AliExpress ad in South Korea
South Korea’s privacy authority punished AliExpress including a fine of $1.4 million for allegedly not providing measures to protect consumer information as local online shopping platforms suffered the rapid expansion of the Chinese e-commerce giant.
The Personal Information Protection Commission (PIPC) said on Thursday it has decided to slap a fine of 2 billion won ($1.4 million) in addition to a penalty of 7.8 million won to AliExpress for the violation of South Korea’s laws on privacy. The commission also ordered the e-commerce arm of China’s Alibaba Group to take corrective measures while recommending improvements.
The PIPC said AliExpress provided information about customers in South Korea to about 180,000 sellers in other countries, mostly in China, without measures required by the Personal Information Protection Act.
AliExpress was the first company punished for the violation of the overseas personal data transfer procedures requested by the law, according to the authority.
“The decision made it clear that foreign e-commerce operators, which provide services to local customers, are subject to the national protection law and need to protect and manage personal information as required as to local companies,” said the PIPC in a statement.
The commission has been probing AliExpress and another Chinese e-commerce platform Temu, since South Korean lawmakers raised concerns over privacy breaches in October 2023, given the rapid expansion of foreign online open market service providers in the peninsular.
The PIPC plans to take actions on Temu after checking more facts and information provided by the Chinese online shopping mall operator.
PRIVACY ACT VIOLATION
South Korea requires e-commerce operators by laws to obtain customer consent on overseas transfers of their data, handle privacy violation issues and reflect measures for disputes over such infringement.
AliExpress, which transfers customers’ information such as their addresses to sellers for deliveries, did not inform the buyers of the venders’ data such as their names and contact details required by laws, according to the PIPC.
The Chinese e-commerce platform operator did not reflect measures for private information protection in terms and conditions for sellers, the body said.
The PIPC ordered AliExpress to take corrective steps such as reflecting measures in contracts with vendors required by South Korean laws to prevent sellers from abusing customers’ information. The commission also recommended the Chinese company apply self-regulations set up by the authority and local e-commerce platform operators or prepare its own privacy protection measures, which can meet the regulations.
AliExpress has already taken some corrective measures such as establishing legal grounds required by laws to obtain users’ consent on overseas private information transfer during the investigation, the PIPC said.
(Graphics by Dongbeom Yun)
DEFENSE AGAINST RAPID EXPANSIONS
AliExpress was the second-largest player in South Korea with 8.4 million monthly active users (MAU) last month, followed by Temu with 8.2 million MAU, while the New York Stoick Exchange-listed Coupang Inc. still dominated the local market, according to data from app analytics firm Wiseapp·Retail·Goods.
South Korea took various actions as the rapid expansion of Chinese e-commerce operators is threatening the local industry.
In addition, the country also decided to introduce a get-tough e-commerce policy on Chinese platforms such as AliExpress, Temu and Shein amid increasing complaints about fake products and a lack of dispute settlements by online shopping mall operators.
By Seung-Woo Lee
leeswoo@hankyung.com
Jongwoo Cheon edited this article.
