# South Korea AI Basic Act

> Source: https://aiwiki.ai/wiki/korea_ai_basic_act
> Updated: 2026-06-09
> Categories: AI Policy & Regulation
> From AI Wiki (https://aiwiki.ai), a free encyclopedia of artificial intelligence. Quote with attribution.

# South Korea AI Basic Act

The **South Korea AI Basic Act**, officially the **Framework Act on the Development of Artificial Intelligence and Establishment of a Foundation for Trust** (Korean: 인공지능 발전과 신뢰 기반 조성 등에 관한 기본법), is a comprehensive statute regulating artificial intelligence in the Republic of Korea. The National Assembly passed the Act on December 26, 2024, with bipartisan support; it was promulgated on January 21, 2025, and took effect on January 22, 2026, following a one-year preparation period.[^1][^2][^3]

The Act consolidated nineteen separate AI-related bills introduced during the 22nd National Assembly into a single framework statute. It is widely described as the world's second comprehensive AI law, following the [EU AI Act](/wiki/eu_ai_act), and as the first such legislation in the Asia-Pacific region.[^2][^4] The Act establishes a tiered system of obligations centered on "high-impact AI" (the Korean equivalent of the EU's "high-risk" category), generative AI, and frontier models exceeding specified compute thresholds. It also creates a national governance architecture including the National AI Committee (later renamed the National AI Strategy Committee), the AI Policy Center, and the Korea AI Safety Institute.[^5][^6]

Compared with the [EU AI Act](/wiki/eu_ai_act), the Korean statute imposes substantially lower administrative fines (capped at KRW 30 million, or roughly US$21,000) and contains no outright prohibitions on specific AI uses. It does, however, claim extraterritorial application to foreign companies whose AI systems affect users or markets in Korea, and it requires qualifying foreign operators to designate a domestic representative.[^7][^8]

## Background

### Korea's pre-2024 AI policy

South Korea pursued AI as a national priority for years before passing a binding statute. In December 2019, the Moon Jae-in administration released the **National Strategy for Artificial Intelligence**, a pan-government roadmap with the vision "Toward AI World Leader beyond IT" by 2030. The strategy organized nine strategies and 100 action tasks across three pillars: AI ecosystem development, AI utilization, and people-centered AI.[^9] The 2019 strategy set targets including generating up to KRW 455 trillion in economic impact through AI by 2030 and reaching the top three globally in digital competitiveness.[^9]

The Ministry of Science and ICT (MSIT) followed up in 2020 with **National AI Ethics Standards**, a non-binding set of principles, and integrated AI into the broader **Digital New Deal** launched in July 2020.[^10] In May 2021, MSIT announced the **Strategy to Realize Trustworthy AI for Everyone**, a five-year plan (2021 to 2025) built around three pillars (technology, system, ethics) and ten action items, partly in reaction to public controversies such as the 2021 Iruda chatbot incident and rising deepfake harms.[^11]

These instruments were strategies and guidelines, not law. The patchwork left enforcement under existing sectoral statutes, primarily the **Personal Information Protection Act** (administered by the Personal Information Protection Commission, or PIPC), the **Credit Information Use and Protection Act**, the **Medical Devices Act**, and provisions of the **Public Official Election Act** as amended in 2023 to address election deepfakes.[^7][^12]

### Prior AI bills

A first attempt at comprehensive AI legislation began in the 21st National Assembly (2020 to 2024). Several lawmakers introduced standalone bills, and the National Assembly's Science, ICT, Broadcasting and Communications Committee approved a consolidated bill in February 2023 that adopted a "permit first, regulate later" approach. The 21st Assembly bill stalled before plenary passage amid civil-society concerns over insufficient safeguards, particularly around generative AI and deepfakes.[^4][^7]

When the 22nd National Assembly convened in June 2024, members introduced approximately twenty further AI-related bills. The Information and Communication Broadcasting Bill Review Subcommittee consolidated these into a unified Framework Act in November 2024, which then advanced to plenary.[^2][^7]

### Korea's AI investment context

The Act was passed against a backdrop of aggressive industrial-policy commitments. In September 2024, President Yoon Suk Yeol launched the **National AI Committee**, a presidential committee chaired by the head of state and including roughly thirty civilian AI experts and ten ministerial-level officials, with Taejae University President Yeom Jae-ho appointed vice chair.[^13] Korean private-sector firms collectively pledged KRW 65 trillion (about US$49 billion) in AI investment through 2027, and the government raised the AI budget from KRW 1.4 trillion in 2024 to KRW 1.8 trillion in 2025, later expanding the proposed 2026 AI budget to KRW 10.1 trillion.[^13][^14]

