![Contestants are seen during the first AI Cyber Defense Contest at the Grand Ballroom of Coex in Gangnam District, southern Seoul, on Dec. 1, 2025. [NEWS1]](https://koreajoongangdaily.joins.com/data/photo/2026/01/28/4d1460c5-a71f-4447-b90b-dc91deb7abe1.jpg)
Contestants are seen during the first AI Cyber Defense Contest at the Grand Ballroom of Coex in Gangnam District, southern Seoul, on Dec. 1, 2025. [NEWS1]
Users will now be notified if they are involved in “possible” data leaks, not just definitive cases, and potential threats to their personal information under a new set of data protection measures. Notifications will include information on how to seek compensation for damages.
The government announced during a ministerial meeting on Wednesday that it will gradually implement this cybersecurity framework.
Related Article
The measures focus on high-priority tasks that can be addressed quickly, and they aim to enhance both user protection and corporate responsibility for data security.
As part of the reforms, the government will revise regulations and alert individuals who may be involved in a data breach even if the case has not been confirmed. These notifications will include information such as how to file claims for damages.
In addition, the government plans to expand its dispute management system to cover not just personal data leaks but also damages stemming from other types of security breaches. This system will be implemented through a revision to the Act on Promotion of Information and Communications Network Utilization and Information Protection within the year.
Under the plan, the government will also develop sector-specific security models and launch a dedicated emergency team to identify vulnerabilities in AI systems.
![A person walks by a phone dealership in Seoul on Dec. 23, 2025. [NEWS1]](https://koreajoongangdaily.joins.com/data/photo/2026/01/28/e7f69f69-06b0-45d9-a3e8-804f622fd4dd.jpg)
A person walks by a phone dealership in Seoul on Dec. 23, 2025. [NEWS1]
Both the government and companies will be required to encrypt any critical data. To support this, rules for inspecting infrastructure and the certification standards for information security management systems will be revised.
Institutional tools will be created to encourage businesses to voluntarily enhance their security. Procedures and criteria will be updated to exempt white-hat hackers who discover and report vulnerabilities from liability under certain conditions. Companies that proactively address such vulnerabilities may also be eligible for incentives.
Recognizing that most modern products and services now include digital components, the government will simultaneously develop a broader security policy for general consumer products.
“The planned legal revisions will significantly improve the effectiveness of our national cybersecurity framework,” a government official said. “Additional measures are needed to improve compensation for consumers, expand incentives for the private sector and keep pace with developments in AI technology.”
This article was originally written in Korean and translated by a bilingual reporter with the help of generative AI tools. It was then edited by a native English-speaking editor. All AI-assisted translations are reviewed and refined by our newsroom.
BY JEONG JAE-HONG [[email protected]]