검색
검색
en
Locations BAE, KIM & LEE IP

Doyeup Kim

  • Partner
  • T. +82-2-3404-0935
  • F. +82-2-3404-7686
  • E. doyeup.kim@bkl.co.kr
Vcard Print Share
Overview Related Practices Representative Experience Representative Matters Education Selected Activities Qualifications Related Content

Overview

Doyeup Kim focuses his practice on IT/broadcasting telecommunications matters, with a particular focus on regulatory issues regarding IT, protection of personal information, and compliance.

Mr. Kim was responsible for APP service/system review, privacy system establishment, big data analysis by using personal information, and new business projects, including establishment of new servers and their transmission overseas, and data usage/advertising in IoT. In particular, he played a leading role in reviewing legal issues relating to data integration, overseas transmission, consent to receive marketing messages in the EU, US, Middle East, CIS, Southeast Asia, Southwest Asia and Central and South America in connection with customer-based marketing platform setup projects.

Mr. Kim holds privacy-related certifications, including CIPP/E (Certified Information Privacy Professional/Europe), PIMS (Personal Information Management System) Auditor, ISO 27001 Auditor, Privacy Impact Assessment Expert, and SECU-STAR Assessor. He also responded to the investigations by Korean/foreign government regulatory authorities and cases involving personal information leakage/theft. He completed a doctoral course at Korea University Graduate School of Information Security. Based on his work experience, he was appointed as advisory counsel for the Personal information Protection Commission and Korea Communications Commission and a member of the Personal Information Protection Self-Regulatory Committee, Korea Communications Commission, EU Adequacy Assessment Public and Private Joint Bureau of Ministry of the Interior, Public and Private Partnership Forum of E-government of Ministry of the Interior, Personal Information Protection Forum of Korea Internet & Security Agency, and member of Committee for Adequacy Assessment, Korea Credit Information Services and Financial Security Institute, respectively. In addition, he has advised on international privacy law matters concerning the GDPR and CCPA as well as domestic matters concerning enactment of and amendment to the Video Information Protection Act, Personal information Protection Act and Information and Communications Network Act. He co-authored the introduction, guidance and guidebook in relation to the EU GDPR for domestic companies and deal with compliance projects.

Related Practices

Representative Experience

2018-Present Bae, Kim & Lee LLC
2012-2018 Global Privacy Office, Legal Affairs Division, Samsung Electronics
See More
2023-Present Member, Committee for National Tax Statistics Center, National Tax Service
2022-Present Member, Technology Forum, Personal Information Protection Commission and Korea Internet & Security Agency
2020-Present Advisory Counsel, Personal Information Protection Commission
2020-Present Member, Committee for Pseudonymous or Anonymous Identity Appropriateness Evaluation, Korea Credit Information Services
2020-Present Data-Specialized Consultant, Korea Data Agency
2020-Present Member, Legal System Study Group for Prevention of Illegal Spams, Korea Communications Commission
2020-2021 Member, Committee for Appropriateness Evaluation, Financial Security Institute
2019-Present Personal information & Information Security Management System (ISMS-P) Auditor
2019-Present Member, De-Identified Information Deliberation Committee, Korea Credit Information Services
2019-Present Member, Forum for Legal System on Intelligence Data, National Information Society Agency
2019-Present Member, Personal Information Protection Forum, Korea Internet & Security Agency
2019 Member, System Renovation Advisory Group, Personal Information Protection Commission
2019 Member, Committee for Advice on Personal Information Laws and Regulations, Korea Communications Commission
2018-2020 Member, Personal Information Protection Self-Regulatory Committee, Korea Communications Commission
2017-Present Member, Committee for De-Identification Measure Appropriateness Evaluation, Korea Internet & Security Agency
2015-Present Attorney specializing in IT and broadcasting telecommunications, Korean Bar Association
2015-Present Privacy Impact Assessment (PIA) Expert, Korea Internet & Security Agency

