K.S. Park spoke at Privacy by Design Conference 2026 held at Tokyo Innovation Base on January 28, 2026 (session: Towards cross-border privacy protection: New collaboration between consumer and digital rights groups). He focused on the increasing trend of massive data breaches taking place in Asia Pacific (including Korea where massive data breaches in the biggest data controllers such as SK Telecom, KT, LG U+ have taken place almost on a monthly basis, culminating with Coupang) and proposed collaboration among digital rights groups to enhance the data protection chapters/provisions in the trade treaties by adding the requirements that:
- the State Parties provide civil remedies for data breaches where the data has not been used by third parties;
- the State parties provide special civll procedure whereby a multitude of data breach victims can benefit from the results of a representative lawsuit without having to appoint counsel in such lawsuit (i.e., class action)
The reason for this is that most data protection laws provide remedies only when the data are transferred or used non-consensually by data controllers but do not cover the situations where third parties acquire the data without the data controllers’ consent (i.e., hacking) even when the fact of breach alone causes mental distress and sometimes financial damage in trying to take protective measures. Even if the remedies are substantively recognized as in the case of Korea’s Personal Information Protection Act Article , the phenomenon of diffused interest where the damage suffered by a single victim is too small to justify filing a suit but the aggregate of the small damages presents a society-wide harm calling for a remedy — prevents adequate resolution from the society-wide perspective.
Session description:
This panel will present an overview of the current privacy challenges for digital consumers, covering Japan, Asia Pacific, the US and Europe. Our speakers will be:
Mr Jeffrey CHESTER (Centre for Digital Democracy, USA) will demonstrate the social costs of privacy violations through a case study of Smart TVs. He will show how these devices -produced by national champion companies from Japan and Korea – harvest consumer data for targeted advertising, including for the promotion of unhealthy habits. Jeff will briefly show how US regulators have started tackling this situation.
Ms Amy KATO (Consumers Japan) will discuss the current challenges for digital consumer privacy in Japan, and the need to collaborate across the region to raise higher standards.Amy will present on cross-border consumer data issues related to household AI robots used by Japanese consumers, highlighting the limitations of Japanese law and the importance of nternational cooperation.
Prof KS PARK (Open Net, Korea) will discuss the prevalence of data breaches across the Asia Pacific region and the need to include stronger consumer data redress in cross-border privacy arrangements and digital trade agreements.
Mr Javier RUIZ DIAZ (Centre for Inclusive Trade Policy, UK) will discuss the risks to consumers from a potential global race to the bottom on privacy and digital rights driven by international competition on AI, with examples from the EU’s current Digital Omnibus. Initiatives in other regions involving civil society and regulators, like the Asia Pacific Digital Consumer Dialogue, are critical to raise protections standards.
0 Comments