of pilot projects shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 67 (Prior Consultation)

(1) When the head of an administrative agency, etc. intends to pursue an electronic government project or local informatization project for interconnection or sharing with other administrative agencies, etc., he/she shall have prior consultation with the heads of central agencies responsible for administrative affairs to prevent duplicative investment, etc.: Provided, That the local informatization projects being pursued by the head of a Si/Gun/Gu (referring to an autonomous Gu) shall be subject to consultation with the competent Special Metropolitan City Mayor, Metropolitan City Mayor or Do Governor. (Amended by Act nº 12346, Jan. 28, 2014)

(2) The head of each administrative agency, etc. shall reflect the results of prior consultations held under paragraph (1), in the course of pursuing the relevant project.

(3) Necessary matters concerning projects subject to prior consultation, the methods and procedures therefor, and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 68 (Analysis and Examination of Performance)

(1) The head of each central agency responsible for administrative affairs shall conduct comprehensive analysis and examination of the results and performance of major projects prescribed by Presidential Decree, such as projects concerning electronic government and local informatization which relate to multiple administrative agencies, etc., as well as the status of administrative information sharing, submit the results thereof to the National Assembly, and reflect such results in its business plan, etc. for the next year (Amended by Act nº 11688, Mar. 23, 2013)

(2) The Minister of the Interior and Safety shall, every year, analyze and examine the current status and outcomes of the introduction and operation of information technology architectures under Article 46 (2) and shall reflect the results thereof in the Master Plan. (Amended by Act nº 11688, Mar. 23, 2013; Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for the analysis and examination of outcomes under paragraphs (1) and (2) shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 69 (Cooperation, such as Submission of Materials)

(1)  If necessary for performing business affairs provided for in this Act, the head of a central agency responsible for administrative affairs may request the head of any related administrative agency, etc. to submit data, etc. for investigating the current conditions.

(2) The head of each related administrative agency, etc. shall actively cooperate with the request for submitting data under paragraph (1).

(3) The head of a central agency responsible for administrative affairs may provide statistical data, etc. collected pursuant to paragraph (1) upon receipt of a request of the head of any other administrative agency, etc.

Article 70 (International Collaboration for Electronic Government)

(1) The head of each central agency responsible for administrative affairs shall stay informed of international trends in electronic government and improve the international competitiveness of electronic government through international collaboration.

(2) The head of a central agency responsible for administrative affairs may carry out the following activities:

1. Collaboration with international organizations and foreign governments in connection with electronic government;

2. Management of an international rating index with regard to electronic government;

3. Other matters prescribed with regard to international collaboration for electronic government by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

(3) The head of a central agency responsible for administrative affairs may request the head of a related administrative agency, etc. to cooperate in connection with international collaboration for electronic government, and the head of the related administrative agency, etc. so requested shall comply with such request, except under exceptional circumstances.

Article 71 (Designation, etc. of Specialized Institutions)

(1) The head of a central agency responsible for administrative affairs may designate specialized institutions to entrust them with business affairs in order to comprehensively and efficiently conduct the following affairs assigned to each agency: (Amended by Act nº 11735, Apr. 5, 2013)

1. Affairs related to the development, provision, and promotion of the use of electronic government services;

2. Affairs related to the sharing of administrative information;

3. Affairs related to the introduction and utilization of an information technology architecture;

4. Affairs related to research on and improvement of the supervision system;

5. Research on the entrustment of the management of electronic government projects under Article 64-2 (1) and on the improvement therein;

6. Affairs related to the promotion of and assistance in supported electronic government projects and local informatization projects;

7. Other affairs prescribed for the realization, operation, and development of electronic government by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

(2) The head of a central agency responsible for administrative affairs may contribute or subsidize funds within budgetary limits as necessary for the performance of the affairs specified in paragraph (1) to the relevant specialized agency.

(3) Professional characteristics of the relevant affairs, etc. shall be considered in designating a specialized institution, and necessary matters concerning requirements, methods, and procedures for the designation of specialized institutions and other relevant matters shall be prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 72 (Establishment, etc. of Korea Local Information Research and Development Institute)

(1) At least two local governments may jointly establish a Korea Local Information Research and Development Institute (hereinafter referred to as the “Development Institute“) to jointly pursue informatization projects under their control.

(2) The Development Institute shall be a corporation.

(3) The Development Institute shall perform the following affairs:

1. Assistance in informatization projects being pursued by local governments for the realization of electronic government and the facilitation of local informatization;

2. Administrative affairs entrusted by a related central administrative agency or a local government in connection with the promotion of informatization of local governments;

3. Survey, research, education, and training to facilitate informatization of local governments;

4. Other projects determined by Presidential Decree for the facilitation of local informatization.

(4) The head of an administrative agency, etc. may entrust the Development Institute with the affairs assigned to the agency in order to efficiently pursue local informatization projects.

(5) A local government may contribute funds to the Development Institute so that it can be appropriated for the establishment, installation of facilities, and operation of the Development Institute, and the State may provide support as necessary for the Development Institute’s smooth performance of duties.

(6) The Development Institute may request an administrative agency, etc. to wholly or partially bear expenses incurred in providing its services.

(7) Except as otherwise provided for in this Act, provisions regarding incorporated foundations of the Civil Act shall apply mutatis mutandis to the Development Institute.

(8) Matters necessary for the promotion and support of local informatization by the Development Institute and other relevant matters shall be prescribed by Presidential Decree.

Article 73 (Delegation and Entrustment of Authority, etc.)

(1) The head of a central agency responsible for administrative affairs may delegate part of his/her authority under this Act to heads of affiliates under his/her control or the Special Metropolitan City Mayor, Metropolitan City Mayors, and Do Governors or may entrust such authority to the head of any other administrative agency, etc., as prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

(2) The head of a central agency responsible for administrative affairs may entrust to any related corporation or organization some of its affairs under this Act, as prescribed by the National Assembly Regulations, the Supreme Court Regulations, the Constitutional Court Regulations, the National Election Commission Regulations, or by Presidential Decree.

Article 74 (Prevention of Divulgence of Confidential Information, etc.)

No person who was or is engaged in any of the following duties shall, without good cause, divulge to a third party any confidential information he/she acquires while performing his/her duties or steal such confidential information: (Amended by Act nº 11735, Apr. 5, 2013)

1. An administrative duty for which sharing administrative information is required;

2. A supervisory duty;

3. A duty of managing an electronic government project entrusted pursuant to Article 64-2 (1).

Article 75 (Legal Fiction as Public Official in Application of Penalty Provisions)

In applying Articles 129 through 132 of the Criminal Act, any of the following persons shall be deemed a public official, even though he/she is not a public official: (Amended by Act nº 11735, Apr. 5, 2013)

1. A person engaged in work relating to the sharing of administrative information;

2. A person working for an agency that receives administrative information (limited to persons relating to the sharing of administrative information);

3. A supervisor performing supervisory duties;

4. A person in charge of managing an electronic government project entrusted pursuant to Article 64-2 (1).

CHAPTER VII.- PENALTY PROVISIONS

Article 76 (Penalty Provisions)

(1) Any person who forges, alters, damages, or deletes administrative information in violation of subparagraph 1 of Article 35 shall be punished by imprisonment with labor for not more than ten years.

(2) Any of the following persons shall be punished by imprisonment with labor for not more than five years or by a fine not exceeding 50 million won:

1. A person who forges, alters, damages, or uses an information system for sharing administrative information without good cause, in violation of subparagraph 2 of Article 35;

2. A person who discloses or disseminates to the public, any method or program by which administrative information can be altered or deleted, in violation of subparagraph 3 of Article 35.

(3) Any of the following persons shall be punished by imprisonment with labor for not more than three years or by a fine not exceeding 30 million won:

1. A person who divulges administrative information, in violation of subparagraph 4 of Article 35;

2. A person who processes administrative information without due authority or beyond the authority accorded, in violation of subparagraph 5 of Article 35;

3. A person who aids or abets another person, without due authority, to use administrative information, in violation of subparagraph 6 of Article 35;

4. A person who shares administrative information in a manner that has not been authorized, or stores administrative information in an information system or a storage device that has not been authorized, in violation of subparagraph 7 of Article 35;

5. A person who divulges or steals any secret to which he/she has acquired in the course of his/her official duties, in violation of Article 74.

(4) Any person who receives administrative information from an administrative agency, etc. or peruses administrative information by fraud or other improper means, in violation of subparagraph 8 of Article 35, shall be punished by imprisonment with labor for not more than two years or by a fine not exceeding seven million won.

(5) Any person who carries out supervision of an information system without registration under Article 58 (1) shall be punished by imprisonment with labor for not more than two years or by a fine not exceeding 20 million won.

(6) Any person who allows another person to carry out supervision of an information systems using its own name or lends his/her supervisor’s certificate to another person, or any person who carries out supervision using another person’s name or borrows supervisor’s certificate shall be punished by imprisonment with labor for not more than one year or by a fine not exceeding ten million won.

Article 77 (Joint Penalty Provisions)

If the representative of a corporation, or an agent or employee of, or any other person employed, by a corporation or an individual commits a violation under Article 76 (3) 5 or Article 76 (5) or (6) in connection with the business affairs of the corporation or individual, not only shall such violator be punished, but also the corporation or individual shall be punished by a fine under the relevant provisions: Provided, That this shall not apply where such corporation or individual has not been negligent in giving due attention and supervision concerning the relevant duties to prevent such violation.

Article 78 (Administrative Fines)

(1) An administrative fine not exceeding 30 million won shall be imposed on any of the following persons:

1. A person who fails to obtain the prior consent of an owner of information, in violation of Article 42 (1);

2. A person who fails to notify an owner of information of the matters listed in the subparagraphs of Article 43 (1) without good cause, in violation of Article 42 (2) and (3).

(2) Administrative fines under paragraph (1) shall be imposed and collected by the Minister of the Interior and Safety. (Amended by Act nº 11690, Mar. 23, 2013; Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

ADDENDA

Article 1 (Enforcement Date)

This Act shall enter into force three months after the date of its promulgation: Provided, That the amended provisions of Article 5 (5) of this Addenda shall enter into force on January 1, 2011.

Article 2 (Repeal of other Act)

The Act on the Efficient Introduction, Operation, etc. of Information Systems is hereby repealed.

Article 3 (Transitional Measures concerning Sharing of Administrative Information)

(1) Any administrative information being shared through the Sharing Center under the previous provisions as at the time this Act enters into force shall be deemed authorized in accordance with the procedures determined by this Act.

(2) Any person corresponding to the amended provisions of the subparagraphs of Article 39 (7) shall be deemed designated in accordance with the procedures determined by this Act.

Article 4 (Transitional Measure following Repeal of the Act on the Efficient Introduction, Operation, etc. of Information Systems)

(1) Any agency designated as an agency introducing an information technology architecture under Article 5 of the previous Act on the Efficient Introduction, Operation, etc. of Information Systems (hereafter referred to as “Information Systems Act” in this Article) before this Act enters into force shall be deemed an agency designated under this Act.

(2) Any project on which supervision is carried out under Article 11 of the previous Information Systems Act as at the time this Act enters into force shall be deemed a project on which supervision is carried out under this Act.

(3) Any supervisory corporation registered as a supervisory corporation under Article 12 of the previous Information Systems Act before this Act enters into force shall be deemed registered under this Act.

(4) Any person educated as a supervisor under Article 14 of the previous Information Systems Act before this Act enters into force shall be deemed to have received education under this Act.

(5) Any person having received a supervisor’s certificate under Article 14 of the previous Information Systems Act before this Act enters into force shall be deemed to have received such certificate under this Act.

(6) Any administrative disposition imposed with regard to supervision on any information system under Article 16 of the previous Information Systems Act before this Act enters into force shall be deemed to have been imposed under this Act.

(7) Any application of penalty provisions or administrative dispositions with regard to a violation of any provision of the previous Information Systems Act before this Act enters into force shall be governed by the previous Information Systems Act.

Article 5 Omitted.

Article 6 (Relationship with other Acts and Subordinate Statues)

Where the previous Electronic Government Act or the previous Act on the Efficient Introduction, Operation, etc. of Information Systems, or the provisions thereof are cited in other Acts or subordinate statutes as at the time this Act enters into force, this Act or the corresponding provisons hereof shall be deemed cited in place of the previous provisions, if provisions corresponding thereto exist in this Act.

ADDENDA (Act nº 10303, May 17, 201)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 through 10 Omitted.

ADDENDA (Act nº 10465, Mar. 29, 2011)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 through 7 Omitted.

ADDENDA (Act nº 10580, Apr. 12, 2011)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 through 5 Omitted.

ADDENDA (Act nº 11461, Jun. 1, 2012)

Article 1 (Enforcement Date)

This Act shall enter into force three months after the date of its promulgation.

Articles 2 through 10 Omitted.

ADDENDA (Act nº 11688, Mar. 23, 2013)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Article 2 Omitted.

ADDENDA (Act nº 11690, Mar. 23, 2013)

Article 1 (Enforcement Date)

(1) This Act shall enter into force on the date of its promulgation.

(2) Omitted.

Articles 2 through 7 Omitted.

ADDENDUM (Act nº 11735, Apr. 5, 2013)

This Act shall enter into force three months after the date of its promulgation.

ADDENDA (Act nº 12346, Jan. 28, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability concerning Master Plans for Electronic Government)

The first master plan for electronic government under the amended provisions of Article 5 shall be formulated in the year immediately following the enforcement of this Act.

Article 3 (Applicability concerning Plan for Each Agency)

The first plan for each agency under the amended provisions of Article 5-2 shall be formulated in the year immediately following the enforcement of this Act.

Article 4 (Applicability concerning Supervision of Information Systems)

The amended provisions under the proviso to Article 57 (1) shall apply to electronic government projects, the notices of tender for the entrustment of management of which are announced after this Act enters into force.

Article 5 (Transitional Measures concerning Incompetents, etc.)

The incompetents under the adult guardianship or quasi-incompetents under the limited guardianship under the amended provisions of Article 61 (1) 1 shall be deemed to include persons currently incompetent or quasi-incompetent under Article 2 of the Addenda to the partially amended Civil Act (Act nº 10429).

ADDENDA (Act nº 12592, May 20, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Articles 2 through 5 Omitted.

ADDENDA (Act nº 12738, Jun. 3, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force one year after the date of its promulgation. (Proviso Omitted.)

Articles 2 and 3 Omitted.

ADDENDA (Act nº 12844, Nov. 19, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation. (Proviso Omitted.)

Articles 2 through 7 Omitted.

ADDENDA (Act nº 13459, Aug. 11, 2015)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Articles 2 through 5 Omitted.

ADDENDA (Act nº 14474, Dec. 27, 2016)

Article 1 (Enforcement Date)

This Act shall enter into force three months after the date of its promulgation.

Articles 2 through 14 Omitted.

ADDENDA (Act nº 14839, Jul. 26, 2017)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That among the Acts amended in accordance with Article 5 of these Addenda, amendments to Acts, which were promulgated before this Act enters into force, but the dates on which they are to enter into force have yet to arrive, shall enter into force on the enforcement dates of the respective Acts.

Articles 2 through 6 Omitted.

ADDENDUM (Act nº 14914, Oct. 24, 2017)

This Act shall enter into force on the date of its promulgation.

09Nov/21

Presidential Decree nº 21698, Aug. 21, 2009. Enforcement Decree of the Framework act on National Informatization

Presidential Decree nº 21698, Aug. 21, 2009. Enforcement Decree of the Framework act on National Informatization. (Amended by Presidential Decree nº 21847, Nov. 26, 2009, Presidential Decree nº 21882, Dec. 14, 2009, Presidential Decree nº 22075, Mar. 15, 2010, Presidential Decree nº 22151, May 4, 2010, Presidential Decree nº 22218, jun. 28, 2010, Presidential Decree nº 22475, Nov. 10, 2010, Presidential Decree nº 23488, Jan. 6, 2012, Presidential Decree nº 24018, Aug. 3, 2012, Presidential Decree nº 24020, Aug. 3, 2012, Presidential Decree n º 24466, Mar. 23, 2013, Presidential Decree nº 24844, Nov. 20, 2013, Presidential Decree nº 25339, Apr. 29, 2014, Presidential Decree nº 25331, Apr. 29, 2014, Presidential Decree nº 25448, Jul. 7, 2014, Presidential Decree nº 25456, Jul. 14, 2014, Presidential Decree nº 25751, Nov. 19, 2014).

ENFORCEMENT DECREE OF THE FRAMEWORK ACT ON NATIONAL INFORMATIZATION

Article 1 (Purpose)

The purpose of this Decree is to stipulate matters delegated by the Framework Act on National Informatization and necessary matters for the enforcement thereof.

Article 2 (Publication of Basic Plans for National Informatization)

The Minister of Science, ICT and Future Planning shall publish a basic plan for national informatization (hereinafter referred to as “basic plan“) confirmed in accordance with Article 6 (2) of the Framework Act on National Informatization (hereinafter referred to as the “Act“) in the official gazette. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 3 Deleted (By Presidential Decree nº 24466, Mar. 23, 2013)

Article 4 (Establishment and Execution of National Informatization Implementation Plans)

(1) The heads of central administrative agencies and the heads of local governments shall each submit to the Minister of Science, ICT and Future Planning, by the deadlines in the following subparagraphs, records pertaining to the execution of an implementation plan for national informatization under Article 7 (1) of the Act (hereinafter referred to as “implementation plan“) carried out during the preceding year and an implementation plan for the next year, and matters concerning modifications to important matters under the latter part of Article 7 (2) of the Act: (Amended by Presidential Decree nº 22218, Jun. 28, 2010; Presidential Decree nº 24466, Mar. 23, 2013)

1. Central administrative agencies: April 30 of each year;

2. Local governments: July 31 of each year.

(2) “Important matters prescribed by Presidential Decree” under the latter part of Article 7 (2) of the Act means those matters having significant influence on the informatization policies of central administrative agencies or local governments which are related to no less than two central administrative agencies or local governments, or require a budgetary measure in excess of an amount determined by the Minister of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(3) The Minister of Science, ICT and Future Planning shall present its examination opinion on the implementation plan of a central administrative agency to the Minister of Strategy and Finance and the head of the relevant central administrative agency by June 30 of each year and examination opinion on the implementation plan of a local government to the Minister of Strategy and Finance and the head of the relevant local government by September 30 of each year, in accordance with Article 7 (3) of the Act. (Amended by Presidential Decree nº 22218, Jun. 28, 2010; Presidential Decree nº 24466, Mar. 23, 2013)

(4) The heads of central administrative agencies and the heads of local governments shall consult with the Minister of Science, ICT and Future Planning in establishing their implementation plan so that the implementation plan is interlinked with the basic plan. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(5) The heads of central administrative agencies and the heads of local governments shall consult in advance with the heads of the relevant administrative agencies when they include matters concerning the protection of information in their implementation plans.

(6) The heads of central administrative agencies and the heads of local governments shall confirm their implementation plan by December 31 of each year after reflecting examination opinions of the Minister of Science, ICT and Future Planning under paragraph (3), unless there is a compelling reason not to do so. (Amended by Presidential Decree nº 22218, Jun. 28, 2010; Presidential Decree nº 24466, Mar. 23, 2013)

Article 5 (Procedures and Methods of Adjustment)

(1) When the heads of central administrative agencies or the heads of local governments request adjustment to the Minister of Science, ICT and Future Planning pursuant to Article 8 (1) of the Act, he/she shall write the following matters clearly:

1. Counterparts of adjustment;

2. National informatization policies or projects requiring adjustment;

3. Matters requiring adjustment.

(2) When the adjustment pursuant to paragraph (1) is required, the Minister of Science, ICT and Future Planning may make a request to the head of an agency requesting adjustment and its counterparts for presentation of opinions or materials with respect to the matters requiring adjustment. In such cases, the head of an agency shall, upon receipt of such request, comply therewith unless there is a compelling reason not to do so.

(3) The Minister of Science, ICT and Future Planning may, where necessary, hear the opinions of the head of an agency related to the matters requiring adjustment and experts in relevant fields.

(Article Amended by Presidential Decree nº 25339, Apr. 29, 2014)

Articles 6 through 9-3 Deleted (By Presidential Decree nº 24466, Mar. 23, 2013)

Articles 10 and 11 Deleted, (By Presidential Decree nº 25339, Apr. 29, 2014)

Article 12 (Operation of Consultative Council of Officials in Charge of Informatization)

(1) To deal with the affairs of the Consultative Council of Officials in Charge of Informatization under Article 12 of the Act (hereinafter referred to as the “Consultative Council”), the Consultative Council may have two secretaries, who shall be each appointed by the Minister of Science, ICT and Future Planning and the Minister of Government Administration and Home Affairs from among public officials belonging to the Senior Civil Service Corps in charge of informatization affairs of the Ministry of Science, ICT and Future Planning and the Ministry of Government Administration and Home Affairs. (Amended by Presidential Decree nº 24466, Mar. 23, 2013; Presidential Decree nº 25751, Nov. 19, 2014)

(2) Each chairperson of the Consultative Council shall represent the Consultative Council and exercise overall control over the affairs thereof. (Inserted by Presidential Decree nº 24466, Mar. 23, 2013)

(3) Where each chairperson of the Consultative Council is unable to perform his/her duties due to unavoidable reasons, members shall act for him/her in the order predetermined by the Consultative Council. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) In addition to those provided for in paragraphs (1) through (3), necessary matters for the operation of the Consultative Council shall be determined jointly by each chairperson of the Consultative Council following deliberation by the Consultative Council. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 13 (Projects, etc. Subject to Implementation of Informatization Plans)

(1) The term “large-scale investment projects prescribed by Presidential Decree” in Article 13 (1) of the Act means large-scale investment projects specified in attached Table 1. (Amended by Presidential Decree nº 24844, Nov. 20, 2013)

(2) The Minister of Science, ICT and Future Planning may recommend the heads of central administrative agencies or local governments who intend to carry out a project, other than the large-scale investment projects listed in attached Table 1, the total cost of which is not less than 10 billion won, to formulate and implement a plan equivalent to the informatization plan under Article 13 (1) of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013; Presidential Decree nº 24844, Nov. 20, 2013)

(3) The Minister of Science, ICT and Future Planning may determine and publicly notify the guidelines for establishing an informatization plan referred to in Article 13 (1) of the Act. (Amended by Presidential Decree nº 24844, Nov. 20, 2013)

(4) Where requested by the heads of central administrative agencies or local governments, the Minister of Science, ICT and Future Planning may provide support by organizing a technical support team consisting of relevant experts pursuant to Article 13 (4) of the Act, and if deemed necessary, may require the National Information Society Agency referred to in Article 14 of the Act to provide technical support. (Amended by Presidential Decree nº 24844, Nov. 20, 2013)

Article 14 (Operation of the National Information Society Agency)

The National Information Society Agency under Article 14 of the Act may, where necessary to carry out projects, such as the management and operation of an information communications network for national agencies, local governments and public institutions (hereinafter referred to as “national agencies, etc.”), the promotion of informatization projects, and the support for evaluation pursuant to paragraph (3) of the said Article, request the provision of relevant materials from national agencies, etc.

Article 15 (Preparation and Management of Materials on Current Status, etc. of Information Resources)

(1) The heads of national agencies, etc. shall systematically prepare and manage materials on the current status and statistical data on information resources retained by their respective agencies (hereinafter referred to as “materials on the current status, etc. of information resources“) in order to efficiently promote informatization under Article 15 (1) of the Act.

(2) Where necessary to systematically prepare and manage materials on the current status, etc. of information resources under paragraph (1), the heads of national agencies, etc. shall establish an information resources management plan containing the following:

1. Basic direction of the preparation and management of materials on the current status, etc. of information resources;

2. Matters concerning the current status and operation (including entrusted operation) of information resources;

3. Matters concerning the introduction and investment management of information technology;

4. Matters related to securing the safety and reliability of information resources;

5. Other matters necessary for the preparation and management of materials on the current status, etc. of information resources.

(3) The Minister of Science, ICT and Future Planning shall provide necessary support through consultation with the heads of relevant agencies such as the Minister of Government Administration and Home Affairs, in order to efficiently establish the information resources management plan under paragraph (2). (Amended by Presidential Decree nº 24466, Mar. 23, 2013; Presidential Decree nº 25751, Nov. 19, 2014)

Article 16 (Support for Informatization of Private Sectors)

The Government may carry out the following projects to support the informatization of private sectors under Article 17 of the Act:

1. Creating informatization infrastructure for private sectors, such as industry, finance, etc.;

2. Conducting training on informatization for private sectors, such as industry, finance, etc., consulting thereof, and distribution and dissemination of information technology;

3. Other projects necessary for the informatization of private sectors.

Article 17 (Sharing and Distribution of Knowledge and Information)

(1) For the purpose of establishing an infrastructure for sharing and distributing knowledge and information under Article 18 of the Act, national agencies, etc. shall make information retained by their respective agencies available for convenient search and utilization by the public.

(2) The Minister of Science, ICT and Future Planning may provide necessary support, such as the establishment, etc. of standards for the sharing and distribution of knowledge and information, following consultation with the heads of relevant national agencies, etc. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 18 (Common Use of Information among National Agencies, etc.)

(1) For the purpose of creating an infrastructure for sharing and distributing knowledge and information under Article 18 of the Act, the heads of national agencies, etc. may designate a database, among those retained by the national agencies, etc., which is highly useful for dealing with administrative affairs and providing services for the people as the national main database, and may allow other national agencies, etc. to commonly use it in preference to any other database. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) In respect of matters which may be checked through the common use of the national main database, the heads of national agencies, etc. shall reduce, to a minimum level, requests for the presentation of documents required to check the matters in question.

Article 19 (Organization and Operation of Consultative Council with Private Organizations, etc.)

(1) The heads of national agencies, etc. may organize and operate a consultative council (hereinafter referred to as “private consultative council“) with private business operators or an association of private business operators, following consultation with the Minister of Science, ICT and Future Planning pursuant to Article 19 (2) of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) The private consultative council shall be chaired by a person appointed or commissioned by the heads of national agencies, etc. which organize and operate the private consultative council under paragraph (1) from among public officials or executives and employees of the relevant national agencies, etc., or the representatives of private business operators and the association of private business operators which constitute the private consultative council.

(3) The chairperson of the private consultative council shall represent the private consultative council and exercise overall control over its affairs.

(4) National agencies, etc. shall endeavor to ensure that opinions presented via the private consultative council are reflected in the establishment and execution of national informatization policies to the greatest extent possible.

(5) Detailed matters necessary for the operation of the private consultative council, such as convening the meetings of the private consultative council, shall be determined by the chairperson of the private consultative council after seeking the opinions of the members of the private consultative council.

Article 20 (Management of Knowledge Information Resources)

The Minister of Science, ICT and Future Planning may formulate guidelines concerning the management of knowledge information resources and give notice thereof to the heads of national agencies or the heads of local governments pursuant to Article 25 (1) of the Act in order to ensure that national agencies and local governments can efficiently and systematically manage the knowledge information resources under their jurisdiction. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 21 (Establishment of Mid- to Long-Term Knowledge Information Resources Management Plans)

(1) The Minister of Science, ICT and Future Planning shall establish a mid- to long-term knowledge information resources management plan under Article 25 (2) of the Act on a five-year basis, and establish an annual implementation plan for the management of knowledge information resources within the scope of the mid- to long-term knowledge information resources management plan. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) The Minister of Science, ICT and Future Planning shall confirm and publish the annual implementation plan for the management of knowledge information resources for the following year by September 30 of each year, unless there is a compelling reason not to do so. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(3) The Minister of Science, ICT and Future Planning shall consult with the Minister of Strategy and Finance on budget-related matters included in the mid- to long-term knowledge information resources management plan and the annual implementation plan for the management of knowledge information under paragraph (1). (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) The Minister of Science, ICT and Future Planning shall ensure that the mid- to long-term knowledge information resources management plan and the annual implementation plan for the management of knowledge information resources under paragraph (1) are interlinked with the basic plan. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(5) Where it is deemed necessary for establishing the mid- to long-term knowledge information resources management plan and the annual implementation plan for the management of knowledge information resources under paragraph (1), the Minister of Science, ICT and Future Planning may request the heads of national agencies or the heads of local governments to submit data on the management of knowledge information resources under their jurisdiction. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 22 (Evaluation of Management of Knowledge Information Resources)

(1) In cases of evaluating central administrative agencies and local governments with respect to their management of knowledge information resources pursuant to Article 25 (2) 5 of the Act, the Minister of Science, ICT and Future Planning shall publicly announce in advance the subjects, criteria and methods of such evaluation. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) An evaluation under paragraph (1) shall contain the following matters:

1. Outcomes of the management of knowledge information resources and comparison of such outcomes among agencies;

2. Current status and utilization of knowledge information resources;

3. Defects and improvement measures;

4. Other matters deemed necessary for the evaluation of the management of knowledge information resources.

(3) Where necessary for the evaluation of the management of knowledge information resources, the Minister of Science, ICT and Future Planning may request the presentation of relevant data from the heads of central administrative agencies and the heads of local governments, or investigate the outcomes of the management of knowledge information resources. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) Where necessary for the investigation of the outcomes of the management of knowledge information resources under paragraph (3), the Minister of Science, ICT and Future Planning may receive support from a specialized institution or relevant expert under Article 28 of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(5) The Minister of Science, ICT and Future Planning shall notify the heads of relevant institutions of the outcomes of the evaluation of the management of knowledge information resources. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 23 (Facilitation of Utilization of Knowledge Information Resources)

(1) The heads of central administrative agencies and the heads of local governments shall endeavor to ensure that citizens can use knowledge information resources, other than such information as may not be disclosed under the proviso to Article 9 (1) of the Official Information Disclosure Act, in an electronic form via information communications networks to an extent not infringing upon the rights protected under relevant Acts, such as the Copyright Act.

(2) The heads of central administrative agencies and the heads of local governments shall endeavor to keep the information provided in an electronic form under paragraph (1) up-to-date, accurate and interlinked by continuous management.

(3) The Minister of Science, ICT and Future Planning may provide knowledge information resources by collecting, interlinking and integrating them in an electronic form in order to facilitate unrestricted access to and use of knowledge information resources. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 24 (Standardization of Knowledge Information Resources)

(1) A specialized institution under Article 28 of the Act or a person having an interest in the standardization of knowledge information resources may present a draft standard concerning the matters under the subparagraphs of Article 26 (1) of the Act, and request the Minister of Science, ICT and Future Planning to reflect the details thereof in the standards. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) The Minister of Science, ICT and Future Planning shall, when enacting, amending or repealing standards concerning knowledge information resources, publish such in the official gazette following consultation with the heads of relevant central administrative agencies. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 25 (Designation Procedures for Important Knowledge Information Resources)

(1) The Minister of Science, ICT and Future Planning may designate knowledge information resources under Article 27 (2) of the Act (hereinafter referred to as “important knowledge information resources“) either directly or upon application by the heads of central administrative agencies or the heads of local governments pursuant to Article 27 (1) of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) The heads of central administrative agencies or the heads of local governments shall submit the following to the Minister of Science, ICT and Future Planning when making an application for designation as important knowledge information resources pursuant to paragraph (1): (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Purpose and reason for designation;

2. Types and details of the knowledge information resources subject to designation;

3. Management status of the knowledge information resources and management plan of the knowledge information resources subject to designation;

4. Other matters necessary for the designation of important knowledge information resources.

(3) The Minister of Science, ICT and Future Planning may, when intending to designate important knowledge information resources, require a specialized institution under Article 28 of the Act to form an evaluating body consisting of relevant experts and require the evaluating body to investigate and review the relevant knowledge information resources. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) The Minister of Science, ICT and Future Planning shall, when having designated important knowledge information resources under paragraph (1), publish such fact in the Official Gazette. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 26 (Special Management of Important Knowledge Information Resources)

(1) The heads of central administrative agencies and the heads of local governments shall endeavor to ensure that important knowledge information resources are digitized and interlinked to an extent not infringing upon the rights protected under relevant Acts, such as the Copyright Act.

(2) The heads of central administrative agencies and the heads of local governments shall comply with the standards established under Article 26 of the Act in carrying out the digitization and interlinking of important knowledge information resources. In such cases, the Minister of Science, ICT and Future Planning may investigate whether the standards are complied with, and request correction, based on the findings of the investigation. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(3) The Minister of Science, ICT and Future Planning may render administrative, technical and financial support preferentially for the management of important knowledge information resources. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) For purposes of facilitating the common use and utilization of important knowledge information resources, the Minister of Science, ICT and Future Planning may provide support to national agencies, etc. to jointly digitize and distribute important knowledge information resources, and to provide the services thereof. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 27 (Collection of Knowledge Information Resources)

Where the heads of national agencies, etc. enact or amend statutes under their jurisdiction, or enter into a contract, the Minister of Science, ICT and Future Planning may advise them to include details regarding the collection and utilization of knowledge information resources in a digitized form in such subordinate statutes or contract. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 28 (Designation and Operation of Specialized Institutions)

(1) When the Minister of Science, ICT and Future Planning and the Minister of Government Administration and Home Affairs have designated a specialized institution (hereinafter referred to as the “specialized institution”) under Article 28 of the Act, the Ministers shall publish such fact in the official gazette. (Amended by Presidential Decree nº 24466, Mar. 23, 2013; Presidential Decree nº 25751, Nov. 19, 2014)

(2) The specialized institution shall perform the following affairs for the management of knowledge information resources: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Support for the establishment and implementation of a mid-to long-term knowledge information resources management plan under Article 25 (2) of the Act;

2. Support for the development of management policies of knowledge information resources;

3. Support for the building, operation, management, interlinking, distribution and integration of information systems to facilitate the utilization of knowledge information resources;

4. Support for affairs related to the creation of a classification system, such as assignment of identifiers allowing access to digitized knowledge information resources or distribution thereof via the information communications network;

5. Support for investigations into the management status and actual conditions of knowledge information resources;

6. Support for evaluations of the management of knowledge information resources;

7. Other affairs requested or entrusted by the heads of relevant central administrative agencies and the heads of local governments for the management of knowledge information resources.

(3) The Minister of Science, ICT and Future Planning and the Minister of Government Administration and Home Affairs may require a specialized institution designated and publicly announced under paragraph (1) to establish and submit a detailed project plan for the management of knowledge information resources and a plan for the execution of funds. (Amended by Presidential Decree nº 24466, Mar. 23, 2013; Presidential Decree nº 25751, Nov. 19, 2014)

(4) Where the heads of relevant central administrative agencies and the heads of local governments request or entrust their affairs to a specialized institution, the budget required therefor may be wholly or partially subsidized within budgetary limits.

Article 29 (Advancement of Information Culture)

(1) In order to efficiently implement policies on the advancement and expansion of information culture under Article 29 (1) of the Act, national agencies and local governments may select a private institution or organization related to the project in question and have it carry out the affairs thereof.

(2) National agencies and local governments may provide an institution or organization selected under paragraph (1) with the financial support necessary for implementing policies on the advancement and expansion of information culture. In such cases, an institution or organization which has received financial support shall use it appropriately for the intended purposes of implementing relevant policies.

(3) An institution or organization which intends to receive support from a national agency or local government under paragraph (2) shall apply for support by submitting the following to the national agency or local government:

1. Purpose and details of the project;

2. Necessity and ripple effect of the project;

3. Details of the support it seeks to receive;

4. Expenses to be incurred in conducting the project.

(4) National agencies and local governments shall comprehensively consider the following matters when selecting a private institution or organization under paragraph (1), or selecting an entity eligible to receive support upon receiving an application under paragraph (3) from the selected institutions or organizations:

1. Details and scale of the projects conducted by the relevant institutions or organizations;

2. The relevant institutions or organizations’ capability to implement the projects and recent performance;

3. The social demand for and ripple effect of the relevant policy projects and activities for the advancement and expansion of information culture.

(5) The Minister of Science, ICT and Future Planning may present his/her opinion regarding curriculum to the Minister of Education so that the educational content on information culture may be included in the standards and details of the curriculum pursuant to Article 29 (2) of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(6) Necessary matters for selection under paragraph (1) and the methods, procedures, etc. of support under paragraph (2) shall be prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 30 (Formulation, etc. of Comprehensive Plan for Prevention and Solution of Internet Addiction)

(1) The comprehensive plan for the prevention and solution of Internet addiction under Article 30 (1) of the Act (hereinafter referred to as “comprehensive plan“) shall contain the following: (Amended by Presidential Decree nº 24844, Nov. 20, 2013)

1. The goal and basic direction of comprehensive plan;

2. Analysis of the actual conditions of Internet addiction and the performance of relevant policies;

3. Prospects of and implementation strategies for the prevention and solution of Internet addiction;

4. Research and development for the prevention and solution of Internet addiction;

5. Education, counseling and awareness campaign for the prevention and solution of Internet addiction;

6. Training of specialized human resources for the prevention and solution of Internet addiction;

7. Countermeasures against Internet addiction caused by the use of information communications services utilizing new technology;

8. International cooperation on the prevention and solution of Internet addiction;

9. Other matters necessary for the prevention and solution of Internet addiction.

(2) The heads of relevant central administrative agencies shall prepare plans for policies and projects under their jurisdiction which are to be reflected in the comprehensive plan, and submit it to the Minister of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24844, Nov. 20, 2013)

(3) The Minister of Science, ICT and Future Planning shall publicly announce the comprehensive plan on the Internet homepage of the Ministry of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013; Presidential Decree nº 24844, Nov. 20, 2013)

Article 30-2 (Formulation, etc. of Promotion Plan for Prevention and Solution of Internet Addiction)

(1) The Minister of Science, ICT and Future Planning and the head of each relevant central administrative agency shall formulate an implementation plan to prevent and solve Internet addiction under Article 30 (2) of the Act (hereinafter referred to as “implementation plan“) by the end of February each year.

(2) The Minister of Science, ICT and Future Planning shall notify the head of each relevant central administrative agency of the guidelines for formulating an implementation plan by December 15 of the preceding year.

(3) The head of each relevant central administrative agency shall submit an implementation plan formulated pursuant to the guidelines under paragraph (2) as well as performance records of the preceding year to the Minister of Science, ICT and Future Planning by January 31 each year.

(4) The Minister of Science, ICT and Future Planning shall put together the implementation plans submitted pursuant to paragraph (3) and notify it to the head of each relevant administrative agency.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 30-3 (Standards for Green Internet Certification)

The standards for Green Internet certification referred to in Article 30-3 (3) of the Act shall be determined and publicly notified by the Minister of Science, ICT and Future Planning in accordance with the following classifications:

1. Whether relevant statutes for the prevention and solution of Internet addiction are complied with;

2. Whether the management of the media and content of information communications services for the prevention and solution of Internet addiction is appropriate;

3. Whether the guidelines for diagnostic methods for Internet addiction, counseling centers, etc. are appropriate;

4. Whether other necessary measures for the prevention and solution of Internet addiction are implemented.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 30-4 (Effective Period of Green Internet Certification)

The effective period of Green Internet certification under Article 30-3 (3) of the Act shall be two years.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 30-5 (Indication of and Publicity for Green Internet Certification)

(1) The indication of the Green Internet certification mark referred to in Article 30-5 (1) of the Act shall be as specified in attached Table 2.

(2) Where a person who has obtained Green Internet certification publicizes the fact that he/she has obtained such certification under Article 30-5 (1) of the Act, he/she shall indicate the effective period of the certification.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 30-6 (Establishment, etc. of Internet Addiction Response Center)

(1) The criteria for establishing and operating an Internet Addiction Response Center under Article 30-6 (3) of the Act shall be as specified in attached Table 3.

(2) The State or local governments shall establish and operate an Internet Addiction Response Center in a manner that fulfills the criteria referred to in paragraph (1), and endeavor to secure related budgets and to provide education and conduct management smoothly.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 30-7 (Provision of Education on Internet Addiction)

(1) The term “Other public agencies prescribed by Presidential Decree” referred to in Article 30-8 (2) 4 of the Act means institutions designated by the Minister of Strategy and Finance pursuant to Article 4 (1) of the Act on the Management of Public Institutions.

(2) The heads of the institutions referred to in Article 30-8 (2) of the Act shall provide education on Internet addiction at least once every year.

(3) Education on Internet addiction referred to in paragraph (2) may be provided by various methods, such as lectures and audio-visual education, and the education content shall include the following:

1. The current state and cases of Internet addiction;

2. The methods of prevention and time management against Internet addiction;

3. The method of identifying a harmful Internet environment;

4. Other matters necessary to prevent and solve Internet addiction.

(4) The Minister of Science, ICT and Future Planning may provide necessary textbooks and materials to institutions or organizations that provide education on Internet addition.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31 (Guaranteeing Access to and Use of Information by Persons with Disabilities, Aged Persons, etc.)

The Minister of Science, ICT and Future Planning shall carry out the following matters in order to guarantee accessibility to the websites of national agencies, etc. under Article 32 (1) of the Act: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Fact-finding surveys on accessibility to websites;

2. Standardization of accessibility to websites and support for the development of related technologies;

3. Education and consulting for guaranteeing accessibility to websites;

4. Other matters necessary for guaranteeing accessibility to websites.

Article 31-2 (Criteria for Designating Web Accessibility Quality Certification Institution)

The criteria for designating a Web accessibility quality certification institution referred to in Article 32-2 (1) of the Act (hereinafter referred to as “certification institution“) shall be determined and publicly notified by the Minister of Science, ICT and Future Planning in accordance with the following classifications:

1. Whether it has an organization and human resources necessary for certification business;

2. Whether it has facilities necessary for certification business and environmental conditions necessary for the operation of such facilities;

3. Whether it has internal regulations stipulating the management and operation of human resources, organization, facilities, etc. relating to certification business, as well as the methods and procedures for conducting examination for certification.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31-3 (Criteria, Procedures, etc. for Web Accessibility Quality Certification)

(1) The criteria for Web accessibility quality certification referred to in Article 32-2 (1) of the Act (hereinafter referred to as “quality certification“) shall be determined and publicly notified by the Minister of Science, ICT and Future Planning in accordance with the following classifications:

1. All content shall be recognizable by users regardless of disability types, such as visual and hearing impairment;

2. It shall be presented in a manner manageable by users, including visually and aurally impaired persons;

3. Content or control methods shall be structured in a way easily understandable by users;

4. Content shall be made solid so as to be accessible by various methods of technology.

(2) Where a certification institution receives an application for quality certification pursuant to Article 32-2 (3) of the Act, it shall carry out written and technical examinations by applying the criteria for quality certification referred to in paragraph (1).

(3) Where the head of a certification institution deems that the criteria for quality certification are not satisfied as a result of examination, he/she shall inform the applicant of the rejection of the certification and the reason therefor.

(4) Details necessary for Web accessibility quality certification, other than the matters referred to in subparagraphs 1 through 3, shall be determined and publicly notified by the Minister of Science, ICT and Future Planning.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31-4 (Effective Period of Web Accessibility Quality Certification)

The effective period of quality certification under Article 32-2 of the Act shall be one year.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31-5 (Certification Institution’s Business Procedures)

(1) Where the name, representative, location, examination specialist or business regulations of a certification institution are altered, the certification institution shall submit a document verifying the details of such alteration to the Minister of Science, ICT and Future Planning, within 30 days from the date of alteration.

(2) A certification institution shall submit a report on certification records of the preceding year to the Minister of Science, ICT and Future Planning by January 31 each year.

(3) The Minister of Science, ICT and Future Planning may require a certification institution to submit necessary materials, or conduct an on-the-spot inspection to ascertain whether the certification institution falls under any subparagraph of Article 32-3 (1) of the Act.

(4) When a certification institution is unable to carry out business as a certification institution due to discontinuance, suspension, etc. of its business, it shall inform the Minister of Science, ICT and Future Planning of such fact without delay.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31-6 (Fees)

The standards for fees which a certification institution receives from applicants for quality certification shall be determined by the Minister of Science, ICT and Future Planning, taking into account the number of certification examiners participating in certification examination, the period necessary for certification examination, etc.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31-7 (Revocation of Designation, etc. as Certification Institution)

(1) The criteria for the revocation of designation, business suspension, etc. of a certification institution referred to in Article 32-3 (2) of the Act shall be as specified in attached Table 4.

(2) Where the Minister of Science, ICT and Future Planning intends to revoke the designation of a certification institution or to order business suspension thereof pursuant to Article 32-3 of the Act, he/she shall hold a hearing, and where the designation has been revoked or business suspension has been ordered, he/she shall publish such fact in an official gazette.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 31-8 (Indication of and Publicity for Web Accessibility Quality Certification)

(1) The indication of Web accessibility quality certification referred to in Article 32-4 (1) of the Act shall be as specified in attached Table 5.

(2) Where a person who has obtained web accessibility quality certification intends to indicate or publicize the details of certification pursuant to Article 32-4 (1) of the Act, he/she shall indicate the scope and the effective period of certification.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 32 (Support of Business Operators Related to Narrowing of Digital Divide)

(1) A business operator who intends to receive support from a national agency or local government under Article 33 (2) of the Act shall apply for support by submitting the necessary matters under the following classifications to the national agency or local government:

1. A business operator who develops and produces information communications equipment and software (hereinafter referred to as “information communications products“) for improving access to information by persons with disabilities, aged persons, etc. and the related user environment: Details of the information communications products in question and the details of financial and technical support applied for;

2. A business operator who provides content for persons with disabilities, aged persons, farmers, fishermen and low-income earners: Details of the information communications products in question and the details of financial and technical support applied for;

3. A business operator who develops and distributes relevant technology under Article 33 (1) of the Act (hereinafter referred to as “technology related to narrowing of the digital divide“): Details of the technology related to narrowing of the digital divide in question and the details of financial and technical support applied for.

(2) Upon receiving an application under paragraph (1), national agencies and local governments shall comprehensively consider the following matters when selecting a person eligible to receive support:

1. A business operator’s record of performance on the development, production and provision of information communications products and content and on the development of technologies related to narrowing of the digital divide;

2. Usefulness of information communications products, content, or technologies related to narrowing of the digital divide which a business operator intends to develop, produce, provide and distribute;

3. Appropriateness of the production plan of information communications products, provision plan of content, and development plan of the technologies related to narrowing of the digital divide.

(3) Necessary matters for the methods and procedures of applying for support under paragraph (1) shall be prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 33 (Support, etc. of Information Communications Products)

(1) “Persons prescribed by Presidential Decree” in subparagraph 3 of Article 34 of the Act means the following persons: (Amended by Presidential Decree nº 24018, Aug. 3, 2012; Presidential Decree nº 24020, Aug. 3, 2012)

1. Children subject to protection under subparagraph 4 of Article 3 of the Child Welfare Act;

2. Persons who have received rating of injury between grade one to seven, among persons of distinguished service to the State who are registered under Article 6 of the Act on the Honorable Treatment and Support of Persons, etc. of Distinguished Service to the State;

3. Immigrants by marriage, etc. under subparagraph 2 of Article 2 of the Multicultural Families Support Act;

4. Persons who are currently receiving social welfare services under subparagraph 6 of Article 2 of the Social Welfare Services Act from social welfare foundations or social welfare facilities under subparagraph 3 or 4 of Article 2 of the same Act;

5. Other persons deemed necessary by a national agency or local government for the improvement of access to information and user environment.

(2) National agencies and local governments shall comprehensively consider the following matters in providing information communications products under Article 34 of the Act:

1. Usability of information communications products;

2. Capability of a person eligible to receive support to use information communications products;

3. Economic conditions of a person eligible to receive support.

(3) Where it is inevitable for the performance of business affairs for the support of information communications products under Article 34 of the Act, national agencies and local governments may process materials containing resident registration numbers under subparagraph 1 of Article 19 of the Enforcement Decree of the Personal Information Protection Act. (Inserted by Presidential Decree nº 23488, Jan. 6, 2012)

Article 34 (Targets and Types, etc. of Education for Narrowing Digital Divide)

(1) “Persons prescribed by Presidential Decree” in Article 35 (2) 1 of the Act means persons with disabilities under Article 2 (1) of the Enforcement Decree of the Act on Welfare of Persons with Disabilities.

(2) “Persons prescribed by Presidential Decree” in Article 35 (2) 4 of the Act means the following persons: (Amended by Presidential Decree nº 21847, Nov. 26, 2009; Presidential Decreenº 24018, Aug. 3, 2012; Presidential Decree nº 24020, Aug. 3, 2012)

1. Children subject to protection under subparagraph 4 of Article 3 of the Child Welfare Act;

2. The aged under subparagraph 1 of Article 2 of the Act on Prohibition of Age Discrimination in Employment and Elderly Employment Promotion;

3. Immigrants by marriage, etc. under subparagraph 2 of Article 2 of the Multicultural Families Support Act;

4. Persons under protection at single-parent family welfare facilities under Article 19 (1) of the Single-Parent Family Support Act;

5. Farmers and fishermen under subparagraph 2 of Article 3 of the Framework Act on Agriculture and Fisheries, Rural Community, and Food Industry;

6. Deleted.; (By Presidential Decree nº 21847, Nov. 26, 2009)

7. Other persons deemed necessary by a national agency or local government for narrowing of the digital divide.

(3) The targets of education for narrowing the digital divide under Article 35 (4) of the Act shall be persons falling under any subparagraph of Article 35 (2) of the Act.

(4) The types of education for narrowing the digital divide under Article 35 (4) of the Act shall be as follows:

1. Basic education concerning computers and the Internet, etc.;

2. Education concerning how to search, process and produce necessary information utilizing computers and the Internet, etc.;

3. Other education deemed necessary by a national agency or local government.

Article 35 (Supplementation, etc. of Information Protection System)

(1) The Minister of Science, ICT and Future Planning shall consult in advance with the heads of relevant agencies when the Minister establishes standards for the performance and reliability of information protection systems under Article 38 (1) of the Act, or determines detailed matters on the affairs of evaluating or certifying whether such standards are complied with. In such cases, where the head of a relevant agency determines the detailed matters on certification affairs and gives notice thereof to the Minister of Science, ICT and Future Planning, the consultation thereof shall be deemed to have undergone. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) When a person who manufactures or imports information protection systems requests confirmation of whether the said systems comply with the standards under Article 38 (1) of the Act, the Minister of Science, ICT and Future Planning may require the President of the Korea Internet and Security Agency under Article 52 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., or the head of any institution meeting the standards under relevant international conventions to investigate, test or evaluate the said systems. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(3) A person who requests an investigation, test or evaluation under paragraph (2) shall pay the fees determined by the President of the Korea Internet and Security Agency or the head of any institution meeting the standards under relevant international conventions pursuant to the standards prescribed and published by the Minister of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 36 (Establishment of Sound Information Communications Ethics)

(1) The Minister of Science, ICT and Future Planning may advise the heads of national agencies, etc. who have installed equipment which allows many unspecified persons to search, save, send and receive information using information communications networks to install and supplement relevant equipment or software which prevents access to unwholesome information, such as obscene materials, violent materials, etc., in accordance with Article 40 of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) The Minister of Science, ICT and Future Planning may establish and publish standards for managerial and technical measures, etc. required for the wholesome use of the information communications services by juveniles under Article 40 of the Act, and advise the providers of information communications services under Article 2 (1) 3 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (hereinafter referred to as “providers of information communications services“) to comply with the said standards. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 37 (Prevention, etc. of Harm to Users)

Where necessary to prevent harm to life, body and property resulting from information communications-related equipment and services provided for users under Article 41 (1) 3 of the Act, the Minister of Science, ICT and Future Planning may establish standards to prevent harm to users caused by information communications-related equipment and services, and standards to indicate the use, cautions for use, etc. of information communications-related equipment and services, thereby advising the manufacturers and importers of information communications-related equipment, or the providers of information communications services, etc. to comply with the said standards. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 38 (Fact-Finding Surveys)

(1) “Matters prescribed by Presidential Decree” under Article 43 (2) 4 of the Act means the following: (Amended by Presidential Decree nº 22151, May 4, 2010; Presidential Decree nº 24466, Mar. 23, 2013)

1. Actual conditions related to the execution of national informatization by national agencies, etc.;

2. Actual conditions related to support provided by national agencies, etc. for the informatization of private sectors;

3. Actual conditions related to information culture concerning the utilization and use patterns of information communications services and information communications products;

4. Actual conditions related to the digital divide concerning access, retention, use, etc. of information communications services and information communications products;

5. Actual conditions related to the addiction of the users of information communications services, such as the Internet, mobile phone, etc. and information communications products ;

6. Actual conditions related to the introduction and operation of information technology architectures under subparagraph 12 of Article 2 of the Electronic Government Act and the record of performance thereof;

7. Current status of the volume of knowledge information resources retained by national agencies, etc. and the digitization thereof;

8. Current status of the management of knowledge information resources and important knowledge information resources by national agencies, etc.;

9. Other matters concerning national informatization which are deemed necessary by the Minister of Science, ICT and Future Planning.

(2) The Minister of Science, ICT and Future Planning may annually directly conduct surveys of national agencies, etc., the public, private enterprises and associations or request the submission of necessary data thereto, if necessary for fact-finding surveys under Article 43 (2) of the Act. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 39 (Development and Distribution of Indices)

The Minister of Science, ICT and Future Planning shall develop and distribute the following indices under Article 44 of the Act: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Indices by which the level of national informatization may be measured;

2. Indices by which the level of information culture may be measured;

3. Other indices necessary for the management of national informatization and knowledge information resources, and narrowing of the digital divide.

Article 39-2 (Entrustment of Business relating to Green Internet Certification)

The Minister of Science, ICT and Future Planning shall entrust the following affairs, among business affairs relating to Green Internet certification, to the National Information Society Agency pursuant to Article 46 (2) 1 of the Act:

1. Acceptance of applications for Green Internet certification;

2. Examination for Green Internet certification;

3. Issuance of Green Internet certificates;

4. Management concerning the use of the Green Internet certification mark.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

Article 40 (Sectors, etc. for which Dedicated Institution can be Designated)

(1) Sectors for which the Minister of Science, ICT and Future Planning may designate a dedicated institution under Article 48 (1) of the Act (hereinafter referred to as “dedicated institution“) are as follows: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Building and management of the national information super-highway under Article 49 (1) of the Act;

2. Projects for broadband integrated research and development networks to build a B-ISDN;

3. Leading projects for verifying new technology on B-ISDN, such as the future Internet, etc.;

4. Application technology development projects for broadband integrated information communications;

5. Pilot area projects for quality control of B-ISDN and the enhancement of LAN;

6. Establishment of joint support facilities for promoting the building of B-ISDN infrastructure;

7. Core technology development projects for the building of B-ISDN;

8. Public relations projects for the public;

9. Research projects on laws and institutions;

10. International cooperation projects;

11. Development projects related to platform technology for competitiveness;

12. Pilot projects for facilitating the building of B-ISDN infrastructure and for revitalizing the use thereof;

13. Other projects necessary for facilitating the building and use of B-ISDN infrastructure.

(2) The head of a dedicated institution shall establish a detailed project plan and funds execution plan for each designated sector and submit it to the Minister of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(3) Matters necessary for the performance of dedicated institution’s affairs, such as project management, etc. shall be prescribed by the Minister of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 41 (Building and Management of National Information Super-Highway)

(1) A dedicated institution shall carry out the following affairs when building and managing the national information super-highway pursuant to Article 49 (1) and (3) of the Act: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Establishment of detailed project plans for the building and operation of the national information super-highway;

2. Establishment, execution and management of government-contributed financial resources;

3. Building, operation, maintenance and repair of the national information super-highway;

4. Surveys on demand for the national information super-highway and the establishment of a utilization plan thereof;

5. Ensuring the security of the national information super-highway;

6. Other affairs deemed necessary by the Minister of Science, ICT and Future Planning for the building and operation of the national information super-highway.