In November 2024, MSIT formally launched the **Korea AI Safety Institute (AISI)** within the Electronics and Telecommunications Research Institute (ETRI) at the Pangyo Global R&D Center, joining the [international network of AI safety institutes](/wiki/ai_safety_institute) that emerged from the [AI Seoul Summit](/wiki/seoul_ai_summit) of May 2024 and the preceding Bletchley summit.[^15]

## Legislative passage

The National Assembly passed the Framework Act on the Development of Artificial Intelligence and Establishment of a Foundation for Trust on December 26, 2024, in plenary session with broad bipartisan support. The vote occurred amid acute political turmoil: President Yoon Suk Yeol's brief declaration of martial law on December 3, 2024, and his subsequent impeachment on December 14, 2024, dominated the news cycle. Despite the political crisis, the bill cleared both chambers without significant opposition.[^2][^4]

The Act was promulgated on January 21, 2025, formally entering the statute books, with a built-in one-year transition period before substantive obligations took force on January 22, 2026.[^1][^3] On the eve of the effective date, MSIT confirmed that the Enforcement Decree (subordinate regulations) would also commence on January 22, 2026, after a public-comment process that ran into late 2025.[^16]

## Structure of the Act

The Framework Act comprises six chapters that together combine industrial-policy promotion with regulatory obligation:[^5]

1. **General provisions** containing the Act's purpose, scope, and definitions of AI, AI system, high-impact AI, generative AI, AI business operator, and AI ethics
2. **Governance**, establishing the National AI Committee, master-plan cycle, and supporting institutions
3. **Development and promotion**, covering R&D funding, data infrastructure, standardization, talent, and small and medium enterprise support
4. **Ethics and trustworthiness**, mixing soft-law principles with hard-law obligations on covered operators
5. **Supplementary provisions** on funding, surveys, delegation of authority, and information demands
6. **Penalties**, covering administrative fines and procedural enforcement

The statute's structure reflects a deliberate dual identity: roughly half of its provisions promote AI development through subsidies, infrastructure, and talent measures, while the other half imposes risk-based duties on operators of certain AI categories.[^5][^6]

## Key definitions

Article 2 establishes the central legal definitions:[^4][^5][^17]

* **Artificial intelligence**: "the electronic implementation of human intellectual abilities such as learning, reasoning, perception, judgement, and understanding of language"
* **AI system**: an AI-based system that infers outputs such as predictions, recommendations, and decisions affecting real or virtual environments, with varying levels of autonomy
* **High-impact AI**: AI used in critical sectors that "significantly affects or poses risks to the life, physical safety, or fundamental rights of individuals"
* **Generative AI**: AI "designed to mimic the structure and characteristics of input data to generate outputs such as text, sound, images, or videos"
* **AI business operator**: any natural or legal person engaged in the development or deployment of AI systems within the Act's scope

The Enforcement Decree adds a fourth tier known informally as **high-performance AI** (also referred to as frontier AI), defined as systems trained with cumulative compute of at least 10^26 floating-point operations (FLOPs). This threshold mirrors definitions used in the United States and the [EU AI Act](/wiki/eu_ai_act) for general-purpose AI models with systemic risk.[^6][^18]

### High-impact AI sectors

The Act and its decree enumerate ten domains where AI may qualify as high-impact, subject to confirmation through sector-by-sector criteria:[^17][^18]

* Energy supply and water management
* Healthcare and medical devices
* Nuclear material and nuclear-facility operations
* Biometric analysis used in criminal investigations
* Employment and human-resources decisions
* Credit and loan determinations
* Public-service decisions affecting individuals' rights
* Transportation systems
* Student assessment in primary and secondary education
* Other domains specified by Presidential Decree

This sectoral approach narrows the scope relative to the [EU AI Act](/wiki/eu_ai_act)'s Annex III, which addresses similar areas but extends to migration, law enforcement, and judicial use cases that the Korean Act treats less explicitly.[^7][^19]

