To prevent the recurrence of incidents such as the fire and service disruption at the Pangyo data center in October last year, the government has finalized the selection criteria for disaster management target value-added telecommunications service providers and data center operators.
The Ministry of Science and ICT announced that the amendments to the Enforcement Decrees of the Framework Act on Broadcasting and Communications Development, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and the Telecommunications Business Act, aimed at strengthening digital disaster management, were passed at the Cabinet meeting on the 27th and are scheduled to take effect from July 4.
This amendment to the enforcement decrees stipulates matters delegated to subordinate statutes in the revised Framework Act on Broadcasting and Communications Development, the Information and Communications Network Act, and the Telecommunications Business Act, which were amended on January 3. It also reflects necessary institutional improvements as follow-up measures to the "Digital Service Stability Enhancement Plan." Value-added telecommunications services and data centers, which had been blind spots in disaster management, are now included as disaster management obligation targets to strengthen the prevention and rapid response to digital disasters that significantly affect citizens' lives.
The main contents of the amendments to the Enforcement Decrees of the Framework Act on Broadcasting and Communications Development, the Information and Communications Network Act, and the Telecommunications Business Act, which were approved at the Cabinet meeting, are as follows.
Disaster Management Applied to Targets with 10 Million Daily Users or More and Domestic Traffic Share of 2% or Higher
The Framework Act on Broadcasting and Communications Development (Article 35, Paragraph 1) was amended to include value-added telecommunications service providers and integrated information and communications facility operators (data center operators) of a certain scale as "major broadcasting and telecommunications operators" responsible for telecommunications disaster management. While including operators that significantly impact citizens' lives, the selection criteria for disaster management target operators were established considering the characteristics of each business type to minimize the scope.
For value-added telecommunications service providers, those with an average daily domestic user count of 10 million or more over the preceding three months as of the end of the previous year, or those whose average daily domestic traffic volume accounts for 2% or more, are designated as disaster management targets under the Framework Act on Broadcasting and Communications Development.
Data center operators managing data centers with a computer room floor area of 22,500㎡ or more, or with power receiving equipment capacity of 40MW or more, and with annual sales of 10 billion KRW or more in the previous year, are included as major broadcasting and telecommunications operators.
When classifying the grade of critical telecommunications facilities that must implement management measures to prepare for digital disasters under the Framework Act on Broadcasting and Communications Development, a basis for designating data centers as critical telecommunications facilities was established, considering the computer room floor area and the capacity of power receiving equipment.
Protection Measures Obligatory for Data Centers with Computer Room Floor Area of 500㎡ or More
Following the amendment of the Information and Communications Network Act (Article 46, Paragraph 1) to impose protection obligations on data center facilities of a certain scale, data centers with a computer room floor area of 500㎡ or more are designated as subjects of protection obligations.
However, among the operators subject to protection obligations, newly added self-operated operators (operators who directly operate and manage data centers for providing their own information and communications services) in the January amendment of the Information and Communications Network Act will be subject to protection obligations only if they meet additional sales and user number criteria, to prevent burdens on small-scale operators and non-IT businesses (such as manufacturing).
Additionally, the amended Information and Communications Network Act (Article 46, Paragraphs 6 and 7) delegated the establishment of detailed provisions on reporting methods in case of disasters or accidents at data center facilities, and measures regarding exclusive lease operators of data centers (lessees who directly install and operate equipment necessary for protection measures in leased areas or fully restrict access, limiting the lessor's implementation of protection measures).
Since the obligation to submit data related to securing the stability of value-added telecommunications services, previously stipulated in the enforcement decree, was elevated to law in the January amendment of the Telecommunications Business Act (Article 22-7, Paragraph 4), overlapping provisions were deleted from the enforcement decree.
The Ministry of Science and ICT stated, "Through the enforcement of the three digital safety laws (Framework Act on Broadcasting and Communications Development, Information and Communications Network Act, Telecommunications Business Act) and the amendment of subordinate enforcement decrees, by applying the digital crisis response system, which was previously focused on the period telecommunications sector, to value-added telecommunications services and data centers, we expect to establish a safer and more reliable digital infrastructure across all digital fields."
The Ministry will notify value-added telecommunications service providers and data center operators who meet the criteria for major broadcasting and telecommunications operators in advance that they are subject to disaster management obligations, collect and review their opinions, and finalize the list of new obligated operators through the "Telecommunications Disaster Management Deliberation Committee" by the end of July.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
