cc3976fb7f
- Split competitive-analysis-2026-05.org → TOC + 9 competitor files in ideas/competitors/. Dropped date from filename. All competitor UUIDs generated, TOC keeps original UUID for backlink continuity. - Deleted passepartout-economics.org archive (replaced by 27-node KB). - Inlined 5 'See also' blocks into natural prose (compliance-index, first-mover-window, revenue-table, orders-of-magnitude-time, native-org-knowledge-base). - Linked 7 orphan compliance pages back to compliance index + finished truncated sentences. - Linked all 14 Agora requirement docs from topic-relevant pages (identity→lisp-machine-security, infrastructure→compute-marketplace, social-space→growth-strategy, exchange→agora-contracts, etc.). - Linked ai-industry-impact from investment-thesis, sufficiency-flip, verification-appliance, effects-growth-flywheel (up from 1 to 10+ pages). - Fixed CREATED timestamps to use git commit dates instead of today. - Made all links absolute from root (no port inheritance). - Removed stale agora/docs/ duplicate content.
1.5 KiB
PIPA (Personal Information Protection Act — South Korea)
South Korea's comprehensive privacy law (enacted 2011, major amendments 2023 and 2024). One of the strictest privacy regimes globally. Key requirements: consent, data minimization, purpose limitation, mandatory privacy impact assessment, data protection officer, breach notification within 72 hours, cross-border transfer restrictions, right to request data transmission (portability). The Personal Information Protection Commission (PIPC) enforces aggressively.
Penalties: Up to 3% of revenue (raised from 0.5% in 2024 amendments). Criminal penalties up to 5 years imprisonment. PIPC has levied fines of 100B+ KRW (~$75M) against major tech companies. Class action lawsuits permitted.
Who must comply: Any organization handling personal information of South Korean residents. Extraterritorial scope is broad and actively enforced.
Why it matters: PIPA is structurally similar to GDPR but with stricter enforcement and higher penalties relative to market size. The gate stack's purpose-boundary gates map directly to PIPA's purpose limitation requirement. First-mover advantage is large — PIPA has fewer compliance automation vendors than GDPR, and the 2024 amendments (stricter consent, higher fines) are still settling.