This is an update to our previous newsletter titled, “Key Details of the MSIT’s Measures to Strengthen the Stability of Digital Services” (Link) dated April 24, 2023.
The proposed amendments to the Enforcement Decree of the Network Act and the Enforcement Decree of the Broadcasting Communications Development Act entered into force on July 3, 2023. There have been no changes to the major obligations of the relevant business entities since the pre-announcement period of the proposed amendments in March 2023.
Moreover, (i) after the proposed amendment to the Enforcement Decree of the Network Act entered into force, a proposed amendment to the Guidelines for Protection of Internet Data Center Facilities was pre-announced; and (ii) after the proposed amendment to the Enforcement Decree of the Broadcasting Communications Development Act entered into force, the Ministry of Science and ICT (the “MSIT”) designated telecommunications business operators subject to mandatory disaster management. For further details, please refer to the paragraphs below.
1. |
Pre-announcement of Amendment to the Guidelines for Protection of Internet Data Center Facilities |
The MSIT pre-announced the proposed amendment to the Guidelines for Protection of Internet Data Center Facilities (hereby referred to as the “Proposed Amendment”) on August 8, 2023. The purpose of the Proposed Amendment is to specify the standards of protective measures to be taken by the following business entities:
-
Data center operators with a floor area of 500m2 or more:
- |
Data center operators providing their own services that have (i) a sales revenue of KRW 10 billion or more in the prior year, and (ii) 1 million or more daily average domestic users. |
- |
Data center operators providing services to third parties (not subject to the requirements (i) and (ii) mentioned above). |
-
Service providers that exclusively operate/manage leased facilities: Business entities that (i) directly install and/or operate facilities necessary for protective measures (i.e., batteries, UPS, etc.), or (ii) implement access controls that completely prohibit a third party’s access to the leased facilities.1
Upon the enforcement of the Proposed Amendment, the aforementioned business entities will be subject to more stringent obligations as detailed below.
-
The power system of each sector shall be managed separately to minimize the shutdown area in the event of a power shutdown.
-
Dual backup power facilities shall be secured to supply power even in the event of a disaster, and each backup power facility shall be installed in a separate area.
-
A required distance of approximately 1m (depending on the situation) (i) between a rechargeable battery and a wall, and (ii) between rechargeable batteries.
-
Oil tanks shall be placed in an area separated by a firewall.
The pre-announcement period of the Proposed Amendment is from August 8, 2023 to August 29, 2023.
2. |
Designation of Telecommunications Business Operators Subject to Mandatory Disaster Management |
On July 28, 2023, the MSIT designated telecommunications service providers subject to mandatory disaster management for value-added telecommunications services and data centers. The following businesses are obligated to establish and implement a master plan:
-
VSPs: A total of seven VSPs, including Naver, Kakao, Samsung Electronics, Google, Meta Platforms, Netflix Services Korea and Amazon Web Services (AWS)
-
Data center operators: A total of eight data center operators, including KT Cloud, LG U+, SK Broadband, Samsung SDS, LG CNS, SK C&C, Naver Cloud and MS 5673 Korea
As the MSIT will provide prior notice to telecommunications service providers subject to mandatory disaster management, it is advisable for relevant parties to monitor the situation and confirm if/when they receive such notices.
1 MSIT press release (dated June 27, 2023) titled, “Resolution by the State Council on the Proposed Amendment to the Enforcement Decree of the Three Digital Safety Acts to Strengthen Digital Disaster Management.”