(2) The head of a dedicated institution may require a key communications business operator to implement part of the following affairs in order to efficiently carry out the affairs under paragraph (1) 3: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Design and building of the national information super-highway;

2. Operation of the national information super-highway;

3. Maintenance and repair of the national information super-highway and the efficient recovery from obstacles that arise;

4. Imposition, collection and management of charges to/from agencies using the national information super-highway;

5. Other affairs deemed necessary by the Minister of Science, ICT and Future Planning for the efficient building and operation of the national information super-highway.

(3) The head of a dedicated institution shall determine the standards, procedures, etc. of selecting key communications business operators capable of efficiently carrying out relevant affairs and obtain approval therefor from the Minister of Science, ICT and Future Planning when he/she requires a key communications business operator to implement part of the affairs under paragraph (2). (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) The head of a dedicated institution shall determine agencies, conditions, etc. for the use of the national information super-highway and obtain approval therefor from the Minister of Science, ICT and Future Planning. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 42 (Scope of Non-Profit Organizations)

Non-profit organizations prescribed by Presidential Decree” under Article 49 (1) of the Act means the following organizations: (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

1. Schools of any level established under the Elementary and Secondary Education Act, Higher Education Act and other Acts;

2. Research institutions which are non-profit corporations;

3. Medical institutions established by any person prescribed under the provisions of Article 33 (2) 2 through 4 of the Medical Service Act, the National Health Insurance Corporation established under the National Health Insurance Act, and the National Pension Service under the National Pension Act;

4. Museums and art galleries under the Museum and Art Gallery Support Act;

5. Libraries under the Libraries Act;

6. Other non-profit organizations deemed necessary by the Minister of Science, ICT and Future Planning for facilitating the building and use of the national information super-highway.

Article 43 (Requests, etc. for Construction or Lease of Conduits, etc.)

(1) Key communications business operators, etc. under Article 51 (2) of the Act (hereinafter referred to as “key communication business operators, etc.”) shall, when they request the construction of conduits, common utility ducts, electric poles, etc. (hereinafter referred to as “conduits, etc.”), consult in advance with other key communication business operators, etc. regarding demand for conduits, etc.

(2) Where an agency which constructs, operates and manages roads, railroads, subways, waterworks and sewerage, electrical facilities, telecommunications circuit facilities, etc. (hereinafter referred to as “facilities management agency“) is requested to construct or lease conduits, etc. under Article 51 (2) of the Act, the agency shall endeavor to enter into an agreement related to such construction or lease with key communications business operators, etc. within three months from the date of receiving such request, unless there is a compelling reason not to do so to the extent that it does not impede the proper business purpose of a facilities management agency.

Article 44 (Requests for Mediation and Deliberation)

(1) Key communications business operators, etc. may submit a request for mediation to the Minister of Science, ICT and Future Planning under Article 51 (3) of the Act if an agreement between a key communications business operator, etc. and a facilities management agency is not concluded within the period specified in Article 43 (2), or such an agreement cannot be concluded. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(2) The Minister of Science, ICT and Future Planning shall hear the opinions of the parties involved and may investigate the facts where necessary, when conducting mediation on the construction or lease of conduits, etc. upon receiving a request for mediation under paragraph (1). (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(3) In conducting mediation under paragraph (2), where the Minister of Science, ICT and Future Planning determines that a failure to reach an agreement between the parties appears severely detrimental to public interest, the Minister may make a mediatory decision for the conclusion of a fair agreement through consultation with the heads of relevant central administrative agencies, taking account of the interests, etc. of the parties involved. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

(4) Where the Minister of Science, ICT and Future Planning has made a mediatory decision under paragraph (3), the parties involved shall comply with the mediatory decision unless there is a compelling reason not to do so. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 45 (Requests for Mediation on Construction or Lease of Conduits, etc.)

A person who intends to request mediation on an agreement for construction or lease of conduits, etc. under Article 44 (1) shall submit to the Minister of Science, ICT and Future Planning a request for mediation on an agreement for the construction, etc. of conduits, etc. accompanied with documents concerning the agreement history and execution status. (Amended by Presidential Decree nº 24466, Mar. 23, 2013)

Article 46 (Imposition of Administrative Fine)

The criteria for the imposition of administrative fine referred to in Article 47 (1) and (2) of the Act shall be as specified in attached Table 6.

(Article Inserted by Presidential Decree nº 24844, Nov. 20, 2013)

ADDENDA

Article 1 (Enforcement Date)

This Decree shall enter into force on August 23, 2009.

Article 2 (Repeal of other Statutes)

The following Acts and subordinate statutes are hereby each repealed:

1. Enforcement Decree of the Act on Narrowing of the Digital Divide;

2. Enforcement Decree of the Knowledge Information Resource Management Act.

Article 3 Omitted.

Article 4 (Relationship to other Statutes)

Where other statutes cite the former Enforcement Decree of the Framework Act on Informatization Promotion, the former Enforcement Decree of the Act on Narrowing of the Digital Divide, the former Enforcement Decree of the Knowledge Information Resource Management Act or the provisions thereunder at the time this Decree enters into force, this Decree or the relevant provisions of this Decree shall be deemed cited in lieu of the former provisions if the provisions corresponding thereto exist in this Decree.

ADDENDA (Presidential Decree nº 21847, Nov. 26, 2009)

Article 1 (Enforcement Date)

This Decree shall enter into force on November 28, 2009.

Articles 2 through 6 Omitted.

ADDENDA (Presidential Decree nº 21882, Dec. 14, 2009)

Article 1 (Enforcement Date)

This Decree shall enter into force on the date of its promulgation. (Proviso Omitted.)

Articles 2 through 7 Omitted.

ADDENDA (Presidential Decree nº 22075, Mar. 15, 2010)

Article 1 (Enforcement Date)

This Decree shall enter into force on March 19, 2010. (Proviso Omitted.)

Article 2 Omitted.

ADDENDA (Presidential Decreenº. 22151, May 4, 2010)

Article 1 (Enforcement Date)

This Decree shall enter into force on May 5, 2010.

Articles 2 through 4 Omitted.

ADDENDA (Presidential Decree nº 22218, Jun, 28, 2010)

Article 1 (Enforcement Date)

This Decree shall enter into force on the date of its promulgation.

Articles 2 (Applicability concerning Establishment of Implementation Plans for National Informatization)

The amended provisions of Article 4 shall also apply to an implementation plan for which establishment procedures are still in progress at the time this Decree enters into force.

ADDENDUM (Presidential Decree nº 22475, Nov. 10, 2010)

This Decree shall enter into force on the date of its promulgation.

ADDENDA (Presidential Decree nº 23488, Jan. 6, 2012)

Article 1 (Enforcement Date)

This Decree shall enter into force on the date of its promulgation. (Proviso Omitted.)

Article 2 Omitted.

ADDENDA (Presidential Decree nº 24018, Aug. 3, 2012)

Article 1 (Enforcement Date)

This Decree shall enter into force on August 5, 2012.

Articles 2 through 7 Omitted.

ADDENDA (Presidential Decree nº 24020, Aug. 3, 2012)

Article 1 (Enforcement Date)

This Decree shall enter into force on August 5, 2012. (Proviso Omitted.)

Articles 2 and 3 Omitted.

ADDENDA (Presidential Decree nº 24466, Mar. 23, 2013)

Article 1 (Enforcement Date)

This Decree shall enter into force on the date of its promulgation.

Article 2 Omitted.

ADDENDUM (Presidential Decree nº 24844, Nov. 20, 2013)

This Decree shall enter into force on November 23, 2013.

ADDENDUM (Presidential Decree nº 25331, Apr. 29, 2014)

This Decree shall enter into force on the date of its promulgation.

ADDENDA (Presidential Decree nº 25339, Apr. 29, 201)

Article 1 (Enforcement Date)

This Decree shall enter into force on the date of its promulgation.

Articles 2 and 3 Omitted.

ADDENDA (Presidential Decree nº 25448, Jul. 7, 2014)

Article 1 (Enforcement Date)

This Decree shall enter into force on July 8, 2014.

Articles 2 through 4 Omitted.

ADDENDA (Presidential Decree nº 25456, Jul. 14, 2014)

Article 1 (Enforcement Date)

This Decree shall enter into force on July 15, 2014.

Articles 2 through 6 Omitted.

ADDENDA (Presidential Decree nº 25751, Nov. 19, 2014)

Article 1 (Enforcement Date)

This Decree shall enter into force on the date of its promulgation: Provided, That among the Presidential Decrees which are amended according to Article 5 of Addenda, each amended part of the Decree, which is promulgated before this Decree enters into force but of which the enforcement date has not come, shall enter into force on the date of the promulgation of the relevant Presidential Decree.

Articles 2 through 5 Omitted.

05Nov/21

Act nº 10166, Mar. 22, 2010. Telecommunications Business Act

Act nº 10166, Mar. 22, 2010. Telecommunications Business Act (Amended by Act nº 10656, May 19, 2011, Act nº 11201, Jan. 17, 2012).

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purposes)

The purpose of this Act is to contribute to the promotion of public welfare by encouraging sound development of the telecommunications business and ensuring convenience to the users of the telecommunications business through proper management of such business and efficient operation of telecommunications.

Article 2 (Definitions)

The terms used in this Act shall be defined as follows: (Amended by Act nº 10656, May 19, 2011)

1. The term “telecommunications” means any transmission or reception of signs, signals, writing, sounds and images by wire, radio, optics or other electromagnetic systems;

2. The term “telecommunications equipment and facilities” means equipment and facilities necessary for telecommunications, such as machinery, appliances, lines, etc.;

3. The term “telecommunications line equipment and facilities” means equipment and facilities which constitute communications channels between transmission and reception points for telecommunications among the telecommunications equipment and facilities, such as the transmission and line equipment and facilities, exchange facilities installed as one body of the transmission and line equipment and facilities, and all facilities attached thereto;

4. The term “commercial telecommunications equipment and facilities” means telecommunications equipment and facilities to be provided for tele communications business;

5. The term “private telecommunications equipment and facilities” means telecommunications equipment and facilities, other than commercial telecommunications equipment and facilities, installed by an individual to be used for his/her own telecommunications;

6. The term “telecommunications services” means services to advocate a third party’s communications through telecommunications equipment and facilities or to provide telecommunications equipment and facilities for a third party’s communications;

7. The term “telecommunications business” means any business which provides telecommunications services;

8. The term “telecommunications business operator” means an entity that provides telecommunications services upon obtaining a license, or completing registration or reporting (including cases of exemption from reporting) under this Act;

9. The term “user” means a person who concludes a contract for the use of telecommunications services with a telecommunications business operator in order to procure telecommunications services;

10. The term “pervasive services” means basic telecommunications services which any user may use at reasonable fees regardless of time and place;

11. The term “common telecommunications services” means telecommunications services for transmitting or receiving sounds, data, images, etc. without any change in the form or contents thereof and to lease telecommunications line equipment and facilities for the use of transmission or reception of sounds, data, images, etc., such as telephone services or Internet services: Provided, That this shall not include telecommunications services (referring to detailed independent services among telecommunications services under subparagraph 6; hereinafter the same shall apply) determined and publicly announced by the Korea Communications Commission;

12. The term “value-added telecommunications services” means telecommunications services, other than common telecommunications services:

13. The term “special value-added telecommunications services” shall be as follows:

(a) Value-added telecommunications services provided by a special on-line service provider under Article 104 of the Copyright Act;

(b) Other value-added telecommunications services for the purpose of storing and transmitting, or transmitting information under subparagraph 1 of Article 3 of the Framework Act on National Informatization by using computers among others.

Article 3 (Duties to Provide Services, etc.)

(1) No telecommunications business operator may refuse to provide any telecommunications service, without justifiable grounds.

(2) A telecommunications business operator shall perform his/her business in a fair, swift and accurate manner.

(3) Fees for telecommunications services shall be reasonably determined so as to ensure the efficient development of the telecommunications business and to provide users with convenient and various telecommunications services fairly and inexpensively.

Article 4 (Provision, etc. of Pervasive Services)

(1) Each telecommunications business operator shall have obligations to provide pervasive services or to compensate for losses incurred therefrom.

(2) Notwithstanding paragraph (1), the Korea Communications Commission may release any of the following telecommunications business operators from the obligations mentioned under paragraph (1):

1. A telecommunications business operator, prescribed by Presidential Decree, for whom the imposition of obligations under paragraph (1) is deemed inadequate in consideration of the nature of telecommunications services;

2. A telecommunications business operator whose profits from telecommunications services is not more than the amounts determined by Presidential Decree within 1/100 of the total profits from all telecommunications services.

(3) Details of pervasive services shall be determined by Presidential Decree in consideration of the following matters:

1. Level of the development of information and communications technology;

2. Level of the dissemination of telecommunications services;

3. Public interest and safety;

4. Promotion of social welfare;

5. Acceleration of informatization.

(4) In order to provide pervasive services in an efficient and stable manner, the Korea Communications Commission may, according to standards and procedures prescribed by Presidential Decree, designate a telecommunications business operator who provides pervasive services, taking into account the scope, quality and level of fees of pervasive services, and the technical capability of the telecommunications business operator.

(5) The Korea Communications Commission may distribute the burden of compensation for losses incurring from providing pervasive services to telecommunications business operators, based on their profits, in accordance with the methods and procedures prescribed by Presidential Decree.

CHAPTER II.- TELECOMMUNICATIONS BUSINESS

SECTION 1.- General Provisions

Article 5 (Classification, etc. of Telecommunications Businesses)

(1) The telecommunications business shall be classified into the common telecommunications business, special category telecommunications business and value-added telecommunications business.

(2) The common telecommunications business shall install telecommunications line equipment and facilities, and thereby provide telecommunications services.

(3) The special category telecommunications business shall be as follows:

1. Business that provides common telecommunications services by using telecommunications line equipment and facilities, etc. of a person who has obtained a license for the common telecommunications business under Article 6 (hereinafter referred to as “common telecommunications business“);

2. Business that installs telecommunications equipment and facilities in the premises prescribed by Presidential Decree, and provides telecommunications services therein by using such equipment and facilities.

(4) The value-added telecommunications business shall provide value-added telecommunications services.

SECTION 2.- Common Telecommunications Business

Article 6 (Licenses, etc. for Common Telecommunications Business)

(1) A person who intends to operate the common telecommunications business shall obtain a license from the Korea Communications Commission.

(2) When granting a license under paragraph (1), the Korea Communications Commission shall comprehensively examine the following matters:

1. Financial capability to implement plans for providing common telecommunications services;

2. Technical capability to implement plans for providing common telecommunications services;

3. Adequacy of plans for protecting users;

4. Other matters prescribed by Presidential Decree concerning capabilities necessary for the stable provision of common telecommunications services.

(3) The Korea Communications Commission shall establish detailed criteria for examination by subject matter to be examined, under paragraph (2), a period for granting licenses and guidelines for application for licenses, and publicly announce them.

(4) When granting a license for the common telecommunications business under paragraph (1), the Korea Communications Commission may place necessary conditions to facilitate fair competition, protect users, improve service quality and efficiently utilize information and telecommunications resources. In such cases, details of such conditions shall be published on the Official Gazette or posted on the web site.

(5) A license under paragraph (1) shall be granted only to a corporation.

(6) Procedures for granting licenses under paragraph (1) and other necessary matters shall be determined by Presidential Decree.

 Article 7 (Grounds for Disqualification of Licenses)

No person falling under any of the following subparagraphs shall be entitled to obtain a license for the common telecommunications business under Article 6:

1. The State or local governments;

2. Foreign governments or foreign corporations;

3. Corporations, stocks of which are held by foreign governments or foreigners in excess of the limitation on stock holdings referred to in Article 8 (1).

Article 8 (Limitation on Stock Holdings by Foreign Governments or Foreigners)

(1) A foreign government or foreigner may hold stocks of the common telecommunications business (excluding non-voting stocks under Article 370 of the Commercial Act, but including voting stock equivalents, such as security depositary receipts, and equity shares; hereinafter the same shall apply) within 49/100 of the total number of outstanding stocks of the common telecommunications business, when aggregating all of those held by foreign governments or foreigners.

(2) Where a foreign government or foreigner (including a specially related person under Article 9 (1) 1 of the Financial Investment Services and Capital Markets Act; hereinafter the same shall apply) holds 15/100 or more of the total number of outstanding stocks of a corporation and is the largest shareholder under Article 9 (1) 1 of the Financial Investment Services and Capital Markets Act, such corporation shall be deemed as a foreign corporation (hereinafter referred to as “deemed-foreign corporation“).

(3) Any corporation which holds less than 1/100 of the total number of outstanding stocks of the common telecommunications business may not be deemed as a foreign corporation, even if it satisfies the requirements under paragraph (2).

Article 9 (Grounds for Disqualification as Executives)

(1) Any person falling under any of the following subparagraphs shall be disqualified as an executive of any common telecommunications business operator:

1. A minor, or an incompetent or quasi-incompetent person;

2. A person who is not yet reinstated after having been declared bankrupt by a court;

3. A person in whose case three years have not passed since he/she had been sentenced to imprisonment without prison labor or heavier punishment for a violation of this Act, the Framework Act on Telecommunications, the Radio Waves Act or the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (excluding matters not directly related to the telecommunications business; hereinafter referred to as “this Act, etc.”), and the execution of the punishment was completed (including cases that the execution is deemed to have been completed) or he/she was exempted from the enforcement of the sentence;

4. A person who was sentenced to a suspended execution of imprisonment without prison labor or heavier punishment for a violation of this Act, etc. and is still under the period of suspension;

5. A person in whose case one year has not passed since he/she had been sentenced to a fine for a violation of this Act, etc.;

6. A person in whose case three years have not passed since he/she has been subject to a disposition to fully or partially cancel his/her license in accordance with Article 20 (1), a disposition to fully or partially revoke his/her registration in accordance with Article 27 (1) or an order to fully or partially discontinue the business in accordance with Article 27 (2). In cases of a corporation, “person” refers to a person who causes cancellation of its license, revocation of its registration or an order to discontinue the business, and its representative.

(2) Where any executive falls under any subparagraph of paragraph (1) or is found to fall under any subparagraph of paragraph (1) at the time he/she is appointed as an executive, he/she shall duly resign from office.

(3) Any activity in which any executive has been involved prior to his/her resignation under paragraph (2) may not lose its legal effect.

Article 10 (Examination on Public Benefits of Possession, etc. of Stocks by Common Telecommunications Business)

(1) A Public Benefit Examination Committee (hereinafter referred to as the “Committee“) shall be established in the Korea Communications Commission in order to examine as to whether any of the following cases impairs public interests prescribed by Presidential Decree (hereinafter referred to as “examination on public benefits“), such as national security, public safety and maintenance of order:

1. Where a person holds not less than 15/100 of the total number of outstanding stocks of the common telecommunications business, including those stocks held by a specially related person under Article 9 (1) 1 of the Financial Investment Services and Capital Markets Act (hereinafter referred to as “specially related person“);

2. Where the largest stockholder of the common telecommunications business changes;

3. Where the common telecommunications business operator or any stockholder of a common telecommunications business concludes a contract with a foreign government or a foreigner for important managerial matters prescribed by Presidential Decree, such as the appointment and dismissal of executives and the transfer or acquisition of business;

4. Where any stockholder who has de facto management rights for the common telecommunications business changes, as prescribed by Presidential Decree

(2) Where a common telecommunications business operator or any stockholder of the common telecommunications business falls under paragraph (1), he/she shall report thereon to the Korea Communications Commission within 30 days from the date when such case occurs.

(3) Where a common telecommunications business operator or any stockholder of the common telecommunications business falls under paragraph (1), he/she may request the Korea Communications Commission to examine public benefits before such case occurs.

(4) Where the Korea Communications Commission has received reporting under paragraph (2) or a request for examination under paragraph (3), it shall refer such matters to the Committee for deliberation.

(5) Where the Korea Communications Commission determines as a result of examination on public benefits under paragraph (1) that the cases under any subparagraph of paragraph (1) are likely to impair public interests, it may issue an order to modify the details of a contract, suspend the implementation of a contract, suspend the exercise of voting rights, or sell relevant stocks.

(6) The scope of common telecommunications business operators who shall report or may request an examination on public benefits pursuant to paragraph (2) or (3), procedures for reporting and examinations on public benefits and other necessary matters shall be prescribed by Presidential Decree.

Article 11 (Organization, Operation, etc. of the Committee)

(1) The Committee shall consist of not less than five but not more than 10 members, including one chairperson.

(2) The Vice Chairperson of the Korea Communications Commission shall hold office as the chairperson, and members shall be commissioned by the chairperson, from among public officials ranking Grade III of the relevant central administrative agencies prescribed by Presidential Decree, public officials in general service belonging to the Senior Civil Service, and those falling under any of the following persons:

1. Persons who have advanced knowledge and career backgrounds in information and communications;

2. Persons recommended by Government-funded research institutes which is related to the national security, public safety or maintenance of order;

3. Persons recommended by nonprofit, non-governmental organizations referred to in Article 2 of the Assistance for Non-profit, Non-Governmental Organizations Act;

4. Other persons deemed necessary by the chairperson.

(3) The Committee may conduct investigations necessary for the examination on public benefits, or request an interested party or a reference witness to provide necessary data. In such cases, the relevant interested party or reference witness shall comply with such request unless justifiable grounds exist.

(4) Where the Committee deems it necessary, it may require an interested party or a reference witness to appear at a Committee meeting and state his/her opinions. In such cases, the relevant interested party or reference witness shall appear at a Committee meeting unless justifiable grounds exist.

(5) Matters necessary for the organization, operation, etc. of the Committee shall be prescribed by Presidential Decree.

Article 12 (Restrictions, etc. on Excess Stock Holdings)

(1) Where a foreign government or a foreigner has acquired stocks in violation of Article 8 (1), it or he/she shall not exercise the voting rights in the excess stocks.

(2) The Korea Communications Commission may order a stockholder who has acquired stocks in violation of Article 8 (1), a common telecommunications business operator to which the stockholder belongs, or a stockholder of the deemed-foreign corporation to correct the violation within a period up to six months.

(3) Any person in receipt of a corrective order under paragraph (2) shall correct the violation within a specified period.

(4) Where a stockholder has acquired stocks in violation of Article 8 (1), a common telecommunications business operator may refuse to renew the register of stockholders or register of members to record the excess portion.

Article 13 (Charges for Compelling Compliance)

(1) The Korea Communications Commission may impose a charge for compelling compliance, on a person who has been subjected to the order referred to in Article 10 (5), 12 (2) or 18 (8) (hereinafter referred to as “corrective order“) and fails to comply with such order within a specified period. In such cases, the charge for compelling compliance leviable daily shall not be more than 3/1,000 of the purchase price of stocks held by such person, but in cases not related with stock holdings, it shall not exceed 100 million won.

(2) A period for which charges for compelling compliance are imposed pursuant to paragraph (1) shall be from the date following the date the period prescribed by the corrective order expires to the date the corrective order is complied with. In such cases, the charge for compelling compliance shall be imposed within 30 days from the date following the date the period prescribed by the corrective order expires, in the absence of special grounds.

(3) The provisions of Article 53 (5) shall apply mutatis mutandis to the surcharge on compelling compliance.

(4) Matters necessary for the imposition, payment, refund, etc. of charges for compelling compliance shall be prescribed by Presidential Decree.

Article 14 (Issuance of Stocks)

Where a common telecommunications business operator issues stocks, such stocks shall be registered.

Article 15 (Obligation to Commence Business)

(1) A common telecommunications business operator shall install telecommunications equipment and facilities and commence the business within the period prescribed by the Korea Communications Commission.

(2) Where a common telecommunications business operator fails to commence the business within the period under paragraph (1) due to natural disasters or other unavoidable circumstances, the Korea Communications Commission may extend the relevant period only once, upon an application from the common telecommunications business operator.

Article 16 (Modification of Licenses)

(1) Where a common telecommunications business operator intends to modify the importance matters prescribed by Presidential Decree among the matters of his/her license under Article 6, he/she shall obtain a revised license from the Korea Communications Commission, as prescribed by Presidential Decree.

(2) The provisions of Articles 6 (4) and 15 shall apply mutatis mutandis to a revised license pursuant to paragraph (1).

Article 17 (Concurrent Management of Business)

(1) Where a common telecommunications business operator intends to manage any of the following businesses, he/she shall obtain approval from the Korea Communications Commission: Provided, That this may not apply to a common telecommunications business operator whose profits do not exceed 30 billion won:

1. Communications equipment manufacturing business;

2. Information and communications construction business (excluding any improvement and integration business of telecommunications networks) under subparagraph 3 of Article 2 of the Information and Communications Construction Business Act;

3. Service business (excluding any improvement and integration business of telecommunications networks) under subparagraph 6 of Article 2 of the Information and Communications Construction Business Act.

(2) The Korea Communications Commission shall grant approval under paragraph (1) if it deems that the common telecommunications business is unlikely to impede the management of the telecommunications business due to the management of the business under paragraph (1), and that it is necessary for the development of telecommunications.

Article 18 (Acquisition of Business and Merger of Corporations, etc.)

(1) Any person falling under any of the following subparagraphs shall obtain authorization from the Korea Communications Commission, as prescribed by Presidential Decree: Provided, That where the person sells telecommunications line equipment and facilities, except major telecommunications line equipment and facilities prescribed by Presidential Decree, he/she shall report thereon to the Korea Communications Commission, as prescribed by Presidential Decree, notwithstanding the provisions of subparagraph 3:

1. Any person who intends to fully or partially acquire the business of a common telecommunications business operator;

2. Any person who intends to merge with a corporate common telecommunications business;

3. Any common telecommunications business operator who intends to sell the telecommunications line facilities necessary for providing licensed common telecommunications services;

4. Any person who intends to hold not less than 15/100 of the total number of outstanding stocks of a common telecommunications business, or to become the largest stockholder of a common telecommunications business, including those stocks held by a specially related person;

5. Any person who intends to acquire stocks of a common telecommunications business operator or conclude an agreement with a common telecommunications business operator with the intent to exercise dominant influence over the right of the common telecommunications business operator to manage the business, as prescribed by Presidential Decree;

6. Any common telecommunications business operator who intends to establish a corporation to partially provide licensed common telecommunications services.

(2) Where the Korea Communications Commission intends to grant authorization under paragraph (1), it shall comprehensively examine the following matters:

1. Appropriateness of financial, technical and managerial capabilities;

2. Appropriateness of the management of information and communications resources, such as frequencies and telecommunications numbers;

3. Influence over competition among common telecommunications business operators;

4. Protection of users;

5. Utilization of telecommunications equipment and facilities and communications networks, efficiency of research and development, and influence over public benefits, such as international competitiveness of the telecommunications industry.

(3) Matters necessary for the detailed guidelines for examinations for each subject matter and procedures for examinations under paragraph (2) shall be determined and publicly announced by the Korea Communications Commission.

(4) Any person falling under any of the following subparagraphs shall succeed to the status of the relevant common telecommunications business operator which is related to his/her license:

1. Any person who acquires the common telecommunications business by obtaining authorization under paragraph (1) 1;

2. Any corporation which survived a merger or has been newly established in the course of a merger by obtaining authorization under paragraph (1) 2;

3. Any corporation which is established to partially provide common telecommunications services by obtaining authorization under paragraph (1) 6.

(5) The Korea Communications Commission may place conditions provided for in Article 6 (4) when granting authorization under paragraph (1).

(6) The Korea Communications Commission shall consult with the Fair Trade Commission when intending to grant authorization under paragraph (1).

(7) The provisions of Article 7 shall apply mutatis mutandis to the grounds for disqualification of authorization under paragraph (1).

(8) Where a person falling under paragraph (1) 4 or 5 fails to obtain authorization referred to in paragraph (1), the Korea Communications Commission may order him/her to suspend the exercise of the voting right or to sell the relevant stocks and, where such person fails to comply with the conditions under paragraph (5), issue an order to comply with such conditions within a specified period set by it.

(9) Any person who intends to obtain authorization under paragraph (1) shall be prohibited from engaging in the following conducts, prior to obtaining such authorization:

1. Integration of telecommunications networks;

2. Appointment of executives;

3. Acquisition of business, or execution of agreements for merger or sales of equipment and facilities;

4. Follow-up measures for the establishment of a company.

(10) Where any person falling under paragraph (1) is subject to the examination on public benefits, he/she may present the documents required to be submitted for the examination on public benefits, when applying for authorization under paragraph (1).

Article 19 (Suspension or Discontinuation of Business)

(1) Where a common telecommunications business operator intends to fully or partially suspend or discontinue his/her common telecommunications business, he/she shall notify users by not later than 60 days before the scheduled date of such suspension or discontinuance and obtain approval therefor from the Korea Communications Commission.

(2) Where the Korea Communications Commission deems it necessary to protect users in a separate means due to the suspension or discontinuation of the common telecommunications business, it may order the relevant common telecommunications business operator to take necessary measures for the protection of users, such as the vicarious execution of subscription change, payment of expenses incurred therein or cancellation of subscription.

(3) Where the Korea Communications Commission is in receipt of an application for approval under paragraph (1) and deems that the suspension or discontinuation of the relevant business threatens to impair public benefits, it shall not grant such approval.

Article 20 (Cancellation, etc. of Licenses)

(1) Where a common telecommunications business operator falls under any of the following subparagraphs, the Korea Communications Commission may fully or partially cancel his/her license or issue an order to fully or partially suspend business operation for up to one year:

1. Where he/she obtains a license by fraudulent or other illegal means;

2. Where he/she fails to satisfy the conditions under Articles 6 (4) and 18 (5);

3. Where he/she fails to comply with an order under Article 12 (2);

4. Where he/she fails to commence business within a period prescribed by Article 15 (1) (referring to an extended period, if such period is extended under paragraph (2) of the same Article);

5. Where he/she fails to comply with the terms and conditions of use, which are authorized or reported under Article 28 (1) and (2);

6. Where he/she fails to comply with an order under Article 52 (1) or a corrective order under Article 92 (1) without any justifiable ground.

(2) Guidelines and procedures for the dispositions under paragraph (1) and other necessary matters shall be prescribed by Presidential Decree.

SECTION 3 .- Special Category Telecommunications Business and Value-Added Telecommunications Business

Article 21 (Registration of Special Category Telecommunications Business)

(1) Any person who intends to operate the special category telecommunications business shall satisfy the following conditions and file for registration (including any registration through an information and telecommunications network) with the Korea Communications Commission, as prescribed by Presidential Decree:

1. Financial and technical capabilities;

2. Plans for protecting users;

3. Business plans, etc. and other matters prescribed by Presidential Decree.

(2) The Korea Communications Commission in receipt of registration for the special category telecommunications business under paragraph (1) may place necessary conditions to facilitate fair competition, protect users, improve service quality, efficiently utilize information and telecommunications resources.

(3) Any registration for the special category telecommunications business under paragraph (1) shall be granted only to a corporation.

(4) Any person who has completed registration for the special category telecommunications business (hereinafter referred to as “special category telecommunications business operator”) shall commence his/her business within one year after the date he/she has completed such registration.

(5) Requirements, procedures and other necessary matters for the registration under paragraph (1) shall be prescribed by Presidential Decree.

Article 22 (Reporting, etc. on Value-Added Telecommunications Business)

(1) Any person who intends to operate the value-added telecommunications business shall report (including cases of reporting through information and telecommunications networks) to the Korea Communications Commission, in accordance with conditions and procedures prescribed by Presidential Decree. In such cases, a small-scale value-added telecommunications business operator shall be deemed to have reported if he/she meets the standards for capital, etc. prescribed by Presidential Decree.

(2) Notwithstanding the provisions of paragraph (1), any person who intends to conduct special value-added telecommunications business shall register (including registration through an information and communications network) with the Korea Communications Commission along with the following: (Inserted by Act nº 10656, May 19, 2011)

1. An implementation plan to take technical measures to comply with the provisions of Articles 42, 42-2, 42-3 and 45 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. and Article 104 of the Copyright Act;

2. Human resources and physical facilities necessary to conduct affairs;

3. Financial soundness;

4. Other matters prescribed by Presidential Decree, such as a business plan.

(3) Where the Korea Communications Commission accepts the registration of value-added telecommunications business pursuant to paragraph (2), it may attach conditions necessary for the implementation of a plan under subparagraph 1 of the same paragraph thereto. (Inserted by Act nº 10656, May 19, 2011)

(4) Where a common telecommunications business operator intends to operate the value-added telecommunications business, he/she shall be deemed to have reported thereon. (Amended by Act nº 10656, May 19, 2011)

(5) Any person who has reported on value-added telecommunications business pursuant to the forepart of paragraph (1) and any person who has registered value-added telecommunications business pursuant to paragraph (2) shall commence his/her business within one year after he/she reports or registers such business. (Amended by Act nº 10656, May 19, 2011)

(6) A report under the forepart of paragraph (1), requirements and procedures for registration under paragraph (2), and other necessary matters shall be prescribed by Presidential Decree. (Inserted by Act nº 10656, May 19, 2011)

Article 22-2 (Disqualifications for Registration)

Any individual or corporation, for whom three years have not passed from the date the registration thereof is cancelled pursuant to Article 27 (2), or a person who is a major stockholder (referring to an investor prescribed by Presidential Decree) of such corporation at the time of such cancellation shall not conduct registration under Article 22 (2).

(Article Inserted by Act nº 10656, May 19, 2011)

Article 23 (Modification of Registered or Reported Matters)

Where any special category telecommunications business operator or any person who has reported on the value-added telecommunications business pursuant to the forepart of Article 22 (1) or any person who has registered value-added telecommunications business pursuant to paragraph (2) of the same Article intends to modify matters prescribed by Presidential Decree among registered or reported matters, he/she shall make a revised registration or a revised report (including cases of making a revised registration or a revised report through information and telecommunications networks) with the Korea Communications Commission, as prescribed by Presidential Decree. (Amended by Act nº 10656, May 19, 2011)

Article 24 (Transfer, Acquisition. etc. of Business)

Where any person transfers or acquires all or part of his/her special category telecommunications business or value-added telecommunications business, or a corporate special category telecommunications business operator or a corporate value-added telecommunications business operator (referring to a person who has reported value-added telecommunications business pursuant to the forepart of Article 22 (1), a person who has registered value-added telecommunications business pursuant to paragraph (2) of the same Article or a person deemed to have reported value-added telecommunications business pursuant to the latter part of paragraph (1) of the same Article or paragraph (4); hereinafter the same shall apply) is merged with another corporation or comes into an inheritance, any of the following persons shall report (including cases of reporting through information and telecommunications networks) to the Korea Communications Commission, in accordance with conditions and procedures prescribed by Presidential Decree: (Amended by Act nº 10656, May 19, 2011)

1. A person who acquires the relevant business;

2. A corporation which survived or has been newly established following the merger;

3. A person who inherits the relevant business.

Article 25 (Succession of Business)

Where any person transfers or acquires the special category telelcommunications business or the value-added telecommunications business, a corporate special category telecommunications business operator or a corporate value-added telecommunications business operator merges with another corporation, or any person inherits the value-added telecommunications business, pursuant to Article 24, a person who falls under any of the following subparagraphs shall succeed to the status of the preceding special category telecommunications business operator or the value-added telecommunications business operator:

1. A person who acquires the relevant business;

2. A corporation which survived or has been newly established in the course of the merger;

3. A person who inherits the relevant business.

Article 26 (Suspension, Discontinuation, etc. of Business)

(1) Where a special category telecommunications business operator or a value-added telecommunications business operator intends to fully or partially suspend or discontinue his/her business, he/she shall notify the users of the relevant telecommunications services of such suspension or discontinuation, and report (including cases of reporting through information and telecommunications networks) thereon to the Korea Communications Commission by not later than 30 days prior to the scheduled date of such suspension or discontinuation. In such cases, the duration of suspension of the business shall not exceed one year.

(2) Where a corporate special category telecommunications business operator or a corporate value-added telecommunications business operator is dissolved for a reason other than a merger, the relevant liquidator (referring to the trustee in bankruptcy, when such corporate business operator is dissolved by bankruptcy) shall promptly report thereon (including cases of reporting through information and telecommunications networks) to the Korea Communications Commission.

Article 27 (Cancellation of Business Registration, Order to Discontinue Business, etc.)

(1)          Where a special category telecommunications business operator falls under any of the following subparagraphs, the Korea Communications Commission may fully or partially cancel his/her business registration, or issue an order to fully or partially suspend the business operation for up to one year: Provided, That if he/she falls under subparagraph 1, the Korea Communications Commission shall fully or partially cancel his/her business registration:

1. Where he/she registers the business by fraudulent or other illegal means;

2. Where he/she fails to satisfy the conditions under Article 21 (2);

3. Where he/she fails to commence the business within one year from the date he/she has completed the business registration, in violation of Article 21 (4) or where he/she suspends the business operation for at least one year, in violation of the latter part of Article 26 (1);

4. Where he/she fails to comply with an order under Article 52 (1) or a corrective order under Article 92 (1) without justifiable grounds.

(2) Where a value-added telecommunications business operator falls under any of the following subparagraphs, the Korea Communications Commission may order him/her to discontinue all or part of his/her business (in cases of a special value-added telecommunication business operator, referring to the cancellation of all or part of registration) or to suspend all or part of his/her business operation for up to one year: Provided, That if he/she falls under subparagraph 1, the Korea Communications Commission shall order a partial or whole closure of the business: (Amended by Act nº 10656, May 19, 2011)

1. Where he/she reports or registers such business by fraudulent or other illegal means;

2. Where he/she fails to fulfill the conditions under Article 22 (3);

3. Where he/she fails to commence the business within one year from the date he/she reports or registers such business, in violation of Article 22 (5) or where he/she suspends the business operation for at least one year, in violation of the latter part of Article 26 (1);

4. Where he/she fails to comply with an order under Article 52 (1) or a corrective order under Article 92 (1) without justifiable grounds;

5. Where he/she fails to execute an order to take corrective measures under Article 64 (4) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.;

6. Where a person who has been subjected to the disposition of a fine for negligence not less than three times pursuant to Article 142 (1) and (2) 3 of the Copyright Act is subjected to the disposition of a fine for negligence again, in whose case the Minister of Culture, Sports and Tourism requests such disposition through deliberation by the Korea Copyright Commission under Article 112 of the same Act.

(3) Guidelines, procedures and other matters necessary for the dispositions under paragraph (1) or (2) shall be prescribed by Presidential Decree.

CHAPTER III.- TELECOMMUNICATIONS SERVICES

Article 28 (Reporting, etc. on Terms and Conditions of Use)

(1) A common telecommunications business operator shall determine the service charges and the terms and conditions of use for each service type he/she intends to provide (hereinafter referred to as “terms and conditions of use“), and report thereon (including cases of reporting modified matters; hereafter the same shall apply in this Article) to the Korea Communications Commission.

(2) Notwithstanding paragraph (1), in cases of common telecommunications services to be provided by a common telecommunications business operator who satisfies the standards prescribed by Presidential Decree, such as the scale of business and market share, the common telecommunications business operator shall obtain authorization (including revised authorization; hereafter the same shall apply in this Article) from the Korea Communications Commission: Provided, That if a common telecommunications business operator reduces the service charges which are stated in the terms and conditions of use already authorized, he/she shall report thereon to the Korea Communications Commission.

(3) In cases under the main sentence of paragraph (2), the Korea Communications Commission shall authorize the terms and conditions of use, if they satisfy the following requirements:

1. Telecommunications service charges shall be determined with reasonable consideration of the cost for supply, profits, classification of expenses and profits corresponding to each service, cost saving depending on the methods of service delivery, influence over fair competition environments, etc.;

2. They shall not put users at a disadvantage in terms of matters concerning the responsibility of common telecommunications business operators and relevant users or cost-sharing methods for installation works of telecommunications facilities and other works;

3. They shall not unfairly restrict the use of telecommunications line facilities by other telecommunications business operators or users;

4. They shall not unfairly discriminate specific persons;

5. They shall secure major telecommunications under Article 85, taking into consideration the efficient implementation of functions of the State.

(4) Any person who intends to report on the terms and conditions of use of telecommunications service or obtain authorization therefor under paragraphs (1) and (2) shall submit to the Korea Communications Commission the materials stating the basis of the calculation of telecommunications service charges (in cases of any alteration, including a comparative table on matters before and after the alteration), including subscription expenses, basic rates, user’s fees, additional service charges, actual expenses, etc.

(5) Necessary matters concerning the scope of and procedures for report or authorization, other than those under paragraphs (1) through (4), shall be prescribed by Presidential Decree.

Article 29 (Reduction or Exemption of Fees)

A common telecommunications business operator may reduce or exempt telecommunications service charges, as prescribed by Presidential Decree, to the extent necessary to sustain national security, disaster relief, social welfare, public interests, etc.

Article 30 (Restrictions on Use by Third Parties)

No person shall advocate a third party’s communications through telecommunications services provided by a telecommunications business operator or provide such services for a third party’s communications: Provided, That the same shall not apply in the following cases:

1. Where it is required to ensure the prevention and rescue from disaster, traffic and communications, and the supply of electricity, and to maintain order in a national emergency situation;

2. Where a person renders ancillary telecommunications services to clients while running his/her business other than the telecommunications business;

3. Where a person is allowed to use telecommunications services on a trial basis for the purpose of developing and marketing telecommunications equipment and facilities, such as terminal devices, etc. which enable to use the telecommunications services;

4. Where any user allows any third party to use telecommunications services to the extent that the latter does not use them repeatedly;

5. Where it is necessary for the public interests or where the use of telecommunications services do not impede the business operations by a telecommunications business, as prescribed by Presidential Decree.

Article 31 (Use of Transmission or Line Equipment and Facilities, etc.)

(1) Any composite cable TV business operator, transmission network business operator, or relay cable broadcasting business operator under the Broadcasting Act may permit common telecommunications business operators to use his/her own transmission or line equipment and facilities or cable broadcasting equipment and facilities in a manner prescribed by Presidential Decree.

(2) Where a common telecommunications business operator intends to provide value-added telecommunications services by using transmission or line equipment and facilities or cable broadcasting equipment and facilities owned by any composite cable TV business operator, transmission network business operator, or relay cable broadcasting business operator under the Broadcasting Act, he/she shall report thereon to the Korea Communications Commission pursuant to Article 22 (1).

(3) Articles 35 through 37, and 39 through 55 shall apply mutatis mutandis to a permit to use transmission or line equipment and facilities or cable broadcasting equipment and facilities pursuant to paragraph (1).

(4) Article 28 (2) through (7) of the Framework Act on Broadcasting Communications Development shall apply mutatis mutandis to the provision of services pursuant to paragraph (2).

Article 32 (Protection of Users)

(1) A telecommunications business operator shall promptly address the reasonable opinions or dissatisfactions raised by users with respect to telecommunications services. In such cases, if it is difficult to promptly address them, he/she shall notify the users of the reasons thereof and the schedule for treatment.

(2) Compensation for losses incurred by the occurrence of reasons causing the opinions or dissatisfactions under paragraph (1) and by the delay in addressing them shall be governed by Article 33.

(3) Where a telecommunications business operator who provides common telecommunications services intends to receive service charges from users in advance, prior to providing such telecommunications services, he/she shall purchase a guarantee insurance policy by which the person designated by the Korea Communications Commission is insured and which covers an amount calculated according to the guidelines prescribed by Presidential Decree within the total amount of advance service charges so as to compensate for losses suffered by users due to a failure to provide such telecommunications services: Provided, That a telecommunications business operator may choose not to purchase a guarantee insurance policy in any case prescribed by Presidential Decree taking into consideration the financial capability of the relevant telecommunications business operator, service charges, etc.

(4) Any insured person who has been designated under paragraph (3) shall pay the amount of coverage provided under a guarantee insurance policy referred to in paragraph (3) to the users, etc. who fail to receive telecommunications services after pre-paying service charges.

(5) Matters necessary for the purchase of guarantee insurance policies, renewal of guarantee insurance, procedures for paying insurance, etc. pursuant to paragraphs (3) and (4) shall be prescribed by Presidential Decree.

Article 32-2 (Notification of Excess, etc. of Limits on Charges)

(1) Where any telecommunications business operator who uses frequency allocated pursuant to the Radio Waves Act falls under any of the followings, he/she shall notify users of such fact:

1. Where he/she exceeds the limits on a charge for each telecommunications service on which he/she agreed with a user at the beginning;

2. Where a charge is imposed following the use of international telecommunications service, such as international telephone service.

(2) Matters necessary for objects, methods, etc. of a notification under paragraph (1) shall be determined and announced by the Korea Communications Commission.

(Article Inserted by Act nº 11201, Jan. 17, 2012)

Article 33 (Compensation for Losses)

A telecommunications business operator shall compensate for any losses suffered by a user when he/she has caused such losses in the course of providing telecommunications services: Provided, That if such loss results from a force majeure event or such user causes such losses on purpose or by gross negligence, the liability for compensation for the relevant losses shall be mitigated or exempted.

CHAPTER IV.- PROMOTION OF COMPETITION IN TELECOMMUNICATIONS BUSINESS

Article 34 (Promotion of Competition)

(1) The Korea Communications Commission shall endeavor to establish an efficient competition system and to promote environments of fair competition in the telecommunications business.

(2) The Korea Communications Commission shall appraise the conditions of competition in the common telecommunications business every year for the purpose of developing competition policies to establish an efficient competition system and to promote environments of fair competition in the telecommunications business under paragraph (1).

(3) The detailed guidelines, procedures and methods for appraising competition conditions under paragraph (2) and other necessary matters shall be prescribed by Presidential Decree.

Article 35 (Provision of Equipment and Facilities)

(1) Where a telecommunications business operator requests a common telecommunications business operator or an authority that constructs, operates or manages roads, railroads, subways, water and sewage systems, electrical equipment, telecommunications line equipment and facilities, etc. (hereinafter referred to as “facility management authority“) to provide him/her with ducts, common utility conduits, poles, cables, stations, or other equipment (including telecommunications equipment and facilities; hereinafter the same shall apply) or facilities (hereinafter referred to as “equipment and facilities“), such common telecommunications business operator or such facility management authority may provide equipment and facilities by contract with him/her.

(2) Any of the following common telecommunications business operators or facility management authorities shall provide equipment and facilities by contract, notwithstanding the provisions of paragraph (1): Provided, That this shall not apply in cases where a facility management authority plans to use such equipment and facilities;

1. A common telecommunications business operator who possesses equipment and facilities indispensable for other telecommunications business operators to provide telecommunications services;

2. Any of the following facility management authorities who possess equipment and facilities, such as ducts, common utility conduits, or poles:

(a) Korea Highway Corporation established under the Korea Highway Corporation Act;

(b) Korea Water Resources Corporation established under the Korea Water Resources Corporation Act;

(c) Korea Electric Power Corporation established under the Korea Electric Power Corporation Act;

(d) Korea Rail Network Authority established under the Korea Rail Network Authority Act;

(e) A local public enterprise under the Local Public Enterprises Act;

(f) A local government under the Local Autonomy Act;

(g) A regional construction management administration under the Road Act;

3. A common telecommunications business operator or facility management authority whose scale of the business, market share, etc. of common telecommunications services meet the standards prescribed by Presidential Decree.

(3) The Korea Communications Commission shall establish and publicly announce the scope of equipment and facilities under paragraphs (1) and (2) and the guidelines for the conditions, procedures, methods and calculation of prices for providing such equipment and facilities. In such cases, the scope of equipment and facilities to be provided under paragraph (2) shall be determined in consideration of the demand for equipment and facilities by common telecommunications business operators or facility management authorities falling under any subparagraph of the same paragraph.

(4) A telecommunications business operator who has been provided with equipment and facilities may install the apparatus enhancing the efficiency of the relevant equipment and facilities to the extent necessary to provide telecommunications services.

(5) The Korea Communications Commission may, as prescribed by Presidential Decree, order a telecommunications business operator or facility management authority to submit data concerning equipment and facilities, so as to efficiently utilize and manage equipment and facilities. In such cases, the telecommunications business operator or facility management authority shall comply with such order unless justifiable grounds exist.

(6) The Korea Communications Commission may designate a specialized institution to provide equipment and facilities under paragraphs (1) and (2).

(7) Matters necessary for the designation of a specialized institution under paragraph (6) and the methods of business operations shall be determined and publicly announced by the Korea Communications Commission.

Article 36 (Joint Use of Subscriber Lines)

(1) Where a telecommunications business operator determined and publicly announced by the Korea Communications Commission requests a common telecommunications business operator to jointly use the lines installed in the section from modems directly connected with the users to the users (hereafter referred to as “subscriber lines” in this Article), the common telecommunications business operator shall permit the joint use of subscriber lines.

(2) The Korea Communications Commission shall establish and publicly announce the scope of, and the guidelines for the conditions, procedures, methods and calculation of prices for the joint use of subscriber lines under paragraph (1).

Article 37 (Joint Utilization of Radio Communications Facilities)

(1) Where a common telecommunications business operator receives a request for joint utilization of radio communications facilities (hereinafter referred to as “joint utilization“) from other common telecommunications business operators, he/she may permit joint utilization by contract. In such cases, the prices for joint utilization by common telecommunications business operators which are determined and publicly announced by the Korea Communications Commission shall be computed and adjusted in a fair and reasonable manner.

(2) Where a common telecommunications business operator determined and publicly announced by the Korea Communications Commission receives a request for joint utilization of radio communications facilities from another common telecommunications business operator determined and publicly announced by the Korea Communications Commission, he/she shall permit the joint utilization by contract, notwithstanding paragraph (1), in order to enhance the efficiency of the telecommunications business and protect users.

(3) The guidelines for calculating the prices for the joint utilization under the latter part of paragraph (1), procedures and methods for paying such prices, and the scope of, and the guidelines for the conditions, procedures, methods and calculation of prices for the joint utilization under paragraph (2) shall be determined and publicly announced by the Korea Communications Commission.

Article 38 (Wholesale Provision of Telecommunications Services)

(1) Where a common telecommunications business operator receives a request from another telecommunications business operator, he/she may reach agreements with such telecommunications business operators to provide his/her telecommunications services to them or permit them to fully or partially use telecommunications equipment and facilities required for the provision of telecommunications services (hereinafter referred to as “wholesale services“) so as to enable them to provide his/her telecommunications services to users (hereinafter referred to as “resale“).

(2) For the purpose of the promotion of competition in the telecommunications business, the Korea Communications Commission may designate and publicly announce telecommunications services (hereinafter referred to as “mandatory wholesale services“) to be provided by a common telecommunications business operator who shall provide wholesale services by contract (hereinafter referred to as “mandatory wholesale service provider“), upon receipt of a request from other telecommunications business operators who intend to provide resale telecommunications services. In such cases, mandatory wholesale services to be provided by a mandatory wholesale service provider shall be designated among telecommunications services provided by a common telecommunications business operator who satisfies the standards determined by Presidential Decree, such as the scale of the business and market share.

(3) Where the Korea Communications Commission deems, as a result of the annual assessment of competition in communications markets, that the purposes of wholesale telecommunications services are achieved by vitalizing the competition in the telecommunications business or mandatory wholesale services fail to meet the standards for designation, it may revoke the designation of mandatory wholesale services provided by a mandatory wholesale service provider.

(4) The Korea Communications Commission shall determine and publicly announce the guidelines for the conditions, procedures, methods and calculation of prices for providing wholesale services to be observed by a mandatory wholesale service provider when reaching an agreement for the provision of mandatory wholesale services. In such cases, in principle, the prices for providing wholesale services shall be calculated by subtracting avoidable costs (referring to the relevant costs that can be avoided if a common telecommunications business operator does not directly provide telecommunications services to users) from the resale prices for mandatory wholesale services.

(5) A common telecommunications business operator shall, upon receipt of a request for wholesale services from other telecommunications business operators, reach an agreement for such wholesale services within 90 days, unless justifiable grounds exist, and the telecommunications business operator who has reached an agreement for wholesale services with a common telecommunications business operator shall report to the Korea Communications Commission within 30 days after the date of such agreement, as prescribed by Presidential Decree. The same shall apply to the amendment to or revocation of an agreement for wholesale services.

(6) An agreement under paragraph (5) shall comply with the guidelines publicly announced by the Korea Communications Commission pursuant to paragraph (4).

Article 39 (Interconnection)

(1) Where a telecommunications business operator receives a request for interconnection of telecommunications equipment and facilities from other telecommunications business operators, he/she may permit the interconnection by contract.

(2) The Korea Communications Commission shall determine and publicly announce the scope of, and the guidelines for the conditions, procedures, methods and calculation of prices for interconnections of telecommunications equipment and facilities under paragraph (1).

(3) Notwithstanding paragraphs (1) and (2), any of the following common telecommunications business operators shall permit the interconnection by contract, upon receipt of a request under paragraph (1):

1. The common telecommunications business operator who possesses equipment and facilities indispensable for other telecommunications business operators to provide telecommunications services;

2. The common telecommunications business operator whose scale of the business, market share, etc. of common telecommunications services meet the standards determined by Presidential Decree.

Article 40 (Prices of Interconnection)

(1) Prices for interconnection shall be calculated in a fair and reasonable manner and adjusted by mutual agreements, and detailed guidelines, procedures and methods for calculating prices for interconnection shall be governed by the guidelines under Article 39 (2).

(2) Where a telecommunications business operator experiences any disadvantage in a method of interconnection, connection quality, the provision of information required for interconnection, etc. for reasons not attributable to him/her, he/she may pay the prices for interconnection reduced according to the guidelines under Article 39 (2).

Article 41 (Joint Use, etc. of Telecommunications Equipment and Facilities)

(1) Where a common telecommunications business operator receives a request for access to or joint use of his/her own telecommunications equipment and facilities, such as ducts, cables, poles or stations, from other telecommunications business operators who intend to establish or operate equipment and facilities required for interconnection, he/she may enter reach agreement with them to permit such access or joint use.

(2) The Korea Communications Commission shall determine and publicly announce the scope of and the guidelines for conditions, procedures, methods and calculation of prices for access to or joint use of telecommunications equipment or facilities under paragraph (1).

(3) Notwithstanding the provisions of paragraph (1), any of the following common telecommunications business operators shall permit access to or joint use of the telecommunications equipment or facilities under paragraph (1) by contract, upon receipt of a request under paragraph (1):

1. A common telecommunications business operator who possesses equipment and facilities indispensable for another telecommunications business operator to provide telecommunications services;

2. A common telecommunications business operator whose business scale, market share, etc. of common telecommunications services meet the standards prescribed by Presidential Decree.

Article 42 (Provision of Information)

(1) Where a telecommunications business operator requests a common telecommunications business operator to provide technical information or users’ personal information needed for the provision of equipment and facilities, wholesale services, interconnection services, joint-use services, billing and collections, and telephone number information services, the common telecommunications business operator may provide such information by contract with the telecommunications business operator.

(2) The Korea Communications Commission shall determine and publicly announce the scope of and the guidelines for conditions, procedures, methods and calculation of prices for providing information under paragraph (1).