## Key obligations

### Universal obligations

All operators within the Act's scope are subject to baseline duties, including conducting initial self-assessments to determine whether their systems qualify as high-impact and designating a domestic representative when applicable thresholds are met. The Act also encourages, but does not strictly require, internal AI ethics committees for larger operators.[^7][^8]

### Generative AI labeling

Article 31 establishes a transparency regime for generative AI, requiring providers of generative AI products and services to:[^4][^17][^20]

* Provide advance notice to users that a product or service is powered by generative AI
* Label outputs that are generative AI-produced, with stronger requirements for content that imitates real persons, sounds, or scenes (often called "deepfake-like" content), so that it is "clearly distinguishable" from human-created material
* Disclose to users when they are interacting directly with an AI system, where reasonable

The Enforcement Decree permits flexibility in how disclosures are made, including non-visible watermarking and metadata-based provenance signals, alongside more conventional on-screen labels.[^18] These rules are independent of (and stricter in some respects than) the deepfake provisions of the Public Official Election Act, which since 2023 has banned election-related deepfake content during the 90 days prior to election day with criminal penalties of up to seven years' imprisonment and fines between KRW 10 million and KRW 50 million.[^21]

### High-impact AI obligations

Operators of high-impact AI must, under Articles 33 through 35:[^4][^17][^20]

* Confirm in advance whether their AI qualifies as high-impact through a self-assessment process before deployment
* Establish and implement a risk-management plan spanning the AI system's lifecycle
* Provide "meaningful explanations" of outcomes, including criteria, principles, and a summary of training data (sometimes referred to as AI model cards)
* Implement user protection measures and meaningful human oversight or intervention
* Document trust-and-safety actions
* Conduct an impact assessment of effects on fundamental rights before incorporating high-impact AI into products or services
* Report implementation outcomes to MSIT upon request

Notification duties also apply: where a high-impact AI is used in customer-facing contexts, users must be told in advance.[^7][^17]

### High-performance AI obligations

Operators of AI systems exceeding the 10^26 FLOPs threshold (or otherwise designated as frontier or high-performance under the decree) must implement lifecycle safety programs, deploy continuous monitoring, and report results to MSIT.[^6][^18] The Korean approach broadly parallels the systemic-risk model thresholds in the [EU AI Act](/wiki/eu_ai_act) and the original US Executive Order 14110 on AI (since rescinded under the second Trump administration's [AI Action Plan](/wiki/ai_action_plan)).[^7]

### Foreign operators and local representative

Article 36 codifies the Act's extraterritorial reach. The statute applies to "acts performed abroad that affect Korea's domestic market or users in Korea," a broader formulation than the EU AI Act's market-placement test.[^7][^8] Foreign operators without an office in Korea must appoint a local representative (a domestic agent registered with MSIT) if they meet any of the following thresholds, set by the Enforcement Decree:[^8][^20]

* Total annual revenue exceeding KRW 1 trillion (approximately US$680 million) in the previous year
* AI-service revenue exceeding KRW 10 billion in the previous year
* Average daily users in Korea exceeding one million during the three months preceding the end of the previous year

The local representative is legally responsible for responding to government inquiries, supporting safety reporting, and submitting required risk assessments. The appointing operator remains accountable for any breach by its representative.[^8] AI developed or deployed for South Korean national defense or national security purposes is exempted from the Act.[^17]

## Enforcement and penalties

### Regulator

MSIT is the primary enforcement authority. The Minister of Science and ICT may investigate suspected violations on a fact-finding basis, issue corrective orders, suspend or correct breaches that pose immediate safety threats, and impose administrative fines.[^4][^17]

The Act sits alongside the existing personal-data regime administered by the Personal Information Protection Commission (PIPC), which retains de facto authority over AI systems that process personal information. This creates a dual-track regulatory environment that organizations must navigate, analogous to (but distinct from) the EU's overlapping AI Act and GDPR architecture.[^7]

### Administrative fines

The Act caps administrative fines at **KRW 30 million** (approximately US$21,000) per violation. Fineable conduct includes:[^4][^7][^17]

* Failure to notify users of AI use in covered systems
* Failure to designate a domestic representative when required
* Non-compliance with MSIT corrective orders
* Refusal of or obstruction of government inspections

