On May 19, 2026, the Ministry of Science and ICT (the “MSIT”) launched the “Incident Investigation Review Committee” (the “Review Committee”) ahead of schedule and held its kick-off meeting.

The following sections provide an overview of the newly established Review Committee’s structure, its primary functions, and the implications of its launch.

 

1. Background and Significance

The Review Committee is a newly established statutory body under the amendment of the Act on Promotion of Information and Communications Network Utilization and Information Protection (the “Information and Communications Network Act” or the “Act”), which was promulgated on March 31, 2026. While the amended Act officially takes effect on October 1, 2026, the MSIT launched the Review Committee ahead of schedule to stabilize the public-private cooperative response system early and to seamlessly deal with major security incidents that may occur during the pre-enforcement period. Until the amended Act’s effective date, the Review Committee will serve as an advisory body rather than a formal decision-making entity.

Following a series of major security breaches across numerous industrial sectors last year, public concern has intensified. Some of these breaches have drawn criticism for delayed reporting by operators and sluggish early-stage responses, which hindered the effective containment of the damage expansion.

Accordingly, the Information and Communications Network Act was amended to establish the Review Committee under the MSIT to ensure a rapid and systematic response to security incidents. The Review Committee is tasked with deliberating on matters such as the necessity of conducting investigations into potential security breaches (Article 48-2(7) and (8)).

The Review Committee may determine that an investigation is necessary when there is suspicion that an incident has taken place. In such cases, the Minister of Science and ICT can take necessary measures, such as investigating on their own authority or ordering the relevant service provider to submit materials related to the incident (Article 48-4).

As the Minister of Science and ICT is now empowered to investigate potential incidents based on the Review Committee’s deliberation—even when only a suspicion exists—this development is expected to significantly transform the framework for incident response.

 

2. Composition of Review Committee and its Operation

Composition
  • Composed of a total of 13 members, primarily private-sector experts from academia and private security firms, and along with specialists from specialized institutions such as the Korea Internet & Security Agency (KISA), the Financial Security Institute (FSI), and the National Security Research Institute (NSRI).
  • Strict criteria are applied to ensure the fairness of deliberations; for instance, any member found to have a conflict of interest with the company under investigation will be immediately barred from participation
Matters for Review
  • The necessity of an ex officio investigation into the occurrence (or suspected circumstances) of a security incident
  • The necessity of forming a joint private-public investigation team
  • Matters related to on-site investigations (including access to business premises)
  • Other matters necessary for the investigation of a security incident
Method of operation
  • Until the law takes effect, the committee will serve as an “advisory committee,” and will focus on establishing the committee’s structure and operational framework so that it can immediately transition into a statutory committee once the law takes effect

 

3. Implications

  • (Need to establish a proactive response system in light of the introduction of preemptive investigative authority) The establishment of the Review Committee is significant in that it moves beyond the traditional post-incident response system, providing an institutional framework that allows the government to preemptively intervene and investigate potential security incidents based on suspicion of an occurrence. Therefore, relevant companies, such as information and communications service providers, need to closely monitor the criteria the Review Committee will use to determine the necessity of preemptive investigations in the future.

  • (Need to monitor subordinate regulations and Review Committee operation) Key practical matters—such as the specific criteria for the Review Committee’s deliberations and the requirements for recognizing the necessity of a preemptive investigation—are expected to be specified in future subordinate regulations, such as Enforcement Decrees and public notices. Therefore, businesses must continuously monitor both the development of these subordinate regulations and the operational direction of the Review Committee.

  • (Need to improve security incident reporting and initial response protocols) Failures in timely reporting or insufficient initial response following the discovery of a breach may trigger an ex officio investigation by the authorities and adversely affect the determination of penalty surcharges or other sanctions. Thus, businesses should establish robust response protocols and governance frameworks to manage the sequential phases of incident recognition, reporting, notification, and investigative cooperation. 
     

 

About Shin & Kim’s ICT Group

Shin & Kim’s ICT Group possesses unparalleled expertise and extensive professional network in the ICT sector, consistently earning top-tier client recognition in recent years. Drawing upon our deep-seated capabilities in broadcasting, telecommunications, personal information protection, and internet IT, we deliver the highest level of legal advisory services encompassing regulatory trend analysis in broadcasting, telecommunications, and ICT; government affairs, legislative improvement and consulting; regulatory impact assessment; and corporate strategic planning. Furthermore, we possess extensive professional experience and expertise in AI compliance and security incident response. Please contact us any time if you have any questions or require more specialized information.

 

[Korean version] 과기정통부, 침해사고 선제 대응을 위한 ‘침해사고 조사 심의위원회’ 사전 가동