korea-pipa

Installation
SKILL.md

South Korea PIPA Compliance

Overview

The Personal Information Protection Act (PIPA, 개인정보 보호법) is South Korea's comprehensive data protection law, originally enacted on 29 September 2011 (Act No. 10465) and significantly amended in 2020 (effective 5 August 2020) and 2023 (effective 15 September 2023). The Personal Information Protection Commission (PIPC, 개인정보보호위원회) is the independent supervisory authority with centralised enforcement jurisdiction since the 2020 amendments consolidated regulatory authority from multiple agencies.

South Korea received an adequacy decision from the European Commission on 17 December 2021, recognising PIPA as providing an adequate level of data protection for GDPR transfer purposes.

Scope and Definitions

Personal Information (Art. 2(1))

Information relating to a living individual that identifies or can identify the individual through the information alone or in combination with other information that can be easily used. Includes:

  • Name, resident registration number, image
  • Information that individually does not identify but can identify when combined with other easily accessible information

Pseudonymised Information (Art. 2(1-2), introduced 2020)

Personal information processed by partially deleting or replacing to make it impossible to identify a specific individual without the use of additional information. Pseudonymised information may be processed for statistical purposes, scientific research, and preservation of records in the public interest without consent (Art. 28-2).

Installs
7
GitHub Stars
187
First Seen
Jun 9, 2026
korea-pipa — mukul975/privacy-data-protection-skills