(3) Notwithstanding the provisions of paragraph (1), any of the following common telecommunications business operators shall provide information requested by contract, upon receipt of a request under paragraph (1):

1. A common telecommunications business operator who possesses equipment and facilities indispensable for other telecommunications business operator to provide telecommunications services;

2. A common telecommunications business operator whose business scale, market share, etc. of common telecommunications services meet the standards prescribed by Presidential Decree.

(4) A common telecommunications business operator under paragraph (3) shall determine the technical standards to be satisfied by other telecommunications business operator or users who intend to connect their terminal devices, etc. with his/her own telecommunications equipment and facilities, the requirements for the provision and use, and other standards required for the creation of environments for fair competition, and publicly announce them by obtaining approval from the Korea Communications Commission.

Article 43 (Prohibition of Misuse of Information)

(1) No telecommunications business operator shall disclose any user’s personal information that he/she has obtained in the course of providing his/her own services, telecommunications equipment and facilities, wholesale services, interconnection services or joint-use services: Provided, That the same shall not apply in cases where a telecommunications business operator discloses such information with the user’s consent or under a lawful procedure pursuant to any Act.

(2) A telecommunications business operator shall use the technical information or user’s personal information obtained under Article 42 (1) and (3) only for its original purposes, and shall not misuse such information or provide such information to a third party.

Article 44 (Reporting, etc. on Agreement on Interconnection, etc.)

(1) Where a common telecommunications business operator or a facility management authority has received a request for the provision of equipment and facilities, joint utilization, interconnection or joint-use services or provision of information from other telecommunications business operators, he/she shall reach an agreement under Article 35 (1) and (2), the former part of Article 37 (1), Article 39 (1), 41 (1) or 42 (1) within 90 days unless special grounds exist and report it to the Korea Communications Commission within 30 days after the date of such agreement, as prescribed by Presidential Decree. The same shall apply to the amendment to or revocation of an agreement.

(2) Notwithstanding paragraph (1), if a common telecommunications business operator under the latter part of paragraph (1) and paragraph (2) of Article 37, and Articles 39 (3), 41 (3) or 42 (3) is a party to an agreement and requests another common telecommunications business operator to reach such agreement, the common telecommunications business operator who has received the request shall enter into the agreement within 90 days unless special grounds exist and apply for authorization to the Korea Communications Commission within 30 days after the date of agreement as prescribed by Presidential Decree, and disclose the details of such agreement within 30 days after the date of authorization. The same shall apply to the amendment to or revocation of an agreement.

(3) Agreements under paragraphs (1) and (2) shall comply with the guidelines publicly announced by the Korea Communications Commission pursuant to Articles 35 (3), 37 (3), 39 (2), 41 (2), or 42 (2).

(4) Where it is necessary to supplement an application for authorization under paragraph (2), the Korea Communications Commission may issue an order for supplementation by specifying a time limit for supplementation.

(5) Agreements under Articles 41 (1) and 42 (1) may be included in agreements under Article 39 (1).

Article 45 (Ruling by the Korea Communications Commission)

(1) A telecommunications business operator or user may apply for a ruling on the following matters to the Korea Communications Commission, when the parties concerned have failed to reach an agreement thereon or it is impossible to reach an agreement thereon:

1. Compensation for losses under Article 33;

2. Conclusion of an agreement within 90 days on the provision of equipment and facilities, joint utilization, wholesale services, interconnection or joint-use services, provision of information, etc.;

3. Implementation of an agreement on the provision of equipment and facilities, joint utilization, wholesale services, interconnection or joint-use services, provision of information, etc. or compensation for losses rising from the implementation of such agreement;

4. Other disputes related to the telecommunications business or subject matters of the ruling by the Korea Communications Commission under other Acts.

(2) The Korea Communications Commission shall, upon receipt of an application for a ruling under paragraph (1), give notice thereof to the other party and provide an opportunity to state his/her opinion within a specified period: Provided, That this shall not apply in cases where the party concerned fails to state his/her opinion without any justifiable ground.

(3) The Korea Communications Commission shall make a ruling within 90 days from the date of receipt of the application for a ruling: Provided, That if it fails to make a ruling within such period due to inevitable circumstances, the period may be extended only once for up to 90 days following a resolution passed by the Korea Communications Commission.

(4) Where one of the parties files a lawsuit during the ruling procedures, the Korea Communications Commission shall suspend such procedures and give notice thereof to the other party. The same shall apply in cases where it is confirmed that a lawsuit has been filed before the application for a ruling.

(5) Where the Korea Communications Commission makes a ruling on the matters under paragraph (1), it shall promptly serve the ruling documents on the parties concerned.

(6) Where no lawsuit is filed over the dispute between business operators or between a business operator and a user within 60 days after the date the certified transcripts of the ruling documents of the Korea Communications Commission are served on the business operator or user who is a party to the ruling or the lawsuit over such dispute is withdrawn or both parties clearly express their consent for the ruling to the Korea Communications Commission, both parties shall be deemed to have reached an agreement with the same effect as the ruling.

Article 46 (Referral of Disputes)

The Korea Communications Commission may establish a dispute settlement panel on a case-by-case basis and refer disputes to the relevant dispute settlement panel if it deems it appropriate or necessary to make a ruling on the matters under Article 45 (1).

Article 47 (Request for Appearance, Hearing of Opinions, etc.)

Where the Korea Communications Commission deems it necessary to deal with ruling cases, it may take any of the following measures upon receipt of an application by the party concerned or ex officio:

1. Requests for appearance by or hearing of opinions from the party concerned or a witness;

2. Requests for appraisal by an appraiser;

3. Requests for submission of documents or articles related to disputes and keeping documents or articles submitted in custody.

Article 48 (Management Plan for Telecommunications Numbers, etc.)

(1) The Korea Communications Commission shall develop and implement management plans for telecommunications numbers in order to efficiently provide telecommunications services, to promote user convenience and to create environments for fair competition among telecommunications business operators.

(2) Where the Korea Communications Commission has developed the plans under paragraph (1), it shall publicly announce them. The same shall also apply to an amendment to the developed plan.

(3) Any telecommunications business operator shall comply with the matters publicly announced under paragraph (2).

Article 49 (Settlement of Accounts)

(1) Any common telecommunications business operator shall complete settlement of accounts as prescribed by Presidential Decree, prepare a business report for the preceding year and submit it to the Korea Communications Commission by not later than three months after the end of each fiscal year, and retain the related books and source documents.

(2) Where the Korea Communications Commission intends to determine the matters concerning settlement of accounts under paragraph (1), it shall first consult with the Minister of Strategy and Finance.

(3) The Korea Communications Commission may verify the details of any business report submitted by a common telecommunications business operator in accordance with paragraph (1).

(4) If it is necessary to conduct the verification referred to in paragraph (3), the Korea Communications Commission may order the relevant common telecommunications business operator to submit related material or conduct an inspection necessary to ascertain the facts.

(5) Where the Korea Communications Commission intends to conduct an inspection pursuant to paragraph (4), it shall notify the relevant common telecommunications business operator of the inspection plan, including the period for and reasons and details of the inspection by not later than seven days before such inspection.

(6) Any person who conducts an inspection pursuant to paragraph (4) shall present a certificate indicating his/her authority to the persons concerned, and deliver thereto a document stating his/her name, the period and purpose of visit, etc. at the time of his/her first visit.

Article 50 (Prohibited Acts)

(1)          No telecommunications business operator may commit any of the following acts (hereinafter referred to as “prohibited acts“) which undermine or are feared to undermine fair competition or users’ interests, or allow other telecommunications business operators or third parties to commit such acts:

1. Acts which place unfair or discriminative conditions or restrictions on the provision of equipment and facilities, joint utilization, interconnection or joint-use services, wholesale services, provision of information, etc.;

2. Acts which unfairly refuse to conclude an agreement on the provision of equipment and facilities, joint utilization, interconnection or joint-use services, wholesale services, provision of information, etc. or failing to implement a concluded agreement without justifiable grounds;

3. Acts which misuse the information of other telecommunications business operators that he/she has obtained in the course of the provision of equipment and facilities, joint utilization, interconnection or joint-use services, wholesale services, provision of information, etc., for his/her business operations;

4. Acts which compute telecommunications service charges or the prices for the provision of equipment and facilities, joint utilization, interconnection or joint-use services, wholesale services, provision of information, etc., by unfairly itemizing the expenses or revenues;

5. Acts which provide telecommunications services in a manner different from the terms and conditions of use (limited to the terms and conditions of use reported or authorized under Article 28 (1) and (2)), or in a manner which substantially undermines telecommunications users’ interests;

6. Acts which determine that the prices for the provision of equipment and facilities, joint utilization, interconnection or joint-use services, wholesale services, provision of information, etc. which are unfairly higher than the supply prices;

7. Acts which refuse or restrict appropriate profit sharing when trading digital content through telecommunications services using the frequencies allocated under the Radio Waves Act.

(2) Where the provisions of Articles 52 and 53 apply to the acts under paragraph (1) 5 committed by a person who acts for a telecommunications business operator to conclude contracts (or modify the terms of concluded contracts) with users under an agreement with the telecommunications business operator, such acts shall be deemed to have been committed by the telecommunications business operator: Provided, That the same shall not apply in cases where the telecommunications business operator has paid considerable attention in order to prevent such acts.

(3) Matters necessary for categories of and standards for the acts prohibited under paragraph (1) shall be prescribed by Presidential Decree.

Article 51 (Fact-Finding Investigations, etc.)

(1) Where the Korea Communications Commission is notified or become aware that any act has been committed in violation of Article 50 (1), it may order the public officials under its control to conduct a fact-finding investigation necessary for the verification thereon.

(2) Ifthe Korea Communications Commission deems a fact-finding investigation under paragraph (1) is necessary, it may order the public official under its control to visit the offices or places of business of a telecommunications business operator or places of business of a person entrusted with the affairs of a telecommunications business operator (if the affairs entrusted by a telecommunications business operator are related to the provisions of Article 50, limited only to such affairs; hereafter the same shall apply in this Article) for an investigation on books, documents, other data or articles.

(3) Where the Korea Communications Commission intends to conduct a fact-finding investigation under paragraph (1), it shall notify the relevant telecommunications business operator of an investigation plan, including a period for and reasons and details of the investigation by not later than seven days before such investigation: Provided, That this shall not apply in cases of emergency or in cases where deemed that any prior notification might cause the destruction of any evidence to make it impossible to attain the purposes of such investigation.

(4) A person who visits the offices or places of business of a telecommunications business operator or the places of business of a person entrusted with the affairs of a telecommunications business operator to conduct a fact-finding investigation under paragraph (2) shall present a certificate indicating his/her authority, and allow the persons interested in the relevant offices or places of business to participate in such fact-finding investigation.

(5) Any public official in charge of a fact-finding investigation under paragraph (2) may order a telecommunications business operator or a person entrusted with the affairs of a telecommunications business operator to submit necessary data or articles, and temporarily keep such data or articles in his/her custody if the destruction of evidence, such as the disposal, concealment, or replacement of such data or articles, is anticipated.

(6) The Korea Communications Commission shall promptly return the data or articles kept in custody if they fall under any of the following subparagraphs:

1. Where it is deemed upon examination that they are not associated with the relevant investigation;

2. Where it is no longer necessary to keep them in custody because the purposes of the relevant investigation are achieved.

Article 52 (Measures on Prohibited Acts)

(1) The Korea Communications Commission may order a telecommunications business operator to take any of the following measures if it deems that a violation of Article 50 (1) has been committed:

1. Separation of the supply system of telecommunications services;

2. Amendment to internal accounting regulations, etc. concerning telecommunications services;

3. Disclosure of information concerning telecommunications services;

4. Conclusion, implementation or change of terms of an agreement between telecommunications business operators;

5. Amendment to the terms and conditions of use and the articles of incorporation of telecommunications business operators;

6. Suspension of prohibited acts;

7. Public announcement of a fact that a corrective order is issued due to prohibited acts;

8. Measures necessary for correcting the violation caused by prohibited acts, such as the removal of telecommunications equipment and facilities;

9. Business process improvement for telecommunications services;

10. Prohibition on the recruitment of new users for up to three months (limited to the cases where a violation is repeated at least three times even though the measures under subparagraphs 1 through 9 have been taken on such violation or where it is clearly recognized that such measures are not sufficient to prevent damage to users);

11. Other matters prescribed by Presidential Decree as may be necessary to take the measures referred to in subparagraphs 1 through 10.

(2) Telecommunications business operators shall comply with an order issued by the Korea Communications Commission under paragraph (1) within a period specified by Presidential Decree: Provided, That the Korea Communications Commission may extend the relevant period only once, if it is deemed that the telecommunications business operator is unable to comply with the order within the specified period due to natural disasters and other extenuating circumstances.

(3) The Korea Communications Commission shall notify the parties concerned of the details of measures and provide them with an opportunity to state their opinions within a prescribed period before it takes measures under paragraph (1), and where deemed necessary, it may request an interested party or witness to appear and state his/her opinions or request an appraiser to conduct appraisal: Provided, That this shall not apply in cases where the parties concerned fail to state their opinions without justifiable grounds.

(4) The Korea Communications Commission shall not take any measures under paragraph (1) or impose penalty surcharges under Article 53 on a violation of Article 50 (1) if five years have passed after such violation: Provided, That this shall not apply where any measure already taken or the imposition of a penalty surcharge is revoked by a court and a new measure is to be taken based on such decision.

Article 53 (Imposition, etc. of Penalty Surcharge on Prohibited Acts)

(1) Where any act is committed in violation of Article 50 (1), the Korea Communications Commission may impose a penalty surcharge on the relevant telecommunications business operator in an amount not exceeding 3/100 of his/her profit prescribed by Presidential Decree. In such cases, if the telecommunications business operator refuses to submit data necessary for the calculation of his/her profit or submits false data, such profit may be estimated based on financial statements and other accounting materials of the relevant telecommunications business operator and the business operators providing the same or similar type of services, and the materials concerning the current status of business operations, such as the number of subscribers, service charges, etc.: Provided, That where there is no profit or it is difficult to calculate the profit as prescribed by Presidential Decree, a penalty surcharge may be imposed in an amount not exceeding one billion won.

(2) Where a common telecommunications business operator who shall submit a business report under Article 49 falls under any of the following subparagraphs, the Korea Communications Commission may impose a penalty surcharge on the relevant common telecommunications business operator in an amount not exceeding 3/100 of his/her profit prescribed by Presidential Decree:

1. Where he/she fails to submit a business report under Article 49 or to comply with an order to submit relevant materials;

2. Where he/she fails to include important matters in a business report under Article 49 or includes false matters;

3. Where he/she fails to perform accounting, in violation of Article 49 (1) or to retain books or source documents.

(3) The Korea Communications Commission shall imposes a penalty surcharge under paragraph (1) or (2) in consideration of the following matters:

1. Details and severity of the violation;

2. Duration and frequency of the violation;

3. Scale of the gains from the violation;

4. Profits related to the performance of prohibited acts or the violation of accounting rules by a telecommunications business operator.

(4) A penalty surcharge under paragraph (1) or (2) shall be determined in consideration of paragraph (3) and the detailed guidelines and procedures for determination shall be prescribed by Presidential Decree.

(5) Where a person liable to pay a penalty surcharge under paragraph (1) or (2) fails to do so by the payment deadline, the Korea Communications Commission shall collect 6/100 per annum of the penalty surcharge in arrears as an additional due from the day following the expiry of such payment deadline.

(6) Where a person liable to pay a penalty surcharge under paragraph (1) or (2) fails to do so by the payment deadline, the Korea Communications Commission shall demand him/her to pay it within a prescribed period, and if he/she fails to pay the penalty surcharge and the additional due under paragraph (5) within the prescribed period, it shall collect them in the same manner as dispositions on default of national taxes.

(7) Where the penalty surcharge imposed pursuant to paragraph (1) or (2) is refunded by a court, etc., additional dues shall be paid at a rate of 6/100 per annum for a period from the date when the penalty surcharge is paid to the date of such refund.

Article 54 (Relations with Other Acts)

Where a telecommunications business operator is subject to a measure under Article 52 or a penalty surcharge under Article 53 on the grounds that he/she violates Article 50 (1), the telecommunications business operator shall not be subject to a corrective measure or penalty surcharge under the Monopoly Regulation and Fair Trade Act on the same grounds.

Article 55 (Compensation for Losses)

Where a measure has been taken under Article 52 (1), a person who suffers losses from a prohibited act may claim compensation for losses against the telecommunications business operator who has committed such prohibited act, and the relevant telecommunications business operator may not be exempt from liability to compensate for losses unless he/she is able to prove that there was no malicious intention or negligence.

Article 56 (Quality Improvement, etc. of Telecommunications Services)

(1) A telecommunications business operator shall endeavor to improve the quality of telecommunications services he/she provides.

(2) The Korea Communications Commission shall develop policy measures, such as an evaluation of quality of telecommunications services, in order to improve the quality of telecommunications services and to enhance the conveniences of users.

(3) The Korea Communications Commission may order a telecommunications business operator to submit data necessary for the evaluation of quality of telecommunications services, etc. under paragraph (2).

Article 57 (Preselection Systems)

(1) The Korea Communications Commission shall implement the systems in which users may select in advance the telecommunications business operator who is to provide telecommunications services thereto (hereinafter referred to as “preselection systems“). In such cases, the telecommunications services shall refer to telecommunications services determined by Presidential Decree among the same telecommunications services provided by multiple telecommunications business operators.

(2) A telecommunications business operator shall not force users to select a specified telecommunications business operator in advance, or recommend or induce by unlawful means.

(3) The Korea Communications Commission may designate a specialized institute in charge of the affairs concerning registration of preselection or modification thereto (hereinafter referred to as “preselection registration center“) in order to efficiently and neutrally implement the preselection systems.

(4) Matters necessary for the implementation of the preselection systems, the designation of the preselection registration center and the method of business operations, etc. shall be determined and publicly announced by the Korea Communications Commission.

Article 58 (Telephone Number Portability)

(1) The Korea Communications Commission may establish and implement a plan for telephone number portability (hereafter referred to in this Article as “plan for number portability“) to enable users to retain their telephone numbers when changing from one telecommunications business operator to another.

(2) A plan for number portability shall include the following matters:

1. Kinds of services subject to telephone number portability;

2. Time to start telephone number portability for each service;

3. Matters concerning sharing of expenses incurred in the implementation of a plan for number portability among telecommunications business operators.

(3) The Korea Communications Commission may order the relevant telecommunications business operator to take measures necessary for the implementation of a plan for number portability.

(4) The Korea Communications Commission may designate a specialized institution in charge of registration of number portability and modification thereto (hereinafter referred to as “number portability management institution“) to efficiently and neutrally implement telephone number portability.

(5) Matters concerning the implementation of telephone number portability and matters necessary for the designation of a number portability management institution and the operation of its affairs shall be determined and publicly announced by the Korea Communications Commission.

Article 59 (Limitation on Mutual Holding of Stocks)

(1) Where a common telecommunications business operator under Article 39 (3) 1 or 2 (including a person in a special relation with him/her) holds in excess of 5/100 of the total number of voting stocks issued by another common telecommunications business operator, he/she shall not be allowed to exercise any voting rights in excess of the relevant ceiling.

(2) Paragraph (1) shall not apply to holding relationship between a common telecommunications business operator under Article 39 (3) 1 or 2 and a common telecommunications business operator established by the said common telecommunications business operator by becoming the largest stockholder.

Article 60 (Provision of Number Information Services)

(1) A telecommunications business operator shall provide a service to inform the general public of the telephone numbers of users by means of voice, booklets or the Internet, etc. (hereinafter referred to as “number information service“) by obtaining a consent from users: Provided, That the same shall not apply to minor business determined and publicly announced by the Korea Communications Commission in consideration of the numbers of users, profits, etc.

(2) The Korea Communications Commission may place restrictions on the provision of number information services to the extent necessary to protect personal information.

(3) Matters necessary for the provision of number information services may be prescribed by Presidential Decree.

CHAPTER V.- TELECOMMUNICATIONS EQUIPMENT AND FACILITIES

SECTION 1.- Commercial Telecommunications Equipment and Facilities

Article 61 (Maintainment and Repair of Telecommunications Equipment and Facilities)

A telecommunications business operator shall maintain and repair his/her own telecommunications equipment and facilities in compliance with the technical standards prescribed by Presidential Decree so as to reliably provide his/her telecommunications services.

Article 62 (Reporting and Approval on Installation of Telecommunications Equipment and Facilities)

(1) Where a common telecommunications business operator intends to install or change important telecommunications equipment and facilities, he/she shall submit a prior report to the Korea Communications Commission, as prescribed by Presidential Decree: Provided, That in terms of telecommunications equipment and facilities installed for the first time thanks to a new telecommunications technology, the operator shall obtain approval from the Korea Communications Commission, as prescribed by Presidential Decree.

(2) Scope of important telecommunications equipment and facilities under paragraph (1) shall be prescribed and publicly announced by the Korea Communications Commission.

Article 63 ( Joint Installation of Telecommunications Equipment and Facilities)

(1) A common telecommunications business operator may install and use telecommunications equipment and facilities jointly with other common telecommunications business operators through consultation thereon with them.

(2) Where common telecommunications business operators have consultation under paragraph (1), the Korea Communications Commission may conduct researches on necessary data and provide them to common telecommunications business operators, as prescribed by Presidential Decree.

(3) The Korea Communications Commission may request an institution specialized in telecommunications to conduct researches under paragraph (2) as prescribed by Presidential Decree, so as to efficiently conduct the relevant researches.

(4) In any case described in the following subparagraphs, the Korea Communications Commission may recommend a common telecommunications business operator under paragraph (1) to jointly install telecommunications equipment and facilities, as prescribed by Presidential Decree:

1. Where consultation under paragraph (1) fails to lead to agreement, and the relevant common telecommunications business operator makes a request;

2. Where it is deemed necessary to promote public interests.

(5) Where it is necessary for a common telecommunications business operator to use land, buildings, etc. owned by the State, local governments, public institutions under the Act on the Management of Public Institutions (hereafter referred to as “public institutions” in this Article) or other common telecommunications business operators for the joint installation of telecommunications equipment and facilities, and consultation fails to lead to agreement on the use of such land, buildings, etc., the common telecommunications business operator may request the Korea Communications Commission to provide cooperation for the use of the relevant land, buildings, etc.

(6) Where the Korea Communications Commission receives a request for cooperation under paragraph (5), it may request the State agencies, local governments, the heads of public institutions, or other common telecommunications business operators to respond to the consultation on the use of the relevant land, buildings, etc. with the common telecommunications business operator who submits a request for cooperation under paragraph (5). In such cases, the State agencies, local governments, the heads of public institutions, or other common telecommunications business operators shall respond to the consultation with the common telecommunications business operator unless justifiable grounds exist.

SECTION 2.- Private Telecommunications Equipment and Facilities

Article 64 (Installation of Private Telecommunications Equipment and Facilities)

(1) Any person who intends to install private telecommunications equipment and facilities shall report to the Korea Communications Commission, as prescribed by Presidential Decree. The same shall apply in cases where he/she intends to change any important matter prescribed by Presidential Decree, among the reported matters.

(2) Notwithstanding paragraph (1), other Acts shall apply to private wireless telecommunications equipment and facilities and military telecommunications equipment and facilities, if otherwise prescribed by such other Acts.

(3) Where a person who has reported on the installation of private telecommunications equipment and facilities or reported on the change thereof pursuant to paragraph (1) completes the installation works or installation change works, he/she shall obtain prior confirmation from the Korea Communications Commission, as prescribed by Presidential Decree.

(4) Notwithstanding paragraph (1), private telecommunications equipment and facilities prescribed by Presidential Decree may be installed without reporting.

Article 65 (Restrictions on Use for other Purposes)

(1) No person who installs private telecommunications equipment and facilities shall advocate a third party’s communications through such equipment and facilities or operate such equipment and facilities not in accordance with the purposes of installation: Provided, That this shall not apply in cases where he/she uses them for any of the following purposes to the extent permitted by other Acts or to the extent that does not impede the purposes of installation:

1. Cases of allowing a policeman or a person engaged in disaster relief to use private telecommunications equipment and facilities for the maintenance of public order or for emergency disaster relief;

2. Cases of using private telecommunications equipment and facilities between a person who installs such equipment and facilities and a person in a special business relationship with him/her, as publicly announced by the Korea Communications Commission.

(2) A person who has installed private telecommunications equipment and facilities may provide his/her own telecommunications equipment and facilities, such as ducts or cables, to common telecommunications business operators, as prescribed by Presidential Decree.

(3) Articles 35, 44 (excluding paragraph (5)), 45 through 47 shall apply mutatis mutandis to the provision of equipment and facilities under paragraph (2).

Article 66 (Procurement of Communications in Cases of Emergency)

(1) The Korea Communications Commission may order a person who has installed private telecommunications equipment and facilities to carry out the telecommunications business or other important communications business or to connect his/her telecommunications equipment and facilities with other telecommunications equipment and facilities, at the time of war, an upheaval, natural disaster or any national emergency equivalent thereto or if an outbreak of such emergency is highly apprehended. In such cases, the provisions of Articles 28 through 55 shall apply mutatis mutandis.

(2) If he Korea Communications Commission deems necessary, he/she may require a common telecommunications business operator to carry out the business under paragraph (1).

(3) In cases under paragraph (1), the expenses incurred in carrying out the business and connecting equipment and facilities shall be reimbursed by the Government: Provided, That where private telecommunications equipment and facilities are used for telecommunications services, the expenses incurred therein shall be reimbursed by the common telecommunications business operator who uses such equipment and facilities.

Article 67 (Corrective Order, etc. Issued to Private Telecommunications Equipment and Facilities Installers)

(1) Where a person who has installed private telecommunications equipment and facilities violates this Act or any order under this Act, the Korea Communications Commission may order him/her to take a corrective measure within a prescribed period.

(2) Where a person who has installed private telecommunications equipment and facilities falls under any of the following subparagraphs, the Korea Communications Commission may order him/her to suspend the use of such equipment and facilities for up to one year:

1. Where he/she fails to comply with the corrective order under paragraph (1);

2. Where he/she uses private telecommunications equipment and facilities without confirmation in violation of Article 64 (3);

3. Where he/she advocates a third party’s communications or operates private telecommunications equipment and facilities not in accordance with the purpose of installation in violation of Article 65 (1).

(3) Where it is deemed that private telecommunications equipment and facilities are feared to impede a third party’s telecommunications or to harm a third party’s telecommunications equipment and facilities, the Korea Communications Commission may order the person who has installed such private telecommunications equipment and facilities to suspend the use of his/her equipment and facilities, to reform or repair them, or to take other necessary measures.

SECTION 3.- Integrated Management, etc. of Telecommunications Equipment and Facilities

Article 68 (Installation of Conduits, Ducts, etc.)

(1) Any person who installs or constructs any of the following facilities (hereinafter referred to as “facility installer“) shall consider the opinions of a common telecommunications business operator on the installation of common utility conduits, ducts, etc. that can carry telecommunications equipment and facilities and reflect them on the installation or construction of such facilities: Provided, That this shall not apply in cases where he/she fails to reflect the opinions of the common telecommunications business operator due to any extenuating circumstance:

1. Roads under Article 2 (1) 1 of the Road Act;

2. Railroads under subparagraph 1 of Article 2 of the Railroad Enterprise Act;

3. Urban railroads under subparagraph 1 of Article 3 of the Urban Railroad Act;

4. Industrial complexes under subparagraph 5 of Article 2 of the Industrial Sites and Development Act;

5. Free trade zones under subparagraph 1 of Article 2 of the Act on Designation and Management of Free Trade Zones;

6. Airport zones under subparagraph 9 of Article 2 of the Aviation Act;

7. Harbor zones under subparagraph 4 of Article 2 of the Harbor Act;

8. Other facilities or sites prescribed by Presidential Decree.

(2) A common telecommunications business operator shall present his/her opinions on the installation of common utility conduits, ducts, etc. under paragraph (1) in compliance with the guidelines prescribed by Presidential Decree for installing conduits.

(3) Articles 35, and 44 (excluding paragraph (5)) and 45 through 47 shall apply mutatis mutandis to the provision of common utility conduits, ducts, etc. established under paragraph (1).

(4) Where a facility installer is unable to reflect the opinions of a common telecommunications business operator pursuant to paragraph (1), he/she shall notify the relevant common telecommunications business operator of the reasons therefor within 30 days after the date of receipt of such opinions.

(5) Where a facility installer fails to reflect the opinions of a common telecommunications business operator pursuant to paragraph (1), the relevant common telecommunications business operator may submit a request for mediation to the Korea Communications Commission.

(6) Where the Korea Communications Commission intends to provide mediatory suggestions upon receipt of a request for mediation under paragraph (5), it shall first consult with the head of the relevant central administrative agency.

(7) Matters necessary for mediation under paragraphs (5) and (6) shall be prescribed by Presidential Decree.

Article 69 (Establishment of Building Telecommunications Cabling Systems, etc.)

(1) A building under Article 2 (1) 2 of the Building Act shall be equipped with the building telecommunications cabling systems, and secure a certain space for connection with telecommunications line equipment and facilities.

(2) Matters necessary for the scope of buildings, guidelines for establishing the telecommunications cabling systems, and securing a space for connection with telecommunications line equipment and facilities pursuant to paragraph (1) shall be prescribed by Presidential Decree.

 Article 70 (Integrated Management of Telecommunications Equipment and Facilities, etc.)

(1) Where it is necessary for the efficient management and operation of telecommunications equipment and facilities, the Korea Communications Commission may entrust the integrated management of telecommunications equipment and facilities installed under this Act or any other Act and land, buildings or other structures attached thereto (hereinafter referred to as “telecommunications equipment and facilities, etc.”) to the common telecommunications business operator who has been selected in accordance with the guidelines and procedures prescribed by Presidential Decree (hereinafter referred to as “telecommunications business operator entrusted with the integrated management“).

(2) Where the Korea Communications Commission intends to entrust the integrated management of telecommunications equipment and facilities under paragraph (1), it shall develop a plan for the integrated management of telecommunications equipment and facilities (hereinafter referred to as “integrated management plan“) and obtain approval therefor from the President through consultation with the head of the relevant administrative agency and through deliberation by the State Council.

(3) An integrated management plan shall include the following matters:

1. Subjects, periods, methods and procedures of the integrated management;

2. Matters concerning the management of telecommunications equipment and facilities, etc. after integration;

3. Other matters prescribed by Presidential Decree.

(4) Where the Korea Communications Commission intends to develop an integrated management plan, it shall first consult with the person who installs telecommunications equipment and facilities to be integrated.

Article 71 (Purchase of Telecommunications Equipment and Facilities, etc.)

(1) If it is necessary for the integrated management of telecommunications equipment and facilities, a telecommunications business operator entrusted with the integrated management may claim for the purchase of the relevant telecommunications equipment and facilities. In such cases, the owner of the relevant telecommunications equipment and facilities shall not refuse the claim without any justifiable ground.

(2) Notwithstanding Article 27 of the State Property Act or Article 19 of the Public Property and Commodity Management Act, State-owned or publicly-owned telecommunications equipment and facilities, etc. claimed by a telecommunications business operator entrusted with the integrated management may be sold to the telecommunications business operator entrusted with the integrated management. In such cases, matters necessary for the sales, such as the methods of calculating the sale price, procedures for sales, and payment methods of the purchase prices shall be prescribed by Presidential Decree.

(3) With respect to the methods and guidelines for calculating the sale price of non-state-owned or non-publicly-owned telecommunications equipment and facilities to be purchased by a telecommunications business operator entrusted with the integrated management under paragraph (1), the provisions of Articles 67 (1), 70, 71, 74, 75, 75-2, 76, 77 and 78 (5) through (7) shall apply mutatis mutandis.

SECTION 4.- Installation and Preservation of Telecommunications Equipment and Facilities

Article 72 (Use of Land, etc.)

(1) If it is necessary for the installation of lines, antennas, and their appurtenant facilities to be available for telecommunications services (hereinafter referred to as “lines, etc.”), a common telecommunications business operator may use a third party’s land, or buildings and structures attached thereto, and surface and bottom of the water (hereinafter referred to as “land, etc.”). In such cases, the common telecommunications business operator shall consult with the owners or occupants of the relevant land, etc, in advance.

(2) Where consultation under paragraph (1) fails to lead to agreement or fails to take place, a common telecommunications business operator may use a third party’s land, etc. pursuant to the Act on the Acquisition of Land, etc. for Public Works and the Compensation therefor.

Article 73 (Temporary Use of Land, etc.)

(1) If it is necessary for the measurement of lines, etc. and the installation works or preservation works of telecommunications equipment and facilities, a common telecommunications business operator may temporarily use private, national or public telecommunications equipment and facilities and land, etc. to the extent that does not substantially impede the current use thereof.

(2) No person shall impede the measurement of lines, etc., the installation works or preservation works of telecommunications equipment and facilities and the temporary use of telecommunications equipment and facilities and land, etc. under paragraph (1) without any justifiable ground.

(3) When a common telecommunications business operator intends to temporarily use private, national or public property under paragraph (1), he/she shall notify the occupants, in advance, of the purposes of and period for such use: Provided, That in cases where it is difficult to give prior notice, he/she shall give prompt notice during or after the use, and in cases where he/she is unable to notify the purposes of and period for the use due to an obscurity of an address and residence of occupants, he/she shall publicly announce them.

(4) No period of temporary use of land, etc. under paragraph (1) may exceed six months.

(5) A person who temporarily uses private, national or public telecommunications equipment and facilities or land, etc. under paragraph (1) shall carry with him/her a certificate indicating his/her authority, and present it to the persons concerned.

Article 74 (Entrance to Land, etc.)

(1) A common telecommunications business operator may enter into a third party’s land, etc., to the extent necessary for the measurement, inspection , etc., for the installation and preservation of his/her telecommunications equipment and facilities: Provided, That in cases where the place where he/she intends to enter into is a residential building, a consent from residents shall be obtained.

(2) No person shall impede the measurement, inspection, etc. for the installation or preservation of telecommunications equipment and facilities and a entrance to land, etc. under paragraph (1) without any justifiable ground.

(3) Article 73 (3) and (5) shall apply mutatis mutandis to notification and presentation of a certificate if a person engaged in the measurement, inspection, etc. under paragraph (1) enters private, national or public land, etc.

Article 75 (Request for Removal of Obstacles, etc.)

(1) A common telecommunications business operator may request the owners or users of gas pipes, water pipes, drain pipes, electric lamp lines, power lines or private telecommunications equipment and facilities, which impede or are feared to impede the installation of lines, etc. or common telecommunications equipment and facilities (hereinafter referred to as “obstacles, etc.”) to relocate, reform, or repair them or to take other necessary measures.

(2) A common telecommunications business operator may request the owners or the persons in possession of plants, which impede or are feared to impede the installation or maintenance of lines, etc. or telecommunications to remove such plants.

(3) Where an owner or a persons in possession of a plant fails to comply with the request under paragraph (2), or where extenuating circumstances exist, a common telecommunications business operator may fell or transplant the relevant plant by obtaining permission from the Korea Communications Commission. In such cases, he/she shall promptly notify the owner or the person in possession of the relevant plant.

(4) Where an obstacle, which impedes or is likely to impede the telecommunications equipment and facilities of a common telecommunications business operator, needs to be newly established, enlarged, improved, removed or changed, the owner or user of such obstacles shall consult with the common telecommunications business operator, in advance.

Article 76 (Obligation for Reinstatement)

Where the use of land, etc. under Articles 72 and 73 is terminated or it is no longer necessary to provide land, etc. used for telecommunications services, a common telecommunications business operator shall reinstate the relevant land, etc., and where it is impossible to reinstate the relevant land, etc., he/she shall properly compensate for any losses suffered by the owners or users.

Article 77 (Compensation for Losses)

Where a common telecommunications business operator causes losses to a third party in cases under Article 73 (1), 74 (1) or 75, he/she shall compensate the third party for such losses.

Article 78 (Procedures for Compensation for Losses to Land, etc.)

(1) Where a common telecommunications business operator compensates for any losses pursuant to Article 76 or 77 on any of the following grounds, he/she shall consult with the person who suffered such losses:

1. Temporary use of land, etc. under Article 73 (1);

2. Entrance to land, etc. under Article 74 (1);

3. Relocation, reform or repair of obstacles, etc. or removal of plants under Article 75;

4. Impossibility of reinstatement under Article 76.

(2) When consultation under paragraph (1) fails to lead to agreement or fails to take place, an application for adjudication shall be filed with the competent Land Expropriation Commission under the Act on the Acquisition of Land, etc. for Public Works and the Compensation therefor.

(3) Except as otherwise prescribed by this Act, the Act on the Acquisition of Land, etc. for Public Works and the Compensation therefor shall apply mutatis mutandis to the standards, methods and procedures for compensation for losses, etc. to land, etc. under paragraph (1), and an application for adjudication under paragraph (2).

Article 79 (Protection of Telecommunications Equipment and Facilities)

(1) No person shall destroy telecommunications equipment and facilities, nor obstruct the flow of telecommunications by impeding the functions of telecommunications equipment and facilities by means of contacting other objects with them or by any other means.

(2) No person may contaminate telecommunications equipment and facilities or damage measurement marks of telecommunications equipment and facilities by means of throwing any object at the telecommunications equipment and facilities or tying an animal, vessel or a log raft thereto.

(3) In order to protect telecommunication cables or supplementary facilities laid on the seabed (hereafter referred to as “submarine cable“), a common telecommunications business operator may file an application for the designation of a submarine cable zone to the Korea Communications Commission.

(4) The Korea Communications Commission upon receipt of application under paragraph (3), shall examine the necessity for such designation and may designate a submarine cable zone and publicly announce it, following consultation with the head of the relevant central administrative agency.

(5) Matters concerning application for designation of a submarine cable zone, methods and procedures for designation and public announcement, methods of installing warning signs, etc. shall be prescribed by Presidential Decree.

Article 80 (Relocation, etc. of Equipment and Facilities.)

(1) Where telecommunications equipment and facilities of a common telecommunications business operator impede the use of land, etc. in which they are located due to changes to the purposes or methods of using such land, etc. or land adjacent thereto, the owner or occupant of such land, etc. may request the common telecommunications business operator to relocate the telecommunications equipment and facilities, and take other necessary measures to remove the impediment.

(2) A common telecommunications business operator shall, upon receipt of a request under paragraph (1), take necessary measures unless he/she has a difficulty in business operations or a technical difficulty to take such measures.

(3) Expenses incurred in the measures under paragraph (2) shall be reimbursed by a person who has made measures necessary to relocate the relevant equipment and facilities or remove the impediment after installation of the equipment and facilities: Provided, That in cases where a person who is liable to reimburse the expenses is the owner or occupant of the relevant land, etc. and falls any of the following subparagraphs, a common telecommunications business operator may reduce or exempt expenses to be reimbursed by such owner or occupant, taking into account the amount of compensation at the time of the installation of the equipment and facilities and the period for the installation thereof:

1. Where a common telecommunications business operator develops and implements plans for the relocation of the relevant telecommunications equipment and facilities or for the removal of the impediments;

2. Where the relocation of the relevant telecommunications equipment and facilities or removal of the impediments is beneficial for other telecommunications equipment and facilities;

3. Where the State or a local government requests the relocation of the relevant telecommunications equipment and facilities or removal of the impediments;

4. Where telecommunications equipment and facilities installed in private land is relocated because they substantially impede the use of such private land.

Article 81 (Cooperation, etc. with Other Organizations)

A common telecommunications business operator may ask the relevant public agencies for a cooperation, in case where the operation of vehicles, vessels, airplanes and other carriers is necessary for the installation and preservation of his/her telecommunications equipment and facilities. In such cases, upon receipt of a request for cooperation, the public agency shall comply with the request unless justifiable grounds exist.

Article 82 (Inspection, Reporting, etc.)

(1) Where it is necessary for the development of telecommunications policies or where it is prescribed by Presidential Decree, the Korea Communications Commission may inspect the current installation status, books or documents of a person who has installed telecommunications equipment and facilities or require him/her to report on his/her equipment and facilities.

(2) Where a person has installed telecommunications equipment and facilities in violation of this Act, the Korea Communications Commission may order him/her to remove the relevant equipment and facilities or take other necessary measures.

CHAPTER VI.- SUPPLEMENTARY PROVISIONS

Article 83 (Protection of Confidentiality of Communications)

(1) No person may infringe or divulge the confidentiality of communications carried by telecommunications business operators.

(2) No person who is or has been engaged in telecommunications services may divulge a third party’s confidential information with respect to communications obtained in the course of performance of his/her duties.

(3) A telecommunications business operator may comply with a request for the perusal or provision of any of the following data (hereinafter referred to as “provision of communications data“) from a court, a prosecutor, the head of an investigative agency (including the head of a military investigative agency, the Commissioner of the National Tax Service and the Commissioner of a Regional Tax Office; hereinafter the same shall apply) or the head of an intelligence and investigation agency, who intends to collect information or intelligence in order to prevent any threat to a trial, an investigation (including the investigation of a violation committed by means of a telephone, the Internet, etc. among the offenses prescribed in Article 10 (1), (3) and (4) of the Punishment of Tax Evaders Act), the execution of a sentence or the guarantee of the national security:

1. Names of users;

2. Resident registration numbers of users;

3. Addresses of users;

4. Phone numbers of users;

5. User identification word (referring to the identification codes of users used to identify the rightful users of computer systems or communications networks);

6. Dates on which users subscribe or terminate their subscriptions.

(4) The request for provision of communications data under paragraph (3) shall be made in writing (hereinafter referred to as “written request for provision of data“), which states a reason for such request, relation with the relevant user and the scope of necessary data: Provided, That where it is impossible to make a request in writing due to an urgent reason, such request may be made without resorting to writing, and when such reason disappears, a written request for provisions of data shall be promptly filed with the telecommunications business operator.

(5) Where a telecommunications business operator provides communications data according to the procedures under paragraphs (3) and (4), he/she shall retain the ledgers prescribed by Presidential Decree, which contain necessary matters, such as the records that communications data are provided, and the related materials, such as the written requests for provision of data.

(6) A telecommunications business operator shall report on the current status, etc. of provision of communications data, to the Korea Communications Commission twice a year, in accordance with the methods prescribed by Presidential Decree, and the Korea Communications Commission may ascertain whether the details of a report submitted by a telecommunications business operator are correct and the management status of related materials under paragraph (5).

(7) A telecommunications business operator shall, in accordance with the methods prescribed by Presidential Decree, notify the details entered in the ledgers under paragraph (5) to the head of the central administrative agency whereto a person requesting the provision of communications data under paragraph (3) belongs: Provided, That in cases where a person who requests the provision of communications data is a court, the relevant telecommunications business operator shall notify the Minister of the Court Administration thereof.

(8)  A telecommunications business operator shall establish and operate a department in exclusive charge of the affairs related to users’communication secrets; and the matters concerning the function, composition, etc. of the relevant development shall be prescribed by Presidential Decree.

(9) Matters necessary for the scope of persons having authority to grant approval on the written requests for provision of data shall be prescribed by Presidential Decree.

Article 84 (Information, etc. of Caller’s Phone Number)

(1) A telecommunications business operator may, upon request from a receiver, inform him/her of a caller’s phone number: Provided, That this shall not apply in cases where the caller expresses his/her intent refusing the transmission of his/her phone number.

(2) Where any of the following cases occurs, a telecommunications business operator may inform a receiver a caller’s phone number, etc, notwithstanding the proviso to paragraph (1);

1. Where the receiver requests to inform the caller’s phone number under conditions and procedures prescribed by Presidential Decree in order to protect the receiver from verbal abuse, threats, harassment, etc.;

2. Where it is prescribed by Presidential Decree for national security, crime prevention, disaster relief, etc. when providing phone services with special numbers.

(3) No person shall fabricate or falsify a caller’s phone number while making phone calls for the purpose of making financial profits by deceiving other persons or of harming them by verbal abuse, threats, harassment, etc.

(4) No person shall provide services for forging or falsely indicating a caller’s phone number for profit-making: Provided, That this shall not apply to any case having justifiable grounds, such as for public interests or offering convenience to the receiver, etc.

Article 85 (Restriction on, and Suspension of Business)

The Korea Communications Commission may order a telecommunications business operator to fully or partially restrict or suspend telecommunications services in order to secure major telecommunications, as prescribed by Presidential Decree at the time of war, an upheaval, natural disaster or any national emergency equivalent thereto or if an outbreak of such emergency is highly apprehended or if extenuating circumstances exist.

Article 86 (Approval for International Telecommunications Services)

(1) When any special provisions concerning international telecommunications services are included in treaties or agreements signed by the Government, those provisions shall govern.

(2) Where a telecommunications business operator intends to enter into an agreement on international telecommunications services prescribed by Presidential Decree, he/she shall obtain approval from the Korea Communications Commission after satisfying the requirements prescribed by Presidential Decree. The same shall apply to an amendment to or revocation of such agreement.

(3) Where a telecommunications business operator who provides common telecommunications services intends to enter into an agreement for the adjustments of international telecommunications service charges with a foreign government or a foreigner, he/she shall report to the Korea Communications Commission: Provided, That this shall not apply to the telecommunications business operator who satisfies the requirements prescribed by Presidential Decree for the size of telecommunications equipment and facilities, capital, whether to grant phone numbers, etc.

(4) Where a telecommunications business operator who provides common telecommunications services intends to enter into an agreement for the adjustments of roaming service charges, he/she shall obtain approval from the Korea Communications Commission, notwithstanding paragraph (3).

(5) Matters necessary for reporting under paragraph (3) or approval under paragraph (4) shall be determined and publicly announced by the Korea Communications Commission.

Article 87 (Cross-Border Provision of Common Telecommunications Services)

(1) Where a person intends to provide common telecommunications services from abroad into Korea without establishing any place of business in Korea (hereinafter referred to as “cross-border provision of common telecommunications services“), he/she shall enter into an agreement for cross-border provision of common telecommunications services with a domestic common telecommunications business operator or special category telecommunications business operator who provides the same common telecommunications services.

(2) Articles 28, 32, 33, 45 through 47, 50 through 55, 83 through 85, 88, 92 of this Act and Article 44-7 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. shall apply mutatis mutandis to the provision of services under an agreement concluded by a common telecommunications business operator or a special category telecommunications business operator under paragraph (1).

(3) Where a person who intends to provide cross-border common telecommunications services under paragraph (1), or a common telecommunications business operator or special category telecommunications business operator who has entered into an agreement with such person, violates the relevant provisions which apply mutatis mutandis under paragraph (2), the Korea Communications Commission may revoke approval under Article 86 (2), or issue an order to fully or partially suspend the cross-border provision of common telecommunications services under the relevant agreement for up to one year.

(4) Guidelines and procedures for imposing dispositions under paragraph (3) and other necessary matters shall be prescribed by Presidential Decree.

Article 88 (Reporting, etc. on Statistics)

(1) A telecommunications business operator shall report to the Korea Communications Commission on the statistics on the provision of telecommunications services prescribed by Presidential Decree, such as the current status of equipment and facilities, subscription record and current status of users for each type of telecommunications services, and the data related to telephone traffic required for billing and collections and retain the related data, as prescribed by Presidential Decree.

(2) A common telecommunications business operator and stockholders thereof, or a special category telecommunications business operator and stockholders thereof shall submit the related data necessary for a verification of matters under Article 8, as prescribed by Presidential Decree.

(3)          In order to verify the matters under paragraph (2), or to examine the genuineness of the data submitted, The Korea Communications Commission may request the administrative agencies and other related agencies to examine the data submitted or to submit the related materials. In such cases, the agencies in receipt of such request shall comply with it unless justifiable grounds exist.

Article 89 (Hearings)

Where the Korea Communications Commission intends to impose any of the following dispositions, it shall hold a hearing:

1. To fully or partially cancel the license of a common telecommunications business operator under Article 20 (1);

2. To fully or partially cancel registration of a special category telecommunications business operator under Article 27 (1);

3. To fully or partially cease the value-added telecommunications business under Article 27 (2);

4. To revoke approval under Article 87 (3).

Article 90 (Imposition, etc. of Penalty Surcharge)

(1) Where a business suspension order to be issued to a telecommunications business operator who falls under each subparagraph of Article 20 (1), each subparagraph of Article 27 (1) or any subparagraph of Article 27 (2), causes substantial inconvenience to the users, etc. of the relevant business or threatens to impair public interests, the Korea Communications Commission may impose a penalty surcharge in an amount not exceeding 3/100 of the turnover calculated under Presidential Decree in lieu of the business suspension order. In such cases, if the telecommunications business operator refuses to submit materials relating to the calculation of the profit or submits any false material, the profit may be estimated based on the financial statements and other accounting materials of the relevant telecommunications business operator and the business operators providing the same or similar types of services, and the materials concerning the current status of business operations, such as the number of subscribers, service charges, etc.: Provided, That where there is no profit or it is difficult to calculate the profit, as prescribed by Presidential Decree, a penalty surcharge not exceeding one billion won may be imposed.

(2) Where an order to suspend the use of private telecommunications equipment and facilities under Article 67 (2) causes substantial inconvenience to the users of telecommunications services provided with the relevant private telecommunications equipment and facilities or threatens to impair public interests, the Korea Communications Commission may impose a penalty surcharge not exceeding one billion won in lieu of the order to suspend the use thereof.

(3) Detailed guidelines for the imposition of penalty surcharges under paragraphs (1) and (2) shall be prescribed by Presidential Decree.

(4) The provisions of Article 53 (5) through (7) shall apply mutatis mutandis to additional dues, demands, and collection of penalty surcharges under paragraphs (1) and (2).

Article 91 (Extension of Payment Deadline of Penalty Surcharges and Payment in Installments)

(1) Where a penalty surcharge to be paid by a telecommunications business operator under Articles 53 and 90 exceeds an amount prescribed by Presidential Decree, and where deemed that the person liable to pay a penalty surcharge has difficulty in paying it in a lump sum on any of the following grounds, the Korea Communications Commission may either extend the payment deadline, or permit him/her to pay it in installments. In such cases, the Commission may, if deemed necessary, require him/her to provide a security therefor:

1. Where he/she suffers a severe financial loss due to natural disasters or fire, etc;

2. Where his/her business faces a serious crisis due to an aggravation of business environments;

3. Where it is expected that he/she will be in great financial difficulty if he/she pays the penalty surcharge in a lump sum.

(2) Matters necessary for an extension of the payment deadline of penalty surcharges, the payment in installments and the provision of a security shall be prescribed by Presidential Decree.

Article 92 (Corrective Orders, etc.)

(1) The Korea Communications Commission shall issue a corrective order to a telecommunications business operator who falls under any of the following subparagraphs:

1. Where he/she violates the provisions of Article 3, 4, 6 through 11, 14 through 24, 26 through 28, 30 through 44, 47 through 49, 51, 56 through 62, 64 through 67, 69, 73 through 75, 79 or 82 through 88, or the orders issued under these provisions;

2. Where the procedures for his/her business operations are deemed to inflict significant harm on the users’ interests;

3. Where he/she fails to promptly take measures necessary for removing an obstruction, such as repair, etc. when an accident, etc. impedes the provision of telecommunications services.

(2) The Korea Communications Commission may order a telecommunications business operator to conduct any of the following matters, when necessary for the development of telecommunications:

1. Integrated operation and management of telecommunications equipment and facilities;

2. Expansion of communications equipment and facilities for the enhancement of social welfare;

3. Establishment and management of communications networks for important communications to achieve efficient performance of the State’s functions;

4. Other matters prescribed by Presidential Decree.

(3) The Korea Communications Commission may order a person who falls under any of the following subparagraphs to suspend the provision of telecommunications services or to take measures necessary for the removal of telecommunications equipment and facilities:

1. A person who operates a common telecommunications business without obtaining a license under Article 6 (1);

2. A person who operates a special category telecommunications business without registration under Article 21 (1);

3. A person who operates the value-added telecommunications business without reporting thereon under Article 22 (1).

Article 93 (Delegation of Authority)

The Korea Communications Commission may partially delegate its authority under this Act to the head of its affiliated agency, as prescribed by Presidential Decree.

CHAPTER VII.- PENAL PROVISIONS

 Article 94 (Penal Provisions)

A person who falls under any of the following subparagraphs shall be punished by imprisonment for not more than five years or by a fine not exceeding 200 million won:

1. A person who operates the common telecommunications business without obtaining a license under Article 6 (1);

2. A person who operates the common telecommunications business, in violation of an order to partially cancel his/her license under Article 20 (1);

3. A person who obstructs the flow of telecommunications by impeding a function of telecommunications equipment and facilities by means of damaging telecommunications equipment and facilities, or contacting the objects with them or by other means, in violation of Article 79 (1);

4. A person who divulges a third party’s confidential information with respect to communications obtained in the course of performance of his/her duties, in violation of Article 83 (2);

5. A person who provides communication data, and a person who receives communications data, in violation of Article 83 (3).

Article 95 (Penal Provisions)

Any of the following persons shall be punished by imprisonment for not more than three years or by a fine not exceeding 150 million won: (Amended by Act nº 10656, May 19, 2011)

1. A person who refuses to provide telecommunications services without justifiable grounds, in violation of Article 3 (1);

2. A person who violates a disposition taken to suspend his/her business operation under Article 20 (1);

3. A person who operates the special category telecommunications business without registration under Article 21 (1);

3-2. A person who conducts value-added telecommunications business without conducting registration under Article 22 (2);

4.  A person who operates a special category telecommunications business, in violation of an order to partially cancel registration under Article 27 (1);

5. A person who fails to comply with an order under Article 52 (1);

6. A person who obstructs the measurement of lines, etc. and the installation and preservation works for telecommunications equipment and facilities under Article 73 (2);

7. A person who violates the confidentiality of communications of telecommunications business operators or divulges such confidential information, in violation of Article 83 (1).

Article 96 (Penal Provisions)

A person who falls under any of the following subparagraphs shall be punished by imprisonment for not more than two years or by a fine not exceeding 100 million won:

1. A person who fails to obtain a revised license under Article 16;

2. A person who fails to obtain approval under Articles 17 (1) and 42 (4);

3. A person who fails to obtain authorization under the main sentence of the part other than each subparagraph of Article 18 (1) or approval under Article 19 (1);

4. A person who integrates telecommunications networks, appoints executives, acquires business, executes an agreement for merger or sale of equipment and facilities, or takes follow-up measures for the establishment of a company prior to obtaining authorization, in violation of Article 18 (9):

5. A person who fails to comply with an order to take measures to protect users under Article 19 (2);

6. A person who operates a value-added telecommunications business without reporting under Article 22 (1);

7. A person who violates a disposition taken to suspend his/her business operation under Article 27 (1);

8. A person who fails to comply with an order to discontinue his/her business under Article 27 (2);

9. A person who fails to purchase a guarantee insurance policy, in violation of Article 32 (3)

10. A person who discloses, uses or provides information, in violation of the main sentence of Article 43 (1) or paragraph (2) of the same Article;

11. A person who fails to comply with an order to restrict or suspend telecommunications services under Article 85;

12. A person who fails to obtain approval or approval for an amendment or revocation, under Article 86 (2) or (4).

Article 97 (Penal Provisions)

A person who falls under any of the following subparagraphs shall be punished by imprisonment for not more than one year or by a fine not exceeding 50 million won:

1. A person who fails to comply with an order under Article 10 (5), 12 (2) (including cases where the provisons apply mutatis mutandis under Article 4 (4) of the Addenda of the Telecommunications Business Act amended by Act nº 5385) or 18 (8);

2. A person who fails to report under the proviso to Article 18 (1);

3. A person who fails to file a revised registration or a revised report under Article 23;

4. A person who fails to report under Article 24;

5. A person who violates a disposition taken to suspend his/her business operation under Article 27 (2);

6. A person who provides telecommunications services without submitting a report or revised report under Article 28 (1) and (2) (proviso) or without obtaining authorization or revised authorization under Article 28 (2);

7. A person who advocates a third party’s communications through telecommunications services provided by a telecommunications business operator or provides such services for a third party’s communications, in violation of the body of Article 30.

