South Korea Looks to Tighten Biometrics Laws Amid Generative AI

On 31 May 2023, South Korea’s Personal Information Protection Commission announced[1] that a research group comprising experts from academia, industry, and law would be set up, with the aim of reviewing the nation’s laws to enhance the protection of data subjects’ biometric information when this data is processed, particularly in light of recent generative artificial intelligence (AI) developments.

Noting that biometric information by its nature is both unique to an individual and immutable, the impact from its misuse or leakage was recognised to be greater. It was also acknowledged that there has been an increase in the use of real-time facial recognition technology targeting an unspecified number of people in public places, and how unfettered use of such technologies could pose a threat to individual privacy rights, as well as freedom of assembly and association.

Comment

South Korea is one of many jurisdictions in Asia Pacific, as well as globally, that are looking to address the data privacy and other risks associated with unencumbered AI use. On 11 April 2023, China’s Cyberspace Administration released a set of draft measures[2] for consultation pertaining to generative AI services, and Singapore has also announced that a set of advisory guidelines[3] on the use of personal data in AI systems will be forthcoming.

[1] https://www.korea.kr/common/download.do?fileId=197347637&tblKey=GMN

[2] http://www.cac.gov.cn/2023-04/11/c_1682854275475410.htm

[3] https://www.mci.gov.sg/pressroom/news-and-stories/pressroom/2023/2/speech-by-mrs-josephine-teo-minister-of-communications-and-information-at-the-ministry-of-communications-and-information-committee-of-supply-debate-on-28-february-2023