amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cc3976fb7f792cae1423e37b6067c57efa23f288
hermes-brain/ideas/compliance/pipa.org
Hermes cc3976fb7f ideas: editorial sweep — atomization, interlinking, restructuring 
- Split competitive-analysis-2026-05.org → TOC + 9 competitor files in
  ideas/competitors/. Dropped date from filename. All competitor UUIDs
  generated, TOC keeps original UUID for backlink continuity.
- Deleted passepartout-economics.org archive (replaced by 27-node KB).
- Inlined 5 'See also' blocks into natural prose (compliance-index,
  first-mover-window, revenue-table, orders-of-magnitude-time,
  native-org-knowledge-base).
- Linked 7 orphan compliance pages back to compliance index + finished
  truncated sentences.
- Linked all 14 Agora requirement docs from topic-relevant pages
  (identity→lisp-machine-security, infrastructure→compute-marketplace,
  social-space→growth-strategy, exchange→agora-contracts, etc.).
- Linked ai-industry-impact from investment-thesis, sufficiency-flip,
  verification-appliance, effects-growth-flywheel (up from 1 to 10+ pages).
- Fixed CREATED timestamps to use git commit dates instead of today.
- Made all links absolute from root (no port inheritance).
- Removed stale agora/docs/ duplicate content.
2026-05-24 16:25:55 +00:00

32 lines
1.5 KiB
Org Mode
Raw Blame History

:PROPERTIES:
:ID: e777064d-9950-42d5-980d-8c78cda91500
:ID: auto-pipa
:CREATED: [2026-05-23 Sat]
:END:
#+title: PIPA (Personal Information Protection Act — South Korea)
#+filetags: :passepartout:compliance:framework:pipa:
South Korea's comprehensive privacy law (enacted 2011, major amendments 2023
and 2024). One of the strictest privacy regimes globally. Key requirements:
consent, data minimization, purpose limitation, mandatory privacy impact
assessment, data protection officer, breach notification within 72 hours,
cross-border transfer restrictions, right to request data transmission
(portability). The Personal Information Protection Commission (PIPC) enforces
aggressively.
Penalties: Up to 3% of revenue (raised from 0.5% in 2024 amendments). Criminal
penalties up to 5 years imprisonment. PIPC has levied fines of 100B+ KRW (~$75M)
against major tech companies. Class action lawsuits permitted.
Who must comply: Any organization handling personal information of South Korean
residents. Extraterritorial scope is broad and actively enforced.
Why it matters: PIPA is structurally similar to [[id:513d5996-4ac7-4567-a992-18fc01599104][GDPR]] but with stricter
enforcement and higher penalties relative to market size. The gate stack's
purpose-boundary gates map directly to PIPA's purpose limitation requirement.
First-mover advantage is large — PIPA has fewer compliance automation vendors
than GDPR, and the 2024 amendments (stricter consent, higher fines) are still
settling.
Reference in New Issue View Git Blame Copy Permalink