Article 98 (Penal Provisions)

A person who falls under any of the following subparagraphs shall be punished by imprisonment for not more than one year or by a fine not exceeding 100 million won:

1. A person who installs or changes important telecommunications equipment and facilities without reporting under the main sentence of Article 62 (1) or a person who installs telecommunications equipment and facilities without obtaining approval under the proviso to Article 62 (1);

2. A person who installs private telecommunications equipment and facilities without submitting a report or a revised report under Article 64 (1);

3. A person who advocates a third party’s communications through private telecommunications equipment and facilities or operates such equipment and facilities not in accordance with the purposes of installation, in violation of Article 65 (1);

4. A person who fails to comply with an order to carry out the telecommunications business or other important communications business or to connect his/her equipment and facilities with other telecommunications equipment and facilities under Article 66 (1);

5. A person who fails to comply with an order to suspend the use under Article 67 (2) or an order under Article 67 (3);

6. A person who fails to comply with an order to remove telecommunications equipment and facilities or an order to take other necessary measures under Article 82 (2).

Article 99 (Penal Provisions)

A person who commits a prohibited act under each subparagraph of Article 50 (1) (excluding any act of providing telecommunications services in a manner different from the terms and conditions of use under Article 50 (1) 5) shall be punished by a fine not exceeding 300 million won.

Article 100 (Penal Provisions)

A person who falls under any of the following subparagraphs shall be punished by a fine not exceeding 50 million won:

1. A person who fabricates or falsifies a caller’s phone number while making a phone call for the purpose of making financial profits by deceiving other persons or of harming them by verbal abuse, threats, sexual harassment, etc., in violation of Article 84 (3);

2. A person who provides services for fabricating for falsifying a caller’s phone number for profit-making, in violation of Article 84 (4).

Article 101 (Penal Provisions)

A person who contaminates telecommunications equipment and facilities or damages measurement marks of telecommunications equipment and facilities, in violation of Article 79 (2) shall be punished by a fine or a minor fine not exceeding one million won.

Article 102 (Attempted Criminals)

An attempted criminal under subparagraphs 3 and 4 of Article 94 and subparagraph 7 of Article 95 shall be punished.

Article 103 (Joint Penal Provisions)

When a representative of a corporation or an agent, an employee or any other employed person of a corporation or an individual commits any violation under Articles 94 through 100 in connection with the business of such corporation or individual, not only shall such violator be punished accordingly, but the corporation or individual shall be punished by a fine under the relevant provisions, respectively: Provided, That the same shall not apply in cases where the corporation or individual has paid due attention to or diligently supervised the relevant business in order to prevent such violation.

Article 104 (Fines for Negligence)

(1) A person who falls under any of the following subparagraphs shall be punished by a fine for negligence not exceeding 30 million won:

1. A person who impedes a temporary use of private telecommunications equipment and facilities or land, etc. without any justifiable ground, in violation of Article 73 (2);

2. A person who impedes an entrance to land, etc. without any justifiable ground, in violation of Article 74 (2);

3. A person who refuse to relocate, reform or repair obstacles, etc. or to take other necessary measures under Article 75 (1) or to remove plants under Article 75 (2) without any justifiable ground.

(2) A person who fails to apply for authorization on the conclusion of an agreement, in violation of Article 44 (2) shall be punished by a fine for negligence not exceeding 200 million won.

(3) A person who falls under any of the following subparagraphs shall be punished by a fine for negligence not exceeding 15 million won:

1. A person who fails to report on the conclusion of an agreement under Article 44 (1);

2. A person who fails to report under the main sentence of Article 86 (3).

(4) A person who falls under any of the following subparagraphs shall be punished by a fine for negligence not exceeding 10 million won:

1. A person who fails to report under Article 10 (2) or fails to comply with a request for the provision of necessary data or an order to appear under Article 11 (3) or (4);

2. A person who fails to notify users by not later than 60 days before a scheduled date of suspension or discontinuance, in violation of Article 19 (1);

3. A person who fails to report under Article 26;

4. A person who violates duties to protect users under Article 32 (1);

5. A person who fails to comply with an order to submit data issued by the Korea Communications Commission under Article 35 (5) or submits false data;

6. A person who fails to publicly announce the technical standards, the requirements for the provision and use, and other standards required for the creation of environments for fair competition, in violation of Article 42 (4);

7. A person who fails to comply with the matters publicly announced under Article 48 (2), in violation of Article 48 (3);

8. A person who refuses, avoids or impedes an investigation under Article 51 (2);

9. A person who refuses, avoids or impedes an order to submit necessary data or articles under Article 51 (5), or temporary custody of such data or articles;

10. A person who fails to comply with an order to submit data under Article 56 (3);

11. A person who uses private telecommunications equipment and facilities without verification, in violation of Article 64 (3);

12. A person who refuses, interferes with or avoids an inspection under Article 82 (1);

13. A person who fails to report under Article 82 (1) or falsely reports;

14. A person who fails to retain the related materials or retains false materials, in violation of Article 83 (5);

15. A person who fails to notify details of the ledgers which include the provision of communications data, etc. to the head of a central administrative agency, in violation of Article 83 (7);

16. A person who fails to report or submit data under Article 88, or falsely reports or submits false materials;

17. A person who fails to comply with a corrective order under Article 92.

(5) Fines for negligence under paragraphs (1) through (4) shall be imposed and collected by the Korea Communications Commission, as prescribed by Presidential Decree.

ADDENDA

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Term of Validity)

The amended provisions of Article 38 (2) through (4) shall be valid for three years from the date this Act enters into force.

Article 3 (Transitional Measures concerning Scope of Application)

The former provisions of the Addenda shall apply even after this Act enters into force.

Article 4 (Transitional Measures concerning Licenses of Common Telecommunications Business Operators)

A common telecommunications business operator who has obtained a license under the former provisions to operate common telecommunications business as at the time this Act enters into force shall be deemed a common telecommunications business operator who has obtained a license under the amended provisions of Article 6 to operate common telecommunications business under the amended provisions of Article 5 (2).

Article 5 (Transitional Measures concerning Guarantee Insurance)

A special category telecommunications business operator registered under the former provisions as at the time this Act enters into force who has collected service charges from users in advance, and then purchased a guarantee insurance policy to provide services, shall be deemed to have purchased a guarantee insurance policy under the amended provisions of Article 32 (3).

Article 6 (Transitional Measures concerning Penal Provisions, etc.)

In applying penal provisions or provisions concerning the fine for negligence against a violation committed before this Act enters into force, the former provisions shall apply: Provided, That this Act shall apply in cases where the application of the provisions of this Act is favorable to a violator.

Article 7 Omitted.

Article 8 (Transitional Measures following Amendment to Other Acts)

In applying penal provisions or provisions concerning fines for negligence against a violation of the former Framework Act on Telecommunications (referring to the Framework Act on Telecommunications before the amendment under Article 7 (5) of this Addenda), the former Framework Act on Telecommunications shall apply.

Article 9 (Relations with Other Acts and Subordinate Statutes)

A citation of the former Framework Act on Telecommunications and the former Telecommunications Business Act or any provision thereof by any other Act or subordinate statute in force as at the time this Act enters into force shall be deemed a citation of this Act or a corresponding provision thereof in lieu of the former provisions, if such corresponding provision exists in this Act.

ADDENDA (Act nº 10656, May. 19, 2011)

(1) (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

(2) (Transitional Measures concerning Registration of Value-added Telecommunications Business)

Among those who conduct value-added telecommunications business in accordance with the former provisions as at the time this Act enters into force, any person who needs to make registration in accordance with the amended provisions of Article 22 (2) shall make registration within six months after this Act enters into force.

ADDENDA (Act nº 11201, Jan. 17, 2011)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability to Notification)

The amended provisions of Article 32-2 shall apply, starting with the first person who enters into a contract for the use of telecommunications services with a telecommunications business operator after this Act enters into force.

03Nov/21

Act nº 12032, Aug. 13, 2013, Special Act on Promotion of Information and Communications Technology, Vitalization of Convergence Thereof, etc.

Act nº 12032, Aug. 13, 2013, Special Act on Promotion of Information and Communications Technology, Vitalization of Convergence Thereof, etc. (Amended by Act nº 13016, Jan. 20, 2015, Act nº 14839, Jul. 26, 2017).

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)

The purpose of this Act is to contribute to improving the quality of life of the people through the elevation of international competitiveness of information and communications and through the promotion of continuous development of national economy by promoting information and communications technology and by prescribing a system to promote policies for the vitalization of convergence of information and communications technology, rationalization of restrictions, fostering of human resources, development of venture businesses, support of research and development, etc.

Article 2 (Definitions)

(1) The definitions of terms used in this Act are as follows:

1. The term “information and communications” refers to a series of activities and means, such as equipment, technologies, services, and industries, related to the collection, processing, storage, handling, search, transmission, and reception, of information, supply of services, and so forth, using or making full use of telecommunications equipment and facilities defined in subparagraph 2 of Article 2 of the Telecommunications Business Act, computers, etc., which include following:

(a) Information and communications services defined in subparagraph 2 of Article 2 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.;

(b) Broadcast communications services defined in subparagraph 5 of Article 2 of the Framework Act on Broadcasting Communications Development;

(c) Information and communications technology industry defined in subparagraph 2 of Article 2 of the Information and Communications Technology Industry Promotion Act;

(d) Technologies, services, and industries relating to the production, distribution, etc. of digital contents defined in subparagraph 5 of Article 2 of the Framework Act on the Promotion of Cultural Industries;

2. The term “convergence of information and communications technology” refers to creative and innovative activities and phenomena creating new social and market value by combining or mixing technologies and services between information and communications technology or between information and communications technologies and other industries;

3. The term “small and medium enterprises” refers to small and medium enterprises defined in Article 2 (1) of the Framework Act on Small and Medium Enterprises;

4. The term “venture business” refers to a venture business defined in Article 2 (1) of the Act on Special Measures for the Promotion of Venture Businesses or a self-employed creative business defined in Article 2 of the Act on the Fostering of Self-Employed Creative Enterprises;

5. The term “commercialization” refers to a series of processes in which technologies, products, and services developed, manufactured, or produced in making full use of research and development concerning information and communications are linked with business activities, such as sale, distribution, and supply, for the purpose of profit-making, or in which associations or organizations engaged in business activities are formed;

6. The term “software” refers to software defined in subparagraph 1 of Article 2 of the Software Industry Promotion Act;

7. The term “digital contents” refers to digital contents defined in subparagraph 5 of Article 2 of the Framework Act on the Promotion of Cultural Industries;

8. The term “digital content enterpriser” refers to a person who is engaged in economic activities for the purpose of profit-making by producing, duplicating, transmitting, distributing digital contents and conducting other activities related thereto;

9. The term “information and communications equipment” refers to devices, machinery, tools, parts, cables, and other necessary equipment and facilities concerning information and communications technology;

10. The term “public institutions” refers to the following institutions:

(a) Legal entities, organizations, or institutions under Article 4 of the Act on the Management of Public Institutions;

(b) Local government-invested or -funded public corporations under the Local Public Enterprises Act;

(c) Special legal entities established pursuant to special Acts;

(d) Other legal entities, organizations, or institutions prescribed by Presidential Decree.

(2) Except as otherwise provided for in paragraph (1), the definitions of terms used in this Act shall be as prescribed by other Acts, including the Framework Act on Broadcasting Communications Development, the Framework Act on Telecommunications, the Telecommunications Business Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., the Information and Communications Technology Industry Promotion Act, and the Internet Multimedia Broadcast Services Act.

Article 3 (Basic Principles)

(1) The State and each local government shall endeavor to create an environment that enables open and reasonable use of information and communications technology and to achieve sound and sustainable development of an information and communications technology ecosystem.

(2) The State and each local government shall endeavor to respect the creative spirit of the private sector and make the formation of market-oriented opinions possible.

(3) The State and each local government shall make an effort for collaborative cooperation among large enterprises, small and medium enterprises, and venture businesses relating to information and communications technology and the harmonious development thereof.

(4) The State and each local government shall actively support the advance of the industry of information and communications technology into overseas markets, and ensure that discriminatory treatment between domestic and foreign enterprisers does not occur in enacting or amending statutes or in formulating policies.

(5) The State and each local government shall endeavor to minimize regulation hindering the promotion and vitalization of technologies, services, etc. for information and communications and for the convergence of information and communications technology (hereinafter referred to as “convergence, etc. of information and communications technology“).

(6) The State and each local government shall endeavor to apply the same regulation to any services deemed the same in comprehensive consideration of the characteristics of information and communications technology, users’ behavior in the use of service, and so forth.

(7) The State and each local government shall, in principle, allow new technologies and services for the convergence, etc. of information and communications technology insofar as relevant statutes are not violated, and make active efforts to vitalize such matters.

Article 4 (Relationship with other Acts)

This Act shall prevail over other Acts concerning the promotion of technologies, services, etc. for information and communications technology and the vitalization of convergence thereof.

CHAPTER II.- CONSTRUCTION OF A SYSTEM TO DRIVE THE PROMOTION OF INFORMATION AND COMMUNICATIONS TECHNOLOGY AND THE ACTIVATION OF CONVERGENCE THEREOF

Article 5 (Formulation and Implementation of Master Plans)

(1) The Minister of Science and ICT shall, every three years, formulate and implement a three-year master plan (hereinafter referred to as “master plan”) for the promotion of information and communications technology and the vitalization of convergence thereof, but may shorten the planning cycle or change such master plan if necessary. (Amended by Act nº 14839, Jul. 26, 2017)

(2) A master plan (including modification of a master plan; hereinafter the same shall apply) shall include the following matters:

1. Direction-setting for and objectives of policies to promote information and communications technology and to vitalize the convergence thereof;

2. Matters concerning the construction of human and material foundations, such as fostering of specialized human resources and expansion of investment in facilities, for the promotion of information and communications technology and the vitalization of convergence thereof;

3. Matters concerning the protection of intellectual property rights, such as the convergence of information and communications technology;

4. Matters concerning support for research and development, dissemination of the outcomes of research, and promotion of commercialization of the outcomes of research to promote information and communications technology and to vitalize the convergence thereof;

5. Matters concerning the improvement of relevant laws and systems to promote information and communications technology and to vitalize the convergence thereof;

6. Matters concerning the protection and security of information;

7. Matters concerning support for international cooperation and advancement into overseas markets relating to the promotion of information and communications technology and the vitalization of convergence thereof;

8. Matters concerning cooperation in policies and duties among relevant central administrative agencies;

9. Other matters necessary for the promotion of information and communications technology and the vitalization of convergence thereof.

(3) A master plan shall be deliberated by the Strategic Committee for Information and Communications Technologies under Article 7 (1).

(4) In order to formulate a master plan, the Minister of Science and ICT may request the heads of relevant central administrative agencies, local governments, and public institutions to provide him/her with their plans, data, etc. In such cases, the agency requested to provide a plan, data, etc. shall cooperate therein unless any special reason exists to the contrary. (Amended by Act nº 14839, Jul. 26, 2017)

(5) The Minister of Science and ICT shall evaluate the implementation and track record of promotion, and reflect the results of evaluation in formulating a next master plan. (Amended by Act nº 14839, Jul. 26, 2017)

Article 6 (Formulation and Implementation of Action Plans)

(1) In order to materialize a master plan, the heads of relevant central administrative agencies shall, every year, formulate and implement an action plan for the promotion of information and communications technology and the vitalization of convergence thereof (hereinafter referred to as “action plan“).

(2) Where the heads of relevant central administrative agencies formulate an action plan, they shall reflect the results of deliberation of the Strategic Committee for Information and Communications Technology under Article 7 (1) therein, and submit the action plan to the Strategic Committee for Information and Communications Technology together with the track record of promotion of the action plan for the previous year.

(3) If necessary for the formulation of an action plan, the heads of relevant central administrative agencies may request the heads of local governments and relevant public institutions to provide data, etc. In such cases, the institution requested to provide data, etc. shall cooperate therein unless any special circumstances exist to the contrary.

(4) Matters necessary for the formulation, implementation, submission, etc. of an action plan, except otherwise provided for in paragraphs (1) through (3), shall be prescribed by Presidential Decree.

Article 7 (Establishment, etc. of Strategic Committee for Information and Communications Technology)

(1) In order to deliberate, and adopt resolutions, on policies for the promotion of information and communications technology and for the vitalization of convergence thereof, the Strategic Committee for Information and Communications Technology (hereinafter referred to as the “Strategic Committee“) shall be established under the jurisdiction of the Prime Minister.

(2) The Strategic Committee shall be comprised of not more than 25 members, including one chairperson and one secretary; the Prime Minister shall serve as Chairperson, the Minister of Science and ICT shall serve as executive secretary, and its members shall be appointed by the Prime Minister from among the heads of relevant central administrative agencies prescribed by Presidential Decree and from among the following persons: (Amended by Act nº 14839, Jul. 26, 2017)

1. An associate professor or higher at a university or a person who has served or is serving in a research institute related to information and communications technology for at least 15 years;

2. A person who has served or is serving in an industry related to information and communications technology as an executive officer or employee for at least 15 years;

3. A person who has served or is serving in a civil organization related to information and communications technology for at least 15 years;

4. A person who is qualified as a judge, prosecutor, or attorney-at-law and has at least 15 years of career experience in his/her field;

5. Other persons recognized by the Prime Minister as having expertise in information and communications technology.

(3) The Strategic Committee shall deliberate, or adopt resolutions, on the following matters:

1. Determining a master plan;

2. Analyzing, examining, and evaluating the track record of promotion of a master plan and action plan;

3. Requesting the heads, etc. of relevant central administrative agencies to take measures pursuant to Article 10 (3);

4. Recommending an order of priority among research and development relating to the promotion of information and communications technology and the vitalization of convergence thereof;

5. Coordination of pending issues on policies and duties among relevant central administrative agencies for the promotion of information and communications technology and the vitalization of convergence thereof;

6. Important matters concerning the promotion of national informatization under the Framework Act on National Informatization;

7. Other important matters concerning the promotion of information and communications technology and the vitalization of convergence thereof, which are submitted by the Chairperson for deliberation.

(4) In order to efficiently implement the duties of the Strategic Committee, a working committee, etc. for the promotion of vitalization of information and communications technology under Article 9 (1) (hereinafter referred to as the “working committee for the promotion of vitalization“) shall be established under the Strategic Committee.

(5) In order to support the Strategic Committee and the working committee for the promotion of vitalization, specialized committees consisting of experts in technology, law, etc. may be established.

(6) Matters necessary for the organization, composition, and operation of the Strategic Committee, working committee for the promotion of vitalization, and specialized committee shall be prescribed by Presidential Decree.

Article 8 (Fact-Finding Surveys)

(1) The Minister of Science and ICT and the heads of relevant central administrative agencies may survey or prepare the current state, statistics, actual condition, etc. concerning the following matters in order to formulate and implement a master plan and action plan: (Amended by Act nº 14839, Jul. 26, 2017)

1. Actual condition of and statistics on technologies and services for the convergence, etc. of information and communications;

2. Current state of human resources by field and function, and forecast of demand therefor;

3. Research and development by field and function, and the scale of investment therein;

4. Other matters necessary for the formulation and implementation of a master plan and action plan.

(2) The Minister of Science and ICT may request the heads of relevant central administrative agencies, Special Metropolitan City Mayor, Metropolitan City Mayors, Special Self-Governing City Mayor, Do Governors, Special Self-Governing Province Governor, enterprises, research institutes, and other public institutions or organizations to provide data necessary for a fact-finding survey, etc. under paragraph (1). In such cases, persons requested to submit data shall cooperate therein unless any special circumstances exist to the contrary. (Amended by Act nº 14839, Jul. 26, 2017)

(3) The Minister of Science and ICT may announce the results of a fact-finding survey conducted under paragraph (1). (Amended by Act nº 14839, Jul. 26, 2017)

(4) Matters necessary for the methods and procedures for fact-finding surveys under paragraph (1), public announcement, etc. thereof under paragraph (3) shall be prescribed by Presidential Decree.

Article 9 (Operation of the Working Committee for the Promotion of Vitalization)

(1) For the promotion of information and communications technology and the vitalization of convergence thereof, a working committee for the promotion of vitalization of information and communications technology shall be organized and operated in order to receive or inspect difficulties and suggestions of organizations, enterprises, etc. relating to information and communications technology, and to efficiently implement the duties of formulating plans for the improvement of a system therefor.

(2) If necessary for the prompt implementation of duties, the working committee for the promotion of vitalization may receive public officials, executive officers or employees dispatched by the heads of relevant central administrative agencies, the heads of public institutions, or the heads of relevant institutions or organizations.

(3) Matters necessary for the composition and operation of the working committee for the promotion of vitalization shall be prescribed by Presidential Decree.

Article 10 (Duties, etc. of the Working Committee for the Promotion of Vitalization)

(1) The working committee for the promotion of vitalization shall conduct the following affairs as its duties:

1. Improvement of laws and systems hindering collaborative cooperation and harmonious development among large enterprises, small and medium enterprises, and venture businesses under Article 3 (3);

2. Improvement of laws and systems causing discrimination between domestic enterprises and foreign enterprises under Article 3 (4);

3. Improvement of laws and systems obstructing the promotion and vitalization of technologies, services, etc. for the convergence, etc. of information and communications technology under Article 3 (5);

4. Handling of difficulties and suggestions of organizations, enterprises, etc. related to information and communications technology;

5. Other improvement of laws and systems necessary for the promotion of information and communications technology and the vitalization of convergence thereof.

(2) The working committee for the promotion of vitalization shall submit to the Strategic Committee a report on matters under paragraph (1) and plans for the improvement thereof, which are received from enterprises, organizations, etc. relating to information and communications technology or are searched directly by the working committee for the promotion of vitalization.

(3) Where the Strategic Committee deems it necessary after deliberating on matters reported by the working committee for the promotion of vitalization pursuant to paragraph (2), it may request the heads, etc. of relevant central administrative agencies to take necessary measures, such as improving related laws and systems; in such cases, the heads, etc. of relevant central administrative agencies shall formulate an action plan for necessary measures within three months and submit a report thereon to the Strategic Committee.

(4) The Strategic Committee may examine an action plan reported pursuant to paragraph (3) and announce the results of examination.

CHAPTER III.- PROMOTION OF INFORMATION AND COMMUNICATIONS TECHNOLOGY

SECTION 1.- Construction of Foundation for Promotion of Information and Communications Technology

Article 11 (Fostering of Domestic Experts)

(1) The Minister of Science and ICT shall formulate and implement policy measures to foster human resources with specialized technology, knowledge, etc. in the field of information and communications technology (hereinafter referred to as “specialized human resources”), and especially endeavor to vitalize education specialized in software engineering for the expansion of foundation for the education of software engineering and the development of regional industries. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The policy measures under paragraph (1) shall include the following matters:

1. Matters concerning the fostering, education, and training of specialized human resources;

2. Matters concerning the supply of and demand for specialized human resources and making full use thereof;

3. Matters concerning support, etc. for the career management of specialized human resources;

4. Other matters necessary for the fostering, management, etc. of specialized human resources.

(3) If necessary for the promotion of policies to foster specialized human resources, the Minister of Science and ICT may support relevant organizations, enterprises, etc., and operate a Korean comprehensive software education school to foster experts in software engineering through the systematic education of practical skills in software engineering. (Amended by Act nº 14839, Jul. 26, 2017)

(4) Matters necessary for the fostering and support of specialized human resources, operation, etc. of the Korean comprehensive software education school under paragraphs (1) through (3) shall be prescribed by Presidential Decree.

Article 12 (Credited Internship Program)

(1) The Government may require persons attending departments related to information and communications prescribed by Presidential Decree in universities, colleges, industrial colleges, teachers’ colleges, junior colleges, cyber colleges, or technical colleges under subparagraphs 1 through 6 of Article 2 of the Higher Education Act (hereinafter referred to as “universities“) to work as an intern for a period not exceeding two years, for small and medium enterprises, venture businesses, etc. prescribed by Presidential Decree.

(2) Persons who work for small and medium enterprises, venture businesses, etc. as an intern pursuant to paragraph (1) shall be deemed to have completed a bachelor’s course of their universities and obtained credits, as determined by university bylaws.

(3) The Government may grant necessary support, such as personnel expenses, to the universities, small and medium enterprises, venture businesses, etc. that adopt the internship system under paragraph (1).

(4) Matters necessary for the operation, support, etc. of the internship system under paragraphs (1) through (3) shall be prescribed by Presidential Decree.

Article 12-2 (Fact-Finding Surveys, etc. of Industrial Technical Personnel)

(1) The Minister of Science and ICT shall annually conduct a fact-finding survey of industrial technical personnel designed to identify demand for industrial technical personnel in the field of information and communications in order to prevent the career of excellent specialized human resources from being interrupted and to efficiently promote information and communications. (Amended by Act nº 14839, Jul. 26, 2017)

(2) Where the Commissioner of the Military Manpower Administration assigns personnel pursuant to Article 36 (4) of the Military Service Act, the Minister of Science and ICT may request him/her to determine an adequate number of persons to be assigned in consideration of the results of a fact-finding survey conducted pursuant to paragraph (1). In this case, the Commissioner of the Military Manpower Administration so requested shall comply with such request. (Amended by Act nº 14839, Jul. 26, 2017)

(Article Inserted by Act nº 13016, Jan. 20, 2015)

Article 13 (Search and Fostering of Excellent Overseas Human Resources)

(1) The Government shall formulate and implement policy measures for searching and fostering excellent overseas human resources having core technologies, knowledge, knowhow, etc. of information and communications technology.

(2) The policy measures referred to in paragraph (1) shall include the following matters:

1. Easing of requirements for an employment visa;

2. Easing of procedures for immigration;

3. Improvement of working conditions and treatment;

4. Establishment of a whole-of-government promotion system;

5. Other support necessary for searching and fostering excellent overseas human resources.

(3) The Government may link the programs for fostering excellent overseas human resources relating to information and communications technology promoted by enterprises with the policy measures under paragraph (1), or grant support thereto.

Article 14 (Enhancement of Information and Communications Technology Networks)

(1) The Minister of Science and ICT shall continuously promote the enhancement of information and communications technology networks for the promotion of information and communications technology and the vitalization of convergence thereof. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT shall develop a policy necessary to induce and support active investment from the private sector for the enhancement of information and communications technology networks. (Amended by Act nº 14839, Jul. 26, 2017)

SECTION 2.- Promotion of New Technologies, Services, etc. for Information and Communications

Article 15 (Designation, etc. of Promising Technologies, Services, etc.)

(1) In order to vitalize new technologies and services for information and communications and to link them with other industries, the Minister of Science and ICT may, each year, designate and support promising technologies and services (including digital contents) for the convergence, etc. of information and communications technology, as prescribed by Presidential Decree. (Amended by Act nº 14839, Jul. 26, 2017)

(2) Where the Minister of Science and ICT makes designation pursuant to paragraph (1), he/she shall publicly notify such designation; and the methods for designation and the scope and details of support shall be prescribed by Presidential Decree. (Amended by Act nº 14839, Jul. 26, 2017)

(3) In order to construct foundations for the vitalization of promising technologies and services, etc. for the convergence, etc. of information and communications technology designated pursuant to paragraph (1), the Minister of Science and ICT may support the vitalization of cooperation among central administrative agencies, public institutions, enterprises, universities, and research institutes. (Amended by Act nº 14839, Jul. 26, 2017)

Article 16 (Standardization of Technologies, Services, etc.)

(1) In order to promote information and communications technology and to vitalize the convergence thereof, the Minister of Science and ICT may implement the following projects concerning the standardization of technologies, services, etc. for the convergence, etc. of information and communications technology: (Amended by Act nº 14839, Jul. 26, 2017)

1. Establishment, amendment, repeal, and dissemination of standards concerning new technologies, services, etc. for the convergence, etc. of information and communications technology: Provided, That where a Korean industrial standard thereof is established pursuant to the Industrial Standardization Act, such standard shall govern;

2. Inspection, research and development of domestic and foreign standards concerning new technologies, services, etc. for the convergence, etc. of information and communications technology;

3. Other matters necessary for the standardization of new technologies, services, etc. for the convergence, etc. of information and communications technology.

(2) The Minister of Science and ICT may support projects for the standardization of technologies, services, etc. for the convergence, etc. of information and communications technology promoted by the private sector. (Amended by Act nº 14839, Jul. 26, 2017)

(3) The Minister of Science and ICT may designate institutions specialized in conducting projects for the standardization of technologies, services, etc. for the convergence, etc. of information and communications technology, and fully or partially subsidize them the necessary expenses. (Amended by Act nº 14839, Jul. 26, 2017)

(4) Matters necessary for the projects under paragraph (1) and the designation, etc. of specialized institutions under paragraph (3) shall be prescribed by Presidential Decree.

Article 17 (Quality Certification of Technologies, Services, etc.)

(1) The Minister of Science and ICT may determine and publicly notify the standards for certification (hereinafter referred to as “quality standards”) concerning the convenience, stability, reliability, expandability, etc. of technologies, services, etc. for the convergence, etc. of information and communications technology. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT may certify whether the quality of technologies, services, etc. for the convergence, etc. of information and communications technology complies with the quality standards publicly notified pursuant to paragraph (1). In such cases, expenses incurred for certification shall be borne by applicants. (Amended by Act nº 14839, Jul. 26, 2017)

(3) In order to efficiently implement certification duties under paragraph (2), the Minister of Science and ICT may designate certification organizations. (Amended by Act nº 14839, Jul. 26, 2017)

(4) Persons who obtain certification pursuant to paragraph (2) may indicate or publicize the contents of certification, as prescribed by Presidential Decree. No person who fail to obtain certification shall indicate a certification mark or similar thereto.

(5) Where certification under paragraph (2) falls under any of the following subparagraphs, the Minister of Science and ICT shall revoke the certification: (Amended by Act nº 14839, Jul. 26, 2017)

1. Where certification is obtained by deceit or other wrongful means;

2. Where it fails to meet quality standards;

3. Where this Act or orders issued under this Act are violated.

(6) An insurance company under subparagraph 6 of Article 2 of the Insurance Business Act may guarantee compensation for damage suffered by users due to certification under paragraph (2), as prescribed by Presidential Decree.

(7) Matters necessary for procedures for certification under paragraph (2), revocation of certification under paragraph (5), etc. shall be prescribed by Presidential Decree.

Article 18 (Support for Research and Development of Small and Medium Enterprises, etc.)

(1) In implementing a research and development project concerning information and communications technology prescribed by this Act, the Minister of Science and ICT shall preferentially use above the rate prescribed by Presidential Decree, out of the budget of the relevant project, for small and medium enterprises and venture businesses. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT shall endeavor to vitalize investment in and financing for the intellectual property rights of small and medium enterprises and venture businesses. (Amended by Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for the procedures, methods, etc. for implementation under paragraphs (1) and (2) shall be prescribed by Presidential Decree.

Article 19 (Support for Commercialization of Promising Technologies, Services, etc. for Convergence, etc. of Information and Communications Technology)

(1) The Minister of Science and ICT may provide necessary support for the commercialization of promising technologies, services, etc. for the convergence, etc. of information and communications technology publicly announced by the Minister of Science and ICT pursuant to Article 15. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT may collect a price for the use, transfer, lease, or export of the results of projects from a person who makes success in commercialization after receiving support under paragraph (1). (Amended by Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for support and the collection, management, etc. of money under paragraphs (1) and (2) shall be prescribed by Presidential Decree.

Article 20 (Vitalization of Public Purchase of Technologies and Services for Convergence, etc. of Information and Communications)

In order to create demand for technologies and services for the convergence, etc. of information and communications of which the quality is certified by the Minister of Science and ICT pursuant to Article 17, the Government shall take necessary supportive measures, such as preferential purchase thereof. (Amended by Act nº 14839, Jul. 26, 2017)

SECTION 3.- Promotion of Digital Contents, Software, etc.

Article 21 (Promotion and Vitalization of Digital Contents)

(1) The Government shall create an environment in which creativity of the producers of digital contents is heightened and promising digital contents are created, distributed, and used, and endeavor to strengthen the competitiveness of related industries.

(2) In order to promote and vitalize digital contents, the Government may implement the following projects:

1. Support for the production and distribution of digital contents;

2. Regional cooperation and demonstration projects concerning digital contents;

3. Support for the construction of infrastructure for digital contents;

4. Support for fostering specialized human resources concerning digital contents;

5. Projects for the study of policies for the promotion and vitalization of digital contents;

6. Other matters prescribed by Presidential Decree for the promotion and vitalization of digital contents.

(3) The Government may designate an institution to take exclusive charge of the projects referred to in paragraph (2) for their efficient promotion, and fully or partially subsidize the necessary expenses.

(4) Matters necessary for the support projects under paragraph (2) and the designation, etc. of institutions to take exclusive charge under paragraph (3) shall be prescribed by Presidential Decree.

Article 22 (Establishment of Order in Distribution of Digital Contents)

(1) The Government shall endeavor to establish fair order in the distribution of digital contents, and formulate and implement related policy measures.

(2) The Minister of Science and ICT may conduct a fact-finding survey of the channels, etc. of distribution in order to establish fair order in the distribution of digital contents, and publish the results of such survey. (Amended by Act nº 14839, Jul. 26, 2017)

(3) In order to establish fair order in the transaction and distribution of digital contents, the Minister of Science and ICT shall prepare a standard form contract concerning digital contents transaction after consultation with the Fair Trade Commission, the Ministry of Culture, Sports and Tourism, and the Korea Communications Commission, and recommend digital content business entities and organizations to use such contract. (Amended by Act nº 14839, Jul. 26, 2017)

(4) Where the Minister of Science and ICT enacts or amends the standard form contract under paragraph (3), he/she shall hear the opinions of the relevant digital content business entities and organizations. (Amended by Act nº 14839, Jul. 26, 2017)

Article 23 (Rationalization of Software Projects in Public Sector)

(1) Where the head of a relevant central administrative agency, local government, or public institution places an order for a software project, he/she shall calculate appropriate period for the project; where the period for the project exceeds one year, he/she may conclude a long-term continuing contract. In such cases, he/she shall issue an order to implement the relevant contract within budgetary limit for each fiscal year.

(2) The Minister of Science and ICT may determine and publicly notify standards for the calculation of appropriate period for projects under paragraph (1). (Amended by Act nº 14839, Jul. 26, 2017)

Article 24 (Operation of the Software Policy and Research Institute)

(1) The Minister of Science and ICT may operate a software policy research institute (hereinafter referred to as the “research institute”) to effectively support research in software engineering. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The research institute shall implement the following projects:

1. Research of software policies;

2. Analyzing, providing, and sharing statistics and information on the software industry;

3. Searching and planning new software projects;

4. Other projects prescribed by Presidential Decree.

(3) The Government may make contributions to the research institute to cover the expenses incurred for the operation, etc. within budgetary limit.

Article 25 (Facilitation of Convergence of Software)

(1) In order to facilitate the convergence of software, the Government shall prepare necessary policy measures.

(2) The policy measures under paragraph (1) shall include the following matters:

1. Formulation and implementation of policies to facilitate the convergence of software;

2. Vitalization of demand, such as promotion and expansion of pilot projects concerning the convergence of software;

3. Development of technologies for the convergence of software and support for the standardization thereof;

4. Fostering of the industry of software convergence, support for export, creation and development of clusters;

5. Other matters necessary for the facilitation of software convergence.

Article 26 (Vitalization of Research and Development of Software)

(1) In conducting national research and development projects of software pursuant to related statutes, the Government may determine a separate support system and evaluation method in consideration of the characteristics of the software industry as an asset in knowledge and information.

(2) The support system and evaluation method under paragraph (1) shall be prescribed by Presidential Decree.

Article 27 (Promotion for Making Full Use of Commercial Software)

(1) The heads of State agencies, etc. shall endeavor to promote making full use of commercial software and to calculate appropriate price, including maintenance expenses.

(2) The Minister of Science and ICT may implement the following projects in order to support the promotion for making full use of commercial software pursuant to paragraph (1): (Amended by Act nº 14839, Jul. 26, 2017)

1. Collection and analysis of information on commercial software products;

2. Examination of quality and technological support for the promotion for making full use of commercial software;

3. Comparison and evaluation of the quality and performance of commercial software;

4. Support for technological development of commercial software and the standardization thereof;

5. Other projects necessary for the vitalization of distribution of commercial software.

(3) In order to calculate the appropriate price of commercial software pursuant to paragraph (1), the Minister of Science and ICT may collect and analyze the following information on commercial software and provide the results of such analysis to State agencies, etc.: (Amended by Act nº 14839, Jul. 26, 2017)

1. Product identification information on commercial software;

2. Operating environment for commercial software;

3. Commercial software component elements and applicable standards;

4. Information on product characteristics, such as functionality, reliability, usability, and maintainability;

5. Other matters necessary for the calculation of appropriate price, including expenses for the maintenance of commercial software.

(4) In order to comprehensively manage information on commercial software under paragraph (3), the Minister of Science and ICT may request the heads of State agencies, etc., or software enterprisers to submit necessary data. (Amended by Act nº 14839, Jul. 26, 2017)

(5) The Minister of Science and ICT may entrust specialized institutions designated pursuant to Article 14 (5) of the Software Industry Promotion Act with duties under paragraphs (2) through (4) in order to efficiently perform such duties. (Amended by Act nº 14839, Jul. 26, 2017)

Article 28 (Installation Projects of Information and Communications Technology Equipment in Public Sector)

(1) Where the heads of central administrative agencies, local governments, and public institutions conclude a contract for installing information and communications technology equipment, they shall preferentially adopt a contract method by which a bidder under Article 10 (2) 3 of the Act on Contracts to which the State is a Party shall be a successful bidder: Provided, That if necessary when considering the characteristics of an installation project of information and communications technology equipment, this shall not apply.

(2) The Minister of Science and ICT and the Minister of Government Administration and Home Affairs may determine and publicly notify matters concerning contracts and operations under paragraph (1); the Minister of Government Administration and Home Affairs may publicly notify matters concerning the information system under subparagraph 13 of Article 2 of the Electronic Government Act; and the heads of central administrative agencies, local governments, and public institutions shall comply therewith. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) The heads of central administrative agencies, local governments, and public institutions shall, each year, notify the Minister of Science and ICT and the Minister of Government Administration and Home Affairs of the information prescribed by Presidential Decree, such as the current state of contracts for installing information and communications technology equipment. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) The Minister of Science and ICT and the Minister of Government Administration and Home Affairs may, each year, inspect the current state of use of information and communications technology equipment by public institutions. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

Article 29 (Forecast of Demand for Information and Communications Technology Equipment)

(1) The heads of central administrative agencies, local governments, and public institutions shall formulate a promotional plan to efficiently implement installation projects of information and communications technology equipment under Article 28 (1).

(2) The heads of central administrative agencies, local governments, and public institutions shall submit a promotional plan under paragraph (1) and information on demand for purchase of information and communications technology equipment to the Minister of Science and ICT and the Minister of Government Administration and Home Affairs. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(3) The Minister of Science and ICT and the Minister of Government Administration and Home Affairs shall publish the promotional plan and information on demand for purchase submitted pursuant to paragraph (2). (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(4) In order to efficiently perform duties under paragraphs (2) and (3), the Minister of Science and ICT and the Minister of Government Administration and Home Affairs may designate specialized institutions, and fully or partially subsidize them the necessary expenses. (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

(5) Frequency of, timing for, method of, and procedure for submission under paragraph (2) and publication under paragraph (3), designation and support of specialized institutions under paragraph (4), and other necessary matters shall be prescribed by Presidential Decree.

CHAPTER IV.- SUPPORT, ETC. FOR ACTIVATION OF CONVERGENCE, ETC. OF INFORMATION AND COMMUNICATIONS TECHNOLOGY

SECTION 1.- Support for Venture Businesses and Vitalization of Technology Transactions, etc.

Article 30 (Establishment of Small and Medium Enterprises, Venture Businesses, etc., Entry into Overseas Markets, etc.)

(1) In order to vitalize and support the establishment of small and medium enterprises, venture businesses, etc. related to the convergence, etc. of information and communications technology, the Minister of Science and ICT may implement the following projects: (Amended by Act nº 14839, Jul. 26, 2017)

1. Support for the establishment of small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology in Korea and abroad, and for entry into overseas markets;

2. Supply of work space and conference halls to small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology;

3. Supply of information on financing, human resources, markets, etc., and support therefor to small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology;

4. Consultation on laws, management, tax, etc. for small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology;

5. Overseas publicity of technologies developed by small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology, supply of information on purchasers, and referral and brokerage of sale;

6. Support for translation services and legal services for the easy entry into overseas markets by small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology;

7. Supply of information on overseas markets concerning the convergence, etc. of information and communications technology and support for the inducement of investment;

8. Building and operation of a base for entry into overseas markets by small and medium enterprises, venture businesses, etc. relating to the convergence, etc. of information and communications technology;

9. Exchange and cooperation with relevant institutions in Korea and abroad for the development of venture businesses relating to the convergence, etc. of information and communications technology;

10. Other projects necessary for the vitalization and support of business startups and entry into overseas markets.

(2) In order to efficiently implement projects listed in paragraph (1), the Minister of Science and ICT may designate and operate institutions or organizations prescribed by Presidential Decree as specialized institutions, and fully or partially subsidize them the necessary expenses. (Amended by Act nº 14839, Jul. 26, 2017)

Article 31 (International Cooperation and Operation, etc. of Global Consultative Body)

(1) The Minister of Science and ICT shall ascertain relevant international trend necessary for the promotion of information and communications technology and the vitalization of convergence thereof, and promote international cooperation. (Amended by Act nº 14839, Jul. 26, 2017)

(2) In order to promote international cooperation under paragraph (1), the Minister of Science and ICT may perform the following duties: (Amended by Act nº 14839, Jul. 26, 2017)

1. Support for international exchange of human resources relating to the convergence, etc. of information and communications technology;

2. Support for overseas specialized education of human resources relating to the convergence, etc. of information and communications technology and for overseas training;

3. Support for international standardization relating to the convergence, etc. of information and communications technology and for international joint research and development projects, etc.;

4. Cooperation with international organizations relating to the convergence, etc. of information and communications technology, and with foreign governments;

5. Support for international cooperation in the private sector relating to the convergence, etc. of information and communications technology;

6. Other matters prescribed by Presidential Decree concerning international cooperation.

(3) For the promotion of information and communications technology and the vitalization of convergence thereof, the Minister of Science and ICT may organize a global consultative body consisting of foreign experts relating to information and communications technology. In such cases, the Minister of Science and ICT may subsidize expenses incurred for the composition and operation of the global consultative body. (Amended by Act nº 14839, Jul. 26, 2017)

(4) Matters necessary for the composition, operation, etc. of the global consultative body under paragraph (3) shall be prescribed by Presidential Decree.

Article 32 (Support for Development, etc. of Technologies and Services for Convergence, etc. of Information and Communications Technology)

(1) The Minister of Science and ICT shall endeavor to enhance the productivity and value of information and communications technology by grafting information and communications technology onto other industries, services, etc. (Amended by Act nº 14839, Jul. 26, 2017)

(2) In order to facilitate the development of technologies and services for the convergence, etc. of information and communications technology, the Minister of Science and ICT may implement the following projects: (Amended by Act nº 14839, Jul. 26, 2017)

1. Research and development projects concerning technologies and services for the convergence, etc. of information and communications technology;

2. Planning, evaluation, and management of tasks to be performed pursuant to subparagraph 1;

3. Support for referral and brokerage for the transfer of technologies, such as transactions, etc. of technologies for the convergence, etc. of information and communications technology held by the State, local governments, universities, government-funded research institutes, civilians, etc.;

4. Evaluation of technologies for the convergence, etc. of information and communications technology, and development and dissemination of evaluation methods;

5. Collection, analysis, and supply of information on the statistical surveys, research, etc. concerning the transfer and commercialization of technologies for the convergence, etc. of information and communications technology;

6. Support for the research and development of commercialization of technologies for the convergence, etc. of information and communications technology after the technologies are transferred;

7. Fostering of human resources specializing in the commercialization of technologies for the convergence, etc. of information and communications technology;

8. Development and making full use of an information system to facilitate transactions and commercialization of technologies for the convergence, etc. of information and communications technology;

9. Management, publicity, and making full use of outcomes from research concerning the convergence, etc. of information and communications technology, such as intellectual property rights;

10. Projects of research on policies, such as surveys of the level of technologies and services for the convergence, etc. of information and communications technology;

11. Demonstration projects concerning technologies and services for the convergence, etc. of information and communications technology;

12. Other projects necessary for the promotion of information and communications technology.

(3) In order to implement projects listed in paragraph (2), the Minister of Science and ICT may establish an institution, which is a legal entity to take exclusive charge thereof, or entrust legal entities or organizations with the operation thereof, and may make contributions to or fully or partially subsidize the necessary expenses within budgetary limit. (Amended by Act nº 14839, Jul. 26, 2017)

(4) The heads of central administrative agencies and local governments may require institutions in exclusive charge under paragraph (3) to perform projects listed in paragraph (2), and fully or partially subsidize them the expenses incurred in performing such projects.

(5) Except as otherwise provided for in this Act, the provisions of the Civil Act concerning incorporated foundation shall apply mutatis mutandis to institutions in exclusive charge under paragraph (3); and matters necessary for the operation of institutions in exclusive charge and for the performance of projects listed in paragraph (2) shall be prescribed by Presidential Decree.

Article 33 (Vitalization of Technology Transactions)

(1) The Minister of Science and ICT shall endeavor to create an environment in which transactions of technologies for the convergence, etc. of information and communications are vitalized. (Amended by Act nº 14839, Jul. 26, 2017)

(2) In order to vitalize the transactions of technologies for the convergence, etc. of information and communications, the Minister of Science and ICT may evaluate new technologies, collect, analyze, and supply relevant information, provide support for the development of commercialization, and perform other duties. (Amended by Act nº 14839, Jul. 26, 2017)

Article 34 (Collection and Use of Royalties)

(1) Where the projects of developing technologies and services for the convergence, etc. of information and communications under Article 32 (2) are completed, the Minister of Science and ICT may collect royalties from persons who intend to use, transfer, lease, or export the outcomes of such projects. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT shall use the royalties collected pursuant to paragraph (1) for the projects of developing technologies and services for the convergence, etc. of information and communications under Article 32 (2). (Amended by Act nº 14839, Jul. 26, 2017)

(3) Matters necessary for the collection, management, use, etc. of royalties under paragraphs (1) and (2) shall be prescribed by Presidential Decree.

SECTION 2.- Vitalization of Convergence, etc. of Information and Communications Technology

Article 35 (Encouragement of Expansion of Culture of Convergence, etc. of Information and Communications Technology)

(1) In order to heighten people’s understanding of the convergence, etc. of information and communications technology and to disseminate the culture of convergence, etc. of information and communications technology, the Minister of Science and ICT may implement the following projects: (Amended by Act nº 14839, Jul. 26, 2017)

1. Searching exemplary cases of public institutions and enterprises contributed to the convergence, etc. of information and communications technology, awarding prizes thereto, and publicizing them;

2. Giving education and holding seminars for the proliferation and vitalization of the convergence, etc. of information and communications technology;

3. Other projects that the Minister of Science and ICT deems necessary.

(2) Matters necessary for the methods, procedures, etc. for implementation of projects under paragraph (1) shall be prescribed by Presidential Decree.

Article 36 (Prompt Handling of New Technologies and Services for Convergence, etc. of Information and Communications)

(1) Where a person who develops new technologies and services for the convergence, etc. of information and communications fails to obtain permission, approval, registration, authentication, verification, etc. (hereinafter referred to as “permission, etc.”) under statutes due to any of the following causes, or whether he/she needs permission, etc. is not clear, he/she may file with the Minister of Science and ICT an application for prompt handling of the new technologies and services for the convergence, etc. of information and communications, as prescribed by Presidential Decree: (Amended by Act nº 14839, Jul. 26, 2017)

1. Where standards, specifications, requirements, etc. compatible with new technologies and services for the convergence, etc. of information and communications are not prescribed by statutes being the grounds for permission, etc.;

2. Where applying the standards, specifications, requirements, etc. under statutes being the grounds for permission, etc. to the relevant new technologies and services for the convergence, etc. of information and communications is not appropriate.

(2) Where the Minister of Science and ICT receives an application under paragraph (1), he/she shall notify the head of a relevant central administrative agency of the fact that an application for permission, etc. for new technologies and services for the convergence, etc. of information and communications is filed and of the details of the application. (Amended by Act nº 14839, Jul. 26, 2017)

(3) The head of the relevant central administrative agency shall reply to the Minister of Science and ICT whether the new technologies and services for the convergence, etc. of information and communications are under his/her jurisdiction or whether permission, etc. therefor are needed within 30 days from the date he/she receives notification under paragraph (2). Where he/she fails to make reply within 30 days, the duties shall be deemed not to fall under his/her jurisdiction or permission therefor of the head of the relevant central administrative agency shall be deemed unnecessary. (Amended by Act nº 14839, Jul. 26, 2017)

(4) The Minister of Science and ICT shall immediately notify the applicant of a reply under paragraph (3) (including whether permission, etc. pursuant to statutes under the jurisdiction of the Ministry of Science and ICT are necessary), or whether temporary permission, etc. under Article 37 (1) is needed, etc. (Amended by Act nº 14839, Jul. 26, 2017)

(5) Except for cases in which notification received from the Minister of Science and ICT pursuant to paragraph (4) states that permission, etc. of the Minister of Science and ICT or the head of the relevant central administrative agency are needed or that temporary permission under Article 37 (1) is needed, the relevant applicant may freely launch new technologies and services for the convergence, etc. of information and communications on the market. (Amended by Act nº 14839, Jul. 26, 2017)

(6) Where the head of the relevant central administrative agency deems that an application for new technologies and services for the convergence, etc. of information and communications under paragraph (1) is in need of permission, etc. under related statutes, he/she shall reply the conditions, procedures, etc. necessary for permission, etc.; and where the applicant applies for permission, etc. according to the contents of the reply, he/she shall promptly handle it according to the related statutes.

(7) Except as otherwise provided for in paragraphs (1) through (6), matters necessary for prompt handling, etc. of new technologies and services for convergence, etc. of information and communications shall be prescribed by Presidential Decree.

Article 37 (Temporary Permission)

(1) Where the Minister of Science and ICT receives a reply that new technologies and services for the convergence, etc. of information and communications for which an application for prompt handling is filed pursuant to Article 36 (1) do not fall under the jurisdiction of the heads of other relevant central administrative agencies according to abovementioned Article or deems that they do not fall under the jurisdiction of the heads of other relevant central administrative agencies, and needs to establish proper or appropriate standards, specifications, requirements, etc. in consideration of the characteristics of the relevant new technologies and services for the convergence, etc. of information and communications, he/she may temporarily grant permission, etc. (hereinafter referred to as “temporary permission“). In such cases, the Minister of Science and ICT may attach necessary conditions for the stability, etc. of new technologies and services for the convergence, etc. of information and communications. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT may conduct any test and inspection for temporary permission or designate an institution or organization having specialized human resources and technology as an institution for testing and inspection. (Amended by Act nº 14839, Jul. 26, 2017)

(3) The term of validity of temporary permission shall be up to one year, as prescribed by Presidential Decree. The term of validity may be extended one time only; a person who intends to have the term of validity extended shall file an application with the Minister of Science and ICT two months before the term of validity expires. (Amended by Act nº 14839, Jul. 26, 2017)

(4) In order to compensate for damage that the users of new technologies and services for the convergence, etc. of information and communications may suffer if a person who intends to supply new technologies and services for the convergence, etc. of information and communications after obtaining temporary permission fails to supply such services, he/she shall, before supplying such services, take out guarantee insurance which names a person designated by the Minister of Science and ICT as the insured in an amount calculated according to the standard prescribed by Presidential Decree within the scope of total fees that he/she is to charge: Provided, That where the Minister of Science and ICT deems guarantee insurance is unnecessary in consideration of the characteristics of new technologies and services for the convergence, etc. of information and communications or the financial ability of the enterpriser, he/she may be allowed not to take out guarantee insurance. (Amended by Act nº 14839, Jul. 26, 2017)

(5) A person designated as the insured pursuant to paragraph (4) shall pay insurance claims which he/she receives according to the guarantee insurance to users who are not supplied with services after paying fees.

(6) A person who obtains temporary permission shall notify the users of the relevant new technologies and services for the convergence, etc. of information and communications of the temporary permission and the term of validity.

(7) The heads of relevant central administrative agencies who are influenced by temporary permission may submit their opinions to the Minister of Science and ICT. (Amended by Act nº 14839, Jul. 26, 2017)

(8) Necessary matters, such as standards for examination of new technologies and services for the convergence, etc. of information and communications, and the procedures, methods, etc. therefor shall be prescribed by Presidential Decree.

Article 38 (Revocation of Temporary Permission)

(1) Where a person who obtains temporary permission pursuant to Article 37 (1) falls under any of the following subparagraphs, the Minister of Science and ICT shall revoke the temporary permission: (Amended by Act nº 14839, Jul. 26, 2017)

1. Where he/she has obtained the temporary permission by deceit or other wrongful means;

2. Where he/she fails to meet conditions under Article 37 (1);

3. Where he/she no longer meets the standards for examination under Article 37 (8).

(2) A person whose temporary permission is revoked pursuant to paragraph (1) shall not sell, use, supply relevant technologies and services, or conduct any other business related thereto.

CHAPTER V.- SUPPLEMENTARY PROVISIONS

Article 39 (Raising of Funds)

In order to promote information and communications technology and to vitalize the convergence thereof, the Minister of Science and ICT may use funds of the Broadcast Communications Development Fund under Article 24 of the Framework Act on Broadcasting Communications Development and the Fund for the Promotion of Information and Communications under Article 41 of the Information and Communications Technology Industry Promotion Act. (Amended by Act nº 14839, Jul. 26, 2017)

Article 40 (Hearings)

Where the Minister of Science and ICT intends to issue the following disposition, he/she shall hold a hearing: (Amended by Act nº 14839, Jul. 26, 2017)

1. Revocation of certification under Article 17 (5);

2. Revocation of temporary permission under Article 38 (1).

Article 41 (Delegation and Entrustment of Authority and Duties)

(1) The authority of the Minister of Science and ICT under this Act may be partially delegated to the heads of affiliated agencies, as prescribed by Presidential Decree. (Amended by Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT may partially entrust relevant institutions, organizations, etc. with the duties under this Act, as prescribed by Presidential Decree. (Amended by Act nº 14839, Jul. 26, 2017)

Article 42 (Legal Fiction as Public Official for Purposes of Penalty Provisions)

Any of the following executive officers and employees of institutions, juristic persons, or organizations shall be deemed a public official for the purposes of Articles 129 through 132 of the Criminal Act: (Amended by Act nº 12844, Nov. 19, 2014; Act nº 14839, Jul. 26, 2017)

1. A working committee for the promotion of vitalization under Article 9;

2. A Korean comprehensive software education school under Article 11;

3. A specialized institution for projects for the standardization of technologies, services, etc. for the convergence, etc. of information and communications technology designated by the Minister of Science and ICT pursuant to Article 16 (3);

4. A certification organization of technologies, services, etc. for the convergence, etc. of information and communications technology designated by the Minister of Science and ICT pursuant to Article 17 (3);

5. An institution in exclusive charge of projects for the promotion and vitalization of digital contents designated by the Government pursuant to Article 21 (3);

6. A research institute under Article 24;

7. A specialized institution designated by the Minister of Science and ICT or the Minister of Government Administration and Home Affairs pursuant to Article 29 (4);

8. An legal entity or organization established, entrusted, or operated by the Minister of Science and ICT pursuant to Article 32 (3);

9. An institution for testing and inspection designated by the Minister of Science and ICT pursuant to Article 37 (2);

10. An institution or organization entrusted with some of the duties under this Act by the Minister of Science and ICT pursuant to Article 41 (2).

