September 23, 2023

Volume XIII, Number 266


September 22, 2023

Subscribe to Latest Legal News and Analysis

September 21, 2023

Subscribe to Latest Legal News and Analysis

September 20, 2023

Subscribe to Latest Legal News and Analysis

South Korea Looks to Tighten Biometrics Laws Amid Generative AI

On 31 May 2023, South Korea’s Personal Information Protection Commission announced[1] that a research group comprising experts from academia, industry, and law would be set up, with the aim of reviewing the nation’s laws to enhance the protection of data subjects’ biometric information when this data is processed, particularly in light of recent generative artificial intelligence (AI) developments.

Noting that biometric information by its nature is both unique to an individual and immutable, the impact from its misuse or leakage was recognised to be greater. It was also acknowledged that there has been an increase in the use of real-time facial recognition technology targeting an unspecified number of people in public places, and how unfettered use of such technologies could pose a threat to individual privacy rights, as well as freedom of assembly and association.


South Korea is one of many jurisdictions in Asia Pacific, as well as globally, that are looking to address the data privacy and other risks associated with unencumbered AI use. On 11 April 2023, China’s Cyberspace Administration released a set of draft measures[2] for consultation pertaining to generative AI services, and Singapore has also announced that a set of advisory guidelines[3] on the use of personal data in AI systems will be forthcoming.




© Copyright 2023 Squire Patton Boggs (US) LLPNational Law Review, Volume XIII, Number 151

About this Author

Charmian Aw Cybersecurity Corporate Attorney Singapore

For more than 16 years, Charmian Aw has represented market-leading global corporations in navigating the increasingly complex, diverse and fast-evolving tech and data legal landscape in the Asia Pacific region.

Having obtained certifications in information privacy for Asia, Europe and the US (FIP, CIPP/A, CIPP/EU, CIPP/US, CIPM), Charmian has spearheaded multijurisdictional projects (covering up to 82 jurisdictions) on regulatory compliance, data governance, cybersecurity readiness and cross-border transfers.

She has...