On July 9, 2021, Assemblywoman Jung-suk Yang and ten other assemblymen submitted a proposed amendment to the Act on the Development of Cloud Computing and Protection of Its Users (the “Proposed Amendment”) to the National Assembly.  The Proposed Amendment was subsequently referred to the National Assembly’s Science, Technology, Information and Telecommunication Committee (the “Committee”).  

The key details of the Proposed Amendment are as follows: 

1.   Recommendation for use of private cloud computing services by government agencies, local governments and public institutions (Article 20 of the Proposed Amendment) 

• The existing law requires the government to promote the use of private cloud computing services by public institutions. 

• Many have commented that local governments and public institutions, in addition to government agencies, should also be encouraged to use private cloud computing services and thereby contribute to further development of the cloud computing industry.  

• The Proposed Amendment reflects such opinion and requires local governments and public institutions in addition to government agencies to try to use cloud computing services.  

2.   Grounds for cloud security certification and cancellation (Article 23 and Article 37 of the Proposed Amendment) 

• Under the current legal framework, the Minister of Science and ICT is to (i) establish and announce standards for quality and performance of cloud computing services and data protection and (ii) recommend cloud computing service providers to comply with such standards.  Any matters related to major security certification systems are to be regulated under notices issued by the Ministry of Science and ICT.   

• However, the Proposed Amendment expressly sets forth matters related to security certification and cancellation in order to establish a system for cloud computing technology and strengthen data security. 

The Proposed Amendment will be vetted by the Committee and subsequently reviewed in a plenary session and the cabinet meeting.  Once passed at the National Assembly, the Proposed Amendment will come into effect one year after its promulgation (Addendum of the Proposed Amendment). 

Given the Proposed Amendment’s provisions regarding promotion of cloud computing services and security certification for cloud computing technology, further development of the Proposed Amendment should be monitored. 

[Korean version]