Article 43 (Prohibition of Divulging Classified Information)

The executive officers and employees of institutions, juristic persons, or organizations falling under any of the subparagraphs of Article 42 or persons who have been in such post shall not divulge classified information that they have become aware of in the course of performing their duties.

CHAPTER VI.- PENALTY PROVISONS

Article 44 (Penalty Provisions)

(1) Each of the following persons shall be punished by imprisonment with labor for not more than three years or by a fine not exceeding 30 million won:

1. A person who obtains certification under Article 17 (2) by deceit or other wrongful means;

2. A person who obtains temporary permission under Article 37 by deceit or other wrongful means;

3. A person who divulges classified information that he/she has become aware of in the course of performing his/her duties, in violation of Article 43.

(2) A person indicating a mark of certification or similar thereto without obtaining certification, in violation of the latter part of Article 17 (4) shall be punished by a fine not exceeding five million won.

Article 45 (Joint Penalty Provisions)

If the representative of a juristic person or organization or an agent, employee, or other servant of a juristic person, organization, or individual commits any violation described in Article 44 in conducting the business affairs of the juristic person, organization, or individual, not only shall the violator be punished but the juristic person, organization, or individual shall also be punished by a fine prescribed in the relevant provisions: Provided, That where the juristic person, organization, or individual has not been negligent in giving considerable due care and supervision in connectin with the business in order to prevent such violation, this shall not apply.

Article 46 (Administrative Fines)

(1) Any of the following persons shall be punished by an administrative fine not exceeding ten million won:

1. A person who fails to take out guarantee insurance, in violation of Article 37 (4);

2. A person who sells, uses, supplies, etc. relevant technologies and services after temporary permission is revoked, in violation of Article 38 (2).

(2) Administrative fines under paragraph (1) shall be imposed and collected by the Minister of Science and ICT. (Amended by Act nº 14839, Jul. 26, 2017)

ADDENDUM

This Act shall enter into force six months after the date of its promulgation.

ADDENDA (Act nº 12844, Nov. 19, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That among the Acts amended pursuant to Article 6 of the Addenda, the amended provisions of the Acts, which were promulgated before this Act enters into force but the dates on which they are to enter into force have yet to arrive, shall enter into force on the date each relevant Act enters into force, respectively.

Articles 2 through 7 Omitted.

ADDENDUM (Act nº 13016, Jan. 20, 2015)

This Act shall enter into force on the date of its promulgation.

ADDENDA (Act nº 14839, Jul. 26, 2017)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That among the Acts amended pursuant to Article 5 of the Addenda, the amended provisions of the Acts, which were promulgated before this Act enters into force but the dates on which they are to enter into force have yet to arrive, shall enter into force on the enforcement dates of the respective Acts.

Articles 2 through 6 Omitted.

02Nov/21

Act nº 7372, Jan. 27, 2005, on the Protection, Use, etc. of Location Informatión

Act nº 7372, Jan. 27, 2005, on the Protection, Use, etc. of Location Informatión. (Amended by Act nº 8002, Sep. 27, 2006, Act nº 8367, Apr. 11, 2007, Act nº 8486, May 25, 2007, Act nº 8775, Dec. 21, 2007, Act nº 8867, Feb. 29, 2008, Act nº 9481, Mar. 13, 2009, Act nº 9483, Mar. 13, 2009, Act nº 11423, May 14, 2012, Act nº 11690, Mar. 23, 2013, Act nº 11717, Mar. 23, 2013, Act nº 12840, Oct. 15, 2014, Act nº 13203, Feb. 3, 2015, Act nº 13540, Dec. 1, 2015, Act nº 14224, May 29, 2016, Act nº 14839, Jul. 26, 2017, Act nº 14840, Jul. 26, 2017, Act nº 15608, Apr. 17, 2018, Act nº 16087, Dec. 24, 2018).

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)

The purpose of this Act is to protect privacy from the divulging, abuse and misuse of location information, provide a safe environment for using location information, and activate the use of location information, thus contributing to the improvement of people’s standard of living and the promotion of public welfare.

Article 2.- (Definitions)

The definitions of the terms used in this Act shall be as follows: (Amended by Act nº 10166, Mar. 22, 2010; Act nº 13203, Feb. 3, 2015)

1. The term “location information” means information about a place where a portable object or an individual exists or has existed at a certain time, which is collected using telecommunications equipment facilities or telecommunications line equipment and facilities prescribed in subparagraph 2 or 3 of Article 2 of the Telecommunications Business Act;

2. The term “personal location information” means the location information regarding a particular person (including information readily combinable with other information to track the location of a particular person even though location information alone is not sufficient to identify the location of such person);

3. The term “subject of personal location information” means a person identified with personal location information;

4. The term “data verifying the collection of location information” means data regarding a person who has requested the collection of location information and the date, time, and methods of collection thereof (excluding location information);

5. The term “data verifying the use and provision of location information” means data regarding the person receiving location information, the channel of acquisition thereof, and the date, time, and methods of use and provision thereof (excluding location information);

6. The term “location information business” means engaging in the business of collecting location information and providing such information to location-based service providers;

7. The term “location-based service business” means engaging in the business of providing services based on location information (hereinafter referred to as “location-based services“);

8. The term “location information system” means a combination of computer hardware, software, database, and human resources organically interlinked through information and communications networks defined in Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection to collect, store, analyze, use, and provide location information for location information business and location-based service business.

Article 3 (Seeking Measures to Protect and Use Location Information)

In order to ensure the safe protection and sound use, etc. of location information, the Korea Communications Commission shall seek measures including the following, after consultation with the heads of relevant central administrative agencies: (Amended by Act nº 8867, Feb. 29, 2008; Act nº 16087, Dec. 24, 2018)

1. The basic policy direction for protecting and using location information;

2. Matters concerning the protection of location information (including matters relating to protection of location information of a child under the age of 14 who may not have a clear understanding of the risks and consequences arising from the processing of location information, the rights of a subject of personal location information, and other relevant issues);

3. Matters concerning the use of location information for public purposes;

4. Matters concerning the development and standardization of technology related to location information business and location-based service business;

5. Matters concerning the enhancement of safety and reliability of location information business and location-based service business;

6. Matters concerning the improvement and evaluation of the quality of location information business and location-based service business;

7. Other matters necessary for the protection and use of location information.

Article 4 (Relationship with Other Statutes)

Except as otherwise provided in other statutes, the collection, storage, protection, and use of location information shall be subject to such conditions as provided in this Act.

CHAPTER II.- PERMISSION FOR LOCATION INFORMATION BUSINESS

Article 5 (Permission for Location Information Business Handling Personal Location Information)

(1) Any person who intends to engage in location information business handling personal location information shall obtain permission from the Korea Communications Commission for his/her trade name, location of the main office, type and description of the relevant location information business, and major business facilities, including location information systems, as prescribed by Presidential Decree. (Amended by Act nº 8775, Dec. 21, 2007; Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

(2) Deleted. (by Act nº 9481, Mar. 13, 2009)

(3) In order to grant permission under paragraph (1), the Korea Communications Commission shall comprehensively examine the following: (Amended by Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

1. Feasibility of a plan for location information business;

2. Plans to take technical and managerial measures relating to the protection of personal location information;

3. Propriety of the scale of facilities relating to location information business;

4. Financial and technical capabilities;

5. Other matters necessary for running the business.

(4) When the Korea Communications Commission grants permission pursuant to paragraph (1), it may attach conditions necessary to conduct research and development to improve accuracy and reliability of location information, fair competition, or protection of personal location information. (Amended by Act nº 8867, Feb. 29, 2008)

(5) Only corporations shall be eligible for permission under paragraph (1). (Amended by Act nº 15608, Apr. 17, 2018)

(6) Matters concerning guidelines and procedures for obtaining permission prescribed in paragraph (1); and detailed examination standards for each item for examination under paragraph (3), shall be prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008)

(7) When any person who has obtained permission for location information business in accordance with paragraph (1) (hereinafter referred to as “personal location information provider“) intends to change a location information system (limited to where such change results in deteriorating the level of technology for protecting personal location information, subsequent to obtaining the permission) among permitted matters, he/she shall obtain permission to change such matter from the Korea Communications Commission as prescribed by Presidential Decree; and when he/she intends to change the trade name or the location of the main office, he/she shall report such change to the Korea Communications Commission. (Amended by Act nº 8775, Dec. 21, 2007; Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

(8) Upon receiving an application for permission under paragraph (1) or for permission to change a matter under paragraph (7), the Korea Communications Commission shall grant such permission or the permission to change such matter, except in any of the following cases: (Inserted by Act nº 13203, Feb. 3, 2015)

1. Where the application fails to pass the examination under paragraph (3);

2. Where the applicant is not a corporation;

3. Where an executive officer of the applicant corporation falls under any subparagraph of Article 6 (1);

4. Where three years have not passed since the applicant corporation received a disposition to revoke permission or an order to discontinue business operations under Article 13 (1);

5. Where the application contravenes any restriction under this Act or any other statute.

Article 5-2 (Reporting on Location Information Business Not Handling Personal Location Information)

Any person who intends to engage in location information business not handling personal location information, shall report the following matters to the Korea Communications Commission, as prescribed by Presidential Decree:

1. Trade name;

2. Principal place of business;

3. Type and details of location information business;

4. Main business facilities, including a location information system.

(2) Any person (if the person is a corporation, including its representative) for whom one year has not passed since the person was ordered to cease business operations under Article 13 (1) shall be prohibited from reporting another location information business under paragraph (1).

(3) If a person who has reported his/her location information business pursuant to paragraph (1) (hereinafter referred to as “object location information provider”) intends to change any of the following matters already reported, the person shall report such change to the Korea Communications Commission, as prescribed by Presidential Decree:

1. Trade name;

2. Principal place of business;

3. Location information system (limited to where such change results in deteriorating the level of technology for protecting personal location information, subsequent to filing a report).

(4) Upon receiving a report under paragraph (1) or a report on a change in the matter specified in paragraph (3) 3, the Korea Communications Commission shall review and accept the report if it meets the requirements of this Act.

(5) If a personal location information provider has submitted documents necessary for reporting his/her location information business not handling personal location information, as at the time of filing an application for permission under Article 5 (1), such provider shall be deemed to have filed a report under paragraph (1).

(Article Inserted by Act nº 15608, Apr. 17, 2018)

Article 6 (Grounds for Disqualification of Executive Officers or Employees)

(1) None of the following persons shall be qualified to be an executive officer of either a personal location information provider or an object location information provider (hereinafter referred to as “location information provider“); and none of the following employees shall be designated as a person with authorized access under Article 16 (1) (hereafter in this Article referred to as a person with authorized access): (Amended by Act nº 12840, Oct. 15, 2014; Act nº 13203, Feb. 3, 2015; Act nº 13540, Dec. 1, 2015; Act nº 15608, Apr. 17, 2018)

1. A minor or a person under adult guardianship or under limited guardianship;

2. A person declared bankrupt but not yet reinstated;

3. A person for whom three years have not elapsed since his/her imprisonment without labor or heavier punishment declared by a court for violating this Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Framework Act on Telecommunications, the Telecommunications Business Act, or the Radio Waves Act, was completely executed (including where it is deemed to completely executed) or was remitted;

4. A person subject to suspended execution of his/her imprisonment without labor or heavier punishment, declared by a court for violating this Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Framework Act on Telecommunications, the Telecommunications Business Act, or the Radio Waves Act;

5. A person for whom three years have not elapsed since he/she was sentenced to punishment by a fine for violating this Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Framework Act on Telecommunications, the Telecommunications Business Act, or the Radio Waves Act;

6. A person for whom three years have not elapsed since he/she received a disposition to revoke permission or an order to discontinue business operations under Article 13 (1); and in cases of a corporation, a person engaged in conduct giving rise to so revoking permission or an order to discontinue business operations, as well as its representative.

(2) Where an executive officer falls or is found falling under any subparagraph of paragraph (1) as at the time he/she is appointed, he/she shall resign from office ipso facto; and where a person with authorized access falls or is found falling under any subparagraph of paragraph (1) as at the time he/she is designated, such designation shall be null and void. (Amended by Act nº 13540, Dec. 1, 2015)

(3) Any conduct in which a resigned executive officer is involved before his/her resignation, or in which an employee whose designation as a person with authorized access is null and void is involved before the nullification under paragraph (2), shall remain in effect. (Amended by Act nº 13540, Dec. 1, 2015)

Article 7 (Acquisition of Location Information Business or Merger of Corporations)

(1) Any person who intends to acquire all or part of the business of a personal location information provider, or to merge or split off an incorporated location information provider (including split-off and merger; hereinafter the same shall apply) shall obtain authorization from the Korea Communications Commission, as prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

(2) The Korea Communications Commission shall comprehensively examine the following matters before granting authorization under paragraph (1): (Inserted by Act  13203, Feb. 3, 2015)

1. Adequacy of financial and technical capacities and capability to manage business;

2. Impact on protecting subjects of personal location information and location-based service providers;

3. Impact on public interests, including the efficiency in using personal location information for emergency rescue and in research and development for protecting personal location information.

(3) Upon receiving an application for authorization under paragraph (1), the Korea Communications Commission shall grant authorization, except in any of the following cases: (Inserted by Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Where the application fails to pass an examination under paragraph (2);

2. Where the applicant is not a corporation;

3. Where an executive officer of the applicant corporation falls under any subparagraph of Article 6 (1);

4. Where three years have not passed since the applicant corporation’s permission was revoked or it was ordered to discontinue business operations under Article 13 (1);

5. Where the application contravenes any restriction under this Act or any other statute.

(4) Where all or part of the business of an object location information provider is transferred or inherited; or where an incorporated object location information provider is merged or split off, the transferee or inheritor of the business or the corporation incorporated by the merger or split-off or the corporation surviving the merger or split-off shall report such acquisition, inheritance, merger or split-off to the Korea Communications Commission, as prescribed by Presidential Decree. (Inserted by Act nº 15608, Apr. 17, 2018)

(5) Upon receiving a report under paragraph (4), the Korea Communications Commission shall review and accept the report if it meets the requirements of this Act. (Inserted by Act nº 15608, Apr. 17, 2018)

(6) A transferee authorized under paragraph (1), a transferee or inheritor who filed a report under paragraph (4), a corporation incorporated by a merger or split-off, or a corporation surviving a merger or split-off shall succeed to the status of the transferor, the decedent, or the incorporated location information provider existing prior to the merger or split-off, respectively. (Amended by Act nº 15608, Apr. 17, 2018)

(7) Matters concerning the methods, procedures, etc. for filing an application for authorization under paragraph (1); detailed guidelines for examining each item under paragraph (2); and the methods, procedures, etc. for filing a report under paragraph (4), shall be prescribed by Presidential Decree. (Inserted by Act nº 13203, Feb. 3, 2010; Act nº 15608, Apr. 17, 2018)

Article 8 (Suspension or Discontinuation of Operations of Location Information Business)

(1) If a location information provider intends to fully or partially suspend business operations, such provider shall determine the period of suspension of business operations; shall develop a plan to notify the subjects of personal location information of the suspension of business operations (only if the location information provider handles personal location information); and shall either obtain approval therefor from the Korea Communications Commission or report the plan to the Korea Communications Commission as follows. In such cases, the period of suspension of business operations shall not exceed one year:

1. Personal location information provider: Approval;

2. Object location information provider: Reporting.

(2) If a location information provider intends to discontinue business operations fully or partially, such provider shall develop a plan to notify the subjects of personal location information of the discontinuation of business operations (only if the location information provider handles personal location information); and shall either obtain approval therefor from the Korea Communications Commission or report the plan to the Korea Communications Commission as follows:

1. Personal location information provider: Approval;

2. Object location information provider: Reporting.

(3) A personal location information provider who has obtained approval under paragraph (1) 1 or (2) 1 shall notify the subjects of personal location information of the following matters, by not later than the scheduled date of suspension or discontinuation of business operations:

1. Approval to suspend business operations under paragraph (1) 1: The scope of the suspended location information business and the period of suspension of business operations;

2. Approval to discontinue business operations under paragraph (2) 1: The scope of the discontinued location information business and the date of discontinuation of business operations.

(4) When a personal location information provider fully or partially suspends operations of his/her location information business with approval under paragraph (1) 1, or when a location information provider fully or partially discontinues operations of his/her location information business under paragraph (2), such provider shall destroy personal location information and data verifying the collection of location information as follows simultaneously with suspending or discontinuing business operations:

1. Approval to suspend business operations under paragraph (1) 1: Personal location information (limited to the personal location information, related to the suspended business operations if business operations are partially suspended);

2. Approval to discontinue business operations under paragraph (2) 1: Personal location information and data verifying the collection of location information (limited to the personal location information and the data verifying the collection of location information, related to the discontinued business operations if business operations are partially discontinued);

3. Reporting the discontinuation of business operations under paragraph (2) 2: Data verifying the collection of location information (limited to the data verifying the collection of location information related to the discontinued business operations if business operations are partially discontinued).

(5) Upon receiving an application for approval of a plan to notify the subjects of personal location information on suspending or discontinuing business operations under paragraph (1) 1 or (2) 1, the Korea Communications Commission shall approve the plan, unless it is unreasonable.

(6) Upon receiving a report under paragraph (1) 2 or (2) 2, the Korea Communications Commission shall review and accept the report, unless it is unreasonable.

(7) Except as otherwise expressly provided in paragraphs (1) through (6), matters necessary for suspending and discontinuing location information business shall be prescribed by Presidential Decree.

(Article Amended by Act nº 15608, Apr. 17, 2018)

 Article 9 (Reporting on Location-Based Service Business)

(1) Any person who intends to engage in location-based service business (excluding location-based service business not handling personal location information; hereafter the same shall apply in this Article and Articles 9-2, 10, and 11) shall report, to the Korea Communications Commission, the trade name; the principal place of business; the type of business; and main business facilities, including location information systems, etc., as prescribed by Presidential Decree. (Amended by Act nº 8775, Dec. 21, 2007; Act nº 8867, Feb. 29, 2008; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

(2) Any person for whom one year has not passed since the person was ordered to discontinue business operations under Article 13 (1) (if the person is a corporation, including its representative) shall be prohibited from reporting another location-based service business under paragraph (1). (Amended by Act nº 15608, Apr. 17, 2018)

(3) If a person who has reported a location-based service business under paragraph (1) intends to change any of the following, the person shall report the change to the Korea Communications Commission, as prescribed by Presidential Decree: (Amended by Act nº 15608, Apr. 17, 2018)

1. Trade name;

2. Principal place of business;

3. Location information system (limited to where such change results in deteriorating the level of technology for protecting personal location information, subsequent to reporting the business).

(4) Where a location information provider has submitted the documents required for reporting his/her location-based service business under paragraph (1), when filing an application for permission under Article 5 (1), such provider shall be deemed to have completed the reporting on the location-based service business under paragraph (1) (in cases of micro enterprises, etc. referred to in the main sentence of Article 9-2 (1), referring to reporting under the proviso to the same paragraph). (Amended by Act nº 15608, Apr. 17, 2018)

(5) Upon receiving a report under paragraph (1) or a report on a change in the matter specified in paragraph (3) 3, the Korea Communications Commission shall review and accept the report if it meets the requirements of this Act. (Inserted by Act nº 15608, Apr. 17, 2018)

 Article 9-2 (Reporting on Location-Based Service Business of Micro Enterprises)

(1) Notwithstanding Article 9 (1), if a person who is either a micro enterprise, defined in Article 2 of the Act on the Protection of and Support for Micro Enterprises, or a self-employed creative enterprise, defined in Article 2 of the Act on the Fostering of Self-Employed Creative Enterprises, (hereinafter referred to as “micro enterprise or self-employed creative enterprise“) intends to engage in location-based service business, such person may do so without filing a report under Article 9 (1): Provided, That if such person intends to continue location-based service business even one month after the commencement of the business shall report the following matters to the Korea Communications Commission within one month from the commencement date of the business, as prescribed by Presidential Decree:

1. Trade name;

2. Principal place of business;

3. Type and details of business.

(2) Any person for whom one year has not passed since the person was ordered to discontinue business operations under Article 13 (1) (if the person is a corporation, including its representative) shall be prohibited from reporting another location-based service business under paragraph (1).

(3) If a person who has filed a report under the proviso to paragraph (1) changes either of the following, the person shall report the change to the Korea Communications Commission within one month from the date of change, as prescribed by Presidential Decree:

1. Trade name;

2. Principal place of business.

(4) If a person who has commenced location-based service business in accordance with the main sentence of paragraph (1) or a person who has filed a report in accordance with the proviso to the same paragraph ceases to be a micro enterprise or self-employed creative enterprise, such person shall file a report with the Korea Communications Commission to supplement matters necessary for reporting under Article 9 (1), within one month from the date the relevant event occurs, as prescribed by Presidential Decree.

(Article Inserted by Act nº 15608, Apr. 17, 2018)

 Article 10 (Acquisition of Location-Based Service Business or Merger of Corporations)

(1) If the business of a person who has reported location-based service business in accordance with Article 9 (1) or the proviso to Article 9-2 (1) is fully or partially transferred or inherited; or if a corporation that has reported location-based service business in accordance with Article 9 (1) or the proviso to Article 9-2 (1) is merged or split off, the transferee or inheritor of the business or the corporation incorporated during the merger or split-off or the corporation surviving the merger or split-off shall report such event to the Korea Communications Commission, as prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

(2) Upon receiving a report under paragraph (1), the Korea Communications Commission shall review and accept the report if it meets the requirements of this Act. (Inserted by Act nº 15608, Apr. 17, 2018)

(3) The transferee or inheritor who has filed a report in accordance with paragraph (1) or the corporation incorporated during a merger or split-off or the corporation surviving a merger or split-off shall succeed to the status of the transferor, the decedent, or the corporation existing prior to the merger or split-off, respectively. (Amended by Act nº 15608, Apr. 17, 2018)

Article 11 (Suspension or Discontinuation of Operations of Location-Based Service Business)

(1) If a location-based service provider intends to fully or partially suspend business operations, he/she shall determine the period of suspension; shall notify subjects of personal location information thereof by not later than 30 days before the scheduled date of suspension; and shall report to the Korea Communications Commission thereon. In such cases, the period of suspension shall not exceed one year, and the location-based service provider shall destroy personal location information (limited to personal location information related to the suspended business operations if business operations are partially suspended), simultaneously with suspending the business operations. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

(2) If a location-based service provider intends to fully or partially discontinue business operations, he/she shall notify the subjects of personal location information thereof by not later than 30 days before the date of discontinuation; and shall report to the Korea Communications Commission thereon. In such cases, personal location information and data verifying the use and provision of personal location information (limited to personal location information and data verifying the use and provision of location information related to the discontinued business operations if business operations are partially discontinued) shall be destroyed simultaneously with discontinuing the business operations. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

(3) Matters necessary for reporting the suspension or discontinuation of operations of location-based service business; and for destroying personal location information under paragraphs (1) and (2) shall be prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 15608, Apr. 17, 2018)

Article 12 (Disclosure of Terms and Conditions of User Agreement)

(1) Either of the following persons shall disclose to the public, details of the services that the person intends to provide and fee rates, terms and conditions, etc. regarding collecting, using and providing location information (hereinafter referred to as “terms and conditions”) by posting such terms and conditions on the person’s website or by any of the methods prescribed by Presidential Decree so that subjects of personal location information and users of the location-based service business can easily access such terms and conditions at any time; shall disclose grounds for and details of any intended amendment to such terms and conditions by any of the methods prescribed by Presidential Decree, when the person intends to amend the terms and conditions; and shall take measures to ensure that the amended terms and conditions can be easily noticed:

1. A location information provider;

2. A person who has reported his/her location-based service business in accordance with Article 9 (1) or a person who engages in location-based service business in accordance with Article 9-2 (1) (hereinafter referred to as “location-based service provider“).

(2) If the Korea Communications Commission deems that the terms and conditions of a person falling under either subparagraph of paragraph (1) are likely to compromise personal location information, fair competition, or public interest, it may order such person to revise such terms and conditions.

(Article Inserted by Act nº 15608, Apr. 17, 2018)

Article 13 (Revocation of Permission and Discontinuation or Suspension of Business Operations)

(1) In any of the following cases, the Korea Communications Commission may revoke the permission or authorization granted to a location information provider or a location-based service provider (hereinafter referred to as “location information provider or location-based service provider“); or may order a location information provider or location-based service provider to discontinue business operations or fully or partially suspend business operations for a period of up to six months (hereinafter referred to as “suspension of business operations“): Provided, That the permission or authorization granted to a location information provider or location-based service provider shall be revoked, or a location information provider or location-based service provider shall be ordered to discontinue business operations, in the case of subparagraph 1: (Amended by Act nº 8867, Feb. 29, 2008; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Where a location information provider or location-based service provider has obtained permission, modified permission, or authorization under Article 5 (1) or (7) or 7 (1) by fraud or other improper means; or has filed a report under Article 5-2 (1) or 9 (1) or the proviso to Article 9-2 (1) by fraud or other improper means;

2. Where a location information provider or location-based service provider fails to resume business operations, without good cause, after the period of suspension under Article 8 (1) or 11 (1);

3. Where a location information provider or location-based service provider fails to continue business operations for at least six months without obtaining approval or filing a report in accordance with any of the following:

(a) Approval under Article 8 (1) 1 or (2) 1;

(b) Reporting under Article 8 (1) 2 or (2) 2;

(c) Reporting under the former part of Article 11 (1) or the former part of Article 11 (2);

4. Where a material change occurs to the facilities related to the collection of location information or the technical and managerial measures related to the protection of location information, thus preventing continued services;

5. Where a location information provider or location-based service provider fails to take technical and managerial measures under Article 16 (1) or measures to preserve data verifying the collection of location information and data verifying the collection, use, and provision of location information under Article 16 (2) (hereinafter referred to as “data verifying the collection, use, and provision of location information“);

6. Where a location information provider or location-based service provider collects, uses, or provides location information without specifying his/her intention to collect, use, or provide location information in his/her terms and conditions or without obtaining consent thereto, in violation of Article 18 (1) or 19 (1);

7. Where a location information provider or location-based service provider collects, uses, or provides location information, beyond the scope of consent, in violation of Article 18 (2) or 19 (5);

8. Where a location information provider or location-based service provider uses or provides, to a third party, location information, beyond the scope specified in his/her terms and conditions or notified to the pertinent subject, in violation of Article 21.

(2) Detailed criteria for administrative measures under paragraph (1) shall be prescribed by Presidential Decree, based upon the type and gravity of the relevant violation.

Article 14 (Imposition of Penalty Surcharges)

(1) Where the suspension of business under Article 13 (1) is likely to substantially harm to the interests of subjects of personal location information, the Korea Communications Commission may impose a penalty surcharge not exceeding 3/100 of the sales of the relevant location information business or location-based service business in lieu of an order for business suspension. (Amended by Act nº 8867, Feb. 29, 2008)

(2) Matters necessary for the criteria and procedures for the imposition of penalty surcharges, such as calculation of the sales referred to in paragraph (1), shall be prescribed by Presidential Decree.

(3) Where a person obligated to pay a penalty surcharge under paragraph (1) fails to pay such surcharge by the due date, the Korea Communications Commission may collect an additional charge at the rate prescribed by Presidential Decree, from the date after such due date, within the extent not exceeding 8/100 per annum of the surcharge in arrears. (Amended by Act nº 8867, Feb. 29, 2008)

(4) Where a person obligated to pay a penalty surcharge fails to pay such surcharge by the due date, the Korea Communications Commission shall urge him/her to pay the surcharge, setting the deadline; and where he/she fails to pay the surcharge and the additional charge under paragraph (3) by the deadline, it shall collect them in the same manner as delinquent national taxes are collected. (Amended by Act nº 8867, Feb. 29, 2008)

CHAPTER III.- PROTECTION OF LOCATION INFORMATION

SECTION 1.- General Provisions

Article 15 (Prohibition on Collection of Location Information)

(1) No one shall collect, use, or provide any location information without consent of the subject of relevant location information: Provided, That the foregoing shall not apply in any of the following cases: (Amended by Act nº 11423, May 14, 2012; Act nº 15608, Apr. 17, 2018)

1. Where an emergency rescue agency requests emergency rescue under Article 29 (1) or for the issuance of a warning under Article 29 (7);

2. Where a police agency makes a request under Article 29 (2);

3. Where otherwise provided in other statutes.

(2) No one shall obtain personal location information about another person by deceiving a personal location information provider or a location-based service provider (hereinafter referred to as “personal location information provider or a location-based service provider“), by copying the person’s telecommunications device or misappropriating such information. (Amended by Act nº 15608, Apr. 17, 2018)

(3) Any person who sells, lends, or transfers an object with a built-in device capable of collecting location information shall notify the person who purchases, borrows, or acquires such object of the fact that the object has such built-in device capable of collecting location information. (Amended by Act nº 15608, Apr. 17, 2018)

Article 16 (Measures for Protecting Location Information)

(1) Each location information provider, etc. shall take managerial measures, such as establishing guidelines on processing and management of location information to prevent the divulging, alteration, impairment, etc. of location information or designating those with authorized access, and take technical measures, such as installing a firewall or using encryption software. In such cases, details of the managerial measures and technical measures shall be prescribed by Presidential Decree.

(2) Each location information provider, etc. shall cause data verifying the collection, use, and provision of location information to be automatically recorded and preserved in a location information system.

(3) In order to protect location information and prevent abuse and misuse of location information, the Korea Communications Commission may authorize affiliated public officials to examine details of the technical and managerial measures taken under paragraph (1), and the preservation status of records under paragraph (2), as prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008)

(4) Each public official who examines the details of the technical and managerial measures and the status of preservation of records under paragraph (3), shall carry a certificate indicating his/her authority and produce it to persons involved. (Amended by Act nº 13203, Feb. 3, 2015)

Article 17 (Prohibition on Divulging Location Information)

No location information provider, etc. nor their current or former employees shall divulge, alter, impair, or disclose any location information acquired in the course of performing their duties.

Article 17-2 (Notification of Processing of Location Information to Subjects of Personal Location Information)

Where any location information provider, etc. notify matters regarding processing of location information to a subject of personal location information, such provider, etc. shall use an easy-to-understand form and clear and plain language.

(Article Inserted by Act nº 16087, Dec. 24, 2018)

SECTION 2.- Protection of Personal Location Information

Article 18 (Collection of Personal Location Information)

(1) Where any location information provider intends to collect personal location information, such provider shall specify, in advance, the following in his/her terms and conditions; and shall obtain consent from the subjects of personal location information: (Amended by Act nº 15608, Apr. 17, 2018)

1. Trade name, address, phone number and other contact information of the location information provider;

2. Rights held by the subjects of personal location information and their legal representatives (limited to where consent is required from a legal representative under Article 25 (1)); and methods of exercising such rights;

3. Details of the services to be provided by the location information provider to a location-based service provider;

4. Grounds for and period of retaining data verifying the collection of location information;

5. Other matters prescribed by Presidential Decree as necessary for protecting personal location information.

(2) A subject of personal location information may withdraw his/her consent for part of the scope of personal location information collected and the terms and conditions, when he/she has given consent under paragraph (1).

(3) Where any location information provider collects personal location information, he/she shall collect such information to the minimum extent necessary for attaining the purpose of the collection.

Article 19 (Use or Provision of Personal Location Information)

(1) Where any location-based service provider intends to provide services using personal location information, such provider shall specify, in advance, the following in his/her terms and conditions; and shall obtain consent from the subjects of personal location information: (Amended by Act nº 15608, Apr. 17, 2018)

1. Trade name, address, phone number and other contact information of the location-based service provider;

2. Rights held by the subjects of personal location information and their legal representatives (limited to where the consent of a legal representative is required under Article 25 (1)) and methods of exercising such rights;

3. Details of the location-based services to be provided by the location-based service provider;

4. Grounds and period for retaining data verifying the collection of location information;

5. Other matters prescribed by Presidential Decree as necessary for protecting personal location information.

(2) Where any location-based service provider intends to provide personal location information to a third party designated by a subject of personal location information, such service provider shall specify details referred to in the subparagraphs of paragraph (1) in his/her terms and conditions; shall inform the subject of personal location information, of the designated recipient of the personal location information and the purpose of provision; and shall obtain his/her consent.

(3) Where any location-based service provider provides personal location information to a third party designated by a subject of personal location information under paragraph (2), such service provider shall immediately notify, on each occasion, the subject of personal location information, of the designated recipient of such information; and of the date, time, and purpose of such provision.

(4) Notwithstanding paragraph (3), a location-based service provider may give notice of the occasions altogether to a subject of personal location information at a maximum interval of 30 days in accordance with the guidelines prescribed by Presidential Decree for frequency, period, etc., if such service provider has obtained consent thereto from the subject, as prescribed by Presidential Decree. (Inserted by Act nº 13203, Feb. 3, 2015)

(5) When a subject of personal location information gives consent under paragraph (1), (2), or (4), he/she may defer his/her consent as to the purposes of using and providing personal location information; the scope of the persons eligible to receive the information; some of the location-based services; and the methods of notifying the subject of personal location information. (Amended by Act nº 13203, Feb. 3, 2015)

Article 20 (Provision of Personal Location Information by Location Information Providers)

(1) In order to attain the purposes of using or providing personal location information under Article 19 (1) or (2), any location-based service provider that has obtained consent from the subjects of personal location information pursuant to Article 19 (1) or (2) may request the location information provider that has collected the relevant personal location information to provide such information. In such cases, no location information provider shall refuse to provide such information without good cause.

(2) Procedures for, and method of location information providers’ providing personal location information to location-based service providers pursuant to paragraph (1) shall be prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008)

Article 21 (Restriction on Use and Provision of Personal Location Information)

Unless a location information provider, etc. have obtained consent from a subject of personal location information or except in the following cases, they shall neither use personal location information or data verifying the collection, use, or provision of location information beyond the scope specified in their terms and conditions or notified to the subject in accordance with Articles 18 (1) and 19 (1) and (2) nor provide such information to any third party: (Amended by Act nº 13203, Feb. 3, 2015)

1. Where data verifying the collection, use, and provision of location information are required to calculate fees related to the provision of location information and location-based services;

2. Where data is processed in such a way that any specific person cannot be identified, and provided for the purpose of statistics, academic research, or market research.

Article 22 (Notification of Transfer of Business)

Any person who has succeeded to the rights and obligations of a location information provider, etc. as a result of the full or partial transfer, merger, inheritance, etc. of their business (hereinafter referred to as “transfer, etc.”), shall notify the following to the subjects of personal location information within 30 days, as prescribed by Presidential Decree:

1. Full or partial transfer, etc. of the business;

2. Name, address, phone number and other contact information of the person who has succeeded to the rights and obligations of the location information provider, etc.;

3. Other matters prescribed by Presidential Decree as necessary for the protection of personal location information protection.

Article 23 (Destruction of Personal Location Information)

When any location information provider, etc. attain the purpose of collecting, using or providing personal location information, they shall immediately destroy personal location information other than data verifying the collection, use, and provision of location information that should be recorded and preserved in accordance with Article 16 (2).

SECTION 3.- Rights Held by Subjects of Personal Location Information

Article 24 (Rights Held by Subjects of Personal Location information)

(1) Any subject of personal location information may, at any time, fully or partially withdraw consent given to a location information provider, etc. under Article 18 (1) or 19 (1), (2), or (4). (Amended by Act nº 13203, Feb. 3, 2015)

(2) Any subject of personal location information may request, at any time, a location information provider, etc. to temporarily suspend collecting, using, or providing location information. In such cases, the location information provider, etc. shall not refuse such request and shall take technical measures accordingly.

(3) Any subject of personal location information may request a location information provider, etc. to permit him/her to inspect any of the following data or records; or to give notice of any of the following data or records; and may request a location information provider, etc. to correct any error found in relevant data or records. In such cases, no location information provider, etc. shall refuse such request without good cause: (Amended by Act nº 13203, Feb. 3, 2015)

1. Data verifying the collection, use, and provision of personal location information which relates to the principal;

2. The ground on which his/her personal location information was provided to a third party pursuant to the provisions of this Act or other statutes, and the relevant details.

(4) Where any subject of personal location information fully or partially withdraws consent pursuant to paragraph (1), the location information provider, etc. shall, without delay, destroy the personal location information collected so far, as well as the data verifying the collection, use, and provision of location information (limited to personal location information and data verifying the use and provision of location information for the part of which consent is withdrawn, if consent is partially withdrawn). (Amended by Act nº 15608, Apr. 17, 2018)

Article 25 (Rights Held by Legal Representatives)

(1) Where any location information provider, etc. intend to collect, use, or provide personal location information from children under 14 years of age pursuant to Article 18 (1), 19 (1) or (2), or 21, they shall obtain the consent of their legal representatives and confirm whether such legal representatives give the consent as prescribed by Presidential Decree. (Amended by Act nº 16087, Dec. 24, 2018)

(2) Articles 18 (2), 19 (5), and 24 shall apply mutatis mutandis where a legal representative gives consent under paragraph (1). In such cases, “subject of personal location information” shall be construed as “legal representative“. (Amended by Act nº 13203, Feb. 3, 2015)

Article 26 (Use of Location Information for Protecting Children Eight Years or Younger)

(1) Where the legal guardian of any of the following persons (hereinafter referred to as “child eight years or younger, etc.”) gives consent to collecting, using, or providing personal location information regarding the child eight years or younger, etc., for the protection of the latter’s health or safety, it shall be deemed that the child, etc. personally consent thereto: (Amended by Act nº 8367, Apr. 11, 2007; Act nº 12840, Oct. 15, 2014; Act nº 13203, Feb. 3, 2015)

1. A child eight years or younger;

2. A person under adult guardianship;

3. A person with a mental disorder defined in Article 2 (2) 2 of the Act on Welfare of Persons with Disabilities, classified as a person with a severe disability defined in subparagraph 2 of Article 2 of the Act on the Employment Promotion and Vocational Rehabilitation of Persons with Disabilities (limited to those registered as disabled persons under Article 32 of the Act on Welfare of Persons with Disabilities).

(2) The legal guardian of a child eight years or younger, etc. referred to in paragraph (1), means any of the following persons who provides de facto protection for the child, etc.: (Amended by Act nº 8367, Apr. 11, 2007; Amended by Act nº 10517, Mar. 30, 2011; Act nº 12840, Oct. 15, 2014; Act nº 13203, Feb. 3, 2015; Act nº 14224, May 29, 2016; Act nº 15608, Apr. 17, 2018)

1. The legal representative of a child of eight years old or younger or a guardian under Article 3 of the Act on the Guardianship of Minors in Protective Facilities;

2. The legal representative of a person under adult guardianship;

3. The legal representative of a person prescribed in paragraph (1) 3, the head of a residential facility for persons with disabilities under Article 58 (1) 1 of the Act on Welfare of Persons with Disabilities (limited to any facility established and operated by the State or a local government), the head of a mental health sanatorium defined in Article 22 of the Act on the Improvement of Mental Health and the Support for Welfare Services for Mental Patients (limited to any facility established and operated by the State or a local government), or the head of a mental health rehabilitation facility defined in Article 26 of the same Act.

(3) Requirements for giving consent under paragraph (1) shall be prescribed by Presidential Decree.

(4) Articles 18 through 22 and 24 shall apply mutatis mutandis where legal guardians give their consent pursuant to paragraph (2). In such cases, “subjects of personal location information” shall be construed as “legal guardians“.

Article 27 (Compensation for Damage)

Where a subject of personal location information suffers damage because a location information provider, etc. have violated Articles 15 through 26, he/she may claim damages against the location information provider, etc. In such cases, the location information provider, etc. shall not be exempt from liabilities unless they prove that there was no intention or negligence on their part.

Article 28 (Mediation in Disputes)

(1) Where the parties to a dispute related to location information fail to reach an agreement or it is impossible to reach an agreement, the relevant location information provider, etc. may file a petition for adjudication with the Korea Communications Commission. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 13203, Feb. 3, 2015)

(2) Where the parties to a dispute related to location information fail to reach an agreement or it is impossible to reach an agreement, the relevant location information provider, etc. or the user may file a petition for mediation with the Personal Information Dispute Mediation Committee established under Article 40 of the Personal Information Protection Act. (Amended by Act nº 11690, Mar. 23, 2013)

CHAPTER IV.- USE OF PERSONAL LOCATION INFORMATION FOR EMERGENCY RESCUE

Article 29 (Use of Personal Location Information for Emergency Rescue)

(1) Where any subject of personal location information, his/her spouse or blood-relative within the second degree, or a guardian of a minor under Article 928 of the Civil Act (hereinafter referred to as “spouse, etc.”) requests emergency rescue to protect health or safety from imminent danger, an emergency rescue agency referred to in subparagraph 7 of Article 3 of the Framework Act on the Management of Disasters and Safety (hereinafter referred to as “emergency rescue agency“) may determine whether it is an emergency; and may request a location information provider to provide personal location information. In such cases, no spouse, etc. shall request emergency rescue for any purpose other than emergency rescue.

(2) The National Police Agency, regional police agencies, and police stations under Article 2 of the Police Act (hereinafter referred to as “police agency“) may request a location information provider to provide any of the following personal location information: Provided, That if a police agency intends to obtain personal location information regarding a person who has requested rescue to protect another person’s health or safety (hereinafter referred to as “witness”) under subparagraph 1, it shall obtain consent from such witness:

1. Where rescue has been requested for protecting any person, including the witness or person requiring rescue from imminent health- or life-threatening danger (hereinafter referred to as “rescuee“), personal location information regarding the witness;

2. Where a rescuee has requested rescue from any third person, the personal location information regarding such rescuee;

3. Where a custodian defined in subparagraph 3 of Article 2 of the Act on the Protection and Support of Missing Children (hereinafter referred to as “custodian“) has requested emergency rescue of a missing child, etc. defined in subparagraph 2 of Article 2 of the same Act (hereinafter referred to as “missing child, etc.”) for protecting the latter’s health or safety, the personal location of such missing child, etc.

(3) Where any third person has requested rescue from a police agency pursuant to paragraph (2) 2, the police agency shall confirm the intention of the rescuee.

(4) Requests for emergency rescue under paragraphs (1) and (2) shall be made only by calling special phone numbers prescribed by Presidential Decree and assigned for the sake of maintaining public order and promoting public interest. (Amended by Act nº. 15608, Apr. 17, 2018)

(5) Any location information provider in receiving a request under paragraph (1) or (2) may collect personal location information without the consent of the relevant subject of personal location information; and shall not refuse such request by an emergency rescue agency or a police agency on the ground that consent is withheld by the subject of personal location information.

(6) Where any emergency rescue agency, location information provider, or police agency requests or provides personal location information pursuant to paragraph (1) or (2), it shall immediately notify the relevant subject of personal location information, of such fact: Provided, That where such immediate notification appears likely to threaten the health or safety of the subject of personal location information, the notification shall be made without delay after the relevant grounds have ceased.

(7) In order to warn subjects of personal location information located in disaster areas or potential disaster areas, such as typhoon, heavy rain, fire and chemical, biological, and radiological (CBR) accidents, of the dangers to their lives or bodies, any emergency rescue agency may request a location information provider to issue a warning, as prescribed by Presidential Decree; and no location information provider so requested shall refuse such request to issue a warning on the ground that consent is withheld by the subjects of personal location information in the disaster areas. (Amended by Act nº 8867, Feb. 29, 2008)

(8) No emergency rescue agency or police agency, nor any current or former emergency rescue worker, shall use personal location information provided for emergency rescue, for any purpose other than for emergency rescue.

(9) Where a police agency has requested to provide personal location information under paragraph (2), it shall keep the following matters, as prescribed by Presidential Decree, and where a subject of personal location information requests the police agency to confirm, inspect or copy the collected personal location information, it shall comply with such request without delay: (Amended by Act nº 15608, Apr. 17, 2018)

1. Person who made the request;

2. Date, time, and purpose of the request;

3. Details of information provided by the location information provider;

4. Consent to collecting personal location information (limited to the cases falling under the proviso to paragraph (2)).

(10) Matters necessary for requests for emergency rescue under paragraphs (1) and (2); confirmation of an intention under paragraph (3); and the method of, and procedures for, the issuing of warnings under paragraph (7), shall be prescribed by Presidential Decree.

(11) No emergency rescue agency or police agency shall inform any third party of the personal location information provided under paragraph (1) or (2): Provided, That the foregoing shall not apply to the following cases: (Inserted by Act nº 13203, Feb. 3, 2015)

1. Where the subject of personal location information has consented thereto;

2. Where the personal location information is provided to another emergency rescue agency or another police agency where emergency rescue activities are inevitable.

(Article Amended by Act nº 11423, May 14, 2012)

Article 30 (Requests for Personal Location Information, and Method Thereof)

(1) Where any emergency rescue agency or police agency requests a location information provider to provide personal location information pursuant to Article 29 (1) and (2), it shall do so using a location information system; and where any location information provider receives a request from an emergency rescue agency or a police agency to provide personal location information, it shall do so using a location information system. (Amended by Act nº 11423, May 14, 2012)

(2) Emergency rescue agencies and police agencies shall report data about the requests for, and providing, personal location information under paragraph (1) and Article 29 (11), to the Public Administration and Security Committee of the National Assembly semi-annually; while location information providers shall report such data to the Science, ICT, Broadcasting, and Communications Committee of the National Assembly semi-annually: Provided, That data about the requests for, and the provision of, such information under paragraph (1) shall be reported separately from data about requests for, and providing, such information under Article 29 (11). (Inserted by Act nº 11423, May 14, 2012; Act nº 11717, Mar. 23, 2013; Act nº 13203, Feb. 3, 2015; Act nº 14840, Jul. 26, 2017)

(3) Matters necessary for requests by emergency rescue agencies and police agencies under paragraph (1) and for reporting under paragraph (2), shall be prescribed by Presidential Decree. (Amended by Act nº 11423, May 14, 2012)

Article 30-2 (Use of Computerized Information about Registration of Family Relationships)

Upon receiving a request for emergency rescue under Article 29 (1), an emergency rescue agency may request the Minister of the National Court Administration to provide it with computerized data about registration under Article 11 (6) of the Act on the Registration, etc. of Family Relationships, so as to verify the relationship between the person requesting emergency rescue and the subject of personal location information.

(Article Inserted by Act nº 13203, Feb. 3, 2015)

Article 31 (Reduction of, and Exemption from, Costs)

Where any location information provider issues a warning pursuant to Article 29 (7) or provides personal location information to an emergency rescue agency or a police agency pursuant to Article 30 (1), costs incurred therein may be reduced or exempt. (Amended by Act nº 11423, May 14, 2012)

Article 32 (Submission of Statistical Data)

(1) Each location information provider shall submit statistical data regarding the issuance of warnings under Article 29 (7) and providing personal location information under Article 30 (1) to the Science, ICT, Broadcasting, and Communications Committee of the National Assembly and the Korea Communications Commission respectively semi-annually. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 11423, May 14, 2012; Act nº 15608, Apr. 17, 2018)

(2) Such matters as methods for submitting statistical data under paragraph (1) shall be prescribed by Presidential Decree. (Inserted by Act nº 15608, Apr. 17, 2018)

CHAPTER V.- CREATION OF INFRASTRUCTURE FOR USE OF LOCATION INFORMATION

Article 33 (Promotion of Technological Development)

(1) In order to efficiently promote the development of technologies and devices related to collecting, using, or providing location information, the Minister of Science and ICT or the Korea Communications Commission may authorize relevant research institutes prescribed by Presidential Decree to perform projects for research and development, technical cooperation, technology transfer, technical guidance, etc. (hereafter in this Article, referred to as “research and development, etc.”). In such cases, the Minister of Science and ICT or the Korea Communications Commission shall consult with the heads of related central administrative agencies thereon. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013; Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT or the Korea Communications Commission may fully or partially subsidize research institutes for expenses they incur in performing research and development, etc. projects pursuant to paragraph (1). (Amended by Act nº 8867, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013; Act nº 14839, Jul. 26, 2017)

Article 34 (Promotion of Standardization)

(1) The Minister of Science and ICT and the Korea Communications Commission may establish standards for collecting, using, or providing location information for the protection and use thereof and publicly announce them, in consultation with the heads of related central administrative agencies: Provided, That the Korean Industrial Standards under Article 12 of the Industrial Standardization Act shall apply to the matters for which relevant Korean Industrial Standards are established. (Amended by Act nº 8486, May 25, 2007; Act nº 8867, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013; Act nº 14839, Jul. 26, 2017)

(2) The Minister of Science and ICT and Future Planning and the Korea Communications Commission may recommend a location information provider, etc. or a manufacturer or supplier of products related to location information to comply with the standards under paragraph (1). (Amended by Act nº 8867, Feb. 29, 2008; Act nº 14839, Jul. 26, 2017)

(3) Matters to be standardized under paragraph (1) shall be as follows: (Amended by Act nº 9483, Mar. 13, 2009)

1. Technologies related to protecting and certifying location information;

2. Technologies related to collecting, storing, managing, and providing location information;

3. Technologies related to emergency rescue and other public services;

4. Other base technologies related to protecting and using location information.

(4) Matters necessary for the method, and procedures for standardization under paragraph (1) shall be prescribed by Presidential Decree. (Inserted by Act nº 9483, Mar. 13, 2009)

(5) The Minister of Science and ICT and the Korea Communications Commission may render assistance in activities for the standardization of collecting, using, and providing location information. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 9483, Mar. 13, 2009; Act nº 11690, Mar. 23, 2013; Act nº 14839, Jul. 26, 2017)

Article 35 (Promotion of Use of Location Information)

(1) The Korea Communications Commission, following consultation with the heads of related central administrative agencies, may implement projects for the efficient utilization and promotion of related technologies and application services in various fields, such as the public sector, industry, living, and welfare, for the purpose of protecting and using location information, as prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008)

(2) The Korea Communications Commission may provide persons participating in any of the projects under paragraph (1) with technical and financial assistance as necessary. (Amended by Act nº 8867, Feb. 29, 2008)

CHAPTER V-2.- SUPPLEMENTARY PROVISIONS

Article 36 (Requests for Submission of Materials and Inspections)

(1) In any of the following cases, the Korea Communications Commission may request a location information provider, etc. to submit necessary materials, including relevant articles and documents:

1. Where the Korea Communications Commission discovers a violation of this Act or is informed of a suspected violation of this Act;

2. Where the Korea Communications Commission receives a report or complaint about a violation of this Act;

3. Where it is necessary to protect location information on any other ground prescribed by Presidential Decree.

(2) If a location information provider, etc. fail to submit the materials under paragraph (1) or are found to have violated this Act, the Korea Communications Commission may authorize its public officials to enter the place of business of the location information provider, etc. and inspect the status of operation of business, relevant articles and documents, facilities, equipment, etc. In such cases, Article 16 (4) shall apply mutatis mutandis.

(Article Amended by Act nº 13203, Feb. 3, 2015)

Article 37 (Hearings)

Where the Korea Communications Commission intends to revoke permission or authorization or order to discontinue business operations in accordance with Article 13, it shall hold a hearing. (Amended by Act nº 8867, Feb. 29, 2008)

Article 38 (Delegation or Entrustment of Authority)

(1) Part of the authority of the Korea Communications Commission vested under this Act, may be delegated to the heads of its affiliated agencies, as prescribed by Presidential Decree.

(2) Some of the following affairs assigned to the Korea Communications Commission under this Act, may be entrusted to the Korea Internet and Security Agency established under Article 52 of the Act on Promotion of Information and Communications Network Utilization and Information Protection or the Telecommunications Technology Association founded under Article 34 of the Framework Act on Broadcasting Communications Development, as prescribed by Presidential Decree:

1. Inspection, conducted pursuant to Article 16 (3), of technical and managerial measures and the preservation status of records thereof (limited to affairs related to technical support);

2. Promoting standardization under Article 34;

3. Requesting the submission of materials and conducting inspections under Article 36 (1) and (2) (limited to affairs related to technical support).

(Article Amended by Act nº 13203, Feb. 3, 2015)

Article 38-2 (Legal Fiction as Public Officials in Applying Penalty Provisions)

The executive officers and employees of the Korea Internet and Security Agency or the Telecommunications Technology Association engaging in the affairs entrusted by the Korea Communications Commission pursuant to Article 38 (2), shall be deemed as public officials in applying penalty provisions under Articles 129 through 132 of the Criminal Act to them.

(Article Inserted by Act nº 13203, Feb. 3, 2015)

Article 38-3 (Provisions Applicable Mutatis Mutandis)

Articles 16 (1) and (3), 17, 28 (1), 34, 35, and 36 shall apply mutatis mutandis to persons who engage in location-based service business not handling personal location information.

(Article Inserted by Act nº 13203, Feb. 3, 2015)

CHAPTER VI.- PENALTY PROVISIONS

Article 39 (Penalty Provisions)

Any of the following persons shall be punished by imprisonment with labor for not more than five years; or by a fine not exceeding 50 million won: (Amended by Act nº 11423, May 14, 2012; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Any person who engages in location information business without obtaining permission, in violation of Article 5 (1); or who obtains permission by fraud or other improper means;

2. Any person who divulges, alters, impairs, or discloses personal location information, in violation of Article 17;

3. Any person who collects, uses, or provides personal location information to another person, without consent thereto from the subject of the personal location information; or beyond the scope of consent, in violation of Article 18 (1) or (2) or 19 (1), (2), or (5); or who receives personal location information for profit or for any unlawful purpose, although he/she is aware of such circumstance;

4. Any person who uses or provides to a third party, personal location information beyond the scope specified in the terms and conditions or notified to the relevant subjects, in violation of Article 21;

5. Any person who uses personal location information for any purpose other than emergency rescue, in violation of Article 29 (8);

6. Any person who provides or receives personal location information, without consent thereto from the subject of the personal location information; or for any purpose other than emergency rescue, in violation of Article 29 (11).

