SK Telecom USIM Hacking: 100 Consumers Seek Collective Dispute Resolution

In a significant development regarding the recent hacking incident involving SK Telecom's USIM (Universal Subscriber Identity Module) information, a group of 100 consumers has submitted a collective dispute request to the Personal Information Protection Commission (PIPC). On May 2, during a daily briefing at SK Telecom's T Tower in Jung-gu, Seoul, CEO Yoo Young-sang publicly apologized for the breach.

The law firm Lee & Co. announced on May 13 that they are representing the victims in seeking damages through the PIPC's dispute resolution committee, marking the first time this collective dispute resolution process has been utilized in such a case.

Lee & Co. emphasized that while civil lawsuits typically take 2 to 3 years, the dispute resolution process is expected to be more expedient. They expressed optimism about reaching a resolution, especially given SK Telecom's recent acknowledgment of responsibility for the incident.

The collective dispute resolution system aims to provide swift remedies. According to the Personal Information Protection Act, once the committee initiates the collective resolution process, it must complete the resolution within 60 days following a 14-day public notice period. SK Telecom, as a data processor, is generally required to participate in the resolution process unless there are exceptional circumstances.

The committee will conduct a fact-finding investigation and propose a compensation plan. If both parties accept the proposal, the resolution will be established, holding the same legal weight as a court settlement. Should either party refuse the resolution, enforcement can be pursued through the courts.

However, if SK Telecom or the consumers reject the proposed resolution, the process will not be finalized. Lee & Co. stated that if SK Telecom does not accept the resolution or offers insufficient compensation, they are prepared to file additional lawsuits to secure fair compensation.