1. The Client's Situation
The client operates a personal-information leak alert service and sought to send a monthly report to its members by email. The report contained not only security-related information of public interest but also tips on using the service, prompts to add a KakaoTalk channel, and some brand-promotional content. As a result, legal uncertainty arose as to whether the report constituted "advertising information for commercial purposes" under the Network Act, and whether it could be sent without prior consent.
2. Your Legal Team's Advice
After reviewing the nature of the report, Your Legal Team determined that, in principle, the explicit prior consent of members is required under Article 50(1) of the Network Act (Act on Promotion of Information and Communications Network Utilization and Information Protection). However, the team explained that, while sending paid members reports such as leak-information reports that are essential to performing the contract is exceptionally possible without consent, a monthly report in which some advertising information is intermixed is subject to the prior-consent obligation. The team also advised that a method of allowing opt-out after the fact is insufficient, and recommended establishing a procedure to obtain optional consent to email receipt at the point of sign-up, and re-obtaining receipt consent separately from existing members.
3. Result
The client is reviewing the separate management of marketing information from essential service-provision information and the establishment of an email-receipt consent procedure at the time of membership sign-up. Through this, the client prevented unnecessary legal-violation risk and established legal and practical standards for maintaining customer trust going forward.