Article 40 (Penalty Provisions)

Any of the following persons shall be punished by imprisonment with labor for not more than three years or by a fine not exceeding 30 million won: (Amended by Act nº 8775, Dec. 21, 2007; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Any person who engages in location information business without obtaining permission to make a change; or who obtains permission to make a change by fraud or other improper means, in violation of Article 5 (7);

1-2. Any person who engages in location information business not handling personal location information, without reporting in violation of Article 5-2 (1); or who reports such business by fraud or other improper means;

2. Any person who engages in location-based service business, without reporting in violation of Article 9 (1), the proviso to Article 9-2 (1) or Article 9-2 (4); or who reports by fraud or other improper means;

3. Any person who violates an order issued to discontinue business operations under Article 13 (1);

4. Any person who collects, uses, or provides personal location information regarding an individual without the individual’s consent, in violation of Article 15 (1);

5. Any person who obtains personal location information regarding another person by deceiving a personal location information provider or location-based service provider by copying the person’s telecommunications device or misappropriating such information, in violation of Article 15 (2).

Article 41 (Penalty Provisions)

Any of the following persons shall be punished by imprisonment with labor for not more than one year or by a fine not exceeding 20 million won: (Amended by Act nº 11423, May 14, 2012; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Any person who changes a location information system, without reporting the change, in violation of Article 5-2 (3) 3 or 9 (3) 3, or who reports a change in a location information system by fraud or other improper means;

2. Any person who fails to destroy location information, in violation of Article 8 (4) or 11 (1) or (2);

3. Any person who violates an order to suspend business issued under Article 13 (1);

4. Any person who fails to take technical and managerial measures in violation of Article 16 (1) (including persons to whom said provisions shall apply mutatis mutandis pursuant to Article 38-3);

4-2. Any person who fails to ensure that data verifying the collection, use, and provision of location information are to be automatically recorded and preserved in a location information system, in violation of Article 16 (2);

5. Any person who refuses a request by an emergency rescue agency or a police agency, in violation of Article 29 (5); or who refuses to issue a warning, in violation of Article 29 (7).

Article 42 (Joint Penalty Provisions)

If the representative of a corporation or an agent or employee of, or any other person employed by, the corporation or an individual commits any violation described in Articles 39 through 41 in conducting the business affairs of the corporation or individual, the corporation or individual shall, in addition to punishing the violator accordingly, be subject to a fine prescribed in the relevant Article: Provided, That this shall not apply where such corporation or individual has not been negligent in giving due attention and supervision concerning the relevant business affairs to prevent such violation. (Article Amended by Act nº 10137, Mar. 17, 2010)

Article 43 (Administrative Fines)

(1) Any of the following persons shall be subject to an administrative fine not exceeding 20 million won: (Amended by Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Any person who violates a condition for granting permission under Article 5 (4);

2. Any person who acquires a business or merges or splits off a business, without authorization, in violation of Article 7 (1);

3. Any person who fully or partially suspends or discontinues business operations, without obtaining approval, in violation of Article 8 (1) or (2);

4. Any person who refuses to provide personal location information, in violation of Article 20 (1);

5. Any person who refuses a request for temporary suspension or fails to take a technical measure, in violation of Article 24 (2).

(2) Any of the following persons shall be subject to an administrative fine not exceeding ten million won: (Amended by Act nº 11423, May 14, 2012; Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018; Act nº 16087, Dec. 24, 2018)

1. Any person who fails to report the acquisition, inheritance, merger, or split-off of a business or who reports the acquisition, inheritance, merger, or split-off of a business by fraud or other improper means, in violation of Article 7 (4) or 10 (1);

2. Any person who fails to report the whole or partial suspension or discontinuation of business operations, in violation of Article 8 (1) or (2) or 11 (1) or (2);

3. Any person who fails to disclose terms and conditions or grounds for and details of an amendment to the terms and conditions, in violation of Article 12 (1);

3-2. Any person who violates an order to amend terms and conditions under Article 12 (2);

4. Any person who fails to notify that an object has a built-in device capable of collecting location information, in violation of Article 15 (3);

5. Any person who fails to perform a duty to specify terms and conditions in violation of Article 18 (1) or 19 (1);

6. Any person who collects personal location information, in violation of Article 18 (3);

7. Any person who fails to give information or notice, in violation of Article 19 (2) through (4);

8. Any person who fails to notify transfer, etc. of business, in violation of Article 22;

9. Any person who refuses a request for inspection, notification, or correction, in violation of Article 24 (3);

10. Any person who collects, uses, or provides personal location information without obtaining the consent of the relevant legal representative or without confirming that such legal representative gives the consent, in violation of Article 25 (1);

11. Any person who requests emergency rescue under Article 29 (1) or (2), by fraud;

12. Any person who fails to notify providing personal location information, in violation of Article 29 (6);

13. Any person who fails to submit relevant articles, documents, etc. under Article 36 (1); or who submits any false article or document (including persons to whom said provisions shall apply mutatis mutandis pursuant to Article 38-3);

14. Any person who, without good cause, refuses, interferes with, or evades an inspection under Article 36 (2) (including persons to whom said provisions shall apply mutatis mutandis pursuant to Article 38-3).

(3) Any of the following persons shall be subject to an administrative fine not exceeding five million won: (Amended by Act nº 13203, Feb. 3, 2015; Act nº 15608, Apr. 17, 2018)

1. Any person who changes the trade name or principal place of business, without reporting such change; or who reports a changed trade name or principal place business by fraud or other improper means, in violation of Article 5 (7), 5-2 (3), 9 (3) 1 or 2, or 9-2 (3);

2. Any person who fails to submit statistical data, in violation of Article 32.

(4) Administrative fines under paragraphs (1), (2) (excluding subparagraph 11), and (3) shall be imposed and collected by the Korea Communications Commission, as prescribed by Presidential Decree. (Amended by Act nº 8867, Feb. 29, 2008; Act nº 13203, Feb. 3, 2015)

(5) through (7) Deleted. (by Act nº 13203, Feb. 3, 2015)

(8) Administrative fines under paragraph (2) 11 shall be imposed and collected by the heads of emergency rescue agencies or the heads of police agencies, as prescribed by Presidential Decree. (Amended by Act nº 11423, May 14, 2012)

(9) Deleted. (by Act nº 13203, Feb. 3, 2015)

ADDENDA

(1) (Enforcement Date) This Act shall enter into force six months after the date of its promulgation: Provided, That Articles 29 through 32, subparagraph 5 of Article 41, Article 43 (2) 11 and 12, and Article 43 (8) shall enter into force on the date of its promulgation.

(2) (Transitional Measures concerning Permission for Location Information Business) Each person who engages in local information business as at the time this Act enters into force shall obtain permission from the Minister of Information and Communications in accordance with Article 5 (1), within three months from the date this Act enters into force.

(3) (Transitional Measures concerning Reporting on Location-Based Service Business) Each person who engages in location-based service business as at the time this Act enters into force shall report his/her business to the Minister of Information and Communications in accordance with Article 9 (1), within three months from the date this Act enters into force.

(4) (Transitional Measures concerning Terms and Conditions) Each person who engages in location information business or location-based service business as at the time this Act enters into force shall prepare terms and conditions under Article 12 (1) within three months from the date this Act enters into force and shall report them to the Minister of Information and Communications.

ADDENDUM (Act nº 8002, Sep. 27, 2006)

This Act shall enter into force on the date of its promulgation.

ADDENDA (Act nº 8367, Apr. 11, 2007)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Articles 2 through 6 Omitted.

ADDENDA (Act nº 8486, May 25, 2007)

Article 1 (Enforcement Date)

This Act shall enter into force one year after the date of its promulgation.

Articles 2 through 10 Omitted.

ADDENDUM (Act nº 8775, Dec. 21, 2007)

This Act shall enter into force six months after the date of its promulgation.

ADDENDA (Act nº 8867, Feb. 29, 2008)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation. (Proviso Omitted.)

Articles 2 through 12 Omitted.

ADDENDA (Act nº 9481, Mar. 13, 2009)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Article 2 Omitted.

ADDENDUM (Act nº 9483, Mar. 13, 2009)

This Act shall enter into force six months after the date of its promulgation.

ADDENDUM (Act nº 10137, Mar. 17, 2010)

This Act shall enter into force on the date of its promulgation.

ADDENDA (Act nº 10166, Mar. 22, 2010)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Articles 2 through 9 Omitted.

ADDENDA (Act nº 10517, Mar. 30, 2011)

Article 1 (Enforcement Date)

This Act shall enter into one year after the date of its promulgation.

Articles 2 through 4 Omitted.

ADDENDUM (Act nº 11423, May 14, 2012)

This Act shall enter into force six months after the date of its promulgation.

ADDENDA (Act nº 11690, Mar. 23, 2013)

Article 1 (Enforcement Date)

(1)       This Act shall enter into force on the date of its promulgation.

(2)       Omitted.

Articles 2 through 7 Omitted.

ADDENDA (Act nº 11717, Mar. 23, 2013)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Articles 2 through 4 Omitted.

ADDENDA (Act nº 12840, Oct. 15, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Article 2 (Transitional Measure concerning Disqualifications of Incompetent Persons)

Notwithstanding the amended provisions of Articles 6 (1) 1 and 26 (1) 2 and (2) 2, the previous provisions shall apply to the persons, for whom the declaration of incompetence or quasi-incompetence pronounced as at the time the amended provisions enter into force, remains effective under Article 2 of the Addenda to the Civil Act (Act nº 10429).

ADDENDA (Act nº 12844, Nov. 19, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That the amendments to the statutes to be amended pursuant to Article 6 of the Addenda, which were promulgated before this Act enters into force but the enforcement dates of which have yet to arrive, shall enter into force on the enforcement date of the relevant statute.

Articles 2 through 7 Omitted.

ADDENDA (Act nº 13203, Feb. 3, 2015)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability to Permission for Location Information Business)

The amended provisions of Articles 5 (8) 4 and 7 (3) 4 shall apply, beginning with where an application is filed for permission for location information business or authorization for the acquisition, etc. of location information business, after this Act enters into force.

ADDENDA (Act nº 13540, Dec. 1, 2015)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Transitional Measures to Grounds for Disqualification)

Notwithstanding the amended provisions of Article 6, an employee of a location information provider as at the time this Act enters into force shall be governed by the previous provisions.

ADDENDA (Act nº 14224, May 29, 2016)

Article 1 (Enforcement Date)

This Act shall enter into force one year after the date of its promulgation.

Articles 2 through 21 Omitted.

ADDENDA (Act nº 14839, Jul. 26, 2017)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation: Provided, That, the amendments to the statutes to be amended pursuant to Article 5 of the Addenda, which were promulgated before this Act enters into force but the enforcement dates of which have yet to arrive, shall enter into force on the enforcement date of the relevant statute.

Articles 2 through 6 Omitted.

ADDENDA (Act nº 14840, Jul. 26, 2017)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Articles 2 through 4 Omitted.

ADDENDA (Act nº 15608, Apr. 17, 2018)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation.

Article 2 (Applicability to Reporting by Micro Enterprises on Location-Based Service Business)

The amended provisions of Articles 9 (4) and 9-2 shall apply to micro enterprises, etc. that commence location-based service business after this Act enters into force.

Article 3 (Applicability to Disclosure of Terms and Conditions)

The amended provisions of Article 12 (1) shall also apply where a person intends to amend the terms and conditions reported before this Act enters into force.

Article 4 (Transitional Measures concerning Permission for Location Information Business)

(1) If a person who holds permission granted under previous Article 5 (1) as at the time this Act enters into force engages in location information business handling personal location information, such person shall be deemed to have obtained permission from the Korea Communications Commission under the amended provisions of Article 5 (1).

(2) If a person who holds permission granted under previous Article 5 (1) as at the time this Act enters into force engages in location information business, without handling personal location information, such person shall be deemed to have filed a report in accordance with the amended provisions of Article 5-2 (1), and such report shall be deemed to have been accepted by the Korea Communications Commission under the amended provisions of Article 5-2 (4).

(3) If a person who has an application pending for permission under Article 5 (1) as at the time this Act enters into force engages in location information business, without handling personal location information, such person shall be deemed to have filed a report in accordance with the amended provisions of Article 5-2 (1).

Article 5 (Transitional Measures concerning Acquisition of Location Information Business or Merger of Corporations)

(1) If the transferee of all or part of the business of a person who holds authorization granted under previous Article 7 (1) as at the time this Act enters into force reports and has engaged in location information business, without handling personal location information, or a corporation incorporated by a merger or split-off or a corporation surviving a merger or split-off reports such acquisition, merger, or split-off in accordance with the amended provisions of Article 7 (4), such report shall be deemed to have been accepted by the Korea Communications Commission under the amended provisions of Article 7 (5).

(2) If a person who filed an application for authorization under previous Article 7 (1) before this Act enters into force is the transferee of all or part of the business of a person who has engaged in location information business, without handling personal location information, or a corporation incorporated by a merger or split-off or a corporation surviving a merger or split-off, such person shall be deemed to have reported the acquisition, merger, or split-off in accordance with the amended provisions of Article 7 (4).

Article 6 (Transitional Measures concerning Suspension or Discontinuation of Operations of Location Information Business)

(1) If a person who engages in location information business as at the time this Act enters into force, without handling personal location information, with approval granted under previous Article 8 (1) or (2) files a report in accordance with the amended provisions of Article 8 (1) 2 or (2) 2, such report shall be deemed to have been accepted by the Korea Communications Commission under the amended provisions of Article 8 (6).

(2) If a person who filed an application for approval under previous Article 8 (1) or (2) before this Act enters into force engages in location information business, without handling personal location information, such person shall be deemed to have filed a report in accordance with the amended provisions of Article 8 (1) 2 or (2) 2.

Article 7 Omitted.

ADDENDUM (Act nº 16087, Dec. 24, 2018)

This Act shall enter into force six months after the date of its promulgation.

02Nov/21

Act nº 6383, Jan. 26, 2001, Act on the Protection of Information and Communications Infrastructure

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)
The purpose of this Act is to operate cirtical information and communications infrastructure in a stable manner by formulating and implementing measures concerning the protection of such infrastructure, in preparation for intrusion by electronic means, thereby contributing to the safety of the nation and the stability of the life of people.

Article 2 (Definitions)
The terms used in this Act shall be defined as follows: (Amended by Act nº 8777, Dec. 21, 2007)

1. The term “information and communications infrastructure” means electronic control and management system related to the national security, administration, defense, public security, finance, communications, transportation, energy, etc. and information and communications network under Article 2 (1) 1 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.;

2. The term “electronic intrusions” means acts of attacking information and communications infrastructure by hacking, computer viruses, logic or email bombs, denial of service, or high power electromagnetic waves, etc.;

3. The term “intrusion incident” means a situation where any incidents takes place by electronic intrusions.

CHAPTER II.- SYSTEM FOR PROTECTING CRITICAL INFORMATION AND COMMUNICATIONS INFRASTRUCTURE

Article 3 (Committee for Protection of Information and Communications Infrastructure)

(1) The Committee for Protection of Information and Communications Infrastructure (hereinafter referred to as the “Committee“) shall be established under the control of the Prime Minister, so as to deliberate on matters concerning the protection of critical information and communications infrastructure (hereinafter referred to as “critical information and communications infrastructure”) designated under Article 8.

(2) The Committee shall be comprised of 25 or fewer members, including a Chairperson.

(3) The Chairperson of the Committee shall be the Minister of the Office for Government Policy Coordination, and members shall be public officials holding a rank equivalent to that of a Vice Minister of a central administrative agency prescribed by Presidential Decree, and persons commissioned by the Chairperson. (Amended by Act nº 8777, Dec. 21, 2007; Act nº. 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) Working committees in charge of the public and private sectors shall be established under the control of the Committee for the efficient operation of the Committee. (Amended by Act nº 8777, Dec. 21, 2007)

(5) Necessary matters concerning the composition, operation, etc. of the Committee and working committees shall be prescribed by Presidential Decree.

Article 4 (Functions of Committee)
The Committee shall deliberate on the following matters: (Amended by Act nº 8777, Dec. 21, 2007)

1. Matters concerning the coordination of policies for protecting critical information and communications infrastructure;

2. Matters concerning the integration and coordination of protection plans on critical information and communications infrastructure under Article 6 (1);

3. Matters concerning the outcomes of implementing protection plans on critical information and communications infrastructure under Article 6 (1);

4. Matters concerning the improvement of systems related to the protection of critical information and communications infrastructure;

5.Other major policies concerning the protection of critical information and communications infrastructure that are submitted by the Chairperson for consideration.

Article 5 (Establishment of Measures to Protect Critical Information and Communications Infrastructure)

(1) The head of an organization which manages critical information and communications infrastructure (hereinafter referred to as a “management organization“) shall formulate and implement management measures (hereinafter referred to as “measures to protect critical information and communications infrastructure“), including physical and technological measures to protect critical information and communications infrastructure under its his/her jurisdiction in a safe manner, depending on the results outcomes of the analysis and evaluation of vulnerabilities under Article 9 (1).

(2) The head of a management organization shall, when he/she establishes formulates measures to protect critical information and communications infrastructure under paragraph (1), submit details of such measures to the head of a central administrative agency in charge of critical information and communications infrastructure (hereinafter referred to as “relevant central administrative agency“): However this shall not apply to cases where the head of a management organization is the head of the relevant central administrative agency.

(3) Details of measures to protect critical information and communications infrastructure of a management organization controlled and supervised by the head of a local government, shall be submitted to the Minister of Security and Public Administration by the head of the local government. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) The head of a management organization shall designate a person in general charge of affairs concerning the protection of critical information and communications infrastructure under its jurisdiction (hereinafter referred to as “chief information security officer“): Provided, That this shall not apply to cases where the head of a management organization is the head of the relevant central administrative agency.

(5) Necessary matters concerning the designation, affairs, etc. of a chief information security officer shall be prescribed by Presidential Decree.

Article 5-2 (Ascertaining Implementation of Measures to Protect Critical Information and Communications Infrastructure)

(1) The Minister of Science, Information and Communications Technology (ICT) and Future Planning and the heads of national organizations prescribed by Presidential Decree, such as the Director of the National Intelligence Service (hereinafter referred to as the “Director of the National Intelligence Service and head of an equivalent agency“) may ascertain whether a management organization implements measures to protect critical information and communications infrastructure. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) The Minister of Science, Information and Communications Technology (ICT) and Future Planning, Director of the National Intelligence Service, and head of an equivalent agency may request the head of the relevant central administrative agency to submit data, including details of measures to protect critical information and communications infrastructure submitted to him/her under Article 5 (2), when necessary for ascertainment under paragraph (1). (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) The Minister of Science, Information and Communications Technology (ICT) and Future Planning, Director of the National Intelligence Service, and head of an equivalent agency may notify the head of the relevant central administrative agency of whether measures to protect critical information and communications infrastructure confirmed under paragraph (1) are implemented. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) Necessary measures concerning procedures for ascertaining the implementation of measures to protect critical information and communications infrastructure under paragraph (1) shall be prescribed by Presidential Decree.
(Article Inserted by Act nº 8777, Dec. 21, 2007)

Article 6 (Establishment, etc. of Plans for Protecting Critical Information and Communications Infrastructure)

(1) The heads of relevant central administrative agencies shall establish and implement plans for protecting critical information and communications infrastructure in areas under their jurisdiction (hereinafter referred to as “plans for protecting critical information and communications infrastructure“), by integrating and coordinating measures to protect critical information and communications infrastructure submitted under Article 5 (2).

(2) The heads of relevant central administrative agencies shall submit details on outcomes of implementing plans for protecting critical information and communications infrastructure of the previous year and plans for protecting critical information and communications infrastructure for the following year to the Committee for deliberation: However, this shall not apply to matters that are deemed confidential by the Chairperson of the Committee.

(3) Plans for protecting critical information and communications infrastructure shall include the following matters:

1. Matters concerning the analysis and evaluation of vulnerabilities of critical information and communications infrastructure;

2. Matters concerning prevention against intrusion incidents against critical information and communications infrastructure and measures for the restoration thereof;

3. Other necessary matters concerning the protection of critical information and communications infrastructure.

(4) The Minister of Science, Information and Communications Technology (ICT) and Future Planning and the Director of the National Intelligence Service may establish guidelines for formulating measures to protect critical information and communications infrastructure and plans for protecting critical information and communications infrastructure, following consultation with each other, and notify the heads of relevant cental administrative agencies of such guidelines. (Amended by Act nº 8777, Dec. 21, 2007; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(5) The heads of relevant central administrative agencies shall designate a person in general charge of affairs related to the protection of critical information and communications infrastructure in areas under their jurisdiction (hereinafter referred to as “officer in charge of information protection“).

(6) Necessary matters concerning the establishment and implementation of plans for protecting critical information and communications infrastructure and the designation, affairs, etc. of an officer in charge of information protection shall be prescribed by Presidential Decree.

Article 7 (Support for Protection of Critical Information and Communications Infrastructure)

(1) The heads of management organizations may request the Minister of Science, Information and Communications Technology (ICT) and Future Planning, the Director of the National Intelligence Service, and head of an equivalent agency or, if deemed necessary, the heads of specialized institutions prescribed by Presidential Decree to provide technological support to the following duties, where the heads of the relevant management organizations deem it necessary to do so, or where the Chairperson of the Committee believes that inadequate measures to protect critical information and communications infrastructure of a specific management organization are likely to cause harm to national security and the economy and society as a whole and therefore issues an order to supplement such measures. (Amended by Act nº 8777, Dec. 21, 2007; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)


1. Formulation of measures to protect critical information and communications infrastructure;

2. Prevention of intrusion incidents against critical information and communications infrastructure and the restoration thereof;

3. Compliance with an order or recommendation for protection measures under Article 11.

(2) When the head of a management organization, in charge of the following critical information and communications infrastructure which has significant influence on national security, requests for technological support under paragraph (1), he/she shall preferentially make such request to the Director of the National Intelligence Service: However, the Director of the National Intelligence Service may provide such support, in consultation with the heads of the relevant central administrative agencies, in cases where a substantial and imminent threat to national security exists and it is impossible to recover from damage if he/she waits for the head of a management organization to make such request: (Amended by Act nº 8777, Dec. 21, 2007)

1. Critical transportation facilities, such as roads, railroads, subways, airports and harbors;

2. Facilities for water resources and energy, including electricity, gas and oil;

3. Relay broadcast facilities and the national command control communication network;

4. Research facilities of government-funded research institutes related to nuclear energy, the national defense and science, or advanced defense industry.

(3) The Director of the National Intelligent Service shall not provide technological support to any information and communications infrastructure which stores personal information, such as financial information and communications infrastructure, notwithstanding paragraphs (1) and (2). (Amended by Act nº 8777, Dec. 21, 2007)

CHAPTER III.- DESIGNATION AND ANALYSIS OF VULNERABILITIES OF MAJOR INFORMATION AND COMMUNICATIONS INFRASTRUCTURE

Article 8 (Designation, etc. of Critical Information and Communications Infrastructure)

(1) The heads of central administrative agencies may designate information and communications infrastructure under their jurisdiction, which are deemed to require protection from electronic intrusions, as critical information and communications infrastructure, by taking into account the following matters:

1. The national and social importance of duties performed by an organization which manages the relevant information and communications infrastructure;

2. The dependence of affairs conducted by an organization under subparagraph 1 on information and communications infrastructure;

3. The inter-connection with other information and communications infrastructure;

4. The areas and extent of damage caused by intrusion incidents to the national security, economy and society, if any;

5. The probability of intrusion incidents and the easiness of restoration thereof.

(2) The heads of central administrative agencies may request the relevant management organization to submit data necessary for making a decision on designation under paragraph (1).

(3) The head of the relevant central administrative agency may revoke the designation of critical information and communications infrastructure either ex officio or upon request of the relevant management organization when a management organization abolishes, suspends or changes the relevant affairs.

(4) The Minister of Security and Public Administration may designate information and communications infrastructure of an organization managed and supervised by the head of a local government as critical information and communications infrastructure, in consultation with the head of the local government, or revoke such designation. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(5) The head of a central administrative agency shall, when he/she intends to make a designation or revoke such designation under paragraphs (1) and (3), submit it for deliberation by the Committee. In such cases, the Committee may order the head of a management organization subject to designation or the revocation thereof under paragraphs (1) and (3) to appear before the Committee and listen to his/her opinions.

(6) The head of a central administrative agency shall, when he/she designates critical information and communications infrastructure or revokes such designation under paragraphs (1) and (3), publicly announce such fact: However, he/she may not publicly announce such fact, after deliberation by the Committee, when necessary for guaranteeing national security.

(7) Necessary matters concerning the designation of critical information and communications infrastructure and the revocation of such designation shall be prescribed by Presidential Decree.

Article 8-2 (Recommendation for Designation of Critical Information and Communications Infrastructure)

(1) The Minister of Science, Information and Communications Technology (ICT) and Future Planning, Director of the National Intelligence Service, and head of an equivalent agency may recommend the head of a central administrative agency to designate specific information and communications infrastructure as critical information and communications infrastructure, when they reach a conclusion that such information and communications infrastructure needs to be designated as critical information and communications infrastructure. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) The Minister of Science, Information and Communications Technology (ICT) and Future Planning, Director of the National Intelligence Service, and head of an equivalent agency may request the head of a central administrative agency to submit data on the relevant information and communications infrastructure, when necessary for making a recommendation under paragraph (1). (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) Procedures for recommending the designation of critical information and communications infrastructure under paragraph (1) and other necessary matters shall be prescribed by Presidential Decree.
(Article Inserted by Act nº 8777, Dec. 21, 2007)

Article 9 (Analysis and Evaluation of Vulnerabilities)

(1) The head of a management organization shall analyze and evaluate the vulnerabilities of critical information and communications infrastructure under its jurisdiction on a regular basis as prescribed by Presidential Decree.

(2) The head of a management organization shall, when he/she intends to analyze and evaluate vulnerabilities under paragraph (1), form a task force team to analyze and evaluate the vulnerabilities as prescribed by Presidential Decree.

(3) The head of a management organization may, when he/she intends to analyze and evaluate vulnerabilities under paragraph (1), require the following institutions to analyze and evaluate vulnerabilities of critical information and communications infrastructure under its jurisdiction: However, in such case, he/she may choose not to form a task force team under paragraph (2): (Amended by Act nº 6796, Dec. 18, 2002; Act nº 8777, Dec. 21, 2007; Act nº 9708, May 22, 2009; Act nº 11690, Mar. 23, 2013)

1. The Korea Internet and Security Agency (hereinafter referred to as the “KISA“) under Article 52 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.;

2. Information sharing and analysis centers under Article 16 (limited to information sharing and analysis centers which meet the standards prescribed by Presidential Decree);

3. Consulting companies specializing in knowledge and information security, designated under Article 33 of the Information and Communications Technology Industry Promotion Act;

4. The Electronics and Telecommunications Research Institute under Article 8 of the Act on the Establishment, Operation, and Fostering of Government-Funded Research Institutes.

(4) The Minister of Science, Information and Communications Technology (ICT) and Future Planning shall determine standards concerning the analysis and evaluation of vulnerabilities under paragraph (1), in consultation with the heads of relevant central administrative agencies and the Director of the National Intelligence Service, and notify the heads of the relevant central administrative agencies of such standards. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(5) Necessary matters concerning methods of and procedures for analyzing and evaluating the vulnerabilities of critical information and communications infrastructure shall be prescribed by Presidential Decree.

CHAPTER IV.- PROTECTION OF CRITICAL INFORMATION AND COMMUNICATIONS INFRASTRUCTURE AND RESPONSE TO INTRUSION INCIDENTS

Article 10 (Protection Guidelines)

(1) The heads of relevant central administrative agencies may establish protection guidelines on critical information and communications infrastructure under their jurisdiction and recommend the head of a management organization in the relevant area to follow such guidelines.

(2) The heads of the relevant central administrative agencies shall revise and supplement protection guidelines under paragraph (1) on a regular basis, taking into account technological advancements, etc.

Article 11 (Orders etc. for Protection Measures)
The heads of relevant central administrative agencies may order or recommend the head of the relevant management organization to take measures to protect critical information and communications infrastructure, in any of the following cases:

1. When it is deemed that special protection measures need to be taken after details of measures to protect critical information and communications infrastructure submitted under Article 5 (2) are analyzed;

2. When it is deemed that special protection measures need to be taken after the implementation of measures to protect critical information and communications infrastructure notified under Article 5-2 (3) are analyzed.
(Article Amended by Act nº 8777, Dec. 21, 2007)

Article 12 (Prohibition against Intrusion, etc. of Critical Information and Communications Infrastructure)
No one shall commit any act falling under any of the following subparagraphs:

1. Accessing critical information and communications infrastructure by any person who has no access authority, or manipulating, destroying, concealing or leaking stored data by any person who exceeds his/her access authority;

2. Destroying the data of critical information and communications infrastructure, or using programs, such as computer viruses and logic bombs, with the intention of obstructing the operation of critical information and communications infrastructure;

3. Abruptly sending large amounts of signals with the intention of obstructing the operation of critical information and communications infrastructure, or causing a fallacy in information processing by means, such as inducing the processing of a wrong order.

Article 13 (Notification of Intrusion Incidents)

(1) The head of a management organization shall, when he/she recognizes that the occurrence of intrusion incidents has led to the disturbance, paralysis or destruction of critical information and communications infrastructure under its jurisdiction, notify a relevant administrative agency, an investigation agency, or the Internet and Security Agency (hereinafter referred to as the “relevant organization, etc.”) of such fact. In such cases, the relevant organizations, etc. shall take necessary measures to prevent the spread of damage caused by intrusion incidents and swiftly respond to such incidents. (Amended by Act nº 11690, Mar. 23, 2013)

(2) The Government may provide financial support, including expenses incurred in restoring damage, to a management organization that has contributed to preventing the spread of damage by notifying intrusion incidents under paragraph (1), within the budgetary limits

 Article 14 (Restoration Measures)

(1) The head of a management organization shall take necessary measures to restore and protect relevant information and communications infrastructure in a swift manner when intrusion incidents against critical information and communications infrastructure under its jurisdiction occur.

(2) The head of a management organization may request the head of a relevant central administrative agency or the head of the Internet and Security Agency to provide support when necessary for taking measures for restoration and protection under paragraph (1): Provided, That this shall not apply to cases falling under Article 7 (2). (Amended by Act nº 11690, Mar. 23, 2013)

(3) The head of the relevant central administrative agency or the head of the Internet and Security Agency shall, when they receive requests for support under paragraph (2), provide necessary support for the fast restoration of damage, such as technological support, and take appropriate measures to prevent the spread of damage, in cooperation with the head of a management organization. (Amended by Act nº 11690, Mar. 23, 2013)

Article 15 (Organization, etc. of Headquarters for Countermeasures, etc.)

(1) When intrusion incidents against critical information and communications infrastructure occur in a wide range, the Chairperson of the Committee may establish the Headquarters for Countermeasures against Intrusion Incidents in Information and Communications Infrastructure (hereinafter referred to as the “Countermeasure Headquarters“) under the control of the Committee, fixing a period for taking emergency measures, providing technological support and restoring damage, etc.

(2) The Chairperson of the Committee may request the dispatch of public officials related to the affairs of the Countermeasure Headquarters to the head of a relevant administrative agency.

(3) The Chairperson of the Committee shall appoint the head of the Countermeasure Headquarters, in consultation with the head of a central administrative agency in charge of information and communications infrastructure, against which intrusion incidents occurred.

(4) The head of the Headquarters for Countermeasures may request the head of the relevant administrative agency, the head of a management organization and the head of the Internet and Security Agency to provide cooperation and support to respond to intrusion incidents against critical information and communications infrastructure. (Amended by Act nº 11690, Mar. 23, 2013)

(5) The head of the relevant administrative agency, etc. shall, upon a request for cooperation and support under paragraph (4), comply with such request, unless any extraordinary ground exists to the contrary.

(6) Necessary matters concerning the organization and operation of the Countermeasure Headquarters shall be prescribed by Presidential Decree.

Article 16 (Information Sharing and Analysis Center)

(1) Any person who intends to perform the following affairs to protect information and communications infrastructure by area, such as finance and communications, may establish and operate an information sharing and analysis center:

1. Provision of information concerning vulnerabilities, intrusion factors, and countermeasures;

2. Operation of the real-time alarm and analysis system, if intrusion incidents occur.

(2) The head of an information sharing and analysis center under paragraph (1) shall notify the heads of the relevant central administrative agencies of matters prescribed by Presidential Decree, such as information of persons engaged in duties. The same shall apply to revisions to the notified matters.

(3) The heads of the relevant central administrative agencies shall notify the Minister of Science, Information and Communications Technology (ICT) and Future Planning of matters notified under paragraph (2). (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) The Government may encourage the establishment of an information sharing and analysis center, which performs duties falling under each subparagraph of paragraph (1), and provide technological support thereto.

(5) Necessary matters concerning methods of and procedures for notification under paragraph (2) shall be prescribed by Presidential Decree.

CHAPTER V.- Deleted.

Articles 17 through 23 Deleted. (by Act nº 9708, May 22, 2009)

CHAPTER VI.- TECHNOLOGICAL SUPPORT AND PRIVATE COOPERATION

Article 24 (Technological Development, etc.)

(1) The Government may formulate implementation policies for the development of technology necessary for protecting information and communications infrastructure and the fostering of specialized human resources.

(2) The Government may require research institutes and private organizations related to the development of information protection technology to develop technology on its behalf, when necessary for efficiently advancing development of technology necessary for the protection of information and communications infrastructure. In such cases, the Government may wholly or partially subsidize expenses incurred in such development.

Article 25 (Support for Management Organization)
The Government may, with respect to a management organization, transfer technology necessary for protecting critical information and communications infrastructure, and provide equipment and other necessary support.

Article 26 (International Cooperation)

(1) The Government shall ascertain international trends concerning the protection of information and communications infrastructure and promote international cooperation.

(2) The Government may provide support for international exchanges of related technologies and human resources and projects for international standardization and international joint research and development, so as to promote international cooperation for the protection of information and communications infrastructure.

Article 27 (Duty of Confidentiality)
No one who is or has been employed in any of the following organizations shall divulge any confidential information obtained in the course of his/her performance of duties: However, this shall not apply to cases where special provisions exist in other Acts: (Amended by Act nº 8777, Dec. 21, 2007)

1. The Committee and the working committees under Article 3;

2. Any organization in charge of the analysis and evaluation of the vulnerabilities of critical information and communications infrastructure under Article 9 (3);

3. Any relevant organization which performs duties related to the acceptance of notification of intrusion incidents and restoration measures under Article 13;

4. Any information sharing and analysis center which performs duties falling under any subparagraph of Article 16 (1).

CHAPTER VII.- PENALTY PROVISIONS

Article 28 (Penalty Provisions)

(1) Any person who disturbs, paralyzes or destroys critical information and communications infrastructure, in violation of Article 12, shall be punished by imprisonment with labor for not more than 10 years or by a fine not exceeding 100 million won.

(2) Any person who has attempted a crime under referred to in paragraph (1) shall be subject to punishment.

Article 29 (Penalty Provisions)
Any person who divulges any confidential information secret, in violation of Article 27, shall be punished by imprisonment with labor for not more than five years, by suspension of qualifications for not more than ten years or by a fine not exceeding 50 million won.

Article 30 (Administrative Fines)

(1) Any person falling under any of the following subparagraphs shall be punished by an administrative fine not exceeding 10 million won: (Amended by Act nº 8777, Dec. 21, 2007)

1. Any person who violates an order to take protection measures under Article 11;

2. Any person who fails to issue a notice under Article 16 (2);

3. through 5. Deleted (by Act nº 9708, May 22, 2009)

(2) An administrative fine under paragraph (1) shall be imposed and collected by the heads of the relevant central administrative agencies or the Minister of Science, Information and Communications Technology (ICT) and Future Planning (hereinafter referred to as the “levying authority”) as prescribed by Presidential Decree. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 9708, May 22, 2009; Amended by Act nº 11690, Mar. 23, 2013)

(3) Any person who is dissatisfied with an administrative fine imposed under paragraph (2), may raise an objection to the levying authority within 30 days after being informed of such imposition.

(4) If a person subject to the imposition of an administrative fine under paragraph (2) raises an objection under paragraph (3), the levying authority shall, without delay, notify the competent court, which, in turn, shall proceed to trial on the administrative fine pursuant to the Non-Contentious Case Procedure Act. (Amended by Act nº 8777, Dec. 21, 2007)

(5) If neither an objection is raised nor an administrative fine is paid within a period prescribed in paragraph (3), the administrative fine shall be collected in the same manner as delinquent national taxes are collected.

ADDENDUM
This Act shall enter into force on July 1, 2001.

ADDENDA (Act nº 6796, Dec. 18, 2002)

(1) (Enforcement Date) This Act shall enter into force on the date of its promulgation.

(2) (Transitional Measures concerning the Change of Names of Companies Specializing in Information Protection) Companies specializing in information protection designated under the previous provisions at the time this Act enters into force shall be deemed consulting companies specializing in information protection designated under this Act.

ADDENDA (Act nº 7428, Mar. 31, 2005)

Article 1 (Enforcement Date)
This Act shall enter into force one year after the date of its promulgation.

Articles 2 through 6 Omitted.

ADDENDA (Act nº 8777, Dec. 21, 2007)

(1) (Enforcement Date) This Act shall enter into force six months after the date of its promulgation.

(2) (Applicability) The amended provisions of Article 5-2 shall apply to measures to protect critical information and communications infrastructure which were formulated in 2007 and thereafter.

ADDENDA (Act nº 8852, Feb. 29, 2008)

Article 1 (Enforcement Date)
This Act shall enter into force on the date of its promulgation (Proviso Omitted.).

Articles 2 through 7 Omitted.

ADDENDA (Act nº 9708, May 22, 2009)

Article 1 (Enforcement Date)
This Act shall enter into force three months after the date of its promulgation (Proviso Omitted.).

Articles 2 through 12 Omitted.

ADDENDA (Act nº 11690, Mar. 23, 2013)

Article 1 (Enforcement Date)
This Act shall enter into force on the date of its promulgation.

Articles 2 through 7 Omitted.

01Nov/21

Act nº 14577, Digital Signature Act, Mar. 14, 2017

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)          

The purpose of this Act is to establish the basic framework for the system of digital signatures in order to secure the safety and reliability of electronic messages and to promote their use, thereby stimulating the use of electronic records and communications on a national level and advancing social benefit and convenience.

Article 2 (Definitions)     

The terms used in this Act shall be defined as follows:

1. The term “electronic message” means a piece of information generated and sent, received, or stored in digital form through an information processing system;

2. The term “digital signature” means a piece of information in digital form affixed on, or logically combined to, an electronic message in order to identify the signer and verify that the electronic message has been signed by that signer;

3. The term “certified digital signature” means a digital signature that satisfies the following requirements and is grounded upon an authorized certificate:

(a) That the digital signature creating key shall be only held by and known only to the subscriber;

(b) That the subscriber shall be controlling and managing the digital signature creating key at the time of signing;

(c) That it shall be ascertained whether there has been any alteration in the digital signature concerned since it was affixed;

(d) That it shall be ascertained whether there has been any alteration in the electronic message concerned since digital signature was affixed;

4. The term “digital signature creating key” means a sequence of bits used to affix a digital signature to an electronic message;

5. The term “digital signature verifying key” means a sequence of bits used to verify a digital signature;

6. The term “certification” means the act of ascertaining and verifying that the digital signature creating key is held and known only by the subscriber;

7. The “certificate” means a computer-based record ascertaining and verifying that the digital signature creating key is only held by and known only to the subscriber;

8. The term “authorized certificate” means a certificate that a licensed certification authority issues in accordance with Article 15;

9. The term “authorized certification work” means the affairs of offering authorized certification services, such as the issuance of authorized certificates, the maintenance of certification-related records, etc.;

10. The term “licensed certification authority” means an entity that is, in accordance with Article 4, designated as such in order to offer authorized certification services;

11. The term “subscriber” means a person whose digital signature creating key has been certified by a licensed certification authority;

12. The term “signer” means a person who holds his own digital signature creating key and signs in his or her own name or on behalf of another person;

13. The term “information on individual” means a piece of information that pertains to a living individual, such as information regarding marks, letters, voice, sound, image, and biometric characteristics which may help establish the identity of the person concerned based on his or her name, resident registration number, etc. (including cases where such information, even if this information is not enough to identify a specific person, can be combined easily with other information to establish his or her identity).

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 3 (Effect, etc. of Digital Signature)

(1) In cases where a signature, signature and seal, or name and seal is, under other Acts and subordinate statutes, required to be affixed on a paper-based document or letter, it shall be deemed that such requirements are satisfied if there is a certified digital signature affixed on an electronic message. (Amended by Act nº 6585, Dec. 31, 2001)

(2) In cases where a certified digital signature is affixed on an electronic message, it shall be presumed that such a digital signature is the signature, signature and seal, or name and seal of the signer of the electronic message concerned and that there has been no alteration in the contents of such message since it was signed digitally. (Amended by Act nº 6585, Dec. 31, 2001)

(3) A digital signature other than a certified digital signature shall have such an effect of a signature, signature and seal, or name and seal, as is agreed between the parties concerned.    (Inserted by Act nºº 6585, Dec. 31, 2001)

CHAPTER II.- LICENSED CERTIFICATION AUTHORITY

Article 4 (Designation of Licensed Certification Authority)

(1) The Minister of Science, ICT and Future Planning may designate as a licensed certification authority an entity that is deemed to be capable of performing authorized certification work (hereinafter referred to as “certification work“) in a secure and reliable manner. (Amended by Act º 6585, Dec. 31, 2001; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) The entity that can be designated as a licensed certification authority shall be limited to State agencies, local governments and corporations.

(3) The entity that desires to be designated as a licensed certification authority shall meet such requirements as technical and financial capabilities, facilities and equipment, and other required matters as provided by Presidential Decree.

(4) Where the Minister of Science, ICT and Future Planning designates a licensed certification authority under paragraph (1), he or she may designate it, for a sound development, etc. of the authorized certification market, by dividing the domain of certification work under the establishment purpose in cases of State agencies, local governments, non-profit corporations or corporations established by special Acts. (Inserted by Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(5) Procedures for designation of a licensed certification authority and other necessary matters shall be determined by Presidential Decree.

Article 5 (Grounds for Disqualification)   

No person who falls under any of the following subparagraphs shall be designated as a licensed certification authority: (Amended by Act nº 7428, Mar. 31, 2005; Act nº 12762, Oct. 15, 2014)

1. A corporation of which any executive officer falls under any of the following:

(a) A person under adult guardianship or limited guardianship, or a person who has been declared by a court as bankrupt and has not been reinstated;

(b) A person in whose case two years have not elapsed since his or her imprisonment without labor or heavier punishment declared by a court was completely executed (including cases where the execution of the sentence is deemed completed) or exempted;

(c) A person who is under suspension of the execution of imprisonment without labor or heavier punishment as declared by a court;

(d) A person who has been disqualified or whose qualification has been suspended by the court decision or under other Acts;

(e) A person who was in the position of an executive officer of a corporation at the time when its designation as a licensed certification authority was revoked pursuant to Article 12 (limited to cases where two years have not yet passed since its revocation);

2. A corporation in whose case two years have not yet passed since its designation as a licensed certification authority was revoked pursuant to Article 12.

 Article 6 (Rules, etc. of Authorized Certification Work)   

(1) A licensed certification authority shall prepare its rules of authorized certification work (hereinafter referred to as “rules of certification work“) that contains matters set forth in each of the following subparagraphs and report them to the Minister of Science, ICT and Future Planning before starting to perform certification work: (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Types of certification work;

2. Method and procedures for performing certification work;

3. Terms and conditions of use for authorized certification services (hereinafter referred to as “certification services“);

4. Such other matters as may be necessary to carry out certification work.

(2) A licensed certification authority shall prepare the rules of certification work under the standards for the rules of authorized certification work and the digital signature certification work guidelines under the provisions of Article 8 that are provided and notified by the Minister of Science, ICT and Future Planning. (Inserted by Act nº 7813, Dec. 20, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) In cases of the modification of the matters already reported under paragraph (1), a licensed certification authority shall report such fact to the Minister of Science, ICT and Future Planning within a period of time prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Inserted by Act nº 6585, Dec. 31, 2001; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) Where the contents of rules of certification work reported under the provisions of paragraph (1) to ensure the safety and reliability of certification work and to protect subscribers’ interests violate the standards for preparing the rules of authorized certification work provided and notified by the Minister of Science, ICT and Future Planning and the digital signature certification work guidelines under the provisions of Article 8 (1), the Minister of Science, ICT and Future Planning may order the licensed certification authority concerned to modify the same rules of certification work within a reasonable and fixed period of time. (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(5) A licensed certification authority shall faithfully observe all the matters prescribed by the rules of certification work. (Inserted by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005)

Article 7 (Provision, etc. of Certification Services)              

(1) No licensed certification authority shall refuse to provide certification services without any justifiable reason.

(2) No licensed certification authority shall unjustly discriminate against a subscriber or a certification service user.

Article 8 (Performance of Certification Work by Licensed Certification Authority)              

(1) In order to ensure the safety and reliability of certification work, the Minister of Science, ICT and Future Planning may draw up and notify digital signature certification work guidelines on specific matters that shall be observed by a licensed certification authority in performing certification work. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) The digital signature certification work guidelines under paragraph (1) shall contain the following: (Inserted by Act nº 7813, Dec. 30, 2005)

1. Matters concerning the management of authorized certificates;

2. Matters concerning the management of digital signature creating keys;

3. Matters concerning the protection of the facilities of licensed certification authorities;

4. Other matters concerning the certification work and operational management.

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 9 (Acquisition of Certification Work by Transfer, etc.)        

(1) A licensed certification authority, which desires to acquire the certification work of another licensed certification authority or to merge with another licensed certification authority that is a corporation, shall report it to the Minister of Science, ICT and Future Planning as prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Act nº. 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) A licensed certification authority that has acquired the certification work as referred to in paragraph (1), or in the case of merger, the corporation that has survived or newly been established after the merger thereunder shall succeed to the status of the former licensed certification authority.

Article 10 (Cessation, Closure, etc. of Certification Work)               

(1) When a licensed certification authority desires to cease all or part of its certification work, it shall fix the period of cessation and notify its subscribers thereof not later than 30 days before the scheduled date of cessation, and also report it to the Minister of Science, ICT and Future Planning. In such cases, this period of cessation shall not exceed six months. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) When a licensed certification authority desires to close its certification work, it shall notify its subscribers thereof not later than 60 days before the scheduled date of closure, and also report it to the Minister of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) The licensed certification authority that has reported under paragraph (2) shall transfer to another licensed certification authority its subscriber’s authorized certificates as well as the records of the authorized certificates the validity of which was suspended and which was revoked (hereinafter referred to as the “subscriber’s certificates, etc.”): Provided, That if the subscriber’s certificates, etc. may not be transferred to another licensed certification authority due to unavoidable circumstances, the licensed certification authority shall, without delay, report such fact to the Minister of Science, ICT and Future Planning. (Amended by Act nº 6585, Dec. 31, 2001; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) Upon receipt of the report under the proviso to paragraph (3), the Minister of Science, ICT and Future Planning may order the Korea Internet Security Agency under Article 52 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (hereinafter referred to as the “Internet Security Agency“) to take over the subscriber’s certificates, etc. from the licensed certification authority concerned. (Amended by Act nº 6360, Jan. 16, 2001; Act nº 6585, Dec. 31, 2001; Actnº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(5) Such matters as may be necessary for the report of the cessation or closure of certification work as well as the transfer and takeover of the subscriber’s certificates, etc. as referred to in paragraphs (1) through (4) shall be prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

Article 11 (Corrective Order)       

The Minister of Science, ICT and Future Planning may order a licensed certification authority to take corrective measures within a fixed period of time if it falls under any of the following subparagraphs: (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Deleted; (by Act nº 7813, Dec. 30, 2005)

2. Where a licensed certification authority fails to satisfy the requirements it should meet under Article 4 (3) after it was designated as a licensed certification authority;

3. Where an executive officer of a licensed certification authority falls under any of the items of subparagraph 1 of Article 5;

4. Where a licensed certification authority fails to make a report or a report on alterations under Article 6 or where it fails to observe its rules of certification work that have been reported thereunder;

5. Where a licensed certification authority refuses to provide certification services, or unjustly discriminates against subscribers or certification service users, in violation of Article 7;

5-2. Where a licensed certification authority fails to observe specific matters set forth in the digital signature certification work guidelines, in violation of Article 8;

6. Where no report is made on the acquisition of a certification work by transfer, or on a merger between the licensed certification authorities, in violation of Article 9 (1);

7. Where a licensed certification authority fails to give notice of, or to make report on, the cessation or closure of its certification work, or where it fails to transfer its subscriber’s certificates, etc. to another certification authority at the time of the closure of its certification work, in violation of Article 10;

8. Where a licensed certification authority, the designation of which is revoked, fails to transfer its subscriber’s certificates, etc. to another certification authority, or fails to make a report it is required to do in cases of no transfer, in violation of Article 12 (2);

9. Where documents and materials as referred to in Article 14 (1) are not submitted;

9-2. Where a licensed certification authority fails to confirm the identity under the latter part of Article 15 (1);

10. Where a licensed certification authority fails to suspend or restore the validity of an authorized certificate, or where it fails to take such measures as may be necessary to confirm such fact, in violation of Article 17;

11. Where a licensed certification authority fails to revoke an authorized certificate, or where it fails to take such measures as may be necessary to confirm such fact, in violation of Article 18;

11-2. Where a licensed certification authority fails to take protective measures to ensure safety of facilities related to certification work in violation of Article 18-3;

12. Where a licensed certification authority fails to report on a failure that occurred in the information processing systems providing a certification work under the provisions of Article 22-3 (1);

13. Where a licensed certification authority fails to buy the insurance under the provisions of Article 26 (2).

Article 12 (Suspension of Certification Work or Revocation of Designation, etc.)  

(1) Where a licensed certification authority falls under any of the following subparagraphs, the Minister of Science, ICT and Future Planning may suspend all or part of its certification work for a fixed period not exceeding 6 months, or revoke its designation as a licensed certification authority: Provided, That in such cases as set forth in subparagraphs 1 and 2, its designation shall be revoked: (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Where a designation provided in Article 4 was made by fraud or other improper means;

2. Where a licensed certification authority which has been ordered to suspend its certification work fails to suspend the certification work in violation of such order;

3. Where certification work is not commenced within 6 months after designation provided in Article 4 or where certification work has been discontinued for 6 consecutive months or longer;

4. Where an order to alter the rules of certification work as provided in Article 6 (4) is violated;

5. Where a corrective order as provided in Article 11 is not implemented without good cause.

(2) A licensed certification authority the designation of which is revoked pursuant to paragraph (1) shall transfer its subscriber’s certificates, etc. to another licensed certification authority: Provided, That if the subscriber’s certificates, etc. may not be transferred due to any unavoidable cause, the licensed certification authority shall, without delay, report such fact to the Minister of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) The provisions of Article 10 (4) shall apply mutatis mutandis to a licensed certification authority the designation of which is revoked.

(4) Necessary matters pertaining to standards and procedures for dispositions referred to in paragraph (1) as well as transfer and takeover, etc. under paragraphs (2) and (3) shall be prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

Article 13 (Imposition of Penalty Surcharge)        

(1) Where a suspension of certification work as a sanction against an offence falling under any of subparagraphs of Article 12 (1) may cause subscribers, etc. serious inconvenience or may be harmful to other public interests, the Minister of Science, ICT and Future Planning may impose a penalty surcharge not exceeding 20 million won, in lieu of that suspension of certification work. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) The amount of a penalty surcharge according to the types and nature of the offences subject to penalty surcharge under paragraph (1) and other necessary matters shall be determined by Presidential Decree. (Amended by Act nº 7813, Dec. 30, 2005)

(3) When a person who is obligated to pay a penalty surcharge under paragraph (1) fails to do so by due date, the Minister of Science, ICT and Future Planning shall collect it by referring to the practices of dispositions on default of national taxes. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

Article 14 (Inspection, etc.)          

(1) In order to confirm the following matters intended to ensure the safety and reliability of certification work, to protect subscribers, etc., the Minister of Science, ICT and Future Planning may order a licensed certification authority to submit the relevant documents and materials, and cause the relevant public official to enter its office, work site, or any other necessary premises to inspect facilities, equipment, books, records and other items concerning certification work: (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Whether or not the procedures and methods for an identity confirmation by a licensed certification authority under the provisions of Article 15 are appropriate;

2. Whether or not the safety and reliability of confirmation work provided in the provisions of Articles 18-3, 19 through 22, 22-2, 23 and 24 are ensured.

(2) Where the Minister of Science, ICT and Future Planning has the relevant public official inspect under the provisions of paragraph (1), he or she shall notify the relevant licensed certification authority of the inspection plans such as the inspection date, details and reasons for inspection, not later than 7 days before the beginning of inspection. (Inserted by Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) The public official who enters the premises to conduct an inspection pursuant to paragraph (1) shall show a certificate verifying his or her authority to interested persons, and deliver to the interested persons at the time of entry the document containing his or her name, time of entry and purpose of entry, etc. (Amended by Act nº 7813, Dec. 30, 2005)

CHAPTER III.-  AUTHORIZED CERTIFICATE

Article 15 (Issuance of Authorized Certificate)    

(1) A licensed certification authority shall issue an authorized certificate to the person who applies for the issuance of an authorized certificate. In such cases, the licensed certification authority shall verify the identity of the applicant. (Amended by Act nº 6585, Dec. 31, 2001)

(2) An authorized certificate issued by a licensed certification authority shall contain such particulars as set forth in the following subparagraphs: (Amended by Act nº 6585, Dec. 31, 2001)

1. Subscriber’s name (in cases of a corporation, its name or trade name);

2. Subscriber’s digital signature verifying key;

3. Description of algorithm used by the subscriber and the licensed certification authority to sign the authorized certificate;

4. Serial number of the authorized certificate;

5. Effective period of the authorized certificate;

6. Name of the licensed certification authority and other information that can be used to verify the identity of the licensed certification authority;

7. If there is any limit imposed on the scope or purposes of the use of the authorized certificate, matters pertaining thereto;

8. If the subscriber has the proxy, etc. to act for another or if he or she asks his or her professional title, etc. to be entered, matters pertaining thereto;

9. A mark verifying the authorized certificate.

(3) Deleted. (by Act nº 6585, Dec. 31, 2001)

(4) If a person applies for the issuance of an authorized certificate, a licensed certification authority may issue an authorized certificate having limits on the scope or purposes of its use. (Amended by Act nº 6585, Dec. 31, 2001)

(5) A licensed certification authority shall give an appropriate period of validity to an authorized certificate, taking into account the scope or purposes of its use as well as the safety and reliability of the computing techniques used for its issuance. (Amended by Act nº 6585, Dec. 31, 2001)

(6) Necessary matters concerning the procedures and methods of verifying the identity of an applicant for the issuance of an authorized certificate shall be prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Inserted by Act nº 6585, Dec. 31, 2001; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

Article 16 (Termination, etc. of Validity of Authorized Certificate)             

(1) Where any of the following circumstances arises, with respect to an authorized certificate issued by a licensed certification authority, the validity of that authorized certificate shall terminate at the time of the occurrence of such circumstances: (Amended by Act nº 6360, Jan. 16, 2001; Act nº 6585, Dec. 31, 2001)

1. Where the period of validity of an authorized certificate expires;

2. Where the designation of a licensed certification authority is revoked pursuant to Article 12 (1);

3. Where the validity of an authorized certificate is suspended pursuant to Article 17;

4. Where an authorized certificate is revoked pursuant to Article 18;

5. Deleted. (by Act nº 6585, Dec. 31, 2001)

(2) Where the digital signature creating key of a licensed certification authority, whose certification work was discontinued or closed under the provisions of Article 10 or suspended under the provisions of Article 12, has been lost, damaged, or stolen and outflowed, etc., the Minister of Science, ICT and Future Planning may, for ensuring the safety and reliability of certification work, suspend the validity of all authorized certificates issued by the relevant licensed certification authority. (Amended by Act nº 7813, Dec. 30, 2005; Act nº. 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(3) When the Minister of Science, ICT and Future Planning has suspended the validity of authorized certificates pursuant to paragraph (2), he or she shall instruct the Internet Security Agency to take, without delay, such measures as may be necessary for this information to be at all times accessible to the public. The same shall also apply where the validity of authorized certificates terminates pursuant to paragraph (1) 2. (Amended by Act nº 6585, Dec. 31, 2001; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

Article 17 (Suspension, etc. of Validity of Authorized Certificate)               

(1) If there is a request on the part of a subscriber or his or her agent, a licensed certification authority shall suspend the validity of an authorized certificate or restore it by terminating the suspension. In such cases, the request for the restoration of its validity shall be made within 6 months from the date on which the validity of the authorized certificate was suspended. (Amended by Act nº 6585, Dec. 31, 2001)

(2) In cases where a licensed certification authority has suspended or restored the validity of an authorized certificate under paragraph (1), it shall, without delay, adopt such measures as may be necessary for this information to be at all times accessible to the public. (Amended by Act nº 6585, Dec. 31, 2001)

Article 18 (Revocation of Authorized Certificate)               

(1) In any of the following circumstances with respect to an authorized certificate, the licensed certification authority shall revoke this certificate: (Amended by Act nº 6585, Dec. 31, 2001)

1. Where a subscriber or his or her agent requests the revocation of an authorized certificate;

2. Where the licensed certification authority becomes aware that a subscriber has been issued an authorized certificate by fraud or other improper means;

3. Where the licensed certification authority becomes aware that a subscriber has been declared dead or missing by a court, or that a subscriber as a corporation has been dissolved;

4. Where the licensed certification authority becomes aware that a subscriber’s digital signature creating key has been lost, damaged, stolen or disclosed to a third party.