The KRW 30 million ceiling is dramatically lower than comparable penalties under the [EU AI Act](/wiki/eu_ai_act) (up to EUR 35 million or 7% of global annual turnover for prohibited-use violations and up to EUR 15 million or 3% of turnover for most other infringements). It is also lower than under the [Colorado Artificial Intelligence Act](/wiki/colorado_ai_act) and the [Texas Responsible AI Governance Act](/wiki/texas_responsible_ai_act) (TRAIGA), where fines can range up to US$200,000 per violation in Texas.[^22][^23]

MSIT publicly committed to a one-year grace period before enforcing administrative fines, focusing instead on guidance, voluntary compliance, and corrective dialogue during the first year of the Act's operation. This grace mechanism is set out in the Enforcement Decree's enforcement-policy provisions.[^6][^16]

### Criminal enforcement

The Act itself contains administrative rather than criminal penalties, but related criminal exposure exists under adjacent statutes, notably:

* The Public Official Election Act, which since 2023 imposes up to seven years' imprisonment for distributing election deepfakes during the 90-day pre-election window[^21]
* September 2024 amendments criminalizing the viewing of sexually explicit deepfakes with up to three years' imprisonment or fines up to KRW 50 million[^21]

These criminal regimes operate independently of the Framework Act.

## The AI Policy Center, Safety Institute and National AI Committee

### AI Policy Center

The Act establishes the **AI Policy Center** under MSIT as the strategic and analytical hub for Korea's AI policy. Its mandated functions include technical support for the Master Plan, analysis of AI's social, economic, and cultural impacts, forecasting of technology trends and legislative needs, coordination of cross-ministerial AI initiatives, and international cooperation activities.[^5][^6] Korea's National Information Society Agency (NIA) operates a dedicated Department of AI Policy that supports the Center's research function.[^24]

### Korea AI Safety Institute

The **Korea AI Safety Institute (AISI)** was established within ETRI in November 2024, before the Framework Act took effect, but was given statutory grounding by Article 12 of the Act. AISI's mandate covers analysis of AI risks, development of safety evaluation standards and technologies, model evaluations, and international cooperation as part of the [international AI Safety Institute network](/wiki/ai_safety_institute) that includes the [US AI Safety Institute](/wiki/us_aisi), the UK AISI, and counterparts in Japan, Singapore, Canada, and others.[^15]

### National AI Strategy Committee

The presidential **National AI Committee**, launched in September 2024 ahead of the Act's passage, was renamed the **National AI Strategy Committee** in September 2025. Chaired by the President, it includes ministerial-level officials and civilian experts. The Committee approves the three-year Master Plan, sets the national AI strategy, and possesses authority to mandate cross-ministerial regulatory action.[^6][^13] Eight subcommittees cover technology and infrastructure, data, global cooperation, society, science, defense, industrial application, and public-sector use.[^6]

## Subordinate regulations

On September 8, 2025, MSIT released for public comment a consolidated package of subordinate regulations supplementing the Framework Act, including the **Enforcement Decree** and accompanying notices.[^25][^26] After a roughly 40-day comment period and revisions, MSIT issued a second legislative notice in November 2025 (running until December 22, 2025), with final adoption timed for January 22, 2026, in parallel with the Act's effective date.[^16]

The Enforcement Decree operationalizes the statute in six main areas:[^25][^26]

1. Transparency and labeling requirements for generative AI and deepfake-like outputs, including provision for non-visible watermarking
2. Concrete criteria and confirmation procedures for high-impact AI within the ten enumerated sectors
3. Safety and reliability obligations for high-performance AI (including the 10^26 FLOPs designation)
4. Methodology and content requirements for impact assessments on fundamental rights
5. Designation rules, registration procedures, and thresholds for foreign operators' domestic representatives
6. Administrative procedure and enforcement policy, including the multi-stage compliance pathway with the published one-year grace period before fines

### Civil-society criticism of the Decree

Civil-society organizations criticized the draft Enforcement Decree for what they viewed as an excessively narrow scope. The Digital Justice Network's Director Oh Byung-il argued that whereas the EU AI Act prohibits high-rights-risk uses such as real-time biometric identification in public spaces, Korea's framework contains no such prohibitions and the decree did not expand the list of high-impact sectors to encompass surveillance technologies like workplace monitoring or robot patrols.[^27] Rights advocates also faulted the decree's classification of organizations that "merely use" AI in critical decisions (such as hospitals applying diagnostic AI, employers using AI hiring, or banks using AI for credit) as users with limited explanatory duties, rather than as accountable deployers.[^27]

