South Korea Fines Coupang Record $410M for Privacy Violations
Quick Look
South Korea's data protection regulator fined e-commerce giant Coupang Corp. a record 624.7 billion won ($410 million) for privacy violations, including a massive data breach affecting over 37 million users and unauthorized collection of online activity records.
AI-generated summary
Why It Matters
South Korea's data protection regulator has fined e-commerce company Coupang Corp. a record amount for privacy violations. This includes a massive data breach affecting over 37 million users and the unauthorized collection of online user activity records. The regulator stated that Coupang's systems were not commensurate with the large-scale customer information it handles.
SEOUL, June 11 (Yonhap) -- South Korea's data protection regulator on Thursday fined e-commerce company Coupang Corp. a record 624.7 billion won (US$410 million) over privacy violations, including a massive data breach that affected more than 37 million users.
The Personal Information Protection Commission has decided to impose a record fine of 423.6 billion won for the data breach and levy an additional 201.1 billion won in fine for the unauthorized collection of records of online user activities and other violations.
It marked the regulator's highest fine ever against a company for a single data breach and multiple violations.
"Coupang is a company that grew dramatically by offering an innovative e-commerce service based on large-scale customer information," Song Kyung-hee, the watchdog's chief, said in a briefing. "But our investigation confirmed that it did not have a system to protect and manage personal information commensurate to that."
The punitive measures came more than six months after Coupang reported a large-scale data breach last November of personal information of users in South Korea, including their names, phone numbers and delivery details.
The regulator concluded that about 37.5 million users had been affected in the breach -- about 33.2 million members and 4.3 million users who were not members.
The penalty for the breach more than tripled the regulator's previous record fine of 134.8 billion won against wireless carrier SK Telecom Co. last August over a major data leak.
The regulator also found that Coupang collected records of online activities of 11.17 million users, who accessed other services, without their permission. The records included websites and applications visited by the users.
It additionally determined that the company did not properly manage advertisement partners that posted "hi-jacking" advertisements.
Separately, the watchdog also fined the company's logistics arm, Coupang Fulfillment Services, 248 million won for various privacy violations, such as collecting a list of journalists and keeping them on an employment restriction list.
What to Watch
AI outlook — possibilities, not facts
Coupang will likely face increased scrutiny from regulators and the public regarding its data handling practices.
Very likely · Short term
Coupang may implement stricter data protection measures and invest more in cybersecurity.
Likely · Medium term
The fine could set a precedent for future data protection violations in South Korea, leading to stricter enforcement across industries.
Possible · Long term
Open Questions
- Will Coupang appeal the fine?
- What specific measures will Coupang implement to improve its data protection systems?
- Are there any further investigations planned by the regulator into Coupang or other e-commerce companies?
- What is the impact of this fine on Coupang's future business operations and stock value?