(2) Where a licensed certification authority has revoked an authorized certificate pursuant to paragraph (1), it shall, without delay, take such measures as may be necessary to confirm such fact. (Amended by Act nº 6585, Dec. 31, 2001)

Article 18-2 (Personal Identification by Authorized Certificate)   

A person may identify himself or herself by means of an authorized certificate issued by a licensed certification authority under this Act unless the act of identifying a person himself or herself by such means is restricted or precluded by any other Act.

(Article Inserted by Act nº 6585, Dec. 31, 2001)

CHAPTER IV.- ENSURING SAFETY AND RELIABILITY OF CERTIFICATION WORK

Article 18-3 (Ensuring Safety of Licensed Certification Authority)               

A licensed certification authority shall take protective measures prescribed by Ordinance of the Ministry of Science, ICT and Future Planning to ensure safety of facilities related to certification work. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 19 (Operation of Certification Work System)         

(1) A licensed certification authority shall securely operate its facilities and equipment for performing certification work, including a certification work system that serves to enable the public to ascertain at all times whether the authorized certificates it issues remain valid.

(2) A licensed certification authority shall be subject to a regular inspection by the Internet Security Agency to ascertain whether its facilities and equipment as provided in paragraph (1) are securely operated. (Amended by Act nº 11690, Mar. 23, 2013)

(3) Where a licensed certification authority replaces the facilities and equipment as provided in paragraph (1) after it was designated as such, it shall, without delay, report it to the Minister of Science, ICT and Future Planning. In such cases, the Minister of Science, ICT and Future Planning may direct the Internet Security Agency to inspect the new facilities and equipment in question for any problems in their safety. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 20 (Time-Stamp of Electronic Messages)  

A licensed certification authority may stamp by an authorized digital signature the time at which an electronic message is presented for its certification, if there is any request therefor on the part of a subscriber or an authorized certificate user (hereinafter referred to as the “user“). (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005)

Article 21 (Control of Digital Signature Creating Key)       

(1) A subscriber shall hold and keep control of his or her digital signature creating key in a secure and confidential manner, and, when he or she becomes aware that it has been lost, hacked, stolen, or disclosed to a third person or that it is in danger of being likely to be hacked, he or she shall notify the licensed certification authority thereof. In such cases, the subscriber shall, without delay, inform the users of the contents of the said notification he or she has sent to the licensed certification authority.

(2) A licensed certification authority shall provide its subscribers with the computational device by which they can inform or notify such facts as referred to in paragraph (1).

(3) A licensed certification authority shall not hold a subscriber’s digital signature creating key unless the subscriber so requests; notwithstanding, if by the request of a subscriber it holds his or her digital signature creating key, it shall not use or disclose the said key without the consent of the subscriber.

(4) A licensed certification authority shall hold and keep control of the digital signature creating key that it is using, in a secure and confidential manner. When it becomes aware that such a digital signature creating key has been lost, hacked, stolen or disclosed outside or that the digital signature creating key is in danger of being likely to be hacked, it shall, without delay, notify the Internet Security Agency thereof and take such measures as to secure the safety and reliability of certification work. (Amended by Act nº 11690, Mar. 23, 2013)

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 22 (Keeping Records of Certification Work)            

(1) A licensed certification authority shall keep and control records of the issuance of authorized certificates for its subscribers and the performance of its certification work in a secure manner. (Amended by Act nº 6585, Dec. 31, 2001)

(2) A licensed certification authority shall retain its subscriber’s certificates, etc. for a period of 10 years after the termination of the validity of the certificates concerned. (Amended by Act nº 6585, Dec. 31, 2001)

Article 22-2 (Control, etc. of Authorized Certificates)       

(1) A licensed certification authority and its subscriber shall exercise due care to maintain the accuracy and integrity of the contents of the authorized certificate concerned or the information associated with the authorized certificate while it remains valid.

(2) A licensed certification authority shall provide users with an easy way to ascertain the matters set forth in the following subparagraphs by using the authorized certificate:

1. Name of the licensed certification authority and other information that can help verify the identity of the licensed certification authority;

2. The fact that the subscriber is controlling and managing the digital signature creating key at the time of the issuance of the authorized certificate concerned;

3. The fact that the digital signature creating key remained valid prior to the issuance of the authorized certificate.

(3) A licensed certification authority shall provide the users with an easy way to ascertain the matters set forth in the following subparagraphs:

1. Methods by which the identity of the signer can be verified;

2. Limits on the purpose of use of, or the amount permissible for, the digital signature creating key or the authorized certificate;

3. The scope or limits of liability incurred by the licensed certification authority.

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 22-3 (Report on Occurrence of Obstacles to Certification Work)   

(1) Where any obstacles have occurred to the information processing systems that provide the certification work, a licensed certification authority shall report such facts without delay to the Minister of Science, ICT and Future Planning or the president of the Internet Security Agency, and shall prepare the countermeasures capable of rapidly overcoming the obstacles. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) When the Minister of Science, ICT and Future Planning or the president of the Internet Security Agency has received a report on obstacles to the certification work under the provisions of paragraph (1), he or she shall take the measures of the following subparagraphs: (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Collection and dissemination of the information on obstacles;

2. Technological support and cooperation concerning overcoming the obstacles.

(Article Inserted by Act nº 7813, Dec. 30, 2005)

Article 23 (Security of Digital Signature Creating Key, etc.)            

(1) No person shall use by stealth or disclose another person’s digital signature creating key. (Amended by Act nº 6585, Dec. 31, 2001)

(2) No person shall have an authorized certificate issued in the name of another person, or aid such issuance. (Amended by Act nº 6585, Dec. 31, 2001)

(3) No person shall use a similar mark that leads or may lead others to confuse an unauthorized certificate, etc. with an authorized certificate or shall falsely indicate the use of an authorized certificate. (Inserted by Act nº 6585, Dec. 31, 2001)

(4) No person shall unlawfully use an authorized certificate by ridding oneself of the utilization scope or usage. (Inserted by Act nº 7813, Dec. 30, 2005)

(5) No person shall transfer or rent an authorized certificate to other persons for the purpose of being exercised, or receive any transfer or rent of other persons’ authorized certificate for the purpose of exercising. (Inserted by Act nº 7813, Dec. 30, 2005)

Article 24 (Protection of Information on Individual)          

(1) A licensed certification authority shall protect information on individual regarding its performance of certification work.

(2) Deleted. (by Act nº 10465, Mar. 29, 2011)

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 25 (Digital Signature Certification Control Service)              

(1) In order to create an environment in which the public may safely and reliably use digital signatures and to exercise efficient control over licensed certification authorities, the Internet Security Agency shall perform the functions set forth in the following subparagraphs: (Amended by Act nº 11690, Mar. 23, 2013)

1. In cases of designating a licensed certification authority under Article 4, assistance with the examination of such facilities and equipment as the applicant for the designation shall prepare to meet requirements for the said designation;

2. Assistance with the inspection of a licensed certification authority as provided in Article 14 (1);

3. Examination of and technical assistance for protective measures as provided in Article 18-3;

4. Regular inspection as provided in Article 19 (2) as to whether facilities and equipment are securely operated;

5. Certification work, such as the issuance, control, etc. of authorized certificates for the licensed certification authorities;

6. Development of technology relating to digital signature certification, dissemination thereof, and research on standardization thereof;

7. Assistance with the promotion of international cooperation, including research on systems relating to digital signature certification and the reciprocal recognition thereof;

8. Other necessary matters concerning digital signature certification control service.

(2) Articles 6, 7, 15 through 18, 18-2, 18-3, 19 (1), and 22 shall apply mutatis mutandis to the digital signature certification control service of the Internet Security Agency. In such cases, the “licensed certification authority” shall be deemed the “Internet Security Agency” and the “subscriber” the “licensed certification authority”. (Amended by Act nº 7813, Dec. 30, 2005; Act nº 11690, Mar. 23, 2013)

(3) The Internet Security Agency may levy charges, etc. for its performance of digital signature certification control service as referred to in paragraph (1), such as examination, technical assistance, inspection, issuance of authorized certificates. (Amended by Act nº 11690, Mar. 23, 2013)

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 25-2 (Obligation of Users)              

The users shall take the following measures in order to verify whether or not a certified digital signature is true by referring to the particulars, etc. of the authorized certificate as set forth in Article 15 (2) 1 through 6:

1. A measure to ascertain whether the authorized certificate remains valid;

2. A measure to ascertain whether the authorized certificate has been suspended or revoked;

3. A measure to ascertain such matters as set forth in Article 15 (2) 7 and 8.

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 25-3 (Prohibition from Demand for Specific Authorized Certificate)            

In verifying a digital signature by means of an authorized certificate, no person shall demand an authorized certificate issued only by a specific licensed certification authority without any justifiable reason therefor.

(ArticleInserted by Act nº 6585, Dec. 31, 2001)

Article 26 (Compensation Responsibility)              

(1) Where a licensed certification authority has caused damages to the subscribers or the users who have trusted its authorized certificates in connection with the performance of the certification work, it shall compensate such damages: Provided, That if the licensed certification authority proves that it has no fault, such compensation responsibility shall be exempted.

(2) A licensed certification authority shall subscribe for an insurance for compensating the damages under the provisions of paragraph (1).

(Article Amended by Act nº 7813, Dec. 30, 2005)

CHAPTER V.- ADOPTION, ETC. OF DIGITAL SIGNATURE CERTIFICATION POLICY

Article 26-2 (Formulation, etc. of Policies for Development of Digital Signature Certification System)       

The Government shall formulate and carry out policies on matters set forth in the following subparagraphs in order to promote the development of digital signature and certification work, including ensuring the safety and reliability of digital signatures, promoting the widespread use thereof, etc.:

1. Matters concerning a basic policy for ensuring the safety and reliability of digital signature and promoting the widespread use thereof;

2. Matters concerning smooth cooperation among certification authorities in achieving the mutual recognition and common use of different certificates of digital signature and matters concerning technical standardization for such certificates;

3. Matters concerning development of digital signature-related technique;

4. Matters concerning education and publicity designed for the promotion of widespread use of digital signature;

5. Matters concerning improvement in systems and readjustment of the relevant Acts and subordinate statutes to promote widespread use of digital signatures;

6. Matters concerning the provision of assistance and relevant information to organizations related to digital signatures;

7. Matters concerning the protection of rights and interests of subscribers and users that are related to certification work;

8. Matters concerning the reciprocal recognition of foreign digital signature and certificates as well as the promotion of international cooperation;

9. Matters concerning the promotion of digital signature-related industry and the training of manpower available for this industry;

10. Matters concerning protective measures to ensure the safety of a licensed certification authority;

11. Matters concerning the adoption of pilot projects designed for the promotion of widespread use of digital signatures as well as matters concerning the survey of statistics and actual conditions in relation to the use of digital signature;

12. Matters concerning the use of encryption designed to ensure the safety and reliability of electronic messages;

13. Such other matters as may be necessary for ensuring the safety and reliability of digital signatures and for promoting the widespread use of digital signatures.

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 26-3 (Cooperation among Certification Authorities in Achieving Mutual Recognition and Common Use of Different Certificates of Digital Signature)             

(1) The Minister of Science, ICT and Future Planning shall carry out the following matters in order to promote smooth cooperation among certification authorities in achieving the mutual recognition and common use of different certificates of digital signature: (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Survey, research, and development on domestic and foreign standards for the mutual recognition and common use of different certificates of digital signature;

2. Establishment of standards related to the mutual recognition and common use of different certificates of digital signature and promotion of widespread use thereof;

3. Adjustment of digital signatures and certification policy for the mutual recognition and common use of different certificates of digital signature;

4. Other matters concerning the mutual recognition and common use of different certificates of digital signature.

(2) The Minister of Science, ICT and Future Planning may, where necessary to carry out matters set forth in the subparagraphs of paragraph (1), cause the relevant agency or organization to act for him or her. In such cases, he or she may subsidize the expenses incurred therein as prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 26-4 (Development of Digital Signature-Related Techniques and Manpower Training)       

The Minister of Science, ICT and Future Planning shall carry out the following matters for the purposes of technical development and specialized manpower training that are necessary to promote the widespread use of digital signatures: (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1. Matters concerning research on digital signature-related technical level, technical study and development, and application thereof;

2. Matters concerning cooperation in and transfer of digital signature-related techniques;

3. Matters concerning the provision of information on digital signature-related techniques and the promotion of cooperation with agencies and organizations related thereto;

4. Matters concerning research on the supply of and demand for manpower specializing in digital signatures and assistance for specialized manpower training;

5. Such other matters as may be necessary for the development of digital signature-related techniques and manpower training.

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 26-5 (Implementation of Digital Signature-Related Pilot Projects)               

(1) The Minister of Science, ICT and Future Planning may carry out pilot projects to promote the wide use of digital signatures as prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(2) The Government may provide administrative, financial, and technical assistance in carrying out pilot projects as provided in paragraph (1).

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 26-6 (Assistance to Promote Use of Digital Signatures)     

(1) The State or the local governments may provide financial assistance in promoting the wide use of digital signatures.

(2) In order to secure the safety and reliability of electronic commerce, the Government may formulate and carry out policies to reduce, or to give exemption from, fees, etc. payable for electronic commerce if authorized digital signatures are used in electronic transactions.

(3) Where a corporation or organization related to digital signatures carries out a project to encourage the use of digital signatures, the Government may subsidize wholly or partially the expenses required for the execution of the project concerned within the limits of budget.

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 26-7 Deleted. (by Act nº 10008, Feb. 4, 2010)         

CHAPTER VI.- SUPPLEMENTARY PROVISIONS

Article 27 (Protection of Subscribers and Users)  

(1) The Government shall adopt such necessary measures as to deal with the complaints filled or damages suffered by subscribers and users in a prompt and fair manner.

(2) Detailed matters filled concerning measures as provided in paragraph (1) shall be prescribed by Ordinance of the Ministry of Science, ICT and Future Planning. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(Article Inserted by Act nº 6585, Dec. 31, 2001)

Article 27-2 (Reciprocal Recognition)       

(1) The Government may enter into an agreement with a foreign government on the reciprocal recognition of digital signatures.

(2) In cases of the conclusion of an agreement under paragraph (1), it may form the basic contents of the agreement to grant a foreign certification authority or a certificate issued thereby the same legal status or effect as the licensed certification authority or the authorized certificate as provided in this Act. (Amended by Act nº 6585, Dec. 31, 2001)

(3) When an agreement on the reciprocal recognition of digital signatures has been concluded with a foreign government under paragraph (1), the Minister of Science, ICT and Future Planning shall give publicity to the contents of the agreement. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

(4) If an agreement has been concluded with a foreign government under paragraph (1), a foreign digital signature or certificate shall be deemed to have the same legal effect as an authorized digital signature or an authorized certificate. (Inserted by Act nº 6585, Dec. 31, 2001)

Article 28 (Imposition of Fees)   

A licensed certification authority may impose necessary fees, such as service charges, on those who apply for the issuance of an authorized certificate or receive certification services. (Amended by Act nº 6585, Dec. 31, 2001)

Article 29 (Hearings)       

The Minister of Science, ICT and Future Planning shall hold a hearing if he or she intends to revoke a designation in accordance with Article 12 (1). (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

Article 30 (Delegation of Authority)         

Part of the authority held by the Minister of Science, ICT and Future Planning under this Act may be delegated to the head of a subordinate agency or entrusted to the President of the Korea Post, as prescribed by Presidential Decree. (Amended by Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

CHAPTER VII.- PENALTY PROVISIONS

Article 31 (Penalty Provisions)    

Any of the following persons shall be punished by imprisonment with labor for not more than three years or by a fine not exceeding 30 million won: (Amended by Act nº 6585, Dec. 31, 2001)

1. A person who holds a subscriber’s digital signature creating key without receiving any request from the latter or who uses or discloses a subscriber’s digital signature creating key without the consent of the latter, who has asked the former to hold the said key, in violation of Article 21 (3);

2. A person who steals or discloses another person’s digital signature creating key in violation of Article 23 (1);

3. A person who has an authorized certificate issued in the name of another person or supports such issuance, in violation of Article 23 (2).

Article 32 (Penalty Provisions)    

Any of the following persons shall be punished by imprisonment with labor for not more than one year or by a fine not exceeding 10 million won: (Amended by Act nº 7813, Dec. 30, 2005)

1. A person who fails to retain the subscriber’s certificates, etc. in violation of Article 22 (2);

2. Deleted; (by Act nº 7813, Dec. 30, 2005)

3. A person who uses an authorized certificate beyond the scope of its intended use or for a purpose other than its original purpose, in violation of Article 23 (4);

4. A person who transfers or rents an authorized certificate to other persons for the purpose of making them exercise authority related thereto, or who receives a transfer or rent of the other persons’ said certificate for the purpose of exercising authority related thereto, in violation of Article 23 (5).

(Article Amended by Act nº 6585, Dec. 31, 2001)

Article 33 (Joint Penalty Provisions)         

If the representative of a juristic person, or an agent or employee of, or any other person employed, by a juristic person or an individual commits a violation under Article 31 or 32 with respect to the business affairs of the juristic person or individual, not only shall such offender be punished, but also the juristic person or individual shall be punished by a fine under the relevant Article: Provided, That this shall not apply where such juristic person or individual has not been negligent in giving due attention and supervision concerning the relevant business affairs to prevent such violation.

(Article Amended by Act nº 9208, Dec. 26, 2008)

Article 34 (Administrative Fines)               

(1) Any of the following persons shall be subject to an administrative fine not exceeding five million won: (Amended by Act nº 6585, Dec. 31, 2001; Act nº 7813, Dec. 30, 2005; Act nº 8852, Feb. 29, 2008; Act nº 11690, Mar. 23, 2013)

1.  A person who fails to report, or report the modification of, the rules of certification work in violation of Article 6 (1) or (3) (including cases of application mutatis mutandis as referred to in Article 25 (2)) or who fails to implement an order to modify the rules of certification work as provided in paragraph (4) of the same Article (including cases of application mutatis mutandis as referred to in Article 25 (2));

2. A person who refuses to provide certification services without good cause, or unjustly discriminates against subscribers or users, in violation of Article 7 (including cases of application mutatis mutandis as referred to in Article 25 (2));

3. A person who fails to file a report under Article 9 (1);

4. A person who fails to notify his or her subscribers of, or to report thereon to the Minister of Science, ICT and Future Planning, the cessation of certification work as provided in Article 10 (1) or the closure thereof as provided in paragraph (2) of the same Article;

5. A person who fails to transfer the subscriber’s certificates, etc. to another licensed certification authority, or to report the impossibility of such a transfer, without good cause, in violation of Article 10 (3) or 12 (2);

6. A person who fails to submit the relevant documents and materials as referred to in Article 14 (1) or submits false records, or who refuses, obstructs, or evades an entrance and inspection by the relevant public officials;

7. A person who fails to give a notification as provided in Article 21 (4);

7-2. A person who fails to report on a failure that occurred in the information processing systems providing the certification work under the provisions of Article 22-3 (1);

8. A person who uses a similar mark that leads or may lead others to mistake an unauthorized certificate, etc. for an authorized certificate, or who falsely indicates the use of an authorized certificate, in violation of Article 23 (3);

9. A person who demands only the authorized certificate of a specific licensed certification authority in violation of Article 25-3;

10. A person who fails to buy an insurance in violation of Article 26 (2).

(2) The administrative fine as referred to in paragraph (1) shall be imposed and collected by the Minister of Science, ICT and Future Planning as prescribed by Presidential Decree. (Amended by Act nº 8852, Feb. 29, 2008; Actnº 11690, Mar. 23, 2013)

(3) through (5) Deleted. (by Act nº 14577, Mar. 14, 2017)

ADDENDUM

This Act shall enter into force on July 1, 1999.

ADDENDA (Act nº 6360, Jan. 16, 2001)

Article 1 (Enforcement Date)

This Act shall enter into force on July 1, 2001.

Articles 2 through 6 Omitted.

ADDENDA (Act nº 6585, Dec. 31, 2001)

Article 1 (Enforcement Date)

This Act shall enter into force on April 1, 2002.

Article 2 (Transitional Measures concerning Liability)

The previous provisions shall apply to liability for any damage incurred by a licensed certification authority in the process of performing its certification work before this Act enters into force.

Article 3 (Transitional Measures concerning Application of Penalty Provisions)

The previous provisions shall prevail in the application of penalty provisions to an offence committed before this Act enters into force.

Article 4 Omitted.

ADDENDA (Act nº 7428, Mar. 31, 2005)

Article 1 (Enforcement Date)

This Act shall enter into force one year after the date of its promulgation.

Articles 2 through 6 Omitted.

ADDENDA (Act nº 7813, Dec. 30, 2005)

(1) (Enforcement Date) This Act shall enter into force six months after the date of its promulgation: Provided, That the amended provisions of Article 4 (4) of the Act shall enter into force on the date of its promulgation.

(2) (Transitional Measures concerning Application of Penalty Provisions) The previous provisions shall govern any application of penalty provisions for the acts committed before this Act enters into force.

ADDENDA (Act nº 8852, Feb. 29, 2008)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation. (Proviso Omitted.)

Articles 2 through 7 Omitted.

ADDENDUM (Act nº 9208, Dec. 26, 2008)

This Act shall enter into force on the date of its promulgation.

ADDENDUM (Act nº 10008, Feb. 4, 2010)

This Act shall enter into force on the date of its promulgation.

ADDENDA (Act nº 10465, Mar. 29, 2011)

Article 1 (Enforcement Date)

This Act shall enter into force six months after the date of its promulgation. (Proviso Omitted.)

Articles 2 through 7 Omitted.

ADDENDA (Act nº 11690, Mar. 23, 2013)

Article 1 (Enforcement Date)

(1) This Act shall enter into force on the date of its promulgation.

(2) Omitted.

Articles 2 through 7 Omitted.

ADDENDA (Act nº 12762, Oct. 15, 2014)

Article 1 (Enforcement Date)

This Act shall enter into force on the date of its promulgation.

Articles 2 (Transitional Measures concerning Ground for Disqualification of Incompetent Persons, etc.)

Notwithstanding the amended provisions of subparagraph 1 (a) of Article 5, the previous provisions shall apply to persons who have already been adjudged incompetent or quasi-incompetent and for whom the effect of adjudication of incompetence or quasi-incompetence is maintained under Article 2 of the Addenda to the Civil Act (Act nº 10429) at the time the same amended provisions enter into force.

ADDENDUM (Act nº 14577, Mar. 14, 2017)

This Act shall enter into force on the date of its promulgation.

31Oct/21

Act on Promotion of Information and Communications Network Utilization and Data Protection of 2001, established by Act nº 6360, Jan. 16, 2001

Act on Promotion of Information and Communications Network Utilization and Data Protection of 2001, established by Act nº 6360, Jan. 16, 2001, amended by Act nº 10138, Mar. 17, 2010, amended by Act nº 10560, Apr. 5, 2011, amended by Act nº 11322, Feb. 17, 2012, amended by Act nº 12681, May 28, 2014, amended by Act nº 13014, Jan. 20, 2015, amended by Act nº 13280, Mar. 27, 2015, amended by Act nº 13344, June 22, 2015, amended by Act nº 13520, Dec. 1, 2015.

ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND DATA PROTECTION, ETC.

Established by Act nº 6360, Jan. 16, 2001

Amended by Act nº 10138, Mar. 17, 2010

Amended by Act nº 10560, Apr. 5, 2011

Amended by Act nº 11322, Feb. 17, 2012

Amended by Act nº 12681, May 28, 2014

Amended by Act nº 13014, Jan. 20, 2015

Amended by Act nº 13280, Mar. 27, 2015

Amended by Act nº 13344, June 22, 2015

Amended by Act nº 13520, Dec. 1, 2015

CHAPTER I.- GENERAL PROVISIONS

Article 1 (Purpose)

The purpose of this Act is to promote the utilization of information and communications networks, to protect the personal information of users utilizing information and communications services, and to build a safe and sound environment for the information and communications networks in order to improve the citizen’s lives and enhance the public welfare.

Article 2 (Definitions)

(1) The terms used in this Act shall be defined as follows:

1. “Information and communications networks” mean the information and communications system under which telecommunications facilities and equipment as prescribed in subparagraph 2 of Article 2 of the Telecommunications Business Act are utilized, or the telecommunications facilities and equipment, computers and the technology of using computers are utilized together to collect, process, store, search, transmit and receive information;

2. “Information and communications services” mean the telecommunications services as prescribed in subparagraph 6 of Article 2 of the Telecommunications Business Act, and the provision of information or the intermediation of information services utilizing the telecommunications services;

3. “Information and communications service provider” means the operator of telecommunications as prescribed in subparagraph 8 of Article 2 of the Telecommunications Business Act and other person who provides information or intermediate information services for profit utilizing the services rendered by the telecommunications service providers;

4. “Users” mean the persons who utilize the information and communications services rendered by the information and communications service provider;

5. “Electronic message” means the standardized data in the form of document in which information is electronically compiled, sent or received, or stored by equipment, including computers, etc., that are capable of doing information processing;

6. “Personal information” means the information pertaining to any living person, which contains the code, letter, voice, sound and image, etc. that make it possible to identify such individual by his/her name and resident registration number, etc. (including the information that does not, on its own, permit direct identification of a specific individual, but that does identify specific individual when it is easily combined with other information.);

7. “Incidents” mean accidents caused by such attack on the information and communications networks or related information systems as hacking, computer viruses, logical bomb, mail bomb, denial of service, high-powered electromagnetic wave, etc.;

8. Deleted (Jun. 22, 2015);

9. “Bulletin boards” mean the computer programs or technological devices, regardless of their names, to which the users may post the code, letter, voice, sound, image, video clips and other information for the purpose of making public by using the information and communications networks;

10. “Communications billing services” mean the information and communications services carrying out the business as defined in the following items:

a. The business which claims and collects the prices of goods or services sold or provided by others together with the charges for the telecommunications services provided by itself; or

b. The business which transmits or receives the transaction data electronically, or conducts the settlement of charges as a proxy or intermediary so that the prices of the goods or services sold or provided by others may be claimed and collected together with the telecommunications service charges stated in Item a.

11. “Communications billing service provider” means the operator who provides the communications billing services subject to the registration pursuant to Article 53;

12. “Communications billing service users” mean the persons who purchase and use the goods or services by means of the communications billing services provided by the communications billing service provider; and

13. “Electronic transmission media” mean the media by which code, letter, voice, sound, image, video clips and other information are transmitted to the receiver in such an electronic form as electronic messages, etc. via the information and communications networks. (Amended May 28, 2014)

(2) The definitions stated herein, except otherwise provided for in paragraph (1), shall be subject to the National Informatization Framework Act.

Article 3 (Duties of Information and Communications Service Provider and Users)

(1) Any information and communications service provider shall protect the personal information of users, and contribute to the protection of the rights and interests of such users and to the enhancement of its information utilization capability by rendering the information and communications services in a safe and sound manner.

(2) Every user shall endeavor to help a sound information society take hold.

(3) The government may assist the organizations of information and communications service providers and the organizations of users in carrying out their activities designed to protect the personal information and the youth in the information and communications networks.

Article 4 (Policy for Promotion of Information and Communications Network Utilization and Data Protection, etc.)

(1) The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall formulate a policy to lay the foundation for building an information society through the promotion of utilization and the secure management and operation of information and communications networks, and the protection of personal information of users (hereinafter referred to as the “promotion of the utilization of information and communications networks and data protection, etc.”).

(2) The policy referred to in paragraph (1) shall contain the matters stated in the following subparagraphs:

1. Development and distribution of technologies related to the information and communications networks;

2. Standardization of the information and communications networks;

3. Activation of utilization of the information and communications networks such as the development of information contents and applied services of the information and communications networks subject to Article 11;

4. Facilitation of joint utilization of information via information and communications networks;

5. Activation of utilization of the Internet;

6. Protection of personal information collected, processed, stored and utilized via information and communications networks, and development and distribution of related technologies;

7. Protection of the youth in the information and communications networks;

8. Enhancement of safety and reliability of the information and communications networks; and

9. Other matters necessary to promote the utilization of the information and communications networks and data protection, etc.                                                         (3) In formulating the policy referred to in paragraph (1), the Minister of Science, ICT and Future Planning or the Korea Communications Commission shall endeavor to coordinate such policy with the basic plan for promoting informatization as prescribed in Article 6 of the National Informatization Framework Act.

Article 5 (Relation with Other Acts)

The promotion of utilization of information and communications networks and data protection, etc. shall be governed by this Act except specially provided for in other acts; provided, however, that, in case this Act and the Electronic Financial Transactions Act compete to apply with respect to the communications billing services stated in Chapter VII, this Act shall prevail.

CHAPTER Ⅱ.- PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION

Articles 6 – 17 Omitted1)

CHAPTER Ⅲ Deleted

Articles 18 – 21 Deleted (Jun. 22, 2015)

CHAPTER Ⅳ PROTECTION OF PERSONAL INFORMATION

Section 1. Collection of Personal Information

Article 22 (Consent to the Collection and Utilization of Personal Information, etc.)

(1) Any information and communications service provider shall, when it intends to gather user’s personal information, notify the user of the whole matters stated in the following subparagraphs, and obtain his/her consent thereof. The same shall apply to any change of the following subparagraphs:

1. The purpose of collection and utilization of personal information;

2. The items of personal information collected hereunder; and

3. The period of retention and utilization of personal information.

(2) The information and communications service provider may collect and utilize the user’s personal information without consent subject to paragraph (1) in case any of the following subparagraphs applies:

1. Where, as for the personal information, which is necessary to perform the contract for the provision of information and communications services, it is evidently difficult to obtain ordinary consent on account of economical and technological reasons;

2. Where it is necessary to calculate the fees for the provision of information and communications services; or

3. Where special provisions exist in this Act or other acts.

Article 22-2 (Consent to the Authorized Access)

(1) The information and communications service provider shall notify the user of the following subparagraphs so that he/she may understand them explicitly, and obtain his/her consent thereof when the information and communications service provider needs the authorized access to the data stored in the mobile communication device of the user and the functions of such device (hereinafter referred to as the “authorized access”) for its service for the user:

1. In case where the authorized access is inevitable for the relevant service

a. The items of data and functions in need of the authorized access; and

b. The reason why the authorized access is necessary.

2. In case where the authorized access is not inevitable for the relevant service

a. The items of data and functions in need of the authorized access;

b. The reason why the authorized access is necessary; and

c. The fact that user may abstain from consent to the authorized consent.

(2) The information and communications service provider shall not refuse the relevant services on the grounds that the user does not consent to the authorized access which is not necessarily required for the relevant service.

(3) The maker of basic operating systems of mobile communication devices (that means the infrastructure environment to run softwares of such devices) and the manufacturers of such devices and the supplier of softwares of such devices shall take such measures as consent to, and withdrawal from, the authorized access which are necessary for the protection of user’s data when the information and communications service provider intends to access the data stored in the mobile communication devices and the functions of such devices.

(4) The scope of the authorized access subject to paragraph (1), method of consent, necessary measures for the protection of user’s data and other necessary matters shall be prescribed by the Presidential Decree.

(Article Inserted Mar. 22, 2016)

Article 23 (Restrictions on Collecting Personal Information, etc.)

(1) No information and communications service provider shall collect the personal information, including ideology, belief, family and relative relations, academic record, medical record and other social career, etc., which is likely to excessively infringe upon the right, interest and privacy of the relevant user; provided, however, that the same shall not apply to the necessary mínimum extent where the consent of the user is obtained pursuant to Article 22(1) or the subject of collecting personal information is specified in other acts.

(Amended May 28, 2014)

(2) Any information and communications service provider shall, when it collects the personal information of users, collect only the minimum personal information to the extent necessary to provide the information and communications services. (Amended May 28, 2014)

(3) The information and communications service provider shall not refuse the relevant services on the grounds that the user does not provide any other personal information than the necessary minimum personal information. In this case, the necessary minimum personal information shall mean the inevitable information necessary to perform the fundamental function of the relevant service. (Inserted May 28, 2014)

Article 23-2 (Restriction of Use of Resident Registration Numbers)

(1) The information and communications service provider shall not collect and use the resident registration numbers of users except otherwise applicable to any of the following subparagraphs:

1. Where it has been designated as an identification agency pursuant to Article 23-3;

2. Where the collection and use of resident registration numbers of users are permitted by statutes; or

3. Where the information and communications service provider regards it as inevitable to collect and use the resident registration numbers of users for the conduct of business, as notified by the Korea Communications Commission.

(2) Although the collection and use of resident registration numbers are permitted pursuant to subparagraphs 2 or 3 of paragraph (1), alternative means to identify the user other than his/her resident registration number (hereinafter referred to as the “alternative means”) shall be provided to the users.

(Article Amended Feb. 17, 2012)

Article 23-3 (Designation, etc. of Identification Agency)

(1) The Korea Communications Commission may, upon assessing the following matters, designate the person, who is determined capable of safe and trustful conduct of developing, providing and managing the alternative means (hereinafter referred to as the “identification operations“) as the identification agency:

1. Physical, technical and managerial measures and planning to ensure the safe and secure identification operations;

2. Technological and financial capability to conduct the identification operations; and

3. Appropriateness of facilities to conduct the identification operations.

(2) When the identification agency wants to have recess of the whole or part of identification operations, it shall notify the recess plan and period to users 30 days prior to the start day and report it to the Korea Communications Commission. In this case, the recess period shall not exceed six months.

(3) When the identification agency wants to repeal its identification operations, it shall notify the repeal plan to users 60 days in advance, and report it to the Korea Communications Commission.

(4) Necessary matters for the detailed assessment criteria pursuant to paragraphs (1) through (3), designation procedure and the recess, repeal, etc. Of identification operations shall be prescribed by the Presidential Decree.

(Article Inserted Apr. 5, 2011)

Article 23-4 (Suspension of Identification Operations and Withdrawal of Designation)

(1) When any of the following subparagraphs is applicable to the identification agency, the Korea Communications Commission may order the suspension of the whole or part of identification operations for a period of not more than six months or withdraw the designation of identification agency; provided, however, that the withdrawal of designation shall be mandatory in case of subparagraph 1or 2:

1. Where it has been designated as an identification agency by fraud or other unjust means;

2. Where it has failed to stop its operations in violation of the order to suspend the identification operations;

3. Where it has failed to start the identification operations within six months from the designation day, or has recess of the identification operations continuously for more than six months; or

4. Where it does not satisfy the criteria pursuant to Article 23-3(4).

(2) The criteria for administrative disposition pursuant to paragraph (1), its procedure and other necessary matters shall be prescribed by the Presidential Decree.

(Article Inserted Apr. 5, 2011)

Article 24 (Restrictions on Utilizing Personal Information)

No information and communications service provider shall utilize the personal information collected pursuant to Article 22 and the proviso of Article 23(1) for other purpose than the purpose consented by the relevant user or referred to in each subparagraph of Article 22(2).

Article 24-2 (Consent to the Provision of Personal Information, etc.)

(1) Any information and communications service provider shall, when it intends to provide user’s personal information to a third party, notify the user of the whole matters stated in the following subparagraphs except the cases falling under subparagraphs 2 and 3 of Article 22(2), and obtain his/her consent thereof. The same shall apply to any change of the following subparagraphs:

1. The receiver of personal information;

2. The purpose of utilizing personal information of such receiver;

3. The items of personal information provided hereunder; and

4. The period of retention and utilization of personal information by the receiver.

(2) The receiver of the personal information of users provided by the information and communications service provider pursuant to paragraph (1) shall not provide such personal information to a third party, nor utilize such personal information for other use than the purpose of being provided except the cases specified in other acts.

(3) The information and communications service provider, etc. as stated in Article 25(1) shall, upon obtaining the consent to the provision pursuant to paragraph (1) and the consent to entrusting handling of personal information pursuant to Article 25(1), separate such consent from the consent to the collection and use of personal information pursuant to Article 22, and shall not refuse to provide its service on ground that the user would not give consent to it. (Amended Mar. 22, 2016)

Article 25 (Entrusting Processing of Personal Information)

(1) The information and communications service provider and the receiver of the personal information of users provided by such provider pursuant to Article 24-2(1) (hereinafter referred to as the “information and communications service provider, etc.”) shall, if they entrust the work (hereinafter collectively referred to as “entrusting processing” of personal information) of collecting, creating, connecting, interlocking, recording, retaining, processing, editing, retrieving, printing out, modifying, restoring, utilizing, providing, disclosing, destroying and similarly doing (hereinafter collectively referred to as “processing“) the personal information of users to a third party, notify the user of the whole matters stated in the following subparagraphs, and obtain his/her consent thereof. The same shall apply to any change of the following subparagraphs: (Amended Mar. 22, 2016)

1. The person entrusted processing of personal information (hereinafter referred to as the “trustee“); and

2. Particulars of entrusted work of processing of personal information.

(2) The information and communications service provider, etc. may skip the notice and consent procedure as prescribed in paragraph (1) in case the whole matters of each subparagraph of paragraph (1) are made public pursuant to Article 27-2(1) or notified to users in such a manner like sending e-mails as stated in the Presidential Decree, which is necessary to perform the contract for the provision of information and communications services and to augment the users’ convenience, etc. The same shall apply to any change of the subparagraphs of paragraph (1). (Amended May 28, 2014; Mar. 22, 2016)

(3) The information and communications service provider, etc. shall, when it intends to entrust processing of personal information, define the purpose in advance for which the trustee shall process the personal information of users.

The trustee shall not process the personal information of users beyond such purpose. (Amended Mar. 22, 2016)

(4) The information and communications service provider, etc. shall manage, supervise and educate the trustee lest it should violate the provisions in this Chapter. (Amended Mar. 22, 2016)

(5) The trustee, who caused damage to the users regarding the work processing entrusted hereunder in violation of the provisions in this Chapter, shall be deemed as an employee of the information and communications service provider, etc. only with respect to compensation for such damage. (Amended Mar. 22, 2016)

(6) What the information and communications service provider, etc. Has entrusted processing of personal information to a trustee shall be in writing. (Inserted Mar. 22, 2016)

(7) The trustee may re-entrust the work entrusted pursuant to paragraph (1) only when he/she has obtained the consent of the information and communications service provider, etc. who has entrusted processing of personal information. (Inserted Mar. 22, 2016)(Amended Mar. 22, 2016)

Article 26 (Transfer of Personal Information following the Business Transfer, etc.)

(1) In the event that the information and communications service provider, etc. transfers the personal information of users to others owing to the transfer of business in whole or in part, or merger, etc., it shall notify the users of the whole matters prescribed in the following subparagraphs in such a manner like sending e-mails, posting at the Website and so forth as stated in the Presidential Decree:

1. The fact that the personal information is to be transferred;

2. The name (referring to the company name in case of a juridical person; hereafter the same shall apply in this Article), address, telephone number and other contact points of a person who has received the personal information (hereinafter referred to as the “business transferee, etc.”);

3. The method and procedure to withdraw the consent in case the user would not want the transfer of personal information.

(2) The business transferee, etc. shall, without delay upon the transfer of personal information, notify the users of such fact and the name, address, telephone number and other contact points in such a manner like posting at the Website, sending e-mails and so forth as stated in the Presidential Decree.

(Amended May 28, 2014)

(3) The business transferee, etc. may utilize or provide the personal information of users within the scope of the initial purpose for which the information and communications service provider, etc. is allowed to utilize or provide such personal information; provided, however, that the same shall not apply where the users have consented specifically.

Article 26-2 (Method to Obtain Consent)

The method how to obtain the consent pursuant to Article 22(1), the proviso of Article 23(1), Article24-2(1) and (2), Article 25(1), the proviso of Article 26(3) or Article 63(2) (hereinafter collectively referred to as the “consent to the collection, utilization, provision, etc. of personal information”) shall be stated by the Presidential Decree in view of the media for collecting personal information, the nature of business operations, the number of users, and so forth.

Section 2. The Management and Destruction of Personal Information

Article 27 (Designation of Person in Charge of Data Protection)

(1) The information and communications service provider, etc. shall designate the person in charge of data protection to protect the personal information of users and deal with complaints of users related with the personal information; provided, however, that the same may not apply to the information and communications service provider, etc. who satisfies the number of employees and users, and other criteria specified by the Presidential Decree. (Amended Mar. 22, 2016)

(2) In case the information and communications service provider, etc. Subject to the proviso of paragraph (1) do not designate the person in charge of data protection, its owner or representative shall become the person in charge of data protection. (Amended Mar. 22, 2016)

(3) Qualification requirements for the person in charge of data protection and other matters necessary to designate the person shall be prescribed by the Presidential Decree. (Amended Mar. 22, 2016)

(4) When the person in charge of data protection finds out any fact in violation of this Act and other relevant laws and regulations, he/she shall immediately take measures to correct such violations, and, if necessary, report such measures to the business owner or representative of the information and communications service provider, etc.; provided, however, that, if the business owner or representative shall become the person in charge of data protection, the provision regarding report of corrective measures shall not apply. (Amended Mar. 22, 2016)

Article 27-2 (Disclosure of Personal Information Policy Statement)

(1) In case of processing the personal information of users, the information and communications service provider, etc. shall establish and disclose the personal information policy statement in such a manner as stated in the Presidential Decree so that users may identify the policy with ease at any time.

(Amended Mar. 22, 2016)

(2) The personal information policy statement subject to paragraph (1) shall contain each and all following subparagraphs: (Amended Feb. 17, 2012; Mar. 22, 2016)

1. The purpose of collection and utilization of the personal information, particulars of personal information collected hereunder and the method of collection thereof;

2. The name (referring to the company name in case of a juridical person) of a person who has received the personal information, the purpose of utilization, and particulars, of the personal information in case the personal information is provided to a third party;

3. The period of retention and utilization of personal information, the procedure and method of destruction of personal information (including the ground of preservation and the particulars of personal information to be preserved in case of preserving such information subject to the proviso except each subparagraph of Article 29)

4. The content of business for which processing of personal information is entrusted and the trustee (including the processing policy statement, if applicable);

5. The rights of users and legal representatives, and how to excise the rights;

6. The installation and operation of the device collecting automatically the personal information like the Internet logon files, etc. and how to deny such device;

7. The name or a person in charge of data protection, or the department to protect the personal information of users and deal with complaints of users related with the personal information, and the contact points like telephone numbers.

(3) In case of change of the personal information policy statement pursuant to paragraph (1), the information and communications service provider, etc. Shall make public without delay the reason and changes thereof in such a manner as stated in the Presidential Decree so that users may identify the change of policy statement with ease at any time. (Amended Mar. 22, 2016)

Article 27-3 (Notification and Report of Personal Information Leakage, etc.)

(1) Upon knowing the loss, theft and leakage of personal information (hereinafter referred to as “leakage, etc.”), the information and communications service provider, etc. shall, without delay, inform each of the following subparagraphs of the relevant users, and report it to the Korea Communications Commission or the Korea Internet and Security Agency, and shall not delay, without justifiable reasons, such notification and report exceeding 24 hours from the time when it got to know the fact; provided, however, that it may take other measures, if there is such a justifiable reason as whereabouts of users are still unknown, as replaceable with the notification as prescribed by the Presidential Decree: (Amended May 28, 2014; Mar. 22, 2016)

1. Personal information items affected by leakage, etc.;

2. Time when leakage, etc. took place;

3. Measures that users may take;       

4. Countermeasures that the information and communications service provider, etc. may take; and                                                                                                                             

5. Department where users may place inquiries, etc. and other contact points.       

2) Upon receiving the report pursuant to paragraph (1), the Korea Internet and Security Agency shall, without delay, inform the fact of the Korea Communications Commission. (Inserted May 28, 2014)                                                                            

(3) The information and communications service provider, etc. shall explain the justifiable reasons pursuant to the main sentence and proviso of paragraph (1) to the Korea Communications Commission. (Inserted May 28, 2014)                                    

(4) The method, procedure, etc. of notification and report pursuant to paragraph (1) and other necessary matters shall be prescribed by the Presidential Decree. (Amended May 28, 2014) 

(5) The information and communications service provider, etc. shall prepare for the leakage, etc. of personal information, and explore ways to establish measures to minimize the damage to victims. (Amended May 28, 2014; Mar. 22, 2016)

Article 28 (Data Protection Measures)

(1) In case of processing the personal information of users, the information and communications service provider, etc. shall take such technological and managerial measures as mentioned in the following subparagraphs to prevent the loss, theft, leakage, forgery, alteration of, or damage to, the personal information and to ensure the safety of personal information by the standard as specified by the Presidential Decree. (Amended Mar. 22, 2016)

1. To establish and implement the in-house management plan to process the personal information more safely;

2. To install and operate the access control system like firewall to block illegal access to the personal information;

3. To take measures to prevent the forgery or falsification of logon files;

4. To take security measures using encryption technologies in order to store and transmit the personal information more safely;

5. To take such preventive measures as download and operation of the vaccination softwares to protect from computer viruses; and                                                               6. To take other protective measures necessary to secure the safety of the personal information.

(2) The information and communications service provider, etc. shall limit the persons to process the personal information of users to the minimum.

(Amended Mar. 22, 2016)

Article 28-2 (Prohibition of Leakage of Personal Information)

(1) Any person who is processing, or once processed, the personal information of users shall not damage, infringe upon or leak out the information acquired in the course of business. (Amended Mar. 22, 2016)

(2) No one shall be provided with the personal information for profit or unjust purposes while knowing such information has been leaked out.

Article 29 (Destruction of Personal Information)

(1) The information and communication service provider, etc. shall, without  delay, destroy the relevant personal information lest it should be restored or recovered in case any of the following cases applies; provided, however, that the same shall not apply where other acts require the preservation of such information: (Amended Feb. 17, 2012; May 28, 2014)

1. When the purpose of collecting or utilizing the personal information consented pursuant to Article 22(1), the proviso of Article 23(1) or Articles 24-2(1) and (2), or the relevant purpose as specified by any of the subparagraphs of Article 22(2) has been attained;

2. When the period of retention and utilization of personal information consented pursuant to Article 22(1), the proviso of Article 23(1) or Articles 24-2(1) and (2) has expired;

3. When the period of retention and utilization of personal information subject to Article 27-2(2) iii in case of collecting or utilizing the personal information without the consent of users pursuant to Article 22(2) has expired; or

4. When its business has been closed.

(2) The information and communication service provider, etc. shall take necessary measures, including the destruction of personal information and others as prescribed by the Presidential Decree, to protect the personal information of users who would not use the information and communications services for one year; provided, however, that it does not apply when the said period is otherwise fixed by other laws and regulations, or user’s request. (Inserted Feb. 17, 2012; Dec. 1, 2015)

(3) The information and communication service provider, etc. shall inform the users of the fact that their personal information will be destroyed, the expiry date, the particulars of the said personal information, etc. as prescribed by the Presidential Decree by means of email, etc. as prescribed by the Presidential Decree. (Inserted Dec. 1, 2015)

Section 3.- User’s Right

Article 30 (User’s Right, etc.)

(1) Every user may at any time withdraw his/her consent given to the information and communications service provider, etc. for the collection, utilization or provision of the personal information.

(2) Every user may request the access to, or provision of, any of the following items related with him/her, and if his/her personal information is found to be erroneous, he/she may request the correction thereof:

1. The personal information of users retained by the information and communications service provider, etc.;

2. The content of how the information and communications service provider, etc. has utilized, or provided to a third party, the personal information of users; or

3. The status at which the information and communications service provider, etc. has obtained consent for the collection, utilization or provision of the personal information.

(3) In case that a user withdraws his/her consent pursuant to paragraph (1), the information and communications service provider, etc. shall, without delay, take necessary measures, i.e., destroying his/her personal information collected lest it should be restored or recovered. (Amended May 28, 2014)

(4) The information and communications service provider, etc. shall, upon receiving a request for the access to, provision of, personal information pursuant to paragraph (2), take necessary measures without delay.

(5) The information and communications service provider, etc. shall, immediately upon receiving a request for the correction of erroneous personal information pursuant to paragraph (2), correct the erroneous information or take necessary measures, i.e., explaining why it failed to correct such information, and shall not utilize or provide the relevant personal information until the correction thereof; provided, however, that the same shall not apply where other acts require the provision of such information.

(6) The information and communications service provider, etc. shall make the withdrawal of consent pursuant to paragraph (1), or how to request access to, provision of, or correction of errors in, the personal information much easier than the method how to collect the personal information.

(7) The provisions of paragraphs (1) through (6) shall apply mutatis mutandis to the business transferee, etc. In this case, the information and communications service provider, etc. shall be deemed the business transferee, etc.

Article 30-2 (Notification of Personal Information Use Statement)

(1) The information and communications service provider, etc., which satisfies the criteria as prescribed by the Presidential Decree, shall notify periodically the use statement (including the provision pursuant to Article 24-2 and entrusting processing of personal information pursuant to Article 25) of personal information collected pursuant to Articles 22 and 23(1) proviso; provided, however, that the same shall not apply where such personal information as contact points to be notified was not collected. (Amended Mar. 22, 2016)

(2) The type of information to be notified to the users pursuant to paragraph (1), notification interval and method and other matters necessary to notify the use statement shall be prescribed by the Presidential Decree.

Article 31 (Legal Representative’s Right)

(1) The information and communications service provider, etc. shall, when it intends to obtain consent for the collection, utilization or provision of the personal information from a minor of age below 14, obtain the consent therefor from his/her legal representative. In this case, the information and communications service provider may demand from the child the necessary minimum information, including the name, etc. of the legal representative, so as to obtain the consent.

(2) The legal representative may exercise user’s right as for the personal information of the relevant child pursuant to Articles 30 (1) and (2).

(3) The provisions of Article 30 (3) through (5) shall apply mutatis mutandis to the withdrawal of consent, and the request for the access to, or the correction of, the personal information by the legal representative pursuant to paragraph (2).

Article 32 (Damages)

If a user suffers any damage caused by the violation of the provisions in this Chapter on part of the information and communications service provider, etc., such user may claim for the damages against the information and communications service provider, etc. In this case, the information and communications service provider, etc. may not be released from the damages if it fails to prove non-existence of its intention or negligence.

Article 32-2 (Claim for Statutory Damage)

(1) The user may, when all of the following subparagraphs are satisfied, claim for compensation of considerable amount up to three million won in place of damages pursuant to Article 32 against the information and communications service provider, etc. within the period as prescribed by the Presidential Decree.

In this case, the accused information and communications service provider, etc. cannot evade the responsibility unless it proves non-existence of intention or negligence: (Amended Mar. 22, 2016)

1. Where the information and communications service provider, etc. Violates provisions in this Chapter intentionally or negligently; and

2. Where the personal information was lost, stolen, leaked, forged, altered or damaged.

(2) The court may, upon the claim pursuant to paragraph (1), acknowledge a reasonable amount of damages within the scope of paragraph (1) based upon the examination of evidence and review of all the arguments during the proceedings.

(3) The user who has filed a lawsuit for damages pursuant to Article 32 may change it to the claim for damages subject to paragraph (1) until the closing of oral proceedings at the trial court. (Inserted Mar. 22, 2016)

Article 32-3 (Deletion and Blocking of Exposed Personal Information)                       

(1) The information and communications service provider, etc. shall exert itself lest users’ personal information including resident registration numbers, bank account numbers, credit card numbers, etc. should be exposed to public via information and communications network. (Amended Mar. 22, 2016)                                                      

(2) Upon the request of the Korea Communications Commission or the Korea Internet and Security Agency, the information and communications service provider, etc. shall take necessary measures including deletion, blocking, etc. Of personal information exposed under paragraph (1). (Inserted Mar. 22, 2016)

Section 4.- Deleted

Articles 33 through 40 Deleted 2)

CHAPTER Ⅴ.- PROTECTION OF THE YOUTH IN INFORMATION AND COMMUNICATIONS NETWORKS

Articles 41 through 44-10 Omitted

CHAPTER Ⅵ.- SECURING STABILITY OF INFORMATION AND COMMUNICATIONS NETWORKS, ETC.

Articles 45 through 46-2 Omitted

Article 46-3 Deleted

Article 47 (Certification of Data Protection Management System)

(1) The Minister of Science, ICT and Future Planning may certify for the purpose of securing the stability and reliability of the communications network whether the person who has established and operated a consolidated management system including the managerial, technical and physical safeguards (hereinafter referred to as the “Data Protection Management System” or DPMS) could satisfy the criteria subject to paragraph (4). (Amended Feb. 17, 2012; Mar. 23, 2013; Dec. 1, 2015)

(2) Any person who falls on any of the following paragraphs as a telecommunications business operator subject to Article 2 viii of the Telecommunications Business Act and an information provider/intermediary taking advantage of the telecommunications services of the said telecommunications business operator shall obtain the certification pursuant to paragraph (1). (Inserted Feb. 17, 2012; Dec. 1, 2015)

1. Any person who has obtained the permission subject to Article 6(1) of the Telecommunications Business Act and provides information and communications service as prescribed by the Presidential Decree;

2. An integrated information and communications facility operator; or

3. Any person with the annual sales, revenue, etc. of more than 150 billion won or the number of users daily average of one million people for the previous three months, who satisfies the criteria as prescribed by the Presidential Decree.

