Telecom’s rejection of the panel’s recommendation may set new precedents for handling large-scale breaches in South Korea
SK Telecom has declined a government panel’s recommendation to extend subscription cancellation fee waivers following a massive data breach, signaling potential legal and financial implications.
In April, SK Telecom suffered a SIM card hacking incident that exposed private data of over 20 million users. The breach prompted immediate action from the telecom giant:
- USIM chips for all 25 million subscribers were replaced free of charge.
- New subscription services were suspended for two months.
- A compensation and cybersecurity investment plan worth over 1 trillion won ($719.2 million) was unveiled in June.
Despite these measures, the state data protection regulator imposed a record 134.8 billion won ($97.2 million) fine on SK Telecom last month, reflecting the severity of the incident and regulatory scrutiny over cybersecurity practices.
The Panel’s Recommendation
The Korea Communications Commission (KCC) dispute mediation committee reviewed complaints from customers affected by the breach. Many had missed the original fee waiver deadline of July 14 or wanted to cancel additional services, such as broadband and TV, without incurring penalties.
On August 21, the committee recommended that SK Telecom:
- Extend the waiver of early termination fees (ETFs) for mobile users until the end of the year.
- Cover 50% of penalty fees for customers canceling bundled services.
It’s important to note that these recommendations are not legally binding unless both parties agree.
SK Telecom’s Response
SK Telecom did not submit a written response to the committee by Wednesday’s deadline, which, under the Telecommunications Business Act, is treated as a formal rejection.
An SK Telecom spokesperson explained:
“We thoroughly reviewed the committee’s decision but decided not to accept it after considering its impact on the company and related legal issues.”
Industry observers suggest that SK Telecom’s decision reflects both the financial burden and the legal precedent that accepting the recommendation could set for future disputes.
Financial Implications
The data breach has already put significant pressure on SK Telecom’s financials:
- Profit fell 76% in Q2, largely due to a loss of 750,000 mobile subscribers.
- CEO Ryu Young-sang previously estimated that extending the ETF waiver could cost the company about 7 trillion won ($5 billion) over three years.
- The limited July fee waiver and ongoing compensation efforts may further affect revenue in the upcoming quarters.
The company’s cautious approach appears aimed at containing long-term financial risks, even as it navigates regulatory and reputational challenges.
Potential Legal Consequences
Since KCC mediation decisions require mutual acceptance, SK Telecom’s refusal could open the door to court proceedings if dissatisfied customers pursue claims. Legal analysts point out that this case may set a benchmark for how future telecommunications disputes are handled, particularly those involving large-scale breaches and customer compensation.
Industry Perspective
SK Telecom is not alone in rejecting KCC recommendations. Rival KT also declined a panel suggestion regarding disputes over Galaxy S25 preorders, where the company had been found responsible for canceling promotional gifts without prior notice.
These developments highlight broader regulatory dynamics in South Korea:
- Authorities are increasingly holding telecom operators accountable for cybersecurity and customer protection.
- Companies face a delicate balance between regulatory compliance, financial sustainability, and customer satisfaction.
- The outcomes of these disputes may shape industry practices and consumer expectations going forward.
SK Telecom’s refusal has shown the tension between corporate risk management and consumer protection in South Korea’s telecom sector. While the company aims to safeguard its financial stability, regulators and customers are pressing for stronger accountability and fair compensation. The coming months will reveal whether this standoff escalates into legal battles or prompts a negotiated resolution, potentially setting new precedents for how South Korea handles large-scale data breaches and customer remedies.