## Comparison with the EU AI Act

Although Korean officials have publicly described the Act as inspired in part by the [EU AI Act](/wiki/eu_ai_act), significant differences exist:[^4][^7][^17][^19][^28]

| Dimension | EU AI Act | Korea AI Basic Act |
|---|---|---|
| Risk tiers | Four (unacceptable, high, limited, minimal) plus separate general-purpose AI rules | Functionally three (high-impact, generative, high-performance) plus universal baseline |
| Prohibited uses | Eight prohibited categories (Article 5) | No outright prohibitions |
| High-risk scope | Detailed Annex III, including law enforcement, migration, judicial uses | Ten enumerated sectors via decree |
| Maximum fine | Up to EUR 35 million or 7% of global turnover | KRW 30 million per violation (about US$21,000) |
| Compute threshold (frontier) | 10^25 FLOPs for general-purpose AI with systemic risk | 10^26 FLOPs for high-performance AI |
| Conformity assessments | Third-party conformity for high-risk AI | Self-assessment with notification to MSIT |
| Foreign-operator scope | Market-placement test | Effects-on-Korean-market test (broader) |
| Local representative | Required for non-EU providers of high-risk AI | Required when foreign operator meets revenue or user thresholds |
| Codes of practice | [GPAI Code of Practice](/wiki/gpai_code_of_practice) for general-purpose AI | Industry-led standards encouraged, not codified |

Where the EU AI Act is dense, prescriptive, and heavily penalty-driven, the Korean statute is shorter, more promotional in tone, and far less punitive. Korean lawmakers and MSIT have repeatedly emphasized "minimum regulation" and a posture more friendly to industrial competitiveness, partly out of concern that Korea's leading AI firms might otherwise be disadvantaged against US and Chinese rivals.[^4][^7] Korea also lacks the EU's third-party conformity-assessment infrastructure; reliance is placed instead on self-assessment and MSIT-led inspection.

## Comparison with US state AI laws

The Act emerged alongside a wave of US state-level AI legislation. The two most directly comparable state laws are:

* The **[Colorado Artificial Intelligence Act](/wiki/colorado_ai_act)** (SB 24-205), enacted in May 2024 and amended with implementation phased through 2026, which imposes duties on developers and deployers of "high-risk AI systems" used in consequential decisions (employment, education, finance, healthcare, housing, insurance, legal services, and government services), enforced by the Colorado Attorney General.[^22][^29]
* The **[Texas Responsible AI Governance Act](/wiki/texas_responsible_ai_act)** (TRAIGA, HB 149), signed in 2025 and effective January 1, 2026, which adopts a narrower scope focused on prohibited uses and government deployments, with civil penalties up to US$200,000 per violation enforced by the Texas Attorney General.[^22][^23]

Comparison points:[^22][^29]

* All three laws use risk-based or sectoral approaches without outright bans on private-sector general AI (TRAIGA includes some narrow prohibitions for specific harmful uses)
* Penalty severity: TRAIGA's per-violation cap of US$200,000 is roughly ten times Korea's KRW 30 million ceiling; both are dwarfed by the EU AI Act
* Foreign-operator scope: Korea is the only one with explicit extraterritorial application based on user/market effects
* The Korean Act, like the Colorado AI Act, contains universal baseline duties that apply regardless of risk classification; TRAIGA more narrowly targets specific prohibited acts

## Industry reception

### Domestic reaction

Korea's major technology firms publicly endorsed the law's clarity-providing role even as they sought favorable interpretations of its provisions. Samsung Electronics, Naver, Kakao, and the three major telecommunications operators reorganized internal compliance frameworks during the 2025 transition year. Samsung positioned its on-device AI strategy as inherently aligned with the Act's data-security and privacy emphases, and Naver and Kakao expanded preexisting voluntary governance frameworks to meet the new statutory transparency duties.[^30]

Reaction from the startup community was sharper. The Korea Startup Alliance and similar bodies warned that mandatory risk-management plans, impact assessments, and the prospect of dedicated compliance personnel could disadvantage smaller firms, even with the regulatory sandboxes the Act contemplates. A Startup Alliance survey reported that only about 2% of Korean AI startups had completed formal compliance frameworks by the effective date.[^30] Trade associations from the game and content industries expressed concern that mandatory visible watermarking on generative AI outputs could weaken creative market value, prompting MSIT to allow non-visible watermarking and other alternatives in the Enforcement Decree.[^30][^16]

