Personal Information Protection Guidelines
(1) The Protection Commission may establish the Standard Personal Information Protection Guidelines (hereinafter referred to as the “Standard Guidelines”) regarding the personal information processing standard, types of personal information breaches, preventive measures, etc., and recommend that personal information controllers comply with such Guidelines.
(2) The head of a central administrative agency may establish the personal information protection guidelines regarding the personal information processing in the fields under his or her jurisdiction in accordance with the Standard Guidelines; and may recommend that personal information controllers comply with such guidelines.
(3) The National Assembly, the Court, the Constitutional Court, and the National Election Commission may establish and implement its own personal information protection guidelines for each relevant institution (including affiliated entities).