Representative Matters

Advised a global IT company on the establishment of global personal information protection system (Advised on privacy governance setup, internal guidelines, overseas transmission, privacy by design, and global/local privacy policy)
Advised a global IT company on personal information issues related to data collection, integration, analysis, and marketing as an attorney in charge of big data
Advised a global IT company on the Personal Information Acts of different countries and responding to the GDPR, regarding profiling, marketing, rights of information subjects, third party agreement structure, following the establishment of a data-based online platform (target countries: over 50 countries, including countries in EU, US, Middle East, CIS, Southeast Asia, Southwest Asia, and Central and South America)
Advised a global IT company on marketing using online advertisement ID (e.g. ADID) targeting US, France, Australia, Singapore, and South Korea
Advised a global IT company on measures of making identifiers and informers unidentifiable and their range of use
Advised a global IT company on the establishment of global personal information protection system (Advised on privacy governance setup, internal guidelines, overseas transmission, privacy by design, and global/local privacy policy)
Advised a global IT company on personal information issues related to data collection, integration, analysis, and marketing as an attorney in charge of big data
Advised a global IT company on the Personal Information Acts of different countries and responding to the GDPR, regarding profiling, marketing, rights of information subjects, third party agreement structure, following the establishment of a data-based online platform (target countries: over 50 countries, including countries in EU, US, Middle East, CIS, Southeast Asia, Southwest Asia, and Central and South America)
Advised a global IT company on marketing using online advertisement ID (e.g. ADID) targeting US, France, Australia, Singapore, and South Korea
Advised a global IT company on measures of making identifiers and informers unidentifiable and their range of use
Advised a global IT company on issues related to transfer of employees and clients, following a disposal of a division
Advised a global IT company on issues related to the Personal Information Act and Information and Communications Network Act, including legality of application and services, information availability, and UX/UI
Advised a global IT company on business models of new IoT products and services, agreement structure, data sharing, and legality of Privacy Notice and COPPA
Advised a company on responding in advance to privacy monitoring by domestic and foreign government regulatory agencies, and advised on measures to deal with infringement and information leakage
Advised a global IT company on location of new server (CLOUD, IDC) following data flow, necessity of establishing a new server, construction scope and server construction plans
Advised a global IT company on the consent to use personal information of Korean officers/employees, policy on personal information processing, and issues related to overseas transfer of personal information of foreign officers/employees
Advised a global IT company on employee personal information, including database management before, during and after employment, employee monitoring, and CCTV
Advised Korea Communications Commission on EU's adequacy assessment and APEC CBPR
Advised on the amendment to the provisions about personal information overseas transfer under the Personal Information Protection Act and Information and Communications Network Act
Advised the Korea Internet & Security Agency on the key issues of the GDPR and legal review thereon
Advised the Ministry of the Interior and Safety on the forum to discuss enactment of the Video Information Protection Act
Advised PyeongChang 2018 Olympic Winter Games Information Protection Expert Committee on personal information protection
Advised a global IT company on on-site inspections of personal information and compliance (inspected 16 countries, including EU)
Advised a conglomerate's subsidiary on the establishment of a compliance system
Advised a global IT company on fair trade and trade secret matters and on-site inspection
Advised on e-commerce matters
Advised a foreign company on privacy compliance in Korea
Advised on a global large company on worldwide privacy compliance in relation to IoT and online services
Acting as an agent for a global IT company
Advised on the enactment and amendment of privacy-related laws

Education

2022 Duke University School of Law (LL.M.)
2016 Korea University School of Cybersecurity (Completion of Ph.D. Coursework)
2012 Kyungpook National University Law School (J.D., summa cum laude)
2004 Korea University (LL.B.)

Selected Activities

Publications
A Study on Transfer of Personal Information in Preparation for Intelligent Information Society (Co-author, National Information Society Agency, 2020)
Study on the Improvement of the Leal System involving the Construction of Data & AI based Smart Cities (Co-authored, National Information Society Agency, 2020)
A Study on the Movement of Personal Information in Preparation for the Intelligent Information Society (Co-author, National Information Society Agency, 2020)
Commentary on Personal Information Protection Act (Co-author, Personal Information Protection Commission, 2020)
Data-related Legal System, Data Industry White Paper Vol. 22 (Co-author, Korea Data Agency, 2019)
Analysis of the Recent Trend on Profiling Technology and Study on Privacy Policy Direction (Co-author, Korea Internet & Security Agency, 2018)
EU General Data Protection Regulation (GDPR) Guidebook for Korean Enterprises (co-authored by the Ministry of Public Administration and Security/Korea Communications Commission, Korea Internet & Security Agency, 2018)
EU General Data Protection Regulation (GDPR) Guidebook for Korean Enterprises (co-authored by the Ministry of Public Administration and Security Korea Internet & Security Agency, 2017)
The First EU General Data Protection Regulation (GDPR) Guideline for Korean Enterprises (co-authored by the Ministry of Public Administration and Security Korea Internet & Security Agency, 2017)
Activity
Lecturer, GDPR and its Countermeasures, EU/US IoT Guidelines, Big Data and Personal Information Processing, Privacy Act, and Information and Communications Network Act (Personal Information Protection Commission, National Information Society Agency, Korea International Trade Association, Korea Trade-Investment Promotion Agency, Korea Federation of Small and Medium Business, Korea Association of Game Industry, etc.)
Awards
Citation (Chairperson of the Personal Information Protection Commission, 2021)
Meritorious commendation award from the National Information Society Agency (2020)
Citation for Privacy Protection (Chairman (Minister-level) of Korea Communications Commission, 2017)
Citation for Privacy Protection (Minister of the Interior, 2015)

Qualifications

2017 Certified Information Privacy Professional (CIPP/E)
2015 Information Security Management System (ISO 27001) Auditor
2012 Korea

Related Content

View more

Practice Areas

Share