검색
검색
en
Locations BAE, KIM & LEE IP
Don-gu Yeo

Don-gu Yeo

  • Advisor
  • T. +82-2-3404-0263
  • F. +82-2-3404-7686
  • E. dongu.yeo@bkl.co.kr
Vcard Print Share
Overview Related Practices Representative Experience Representative Matters Education Selected Activities Qualifications Related Content

Overview

Don-gu Yeo worked for the Personal Data Division of the Korea Internet & Security Agency starting from 2012 before joining Bae, Kim & Lee LLC in 2024, where he mainly focuses on providing advisory services in respect of inspections of personal data management status and investigations of personal data leakage incidents at BKL's Data Protection & Compliance Team of BKL.

Mr. Yeo has performed personal data management status inspections and personal data leakage incident investigations for years, together with the Ministry of Interior and Safety, the Korea Communications Commission, and the Personal Information Protection Commission, and obtained his master's degree in information protection and certificates of a certification examiner for the Personal Information & Information Security Management System (ISMS-P), a specialist for the Privacy Impact Assessment (PIA) of the Korea Internet & Security Agency, and an engineer for information security.

Related Practices

Representative Experience

2024-Present Bae, Kim & Lee LLC
2012-2023 Senior Researcher, Personal Data Division, Korea Internet & Security Agency
2005-2007 CERT Information Protection Management, Central Computer Center, Republic of Korea Air Force
See More
2025-Present Member, Pseudonymized Information Expert Pool
2025-Present Examiner, Designation of Specialized Personal Information Management Institutions
2025 Member, Research Group on the Inspection of Safety Measures for Unique Identification Information, Personal Information Protection Commission
2024-Present Lead Auditor for ISMS-P

Representative Matters

Participated in the ISMS-P certification audit of food delivery/sales services, golf, healthcare, apparel e-commerce, MVON, and ENT platform services (2025)
Advised on ISMS-P certification audits for apparel and manufacturing sales business, HR services, and airline services (2024)
Advised on conformity assessment for Korea Communications Commission identity verification institutions of banks (2025)
Advised on conformity assessment for Korea Communications Commission identity verification institutions of credit card companies (2024)
Advised Companies A and AB on responses to investigations of personal information infringement reports and personal information dispute mediation case
Advised and assisted on investigations of personal information leakage incidents involving matchmaking services, community services, liquor businesses, kitchenware manufacturers, online sales platforms, media outlets, and tax platforms
Technical advisor in litigation for cancellation of a penalty surcharge related to a personal information leakage incident involving Company B, a health food retailer (won at first instance)
Assisted Company C, an online education provider, in drafting an opinion in response to the prior notification of administration measures against the relevant personal data leak (resulting in a two-thirds reduction of the imposed penalty surcharge)
Technical advisor in litigation for cancellation of a penalty surcharge related to a personal information leakage incident involving Company D, an online education provider (Represented the defendant and won at the Supreme Court)
Provided technical advisory services in litigation concerning the suspension of trading support at a virtual asset exchange due to a cryptocurrency hacking incident involving Company E (Represented the defendant and obtained a final judgment in its favor on appeal)
Advised global hotel platform/building construction industry on their responses to personal data breach incidents and on technology
Advised global online shopping malls, video platforms, fashion brands, construction industry, cosmetics manufacturers, and financial platforms on their responses to investigations into compliance with personal data laws and regulations, as well as on technology
Provided the Personal Information Protection Commission with technical advice on its plan for private-public cooperation on self-regulation in the field of cloud platforms
Provided advice on personal information protection compliance and the implementation of technical and administrative protective measures in the global pharmaceutical industry, healthcare, office equipment manufacturing, IT services, and digital marketing
Advised global office equipment manufacturing and sales companies on conducting on-site inspections of their personal data processing contractors
Advised global tobacco manufacturers, automotive manufacturers, convenience store operators, and video platform providers on fact-finding investigations regarding the transmission of advertising information
Investigated personal information leakage incidents of telecommunications companies, platforms (tax), and dating apps, etc. under the management of the Personal Information Protection Commission*
Performed on-site inspections regarding personal information leakage incidents of global businesses, platforms (short-form videos), telecommunications companies, agencies, stores, and online preparatory schools, etc. under the management of the Korea Communications Commission*
Performed on-site inspections of the personal information management status of local governments, public agencies, colleges, private educational institutes, and health and welfare institutions, etc. under the management of the Ministry of Interior and Safety*
Performed written inspections of the personal information management status of non-profit associations, home appliances/clothing companies, and hotels, etc. under the management of the Ministry of Interior and Safety*
Provided training on the operation of a homepage personal information leakage detection system and the prevention of recurrence*
Investigated a personal data leak incident involving a telecommunications company as a member of a public-private joint investigation team and special investigation/scrutiny review group*
* Experience prior to joining BKL
Advised and assisted on investigations of personal information leakage incidents involving domestic and foreign businesses under the jurisdiction of the Ministry of the Interior and Safety, the Korea Communications Commission, and the Personal Information Protection Commission (including investigation plan formulation, analysis of personal information flows, log analysis of personal information processing and security systems, confirmation of the cause and scope of leakage, and identification of legal violations)*
Provided technological advice and assisted with administrative litigations in respect of administrative dispositions on domestic/foreign businesses under the management of the Korea Communications Commission and the Personal Information Protection Commission (e.g., assistance with preparing opinions based on the evidence of violations of laws)*

Education

2011 Soon Chun Hyang University (M.S.)
2009 Soon Chun Hyang University (B.S.)

Selected Activities

Publications
Review of Commentary on the Notification of Standards for Ensuring the Security of Personal Information (Personal Information Protection Commission, 2024-2025)
A Personal Data Leakage Response Manual (Co-author, Personal Information Protection Commission, 2020)
A Guide to Personal Information Protection Measures (Co-author, Ministry of Interior and Safety, Korea Internet & Security Agency, 2019)
A Casebook of Personal Information Status Inspections & Administrative Dispositions (Co-author, Ministry of Interior and Safety, Korea Internet & Security Agency, 2018)
A Homepage Privacy Guide (Co-author, Korea Internet & Security Agency, 2013-2016)
A Random ID-based RFID Mutual Authentication protocol for Detecting Impersonation Attack against a Back-end Server and a Reader, Journal of the Korea Institute of Information Security & Cryptology, Vol. 20 No.4, pp. 89-108 (Co-author, Korea Institute of Information Security & Cryptology, 2010)
An µTESLA Protocols with Multi-senders Based on a 2-Level XOR Chain with Data-Loss Tolerance, IPSJ International Symposium on Applications and the Internet, pp. 269-272 (Co-author, IEEE, 2010)
Awards
Citation (Chairperson of the Personal Information Protection Commission, 2023)
Citation (President of the Korea Internet & Security Agency, 2023)
Citation (Minister of Interior and Safety, 2016)

Qualifications

2024 International Information Security Management System Auditor (ISO/IEC 27001)
2024 Pseudonymized Data Expert, the Personal Information Protection Commission
2023 Personal information & Information Security Management System Auditor (ISMS-P)
2019 Privacy Impact Assessment Expert, Korea Internet & Security Agency (PIA)
2016 Certified Information Systems Auditor (CISA)
2014 Engineer Information Security
2008 Specialist for Information Security (SIS, Grade 1)
2006 Information Processing Engineer

Practice Areas

Share