AI Regulation Tracker / Regulator guidance
Korea's PIPC Sets Generative-AI Privacy Rules and Orders DeepSeek to Destroy Transferred Data
South Korea's data-protection regulator published a lifecycle rulebook telling companies when training generative AI on personal data is lawful, then applied that posture to a foreign model. Any firm building or deploying generative AI on Korean data now has a template to follow and a precedent to heed.
South Korea's Personal Information Protection Commission has done something few regulators have attempted. On August 6, 2025, it published a full lifecycle rulebook for how companies may process personal information when they build and operate generative AI. The guideline does not stop at principles. It tells developers, stage by stage, when scraping and training on personal data is lawful and what safeguards must ride alongside. It builds on the commission's earlier July 17, 2024 guideline on using publicly available data, and it reads the requirements of the Personal Information Protection Act onto a working generative-AI pipeline.
What the guideline requires
The PIPC organizes duties across four lifecycle stages. At the strategy stage, a company runs a privacy impact assessment before it commits to a design. It then establishes a lawful basis by data source. For personal data that is lawfully public, the commission endorses legitimate interest under PIPA Article 15(1)(vi), conditioned on data minimization and other safeguards. For sensitive data or unique identifiers, that basis does not carry the load, and separate consent is required. During processing, firms apply pseudonymization or anonymization and filter both inputs and outputs. Across the program, a Chief Privacy Officer leads governance, and the operator publishes an acceptable-use policy so users know the ground rules.
Two mechanics deserve attention. First, using personal data for a new purpose beyond the one originally collected for is not free. It requires pseudonymization or anonymization or a fresh lawful basis, and additional-use under PIPA Article 15(3) needs disclosure plus CPO review. Second, the endorsement of legitimate interest is not a blanket permission to ingest the open web. It is a conditional basis that assumes minimization and documented safeguards are in place.
The commission also expects governance to be a named function, not an afterthought. A Chief Privacy Officer owns the program, which pushes accountability up from the engineering team to a designated officer who can answer for how personal data moves through training and inference. The acceptable-use policy sits alongside that role. It tells users, in advance, how the system may and may not be used, which matters because generative systems can surface personal data at the output stage that was never obvious at the input stage. Input-output filtering is the commission's answer to that risk: screen what goes in, and screen what comes out.
What it does not do
This is guidance, not a new statute. It does not create fresh penalties of its own. Its force comes from PIPA, the underlying law, which the guideline interprets and applies. It also does not immunize public data. A firm that trains on lawfully public personal information still owes minimization, still owes a documented basis, and still owes filtering. Reading the guideline as "public means permitted" misstates it.
The DeepSeek precedent
The commission has already shown it will act on foreign models. In the DeepSeek case, the PIPC suspended new app downloads in Korea on February 15, 2025. It followed on April 24, 2025 with a corrective recommendation that ordered the destruction of prompt data that had been unlawfully transferred to Beijing-based Volcano Engine. The transferred data was user prompt content, the very text people typed into the service, which is exactly the category the guideline's input-output filtering and cross-border-flow expectations are meant to protect. Note the character of the action. This was a corrective order and recommendation, not a monetary penalty. There is no confirmed fine in the DeepSeek matter, and it should not be described as one. The significance is the reach, not the dollar figure. A foreign generative-AI service that mishandles Korean users' data and moves it across borders can be pulled from distribution and ordered to delete what it took.
The cross-border angle for US firms
For a US privacy officer, the pairing is the point. The August 2025 guideline is the compliance template, and DeepSeek is the enforcement precedent that shows the template has teeth against non-Korean models. A US AI vendor planning to serve Korea should treat training-data provenance and cross-border data flows as launch-blocking items, mapping where personal data originates, on what basis it is used, and where it travels, before the product reaches Korean users. Korea will act on foreign AI, and it has published the standard it expects firms to meet.
Frequently Asked Questions
What changed with the PIPC generative-AI guideline?
On August 6, 2025, Korea's PIPC published a lifecycle guideline applying the Personal Information Protection Act to generative AI. It sets duties across four stages: a privacy impact assessment, a lawful basis chosen by data source, pseudonymization and input-output filtering, CPO-led governance, and a published acceptable-use policy.
Who does this affect?
Any AI developer or business that processes personal data to build or run generative AI for Korean users, including foreign foundation-model and application providers. US AI and SaaS firms serving Korea are in scope.
Was DeepSeek fined?
No confirmed monetary fine has been reported. The PIPC suspended DeepSeek app downloads on February 15, 2025, and issued an April 24, 2025 corrective recommendation ordering destruction of prompt data unlawfully transferred to Volcano Engine in Beijing. It was a corrective order, not a fine.
Can we train on publicly available personal data in Korea?
The guideline endorses legitimate interest under PIPA Article 15(1)(vi) as a basis for training on lawfully public personal data, but only with data minimization and safeguards. Sensitive data and unique identifiers require separate consent, and new purposes require pseudonymization, anonymization, or a fresh basis.
Sponsored Training
Browse the full AI Regulation News tracker
Informational analysis for working professionals, not legal advice. Confirm how any rule applies to your situation with qualified counsel.