(3) The Minister of Science, ICT and Future Planning may omit parts of certification examination subject to paragraph (1) in case that the person in need of certification has obtained the international standard certification of data protection or taken other measures for data protection as prescribed by the Ordinance of the Ministry of Science, ICT and Future Planning. In this case, the scope of omission in detail of the said certification examination shall be decided and notified by the Minister of Science, ICT and Future Planning. (Inserted Dec. 1, 2015)

(4) The Minister of Science, ICT and Future Planning may prescribe and notify the certification criteria including the managerial, technical and physical safeguards and other necessary matters for the DPMS certification subject to paragraph (1). (Amended Feb. 17, 2012; Mar. 23, 2013; Dec. 1, 2015)

(5) The duration of the DPMS certification subject to paragraph (1) shall be three years; provided, however, that the person who has obtained the data protection degree pursuant to Article 47-5(1) is deemed to have been certified subject to paragraph (1) for the duration of such data protection degree.

(Inserted Feb. 17, 2012; Dec. 1, 2015)

(6) The Minister of Science, ICT and Future Planning may delegate the certification matters subject to paragraphs (1) and (2) of the following subparagraphs to the Korea Information and Security Agency or other institution designated by the Minister of Science, ICT and Future Planning (hereinafter referred to as the “DPMS Certification Agency”): (Inserted Feb. 17, 2012; Mar. 23, 2013; Dec. 1, 2015)

1. The certification examination to clarify the DPMS of a certification applicant being in conformity with certification criteria subject to paragraph (4) (hereinafter referred to as the “DPMS Certification Examination”);

2. Deliberation of the DPMS Certification Examination results;

3. Issuance and management of the DPMS Certificate;                                                   

4. Ex post facto management of the DPMS Certification;                                               

5. Fostering and qualification management of the DPMS Certification examiners; and 

6. Other matters in relation to the DPMS Certification.                                                 

(7) The Minister of Science, ICT and Future Planning may designate the institution to conduct the said certification examination (hereinafter referred to as the “DPMS Examination Agency”) if necessary to conduct the said certification task efficiently. (Inserted Dec. 1, 2015)                                                                                                    

(8) The Korea Information and Security Agency, the DPMS Certification Agency and the DPMS Examination Agency shall conduct ex post facto management at least once a year to enhance the effectiveness of the DPMS, and notify its result to the Minister of Science, ICT and Future Planning. (Inserted Feb. 17, 2012; Mar. 23, 2013; Dec. 1, 2015)                                                                                                                               

(9) The person who has obtained the DPMS certification pursuant to paragraphs (1) and (2) may represent or promote the DPMS Certification as prescribed by the Presidential Decree. (Amended Feb. 17, 2012; Dec. 1, 2015)                                                          

(10) The Minister of Science, ICT and Future Planning may withdraw the PIMS certification when finding out any reason which falls on any of the following subparagraph; provided, however, that the Minister shall cancel the said certification in case of subparagraph 1: (Inserted Feb. 17, 2012; Mar. 23, 2013; Dec. 1, 2015)            

1. Where the DPMS Certification has been obtained by fraud or other unjust means;    

2. Where the certification criteria subject to paragraph (4) fail to be satified; Or            

3. Where the ex post facto management subject paragraph (8) has been denied or obstructed.                                                                                                                     

(11) The method, procedure, scope and tariffs of certification subject to paragraphs (1) and (2), the method and procedure of ex post facto management subject to paragraph (8), the method and procedure of withdrawal of certification subject to paragraph (10), other necessary matters shall be prescribed by the Presidential Decree. (Amended Feb. 17, 2012; Dec. 1, 2015)                                                                                                

(12) Necessary matters for the designation criteria, procedure, duration, etc. Of the DPMS Certification Agency and the DPMS Examination Agency shall be prescribed by the Presidential Decree. (Amended Feb. 17, 2012; Dec. 1, 2015)                            (Article Amended Jun. 13, 2008.)

Article 47-2 (Withdrawal, etc. of Designation of DPMS Certification Agency and DPMS Examination Agency)

(1) The Minister of Science, ICT and Future Planning may withdrawal the designation of the DPMS Certification Agency and the DPMS Examination Agency, or suspend a whole or part of the DPMS operations for the period not exceeding one year when the juridical person or association designated as such pursuant to Article 47 falls on any of the following subparagraphs; provided, however, that the Minister shall withdraw the said designation in case of subparagraphs 1 and 2: (Inserted Feb. 17, 2012; Mar. 23, 2013; Dec. 1,2015)

1. Where the designation of the DPMS Certification Agency or DPMS Examination Agency has been obtained by fraud or other unjust means;

2. Where the certification or certification examination has been conducted  during the period of suspension of the said operation;

3. Where the certification or certification examination has not been conducted with justifiable reasons;

4. Where the certification or certification examination has been conducted in violation of Article 47(11); or

5. Where the designation criteria Article 47(12) fail to be satified.

(2) Necessary matters for the designation withdrawal and suspension of operation, etc. subject to paragraph (1) shall be prescribed by the Presidential Decree.

(Article Amended Jun. 13, 2008; Amended Dec. 1, 2015)

Article 47-3 (Certification of Personal Information Management System)

(1) The Korea Communications Commission may certify for the purpose of carrying out systemic and sustainable personal information protection activities in the communications network whether the person who has established and operated a consolidated management system including the managerial, technical and physical safeguards (hereinafter referred to as the “Personal Information Management System” or PIMS) could satisfy the criteria subject to paragraph (2).

(2) The Korea Communications Commission may prescribe and notify the certification criteria including the managerial, technical and physical safeguards and other necessary matters for the PIMS certification subject to paragraph (1).

(3) Articles 47(6) through (12) shall apply mutatis mutandis to the PIMS agencies, ex post facto management, etc. In this case, paragraphs (1) and (2) shall read paragraph (1). (Amended Dec. 1, 2015)

(4) Articles 47-2 shall apply mutatis mutandis to the designation withdrawal, etc. of the PIMS Certification Agency.

(Article Inserted Feb. 17, 2012)

(The previous Article 47-3 moved to Article 47-4 Feb. 17, 2012)

Article 47-4 (Data Protection of Users)

(1) The government may advise to the users to observe by establishing necessary standards for the data protection of users, and take necessary measures, i.e., checking the weak points and providing technological assistance, so as to prevent the incidents and block the dissemination thereof.

(2) through (4) Omitted

Article 47-5 (Grant of Data Protection Management Degree)

(1) The person who has obtained the DPMS certification pursuant to Article 47 may be granted the data protection management degree by the Minister of Science, ICT and Future Planning to enhance the consolidated corporate data protection management level and secure the reliability of data protection services from users. (Amended Mar. 23, 2013)

(2) The Minister of Science, ICT and Future Planning may delegate the grant of degree matters subject to paragraph (1) to the Korea Information and Security Agency. (Amended Mar. 23, 2013)

(3) The person who has been granted the data protection management degree pursuant to paragraph (1) may represent or promote the said data protection management degree.

(4) The Minister of Science, ICT and Future Planning may withdraw the degree granted as such when finding out any reason which falls on any of the following subparagraph; provided, however, that the Minister shall cancel the said degree in case of subparagraph 1: (Amended Mar. 23, 2013; Dec. 1, 2015)

1. Where the data protection management degree has been granted by fraud or other unjust means; or

2. Where the degree criteria subject to paragraph (5) fail to be satisfied.

(5) The criteria for grant of degree, the method, procedure and tariffs of grant of degree subject to paragraph (1), the duration of degree, the method and procedure of withdrawal of degree subject to paragraph (4), and other necessary matters shall be prescribed by the Presidential Decree.

(Article Newly Inserted Feb. 17, 2012)

Articles 48 through 48-4 Omitted

Article 49 (Protection of Secrets, etc.)

No one is allowed to damage the information of other persons or infringe upon, steal or leak the secrets of other persons, which are processed, stored or transmitted via the information and communications networks.

Article 49-2 (Prohibition of Collection of Personal Information by Means of Deceptive Activities)

(1) No one shall collect, or entice other person to provide with, the personal information of other person by means of deceptive activities in the information and communications networks.

(2) Any information and communications service provider shall report to the Minister of Science, ICT and Future Planning, the Korea Communications Commission or the Korea Information and Security Agency immediately upon finding out the violation of paragraph (1). (Amended Apr. 22, 2009; Mar. 22, 2016)

(3) The Minister of Science, ICT and Future Planning, the Korea Communications Commission or the Korea Information and Security Agency shall, upon receiving the report pursuant to paragraph (2) or finding out the violation of paragraph (1), take necessary measures prescribed in the following subparagraphs: (Amended Apr. 22, 2009; Mar. 22, 2016)

1. Collecting and disseminating the violation of paragraph (1);

2. Forecasting or warning of similar violations; and

3. Emergency measures to prevent present and further violations including request for blocking the access paths or request for notification of users’information exposed to the violations under paragraph (1) to the information and communications service provider.

(4) The Minister of Science, ICT and Future Planning or the Korea Communications Commission may order the information and communications service provider, prior to taking measures subject to paragraph (3) iii, to take necessary measures including sharing information in relation to deceptive activities via information and communications networks among service providers.

(Inserted Mar. 22, 2016)

Article 50 (Restrictions on Transmitting Advertisement Information Made for Profit) (1) Anybody, who intends to transmit via electronic transmission media any advertisement information made for profit, shall obtain the prior explicit consent of the relevant addressee; provided, however, that the same shall not apply to any of the following subparagraphs: (Amended Mar. 22, 2016)

1. Where somebody, who collects directly from the addressees the contact points through transactions of goods and services, intends to transmit the advertisement information made for profit within the period as prescribed by the Presidential Decree regarding the same kind of goods, etc. processed by himself and traded with the receiver; and

2. Where a call center operator subject to the Act Regarding Visiting Sales, etc. solicits over the telephone with his/her voice after informing the addressee of the sources of personal information.

(2) Notwithstanding paragraph (1), anybody, who intends to transmit via electronic transmission media any advertisement information made for profit, shall not transmit advertisement information made for profit if the addressee expresses refusal of such information or withdraw prior consent.

(3) Anybody, who intends to transmit any advertisement information made for profit via electronic transmission media to the addressee during the hours from 9:00 p.m. to 8:00 a.m. the next day, shall obtain the separate prior consent of the relevant addressee in spite of paragraph (1); provided, however, that the same shall not apply to the media as prescribed by the Presidential Decree.

(4) Anybody, who transmits advertisement information made for profit via electronic transmission media, shall indicate concretely the matters stated in the following subparagraphs in such a manner as prescribed by the Presidential Decree:                      1. The name and contact points of the sender; and

2. Other matters regarding the measure and methods to easily indicate the refusal of, or withdrawal of consent to, such information.

(5) Anybody, who transmits advertisement information made for profit via electronic transmission media, shall not take any measure specified in the following subparagraphs:

1. Measures to avoid and hinder the refusal or withdrawal of consent of the addressee of advertisement information;

2. Measures to automatically generate the contact points of addressee i.e., by combining numbers, codes or letters into new telephone numbers or e-mail addresses;

3. Measures to automatically register telephone numbers or e-mail addresses in order to transmit advertisement information made for profit;

4. Measures to conceal the identity of the sender of advertisement information or the source of advertisement transmission; or

5. Various measures to induce reply by deceiving the addressee for the purpose to transmit advertisement information made for profit.

(6) Anybody, who transmits advertisement information for profit via electronic transmission media, shall take necessary measures in such a manner as prescribed by the Presidential Decree lest the addressee should be charged the monetary cost incurred when telephoning a message to refuse, or withdraw the consent of, such information.

(7) Anybody, who transmits advertisement information for profit via electronic transmission media, shall, when the addressee expresses prior consent pursuant to paragraph (1), or refusal to receive or withdrawal of consent to receive pursuant to paragraph (2), inform to the addressee the result after processing prior consent, refusal to receive or withdrawal of consent as prescribed by the Presidential Decree.

(8) Anybody, who has obtained the consent pursuant to paragraphs (1) or (3), shall confirm periodically whether the addressee really consented to receive such advertisement information as prescribed by the Presidential Decree.

(Article Amended May 28, 2014)

Article 50-2 Deleted (May 28, 2014)

Article 50-3 (Entrusting Transmission of Advertisement Information Made for Profit)

(1) Anybody, who entrusts other person with a task to transmit advertisement information made for profit, shall control and supervise him/her lest the trustee should violate Article 50. (Amended May 28, 2014)

(2) Anybody, who is entrusted by a person with a task to transmit advertisement information made for profit pursuant to paragraph (1), shall be deemed an employee of such person in compensating the damage caused by violating the relevant acts related with such task.

Article 50-4 (Restrictions on Information Transmission Services, etc.)

(1) The information and communications service provider may take measures to refuse to provide the relevant services in any of the following subparagraphs:

1. Where obstacles occur or are expected to occur in providing services owing to transmitting or receiving advertisement information;                                                  

2. Where users would not want to receive advertisement information; or                        

3. Deleted (Amended May 28, 2014)                                                                                         

(2) The information and communications service provider, which intends to take measures to refuse pursuant to paragraph (1) or (4), shall include such provisions as how to refuse the relevant services in an end-user agreement with the user of such services. (Amended May 28, 2014)                                                                                  

(3) The information and communications service provider, which intends to take measures to refuse pursuant to paragraph (1) or

Article 50-5 (Installation of Advertisement Programs for Profit, etc.)

The information and communications service provider, which intends to show up advertisement information made for profit or install the programs to collect personal information in the users’ computer or other data processing devices as prescribed by the Presidential Decree, shall obtain the consent of users. In this case, it shall notify the usage of such programs and the method how to delete.

Article 50-6 (Distribution of Softwares to Block the Transmission of Advertisement Programs Made for Profit)

(1) The Korea Communications Commission may develop and distribute softwares and computer programs by which the addressee can conveniently block or report the advertisement information made for profit transmitted in violation of Article 50.

(2) The Korea Communications Commission may provide necessary support to the relevant public institutions, corporations, associations, etc. in order to promote the development and distribution of softwares and computer programs to block and report pursuant to paragraph (1).

(3) The Korea Communications Commission may advise the information and communications service provider to take such necessary measures as development of technologies, education, public relations, etc. for the protection of addressees when the services of the information and communications service provider are used to transmit the advertisement information made for profit in violation of Article 50.

(4) Necessary matters for the development and distribution pursuant to paragraph (1) and the support pursuant to paragraph (2) shall be prescribed by the Presidential Decree.

Article 50-7 (Restrictions on Posting Advertisement Information Made for Profit)

(1) Anybody, who intends to post any advertisement information made for profit on the Internet homepage, shall obtain prior consent of the webmaster or homepage manager; provided, however, that the same does not apply to a bulletin board which anybody has an easy access and may post messages without authorization.

(2) Notwithstanding paragraph (1), anybody, who intends to post any advertisement information made for profit on the Internet homepage, shall not post advertisement information made for profit if the webmaster or homepage manager expresses explicit refusal of posting such information or withdraw prior consent.

(3) A system operator or administrator of the Internet homepage may take such measures as deleting the advertisement information made for profit which is posted in violation of paragraph (1) or (2).

(ArticleAmended May 28, 2014)

Article 50-8 (Prohibition of Transmission of Advertisement Information for Illegal Act)

Nobody shall transmit advertisement information regarding goods or services prohibited by this Act or other acts via the information and communications networks.

Article 51 (Restrictions on Outflow of Material Information into Foreign Countries)

(1) The government may have each information and communications service provider or the relevant user of information and communications services take measures necessary to prevent material information regarding the domestic industry, economy, science and technology, etc. from being flowed out of Korea into foreign countries via the information and communications networks.

(2) The scope of material information referred to in paragraph (1) shall be as follows:

1. Security information related with the national security and major policy information; or

2. Information regarding state-of-the-art technologies or equipment developed domestically.

(3) The government may have each information and communications service provider processing the information referred to any of the subparagraphs of paragraph (2) take the following measures: (Amended Mar. 22, 2016)

1. Establishing systemic and technological devices to prevent improper utilization of the information and communications networks;

2. Taking systemic and technological measures to block the illegal destruction or manipulation of information; or

3. Taking measures to prevent the leakage of material information acquired in the course of processing information by the information and communications service provider.

Article 52 (Korea Information and Security Agency)

(1) The government shall establish the Korea Information and Security Agency (hereinafter referred to as “KISA“) to implement efficiently such policies as to enhance the information and communications networks (excluding the establishing, improving and managing such networks), as to promote the safe usage, and as to support the international cooperation and going abroad related with broadcasting and communications.

(2) KISA shall be a juridical person.

(3) KISA shall conduct the business referred to in the following subparagraphs: (Amended Mar. 23, 2013; Nov. 19, 2014; Jun. 22, 2015)                                                 

1. To survey and research into legal regimes, policies and systems for the utilization and protection of the information and communications networks, and the international cooperation and going abroad related with broadcasting and communications;              

2. To do research and analysis of statistics related with the utilization and protection of the information and communications networks;                                                              

3. To analyze negative effects of informatization and to research into countermeasures;

4. To conduct public relations, education and training for the utilization and protection of the information and communications networks;                                                           

5. To secure data protection in the information and communications networks, and to achieve technological development and standardization related with the Internet address resources;                                                                                                                          

6. To help establish the policy for the data protection industries, and to conduct related technological development and training of human resources;                                         

7. To implement and support the assessment, certification, etc. of data protection including the DPMS certification and the assessment and certification of data protection system;                                                                                                                                

8. To do research into effective measures for data protection, and to support the development and distribution of data protection technologies;                                        

9. To support the operation of the Dispute Mediation Committee and to opérate the Reporting Center for Personal Information Infringement;                                             

10. To do counseling and process claims regarding the transmission of advertisement information and the Internet advertisement;                                                                   

11. To deal with and analyze causes of the incidents infringing upon the information and communications networks, and to operate the incident response system;                

12. To manage the authentication of electronic signature pursuant to Article 25(1) of the Electronic Signature Act;                                                                                                

13. To support the efficient operation of the Internet and the promotion of utilization thereof;                                                                                                                            

14. To help protect the stored information of the Internet users;                                      

15. To support the service policy related with the Internet;                                           

16. To protect users in the Internet, and to help flow and disseminate sound information;

17. To conduct business regarding the Internet addresses under the Act on the Internet Resources;                                                                                                                       

18. To support operation of the Internet Address Dispute Mediation Committee pursuant to Article 16 of the Act on the Internet Resources;                                         

19. To support operation of the Mediation Committee pursuant to Article 25(7) of the Act on the Promotion of Data Protection Industry;                                                           

20. To assist the international cooperation, going abroad and overseas public relations related with broadcasting and communications;                                                            

21. Other activities incidental to the business of subparagraphs 1 through 20; and

22. Other tasks prescribed by this Act, and other acts and regulations to be conducted by KISA, or entrusted by the Minister of Science, ICT and Future Planning and the Minister of Interior, the Korea Communications Commission, or the head of other administrative agencies;                                                                                                  

(4) The government may make contributions to cover expenses necessary for the operation of KISA.

(5) The provisions regulating the incorporated foundation in the Civil Act shall apply mutatis mutandis to the matters not prescribed by this Act with respect to KISA.

(6) Other person than KISA shall not use the name of the Korea Information and Security Agency.

(7) Other matters necessary to operate, and conduct business of, KISA shall be prescribed by the Presidential Decree.

CHAPTER VII.- COMMUNICATIONS BILLING SERVICES

Articles 53 – 61 Omitted

CHAPTER VIII.- INTERNATIONAL COOPERATION

Article 62 (International Cooperation)

In performing the function stated in the following subparagraphs, the government shall cooperate with other states or international organizations:

1. Cross-border transfer of personal information and data protection;

2. Protection of the youth in the information and communications network;

3. Prevention of the incidents threatening the safety of information and communications network; and

4. Other activities to ensure safe and sound utilization of information and communications services.

Article 63 (Protection of Cross-Border Transfer of Personal Information)

(1) The information and communications service provider, etc. shall not enter into any international contract of which contents violate the provisions of this Act with respect to the personal information of users.

(2) The information and communications service provider, etc. shall obtain the consent of users when they intend to provide (including being subject to inquiry), entrust processing, store (hereinafter referred to as “transfer” in this Article) the personal information of such users to abroad; provided, however, that, if it is necessary to perform the contract for providing information and communications services and to enhance users convenience, etc., the provisions regarding the consent of users subject to entrusting processing and storing personal information abroad may not apply in case of disclosing under Article 27-2(1), or notifying to users by means as prescribed by Presidential Decree like email, all items of subparagraphs of paragraph (3). (Amended Mar. 22, 2016)

(3) The information and communications service provider, etc. shall, when they intend to obtain the consent pursuant to paragraph (2), notify the user in advance of the whole matters stated in the following subparagraphs:

1. The items of personal information to be transferred;

2. The state to which personal information will be transferred, the date and time of transfer and the method thereof;

3. The name (referring to the company name and the contact points of the officer in charge of data protection in case of a juridical person) of a person who will be provided with the personal information; and

4. The purpose of utilization, and the period of retention and utilization, of personal information on the part of a person who will be provided with the personal information.

(4) The information and communications service provider, etc. shall take the protective measures as prescribed by the Presidential Decree when they transfer the personal information to abroad with the consent pursuant to paragraph (2).

CHAPTER IX.- SUPPLEMENTARY PROVISIONS

Article 64 (Submission of Materials, etc.)

(1) The Minister of Science, ICT and Future Planning or the Korea Communications Commission may request the information and communications service provider, etc. (in this Article, including any person to whom Article 67 applies mutatis mutandis) to submit relevant goods, documents, etc. in case any of the following subparagraphs shall apply:

1. Where the violation of this Act is detected or knowingly suspected;

2. Where the violation of this Act is reported or any claim thereon is received; or

3. Where such other cases as prescribed by the Presidential Decree are necessary to protect the users.

(2) The Korea Communications Commission may request the information and communications service provider, etc. to have access to, or submit, data with respect to the name, address, resident registration number, period of utilization, etc. of the person who transmitted advertisement information made for profit in violation of this Act in order to take the measures stated in the following subparagraphs against such transmitter:                                                                                                                         1. Corrective measures pursuant to paragraph (4);

2. Imposition of fine for negligence pursuant to Article 76; and

3. Other measures amounting to the above-mentioned subparagraphs.

(3) When the information and communications service provider, etc. fails to submit materials pursuant to paragraphs (1) and (2), or it is deemed to have violated this Act, the Minister of Science, ICT and Future Planning or the Korea Communications Commission may have its officials enter the business place of the information and communications service provider, etc. and other concerned persons related with breach of the relevant laws to inspect its current business operations and examine ledger and books, or other documents, etc. (Amended Mar. 29, 2011; Mar. 23, 2013; Mar. 22, 2016)

(4) The Minister of Science, ICT and Future Planning or the Korea Communications Commission may order that the information and communications service provider, etc. in violation of this Act should take necessary corrective measures, and demand such information and communications service provider, etc., who has been ordered to do so, to make such fact public. In this case, such necessary matters as the method how to make it public, the criteria and procedure thereof, etc. shall be prescribed by the Presidential Decree.

(5) The Minister of Science, ICT and Future Planning or the Korea Communications Commission may, when it ordered necessary corrective measures pursuant to paragraph (4), make the fact public. In this case, such necessary matters as the method how to make it public, the criteria and procedure thereof, etc. shall be prescribed by the Presidential Decree.

(6) The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall, when it requests the relevant information and communications service provider, etc. to submit or have access to data, etc. pursuant to paragraphs (2) and (3), notify in writing (including the electronic message) of the reason for request, legal grounds, time limit of submission thereof or the date and time to have access thereto, the content of data to be submitted or accessed in detail.

(7) In case of inspection pursuant to paragraphs (3), the inspection plan including the inspection date and time, reasons for inspection, particulars to be inspected shall be notified to the relevant information and communications service provider, etc. at least seven days before the scheduled inspection date; provided, however, that the same does not apply in case of emergency or when it deems such prior notification inappropriate to attain the inspection purpose because of probable destruction of evidences.

(8) The officials, who conduct the inspection pursuant to paragraph (3), shall carry certificates showing their authority, produce them to persons concerned, and deliver them the document containing officials’ names, inspection hours, purposes thereof, etc.

(9) The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall, when it received, had access to, or inspected the data, etc. pursuant to paragraphs (1) and (3), notify in writing the relevant information and communications service provider, etc. of the inspection result (in case of making an order to take corrective measures subsequent to the inspection, including such order).

(10) The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall, for the purpose of request of submission or inspection of data, etc. pursuant to paragraphs (1) and (4), may ask the head of KISA for technical advices and other necessary support.

(11) Any request of submission of, access to, or inspection of, data, etc. pursuant to paragraphs (1) and (4) shall be made within the minimum scope necessary to implement this Act, and shall not be misused for other purposes.

Article 64-2 (Preservation and Destruction of Materials, etc.)

(1) The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall not provide to a third party the documents, materials, etc. submitted or collected pursuant to Article 64 nor make them public, if and when it is requested by the relevant information and communications service provider, etc. to preserve such materials.

(2) In case the Minister of Science, ICT and Future Planning or the Korea Communications Commission received the materials submitted via the information and communications networks, or made them digitalized, it shall take systemic and technological security measures lest the personal information, trade secrets etc. should be leaked out.

(3) The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall destroy immediately the documents, materials, etc. submitted or collected pursuant to Article 64, if there occurs a case applicable to any of the following subparagraphs except otherwise specifically provided in other acts. The same shall apply to the person to whom the Minister of Science, ICT and Future Planning or the Korea Communications Commission delegates or entrusts the whole or part of its authority pursuant to Article 65:                                                                                        1. Where the purpose for which the request for submission of materials, visit and inspection, order to take corrective measures, etc. take place pursuant to Article 64 has been attained;

2. Where an administrative judgment is filed in disobedience of the order to take corrective measures pursuant to Article 64(4), or, in case of the administrative lawsuit, the relevant administrative dispute settlement proceedings have been closed;

3. Where the fine for negligence is levied pursuant to Article 76(4) and there is no objection thereto until the period of objection is over pursuant to Article 76(5); or

4. Where any objection is raised against the imposition of fine for negligence pursuant to Article 76(4) and the non-litigation proceedings of the competent court with jurisdiction are over.

Article 64-3 (Imposition, etc. of Penalty Surcharge)

(1) In case an action is in violation of any of the following subparagraphs, the Korea Communications Commission may impose the penalty surcharge3) amounting to not more than three percent (3/100) of total sales related with such violation on the wrong-doing information and communications service provider, etc.. the penalty surcharge of not more than 100 million won may be imposed to the violator of subparagraph 6: (Amended Feb. 17, 2012; May 28, 2014; Mar. 22, 2016)

1. To collect personal information without obtaining the consent of a user in violation of Article 22(1) including the case of application mutatis mutandis pursuant to Article 67;

2. To collect personal information which is most likely to infringe upon the right and interest, or the privacy, of an individual without obtaining the consent of the subject in violation of Article 23(1) including the case of application mutatis mutandis pursuant to Article 67;

3. To utilize personal information in violation of Article 24 including the case of application mutatis mutandis pursuant to Article 67;

4. To provide personal information to a third party in violation of Article 24-2 including the case of application mutatis mutandis pursuant to Article 67;

5. To entrust handling of personal information without obtaining the consent of a user in violation of Article 25(1) including the case of application mutatis mutandis pursuant to Article 67;

5-2. To allow negligent management, supervision or education under Article 25(4), including the case of application mutatis mutandis pursuant to Article 67, to cause the trustee in violation of Chapter IV;

6. To leave the personal information of a user lost, stolen, leaked, forged, altered or damaged, and fail to take measures required by Articles 28(1) ii through v including the case of application mutatis mutandis pursuant to Article 67;

7. To collect the personal information of a minor of age below 14 without obtaining the consent of his/her legal representative in violation of Article 31(1) including the case of application mutatis mutandis pursuant to Article 67; or 8. To provide the personal information of users abroad without obtaining their consent thereto in violation of the main sentence of Article 63(2).

(2) In case the penalty surcharge is imposed pursuant to paragraph (1), if such information and communications service provider, etc. denies to submit data for the calculation of sales or submits false data, its sales amount may be estimated on the basis of financial statements and other accounting information of the information and communications service provider, etc. with a similar size, and the business data including the number of subscribers, tariff table of users, etc. provided, however, that, in such a case of no sales report at all or the difficulty to calculate the amount of sales as prescribed by the Presidential Decree, the penalty surcharge of not more than 400 million won may be imposed to such operator.

(3) When imposing the penalty surcharge pursuant to paragraph (10, the Korea Communications Commission shall take the particulars stated in the following subparagraphs into consideration:

1. The substance and status of violations;

2. The duration and times of violations; and

3. The size of profit acquired out of violations.

(4) The penalty surcharge pursuant to paragraph (1) shall be assessed with the provision of paragraph (3) taken into consideration, but the detailed criteria and procedure for the assessment of penalty surcharge shall be prescribed by the Presidential Decree.

(5) When the person, who is required to pay the penalty surcharge pursuant to paragraph (1), fails to pay the penalty surcharge until the due date, the Korea Communications Commission shall collect the additional charge amounting to six percent per annum (6% p.a.) of such penalty surcharge for the period from the following day of the due date.

(6) When the person, who is required to pay the penalty surcharge pursuant to  paragraph (1), fails to pay the penalty surcharge until the due date, the Korea Communications Commission shall press for the payment by designating the extended period. If and when the person fails to pay the penalty surcharge and the additional charge for the extended period pursuant to paragraph (5), the Korea Communications Commission finally shall collect the penalty surcharge and the additional charge likewise by the disposition for recovery of the National Tax arrears.

(7) In case the penalty surcharge imposed pursuant to paragraph (1) is refunded owing to the court judgment, etc., the additional fee in the amount of six percent per annum (6% p.a.) of such penalty surcharge to be refunded shall be paid for the period from the payment date of penalty surcharge to the refund date.

Article 64-4 (Hearings)

The Minister of Science, ICT and Future Planning or the Korea Communications Commission shall hold hearings in case any of the following subparagraphs shall apply:

1. Where it intends to withdraw the designation of the certification agency pursuant to Article 9(2);

2. Where it intends to withdraw the designation of the identification agency pursuant to Article 23-4(1);

3. Where it intends to cancel the DPMS certification pursuant to Article 47(10) including the case of application mutatis mutandis pursuant to Article 47-3(3);

4. Where it intends to withdraw the designation of the DPMS Certification Agency pursuant to Article 47-2(1) including the case of application mutatis mutandis pursuant to Article 47-3(4);

5. Where it intends to cancel the data protection management degree pursuant to Article 47-5(4); or

6. Where it intends to cancel the registration pursuant to Article 55(1).

(Article Inserted Dec. 1, 2015)

Article 65 (Delegation and Entrustment of Authority)

(1) The authority of the Minister of Science, ICT and Future Planning or the Korea Communications Commission under this Act may be delegated or entrusted in part to the head of its administrative agency under the control of the Ministry of Science, ICT and Future Planning or the head of the Regional Post Agency in such a manner as prescribed by the Presidential Decree.

(2) The Minister of Science, ICT and Future Planning may entrust the Project to promote the utilization of the information and communications networks, etc. pursuant to Article 13 to the National Information Society Agency (NIA) established pursuant to Article 14 of the Nation’s Informatiztion Framework Act in such a manner as prescribed by the Presidential Decree.

(3) The Minister of Science, ICT and Future Planning or the Korea Communications Commission may entrust doing job to request the submission of, and inspect, the materials pursuant to Articles 64(1) and (2) to KISA in such a manner as prescribed by the Presidential Decree.

(4) The provision of Article 64(8) shall apply mutatis mutandis to the employees of KISA who are subject to paragraph (3).

Article 65-2 Deleted

Article 66 (Confidentiality, etc.)

Any person who is or was engaged in the business stated in the following subparagraphs shall not leak secrets acquired while performing his/her duties to any other person, or use such secrets for other purposes than the initial duties; provided, however, that the same shall not apply where other acts specifically prescribe otherwise:

1. Deleted

2. Certification of DPMS under Article 47;

2-2. Certification of PIMS under Article 47-3;

3. Assessment of the data protection system under Article 52(3) iv;

4. Deleted

5. Mediation of any dispute conducted by the defamation dispute mediation panel under Article 44-10.

Article 67 (Application mutatis mutandis to Broadcasting Service provider)

(1) The provisions of Chapter IV shall apply mutatis mutandis to the person who falls under Article 2 iii Items a through e and Article 2 vi, ix, xii and xiv of the Broadcasting Act, and would collect, use and provide to a third party personal information of audience and viewers. In this case, the “information and communications service provider” and the “information and communications service provider, etc.” shall be deemed the “person who falls under Article 2 iii Items Ga through Ma and Article vi, ix, xii and xiv of the Broadcasting Act,” and the “user” shall be deemed the “audience and viewers,” respectively.

(2) The provisions of Articles 22, 23, 23-2 through 23-4, 24, 24-2, 26, 26-2, 27, 27-2, 27-3, 28, 28-2, 29, 30, 30-2 and 31 shall apply mutatis mutandis to the trustee as prescribed in Article 25(1).

(Article Inserted Feb. 17, 2012)

Article 68 Deleted (Mar. 22, 2010)

Article 68-2 Deleted (Jun. 22, 2015)

Article 69 (Legal Fiction of Officials in Applying Penal Provisions)

The officers and employees of NIA and KISA, who are conducting the job entrusted by the Minister of Science, ICT and Future Planning or the Korea Communications Commission pursuant to Articles 65(2) and (3), shall be deemed government officials in the application of Articles 129 through 132 of the Criminal Act.

Article 69-2 (Accusation)

(1) When the Korea Communications Commission deems any of the subparagraphs of Article 64-3(1) to be applicable, the Commission may accuse the breaching information and communications service provider, etc. to the investigation authorities including the prosecution office.

(2) The Korea Communications Commission may recommend the information and communications service provider, etc. in violation of this Act in relation to personal information protection to take a disciplinary measure of the person responsible therefor (including a representative and/or director and officer responsible in charge). In this case, the person who has received such recommendation shall be respectful of it and notify the Korea Communications Commission of the result. (Inserted Mar. 22, 2016)

CHAPTER X.- PENAL PROVISIONS

Article 70 (Penal Provisions)

(1) Any person who has defamed other person by alleging openly facts via the information and communications networks with the purpose of slandering him/her shall be subject to imprisonment with prison labor for not more than 3 years or by a fine not exceeding 30 million won. (Amended May 28, 2014)

(2) Any person who has defamed other person by alleging openly false facts via the information and communications networks with the purpose of slandering him/her shall be subject to imprisonment with prison labor for not more than 7 years or the suspension of qualification for not more than 10 years, or by a fine not exceeding 50 million won.

(3) The offense stated in paragraphs (1) and (2) shall not be indicted against the will expressed by the victim.

Article 70-2 (Penal Provisions)

Any person who has relayed or distribute malicious programs in violation of Article 48(2) shall be subject to imprisonment with prison labor for not more than 7 years or by a fine not exceeding 70 million won.

Article 71 (Penal Provisions)

(1) Any person referred to in the following subparagraphs shall be subject to imprisonment with prison labor for not more than 5 years or by a fine not exceeding 50 million won:

1. A person who has collected the personal information of users without the consent of users in violation of Article 22(1) including the case of application mutatis mutandis under Article 67;

2. A person who has collected the personal information likely to excessively infringe upon the right, interest and privacy of the individual without the consent of users in violation of Article 23(1) including the case of application mutatis mutandis under Article 67;

3. A person who has utilized the personal information of users, provided such personal information to a third party, or received such personal information knowingly for profit or unjust purposes in violation of Articles 24, 24-2(1) and (2) or 26(3) including the case of application mutatis mutandis under Article 67;

4. A person who has entrusted handling of the personal information without the consent of users in violation of Article 25(1) including the case of application mutatis mutandis under Article 67;

5. A person who has damaged, infringed upon or leaked the personal information of users in violation of Article 28-2(1) including the case of application mutatis mutandis under Article 67;

6. A person who has received the personal information for profit or unjust purposes knowing such information leaked out in violation of Article 28-2(2);

7. A person who has provided or utilized the personal information without taking necessary measures in violation of Article 30(5) including the case of application mutatis mutandis under Articles 30(7), 31(3) and 67;

8. A person who has collected the personal information of a minor below 14 without the consent of his/her legal representative in violation of Article 31(1) including the case of application mutatis mutandis under Article 67;

9. A person who has conveyed or distributed malicious programs in violation of Article 48(2);

10. A person who has caused troubles in the information and communications networks in violation of Article 48(3); and

11. A person who has damaged the information of other person, or infringed upon, stolen or leaked the secrets of other person in violation of Article 49.

(2) An attempted crime of paragraph (1) ix shall be punished. (Inserted Mar. 22, 2016)

Article 72 (Penal Provisions)

(1) Any person referred to in the following subparagraphs shall be subject to imprisonment with prison labor for not more than 3 years or by a fine not exceeding 30 million won: (Amended Jan. 20, 2015; Mar. 27, 2015)

1. A person who has infiltrated the information and communications networks in violation of Article 48(1);

2. A person who has collected the personal information of other person in violation of Article 49-2(1);

2-2. A person who has transmitted the advertisement information in violation of Article 50-8 taking advantage of large-scale catastrophic situation subject to 14(1) of the Framework Act on the Management of Disasters and Safety;

3. A person who has done business without registration required by Article 53(1);

4. A person who has lent money, or has arranged, intermediated, solicited and promoted such transaction by conducting action applicable to any of the following Items:

a. To do transactions of communications billing services by pretending to sell or provide the goods or services, or exceeding the real sales, or to let others do so on his/her behalf; or

b. To purchase the goods or services at a discount which were bought or used by the user of communications billing services just after such user was induced to buy or use such goods or services by means of the communications billing services.

5. A person who has leaked the secrets to other person acquired while performing his/her duties, or utilized such secrets for other purpose than the initial duties in violation of Article 66.

(2) Deleted (Mar. 22, 2016)

Article 73 (Penal Provisions)

Any person referred to in the following subparagraphs shall be subject to imprisonment with prison labor for not more than 2 years or by a fine not exceeding 20 million won: (Amended May 28, 2014; Mar. 22, 2016)

1. A person who has lost, stolen, leaked, forged, altered or damaged the personal information of users by failing to take such technological and managerial measures as prescribed in Articles 28(1) ii through v including the case of application mutatis mutandis under Article 67;

1-2. A person who fails to destroy personal information in violation of Article 29(1) including the case of application mutatis mutandis under Article 67;

2. A person who has provided media materials harmful to the youth for profit without indicating the harmful nature in violation of Article 42;

3. A person who has transmitted to the youth, or exhibit publicly without taking any measure off-limits to the youth the information to advertize the media materials harmful to the youth in violation of Article 42-2;

4. A person who has used the information of users for other purposes tan filing civil or criminal lawsuits;

5. A person who has not observed the order of the Korea Communications Commission pursuant to Articles 44-7(2) and (3);

6. A person who has not preserved the relevant materials in violation of the order pursuant to Article 48-4(3);

7. A person who has enticed other person to provide with personal information in violation of Article 49-2 (1); or

8. A person who has not observed the order pursuant to Article 61.

Article 74 (Penal Provisions)

(1) Any person referred to in the following subparagraphs shall be subject to imprisonment with prison labor for not more than 1 year or by a fine not exceeding 10 million won: (Amended Feb. 17, 2012; May 28, 2014)

1. A person who has put any label on goods, or sold such goods bearing such label or displayed such goods for the purpose of selling them in violation of  Article 8 (4);

2. A person who has distributed, sold, rented, or openly displayed lascivious codes, letters, sounds, images or video clips in violation of Article 44-7(1) i;

3. A person who has repeatedly sent codes, letters, sounds, images or video clips inciting fears and uneasiness to other person in violation of Article 44-7(1) iii;

4. A person who has taken measures in violation of Article 50(5);

5. Deleted (May 28, 2014)

6. A person who has transmitted advertisement information in violation of Article 50-8; or

7. A person who has not registered the change of the registry nor reported business transfer, or the merger and succession of business in violation of Article 53(4).

(2) The offense stated in paragraph (1) iii shall not be indicted against the Will expressed by the victim.

Article 75 (Joint Penal Provisions)

If a representative of a corporation, or the agent, manager or other employee of a corporation or an individual violated the provisions of Articles 71 through 73 or 74 (1) with respect to the business of such corporation or individual, the actor shall be punished, but also the corporation or individual shall be subject to a fine prescribed in the relevant Article; provided, however, that the same shall not apply where such corporation or individual was not negligent in taking due care and supervisory duty to do the relevant business.

Article 75-2 (Confiscation and Additional Imposition of Fine)

The monies or other profits acquired by a person who committed any of the crimes set forth in Article 71(1) i through viii, Article 72(1) ii and Article 73 i, i-2, vii in relation to the relevant violations may be confiscated, and, if such confiscation is impossible, its equivalent amount may be imposed additionally. In this case, such confiscation or additional imposition my be levied in addition to other punishment. (Inserted Mar. 22, 2016)

Article 76 (Fine for Negligence)

(1) A person who is referred to in the following subparagraphs and abets other person to do the action applicable to Items 7 through 11 shall be subject to a fine for negligence not exceeding 30 million won: (Amended Mar. 29, 2011; Feb. 17, 2012; Mar. 23, 2013; May 28, 2014; Jun. 22, 2015; Dec. 1, 2015; Mar. 22, 2016)

1. A person who has denied services in violation of Articles 22-2(2) or 23(3) including the case of application mutatis mutandis under Article 67;

1-2. A person who has failed to take measures necessary for the protection of personal information of users including methods of consent to, and withdrawal from, the authorized access in violation of Article 22-2(3) including the case of application mutatis mutandis under Article 67;

2. A person who collects and uses resident registration numbers in violation of Article 23-2(1) or fails to take necessary measures in violation of Article 23-2(2) including the case of application mutatis mutandis under Article 67;

2-2. A person who has failed to notify or report to users, the Korea Communications Commission and KISA in violation of Article 27-3(1) including the case of application mutatis mutandis under Article 67, or delays exceeding 24 hours to notify or report with no justifiable reasons;

2-3. A person who has failed to explain or deceptively explained subject to Article 27-3(3);

3. A person who has failed to take technological and managerial measures as prescribed in Articles 28(1) i and vi including the case of application mutatis mutandis under Article 67);

4. A person who has failed to destroy personal information in violation of Article 29(2) including the case of application mutatis mutandis under Article 67;

5. A person who has failed to take necessary measures in violation of Articles 30(3), (4) and (6) including the case of application mutatis mutandis under Articles 30(7), 31(3) and 67);

5-2. A person who has failed to notify the detailed statement on the use of the personal information in violation of the main sentence of Articles 30-2(1) including the case of application mutatis mutandis under Article 67;

6. Deleted (May 28, 2014)

6-2. A person who has failed to report the designation of the chief privacy officer in violation of Articles 45-3 (1);

6-3. A person who has failed to obtain the DPMS certification in violation of Articles 47 (2);

7. A person who has transmitted advertisement information made for profit in violation of Articles 50 (1) through (3);

8. A person who has failed to indicate advertisement information or indicated fraudulently in violation of Articles 50 (4) or (5);                                                            

9. A person who has got the addressee charged the cost in violation of Article 50 (6);

9-2. A person who has failed to confirm the consent to receive in violation of Articles 50(8);

10. A person who has installed the programs without obtaining the consent of users in violation of Article 50-5;

11. A person who has posted advertisement information made for profit on the Internet homepage in violation of Article 50-7 (1) or (2); or

12. A person who has not observed the order to take corrective measures delivered by the Minister of Science, ICT and Future Planning or the Korea Communications Commission pursuant to Article 64(4) in violation of this Act.

(2) A person referred to in the following subparagraphs shall be subject to a fine for negligence not exceeding 20 million won: (Amended Mar. 22, 2016)

1. A person who has failed to make public or notify the users of entrusting the handling of personal information in violation of Article 25(2) including the case of application mutatis mutandis under Article 67;

1-2. A person who has re-entrusted to a third person without obtaining the consent of the initial information and communications service provider, etc. In violation of Article 25(7) including the case of application mutatis mutandis under Article 67;

2. A person who has failed to notify the users of transferring the personal information in violation of Articles 26(1) and (2) including the case of application mutatis mutandis under Article 67;

3. A person who has failed to designate the officer in charge of data protection in violation of Article 27(1) including the case of application mutatis mutandis under Article 67;

4. A person who has failed to make public the personal information policy statement in violation of Article 27-2(1) including the case of application mutatis mutandis under Article 67; or

5. A person who has provided the personal information of users abroad without disclosing all the items of subparagraphs of Article 63(3) or informing users of such fact in violation of the proviso of Article 63(2).

(3) A person referred to in the following subparagraphs shall be subject to a fine for negligence not exceeding 10 million won: (Amended Apr. 5, 2011; Feb. 17, 2012; Jun. 22, 2015; Dec. 1, 2015; Mar. 22, 2016)

1. Deleted (Jun. 22, 2015)

2. Deleted (Jun. 22, 2015)

2-2. A person who has conducted the identification operations without appropriate designation of the identification agency in violation of Article 23-3(1);

2-3. A person who has failed to notify to users, or report to the Korea Communications Commission, the recess of the identification operations pursuant to Article 23-3(2) or the repeal of the identification operations pursuant to Article 23-3(3);

2-4. A person who continues to conduct identification operations in spite of the suspension of identification operations or withdrawal of designation of the identification agency pursuant to Article 23-4(1);

2-5. A person who fails to entrust processing personal information to a trustee in writing in violation of Article 25(6) including the case of application mutatis mutandis under Article 67;                                                                                                                         

3. A person who has failed to designate the officer in charge of youth protection in violation of Article 42-3(1);

4. A person who has failed to keep information in custody in violation of Article 43;

5. A person who has failed to insure the information and communications facilities in violation of Article 46 (2);

6. Deleted (Dec. 1, 2015);

7. A person who has made fraudulent promotion on the result of authentication of the data protection management system in violation of Articles 47(9) and 47-3(3);

8. Deleted

9. Deleted

10. A person who has failed to inform the user of software in violation of Article 47-4(3);

11. A person who has not observed the order of correction pursuant to Article 48-2(4);

12. A person who has obstructed, rejected or dodged the entry and inspection of business pursuant to Article 48-4 (4);

12-2. A person who has failed to observe the order of the Minister of Science, ICT and Future Planning or the Korea Communications Commission in violation of Article 49-2(4).

12-3. A person who has failed to inform to the addressee the result after processing prior consent, refusal to receive or withdrawal of consent in violation of Article 50(7).

12-4. A person who fails to take necessary measure in violation of Article 50-4(4).

13. A person who has used the name of KISA in violation of Article 52(6);

14. A person who has failed to report the recess, closure or dissolution of business in violation of Article 53(4);

15. A person who has failed to report the general terms and conditions of business in violation of Article 56(1);

16. A person who has failed to take managerial and technological measures in violation of Article 57(2);

17 through 21. Omitted 4)

22. A person who has failed to submit related goods and documents, etc. pursuant to Article 64(1) or submitted false goods and documents, etc.;

23. A person who has denied the access to data and request of data production pursuant to Article 64(2); or

24. A person who has rejected, obstructed or dodged the entry and inspection of business pursuant to Article 64(3).

(4) The fine for negligence stated in paragraphs (1) through (3) shall be imposed and collected by the Minister of Science, ICT and Future Planning or the Korea Communications Commission as prescribed by the Presidential Decree.

(5) Any person who is dissatisfied with a fine for negligence imposed pursuant to paragraph (4) may file an objection with the Minister of Science, ICT and Future Planning or the Korea Communications Commission within 30 days from the day of notification of such disposition.

(6) If any person who has been subject to a fine for negligence pursuant to paragraph (4) filed an objection pursuant to paragraph (5), the Minister of Science, ICT and Future Planning or the Korea Communications Commission shall promptly notify the competent court of the fact, and the competent court shall, upon receiving the notification thereof, put the case on trial in accordance with the Non-Contentious Litigation Procedure Act.

(7) If any person fails to file an objection within the period under paragraph (5) and would not pay the fine for negligence, the fine for negligence in question shall be collected likewise by the disposition for recovery of the national taxes in arrears.

ADDENDA

(Act nº 6360, January 1, 2001)

Article 1 (Enforcement Date)

This Act shall enter into force on July 1, 2001.

Articles 2 and 3. Omitted

Article 4 (Transitional Measures Regarding Application of Penal Provisions)

The application of the penal provisions to any act committed prior to the enforcement of this Act shall be governed by the previous provisions.

Article 5. Omitted

Article 6 (Relations to Other Acts and Regulations)

If other acts and regulations cite the former “Act on the Promotion, etc. Of  Utilization of Information System” or its provisions at the time of enforcement of this Act and if there exist corresponding provisions thereto in this Act, this Act or the corresponding provisions in this Act shall be regarded as being cited.

ADDENDA

Omitted for the period from December 2001 to December 2008.

ADDENDA

(Act nº 9637, July 23, 2009)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 3 months elapse after its promulgation for the establishment of the Korea Internet and Security Agency.

Articles 2 and 3 Omitted

Article 4 (Amendment to Other Acts) Omitted

Article 5 (Relations to Other Acts and Regulations)

If other acts and regulations cite the former “Act on Promotion of Information and Communications Network Utilization and Data Protection, etc.” or its provisions at the time of enforcement of this Act and if there exist corresponding provisions thereto in this Act, this Act or the corresponding provisions in this Act shall be regarded as being cited.

ADDENDUM

(Act nº 10138, March 17, 2010)

This Act shall enter into force on the day of promulgation.

ADDENDA

(Act nº 10165, September 23, 2010)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 6 months elapse after its promulgation.

Articles 2 through 5 Omitted

Article 6 (Amendment to Other Acts)

(9) The part of the Act on Promotion of Information and Communications Network Utilization and Data Protection, etc. shall be amended as follows:

Article 68 shall be deleted.

Article 7 Omitted

ADDENDA

(Act nº 10465, September 30, 2011)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 6 months elapse after its promulgation (in line with the enforcement the Personal Information Protection Act).

Articles 2 through 5 Omitted

Article 6 (Amendment to Other Acts)

(11) The part of the Act on Promotion of Information and Communications Network Utilization and Data Protection, etc. shall be amended as follows: (. . .) the Minister of Public Administration and Security, the Minister of Knowledge and Economy or the Korea Communications Commission shall read the Minister of Knowledge and Economy or the Korea Communications Commission; and the Minister of Public Administration and Security or the Korea Communications Commission shall read the Korea Communications Commission, respectively.

Article 7 Omitted

ADDENDA

Omitted for the period from April 2011 to September 2011.

ADDENDA

(Act nº 11322, August 18, 2012)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 6 months elapse after its promulgation; provided, however, that the revised provisions of Articles 45, 45-2, 45-3, 46-3, 47, 47-2, 47-3, 47-5, 52(3) vii, 66 and 76(3) vi through ix shall enter into force one year after its promulgation.

Article 2 (Transitional Measures Regarding the Restriction of Collection and Use of Resident Registration Number)

(1) The information and communications service provider, who has provided membership application method by means of resident registration number at the time of enforcement of this Act, shall destroy its resident registration number data within two years therefrom; provided, however, that the same shall not apply to any of the subparagraphs of Article 23-2(1).

(2) The failure to destroy the resident registration number data within the period prescribed in paragraph (1) shall be deemed in violation of the revised provision of Article 23-2(1).

Article 3 (Transitional Measures Regarding the Repeal of Data Protection Safety Diagnosis)

Omitted

Article 4 (Transitional Measures Regarding the Authentication of Personal Information Protection Management System)

Omitted

Article 5 (Transitional Measures Regarding Fine for Negligence)

The application of the fine for negligence to any act committed prior to the enforcement of this Act shall be governed by the previous provisions.

ADDENDA

(Act nº 11690, March 23, 2013)

Article 1 (Enforcement Date)

(1) This Act shall enter into force on the day of promulgation.5)

(2) Omitted

Articles 2 through 5 Omitted

Article 6 (Amendment to Other Acts)

(687) The part of the Act on Promotion of Information and Communications Network Utilization and Data Protection, etc. shall be amended as follows: (. . .) the Minister of Knowledge and Economy shall read the Minister of Science, ICT and Future Planning.

ADDENDA

(Act nº 12681, May 28, 2014)

Article 1 (Enforcement Date)

(1) This Act shall enter into force on the day when 6 months elapse after its promulgation; provided, however, that the revised provisions of Articles 44(3), 44-5 and 76(1) vi shall enter into force on the day of promulgation.

Article 2 (Transitional Measures Regarding Penalty Surcharge and Penal Provisions)

The application of the penalty surcharge and penal provisions to any act committed prior to the enforcement of this Act shall be governed by the previous provisions.

ADDENDA

(Act nº 13344, July 22, 2015)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 6 months elapse after its promulgation.

Article 2 (Exemplary Application of Administrative Disposition)

The amendments of Article 55(1) shall apply to the administrative disposition on the violations prior to the enforcement of this Act.

ADDENDA

(Act nº 13520, December 1, 2015)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 6 months elapse after its promulgation; provided, however, that the amendments of Articles 29(2) and (3) shall enter into force on the day of promulgation.

Article 2 (Exemplary Application of Destruction, etc. of Personal Information)

The amendments of Article 29(2) and (3) shall apply to the personal  information collected and transferred prior to the entry into force of the said amendments.

Article 3 (Exemplary Application of Omission of DPMS Certification Examination)

The amendments of Article 47(3) shall apply to the person who applied for the DPMS certification prior to the enforcement of this Act, and has undergone the said procedure.

Article 4 (Transitional Measures Regarding DPMS Certification)

The imposition of the fine for negligence on the violations prior to the enforcement of this Act shall be subject to the previous penal provisions.

ADDENDA

(Act nº 14080, March 22, 2016)

Article 1 (Enforcement Date)

This Act shall enter into force on the day when 6 months elapse after its promulgation; provided, however, that the amendments of Articles 22(2), 76(1) i and 76(1) i-2 shall enter into force when one year elapses after promulgation; the amendments of Articles 32(2) and (3), 32-2(3) on July 25, 2016; the amendment of Article 52(4) on the day of promulgation, respectively.

Article 2 (Exemplary Application of Damages)

The amendments of Articles 32(2), 32(3) and 32-2(3) shall apply to the claim for damages arising out of the loss, theft, leakage, forgery, alteration of, or damage to, personal information after the entry into force of the same amendments.

Article 3 (Transitional Measures Regarding Guide of Data Exposed to Violations)

The information and communications service provider shall establish the facilities to send guide message to users pursuant to the amendment of Article 49-2(3) within six months after the promulgation of this Act.

Article 4 (Transitional Measures Regarding Penal Provisions)

In case of application of penal provisions against violations prior to the entry into force of this Act, the previous provisions shall apply.

Article 5 (Amendment to Other Act)

The part of the Internet Address Resources Act shall be amended as follows:

Of the first sentence of Article 15(2), “Article 71 i” shall be “Article 71(1) i”, and “Article 76(1) i through v” shall be “Article 76(1) i through v (excluding Article 76(1) i-2)”

——————————————————–

1) Translation of the provisions of Articles unrelated with data protection is Omitted

2) The provisions regarding the Personal Information Dispute Mediation Committee were deleted on March 29, 2011 when the Personal Information Protection Act was promulgated.

3) In this Act, the penalty surcharge means the administrative penalty.

4) These are violators in relation to communications billing services.

5) This amendment was in line with the enforcement of the newly amended Government Organization Act.