UK organizations will be able to securely share personal data with the Republic of Korea before the end of the year when the UK finalizes legislation for its first independent decision on eligibility.
Allowing companies in both countries to share data without restrictions will make it easier for them to operate and grow. Once in force, the legislation is expected to reduce administrative and financial burdens for UK businesses by £11 million a year, and exports to South Korea are expected to increase by £3.8 million annually.
Personal data is information relating to an individual, such as a name or email address, and data must be protected to a high standard to ensure that it is collected, shared and used reliably.
After agreeing in principle to the Data Sufficiency Agreement in July 2022, the UK government has completed its full assessment of the Republic of Korea’s personal data legislation. The government has concluded that the Republic of Korea has strong privacy laws in place that protect data transfers to South Korea while maintaining the rights and protections of UK nationals.
In the past, organizations had to have costly and time-consuming contractual safeguards, such as standard data protection clauses and binding corporate policies. The new freedom will open up opportunities for many SMEs that may have avoided international data transfers to Korea because of these burdens.
Removing barriers to data transfer will also boost research and innovation by making it easier for experts to work together on medical treatments and other vital research that could save lives in the UK. For example, the secure international transfer of personal information is necessary to develop effective medical treatments such as vaccines.
UK Data Protection Secretary Julia Lopez met with representatives of the Korean Privacy Commission today to mark the legislation being introduced in Parliament, which is expected to come into force from 19 December.
This is the UK’s first decision to recognize an adequate preferential treatment after leaving the European Union (EU).
The UK’s eligibility decision is broader than the EU’s deal with South Korea. The most important difference between the two agreements is that UK institutions will be able to share personal data related to credit information with the Republic of Korea to help identify customers and verify payments. The ability to share this type of data will help UK companies with a presence in the Republic of Korea to promote credit, lending, investment and insurance activities in the Republic of Korea.
Data Secretary Julia Lopez said: “By the end of the year, businesses will be able to share data freely with the Republic of Korea – safe in the knowledge that it will be protected to the high privacy standards we expect in the UK.
Removing unnecessary burdens on business will help unleash innovation, drive growth and improve lives in both our countries.”
The Republic of Korea is one of the UK’s fastest-growing markets, with more than two-thirds of UK service exports to the data-rich country.
John Edwards, the UK’s Chief Information Officer, said: “We are supporting the Government in carrying out due diligence to enable personal data to flow freely to trusted partners around the world.
“We advised the government during this evaluation of the Republic of Korea, and we are pleased with the government’s recognition of similar data protection rights and protections in Korean law.” This will bring certainty to UK businesses and reduce the burden of compliance, while ensuring that people’s data is handled responsibly.”