Representative Lee Soo Jin (Democratic Party of Korea) proposed a partial amendment to the Personal Information Protection Act on January 16.

The amendment to the Personal Information Protection Act, proposed by Rep. Lee, includes adding biometric information that can identify individuals—such as fingerprints, facial data, irises, and palm veins—to the category of sensitive information processing restrictions. It also stipulates that when personal information handlers can provide goods or services without processing sensitive information, they must inform the data subject of this fact and prioritize methods that do not involve processing sensitive information.

In August 2024, HYBE, Interpark Triple, and Viva Republica, the operator of the 'Toss' app, announced plans to introduce facial recognition technology as a means of verifying entry into performance venues. HYBE further revealed that it would implement the first facial recognition system at a fan meeting for artists under its Pledis label.

However, frequent incidents of personal information leaks have occurred recently, including the exposure of over 780,000 records due to hacking and other illegal activities. Problems such as the illegal sale of collected personal information abroad have also surfaced.

While facial recognition for ticketing is promoted as a measure to prevent scalping, caution is necessary, as it could lead to societal problems, such as deepfake-related crimes.

Currently, there are no separate legal provisions specifically regulating biometric information. Instead, the Enforcement Decree of the Personal Information Protection Act governs it as a type of sensitive information. Explicit legal provisions regarding biometric information are necessary, especially as requiring biometric information for purchasing events or sports tickets constitutes excessive demands for sensitive information, necessitating stricter management.

Rep. Lee stated, "Private companies handling personal information must allow audiences to use alternative methods other than facial recognition to access services. Given the serious social issues caused by deepfake sexual crimes, attempts to indiscriminately use customers' facial data in business are excessively intrusive."

She added, "If customers' biometric information is leaked, personal information handlers will face legal penalties under the Personal Information Protection Act."

SEE ALSO: BOYNEXTDOOR Wins #1 + Spectacular Performances on January 16th’s 'M! Countdown'!