AI Law and Regulation in South Korea

Introduction

South Korea has emerged as a leading jurisdiction for artificial intelligence regulation, combining a robust data protection framework with proactive government AI ethics guidelines. The convergence of the Personal Information Protection Act (PIPA) , sectoral regulation, and soft-law governance creates a multi-layered regime that addresses AI development, deployment, and liability.

Personal Information Protection Act (PIPA)

Enacted in 2011 and substantially amended in 2023, PIPA is the cornerstone of AI-related data regulation in South Korea. The 2023 amendments introduced:

  • Right to automated decision-making explanation and objection (Article 37-2)
  • Data portability rights
  • Pseudonymized data processing for research and statistical purposes
  • CCTV and biometric data enhanced protections

PIPA’s broad definition of “personal information” captures AI training data, requiring explicit consent or statutory grounds for processing. The Personal Information Protection Commission (PIPC) has issued Guidelines for the Processing of Personal Information in the AI Industry (2021), emphasizing privacy-by-design and data minimization.

AI Ethics Framework

The government published “AI Ethics Guidelines” (2020) adopted as the “AI Ethics Standard” by the Ministry of Science and ICT (MSIT). Three core principles govern:

  • Human dignity: AI must serve human welfare
  • Public interest: AI should not harm society
  • Responsibility: Developers and deployers bear accountability

The “National AI Ethics Committee” (2021) advises on ethical standards and reviews public-sector AI projects.

Sectoral AI Regulation

Autonomous Vehicles

The Act on the Promotion and Regulation of Autonomous Vehicles (2020) establishes a regulatory sandbox, safety certification, and liability rules for Level 3+ autonomous driving. Manufacturers bear strict liability for defects.

Medical AI

The Medical Device Act governs AI-based diagnostic and treatment tools. The Ministry of Food and Drug Safety (MFDS) classifies AI software as medical devices, requiring clinical validation and quality management certification.

Finance

The Financial Services Commission (FSC) issued AI Guidelines for the Financial Sector (2022), requiring explainability, fairness testing, and risk management for credit scoring, insurance underwriting, and robo-advisory systems.

Government AI Strategy

South Korea’s “Digital New Deal” and “National AI Strategy” (2019) commit KRW 1.2 trillion to AI development, including regulatory sandboxes for AI innovation, public-sector AI procurement standards, and international harmonization efforts.

Conclusion

South Korea’s AI law landscape is characterized by strong data protection under PIPA, ethics-by-design governance, and sectoral experimentation. The approach reflects the tension between promoting AI innovation and protecting fundamental rights, a balance that will continue to evolve as the EU AI Act and other international frameworks influence Korean policy.