Guidance

UK - Republic of Korea data bridge: supporting documents

These supporting documents relate to the regulations laid by the DCMS Secretary of State for the UK-Republic of Korea data bridge.

Documents

Personal Information Protection Act (Korean language)

The Act on the Use and Protection of Credit Information (Korean language)

Details

The data bridge regulation (previously referred to as data adequacy) made by the UK government of the Republic of Korea came into effect on 19 December 2022.

The Secretary of State for Digital, Culture, Media and Sport laid the data bridge regulation on 23 November 2022, which determined that the Republic of Korea provides an adequate level of protection in respect of transfers of personal data. The scope of the decision is set out in the Statutory Instrument and covers Korean data protection legislation, namely the Personal Information Protection Act (General Law) (‘the PIPA’), with no exemptions.

A data bridge is granted by the UK to countries or jurisdictions which provide adequate standards of protection for personal data. It is the most straightforward mechanism for transferring personal data overseas and can also provide greater certainty and confidence in the regulatory landscape of another country. Once in place, UK-based organisations can transfer personal data to that country without restriction (within the scope of each regulation). In practice this means organisations (of any size) will no longer be required to put in place contractual safeguards.

The documents above provide information for members of the public who wish to review relevant Korean legislation referenced in the Statutory Instrument.

Updates to this page

Published 23 November 2022
Last updated 19 December 2022 + show all updates
  1. Page updated to reflect that the UK-Republic of Korea data bridge regulation (previously referred to as data adequacy) came into effect on 19 December 2022.

  2. First published.

Sign up for emails or print this page