South Korea's Personal Information Protection Commission (PIPC) on April 28 held a briefing on guidelines for writing privacy policies and shared key details of the revisions it made public on April 24.

At the event, the PIPC provided guidance on revised privacy policy writing guidelines, standards for handling pseudonymised data and personal data processing in generative artificial intelligence (AI) services.

It said the focus was on helping people more clearly understand how their personal data is processed and supporting on-site application of the updated standards so data subjects can exercise their rights in practice.

It explained the intent of the revisions and key changes around issues participants often face in their daily work, and introduced specific cases and examples.

The briefing also covered key points in an appendix newly added on generative AI services. It guided what to reflect in privacy policies, including whether prompt information entered by users is collected, whether that information is used for AI training, and opt-out methods for those who do not want it used for training.

Yang Cheong-sam (양청삼), the PIPC's secretary general, said privacy policies are the most basic channel for informing the public of standards and details for personal data processing and a starting point for demonstrating transparency and accountability by personal data processors. He said he hopes the briefing will deepen understanding in the field and help the revised writing standards take root steadily at public institutions and companies.