The Korean Communications Commission ("KCC") has recently commenced monitoring mobile apps for their privacy law compliance.  The KCC and the Korea Internet & Security Agency ("KISA"), through an agent, are checking the content of the mobile apps, and when they detect an app to have certain non-compliance issues relating to Korean privacy law and location information law, they are apparently sending out a request to the app developers to explain the non-compliance and to remedy the violation.  Some examples of violations that the KCC and the KISA detected included defective consent procedure, lack of privacy policy, and lack of consent for accessing the information in the mobile device.

The KCC is conducting this monitoring across different industries, including mobile apps developed by foreign developers, if the app can be viewed as falling within the jurisdiction of the Korean privacy laws.  Therefore, if you receive a request from the agent acting on behalf of the KCC and the KISA, you should first determine whether your app appears to be subject to the Korean privacy laws. 

As you may know, Korean privacy laws and location information laws have very strict opt-in requirements, and violations can result in sanctions ranging from an administrative fine to criminal penalties.  Therefore, for companies that develop mobile apps and collect personal information and location information, it would be prudent to check the compliance status.  If you have already received the request for explanation and remedy from the KCC and the KISA, it would be necessary to develop a response plan so as to minimize the risk of sanctions.