Coverage in Korean media identified persistent uncertainty over interpretation, particularly the absence of quantitative thresholds beyond compute for triggering "high-impact" status. Industry observers warned of a potential chilling effect, especially the obligation to re-confirm compliance for each new model version, and academic commentary urged MSIT to balance promotion against regulation.[^31]

### International reception

International law firms and trade-policy analysts framed the Act primarily as a regulatory marker: the first comprehensive AI law outside the European Union, signaling that "Brussels-effect" AI regulation was diffusing into Asia.[^2][^4][^7] Western analyses generally emphasized:

* The relative leniency of penalties compared with the [EU AI Act](/wiki/eu_ai_act)
* The novelty of the effects-on-market extraterritorial test
* The dual identity of the Act as both promotion and regulation, mirroring China's approach to AI governance more than Brussels's pure-regulation posture (see [artificial intelligence in China](/wiki/china_ai))
* The institutional architecture, particularly the AI Policy Center and AISI, as templates for other small and mid-sized economies considering AI legislation

The US Department of Commerce's International Trade Administration issued an advisory in 2025 highlighting US-company compliance obligations under the Act, particularly the local-representative requirement for those exceeding the revenue or user thresholds.[^1]

The Information Technology and Innovation Foundation (ITIF) published a critical assessment in September 2025 arguing that the broad statutory definition of "AI system" risked sweeping in conventional software, that compute thresholds are unreliable predictors of risk, that mandatory labeling was technically fragile, and that the National AI Strategy Committee's centralized regulatory authority risked overriding sectoral expertise.[^6]

## Implementation outlook

As of mid-2026, the Act is in its grace period. MSIT has signaled that it will prioritize guidance, voluntary compliance, and corrective dialogue over punitive enforcement during the initial year. Forthcoming work expected to shape practice includes:[^5][^6][^16]

* Detailed sectoral interpretive guidance for the ten high-impact domains
* Practical confirmation procedures for self-assessment
* The model and method for impact assessments on fundamental rights
* Operational launch of the Master Plan, AI Policy Center research outputs, and AISI evaluation protocols
* Coordination protocols between MSIT and the PIPC over personal-data-intensive AI systems
* Adjustment of the foreign-operator thresholds and the local-representative registration regime in response to early implementation experience

The Act is widely expected to be amended within the following Assembly term, as gaps identified during early implementation (including the human-rights and surveillance scope criticisms raised by civil society, and the foreign-firm and startup concerns raised by industry) drive a second wave of revisions.[^6][^27][^30]

## See also

* [EU AI Act](/wiki/eu_ai_act)
* [Colorado Artificial Intelligence Act](/wiki/colorado_ai_act)
* [Texas Responsible AI Governance Act](/wiki/texas_responsible_ai_act)
* [Artificial intelligence in China](/wiki/china_ai)
* [AI Safety Institutes](/wiki/ai_safety_institute)
* [US AI Safety Institute (Center for AI Standards and Innovation)](/wiki/us_aisi)
* [AI Seoul Summit](/wiki/seoul_ai_summit)
* [GPAI Code of Practice](/wiki/gpai_code_of_practice)
* [America's AI Action Plan](/wiki/ai_action_plan)
* [Deepfake](/wiki/deepfake)

## References

[^1]: U.S. International Trade Administration. "South Korea Artificial Intelligence (AI) Basic Act." https://www.trade.gov/market-intelligence/south-korea-artificial-intelligence-ai-basic-act. Accessed 2026-05-19.

[^2]: Future of Privacy Forum. "South Korea's New AI Framework Act: A Balancing Act Between Innovation and Regulation." https://fpf.org/blog/south-koreas-new-ai-framework-act-a-balancing-act-between-innovation-and-regulation/. Accessed 2026-05-19.

[^3]: Library of Congress, Global Legal Monitor. "South Korea: Comprehensive AI Legal Framework Takes Effect." February 20, 2026. https://www.loc.gov/item/global-legal-monitor/2026-02-20/south-korea-comprehensive-ai-legal-framework-takes-effect. Accessed 2026-05-19.

[^4]: TLP Advisors. "The Closing Act of 2024: South Korea's AI Basic Act." January 2025. https://techlawpolicy.com/2025/01/the-closing-act-of-2024-south-koreas-ai-basic-act/. Accessed 2026-05-19.

[^5]: International Association of Privacy Professionals (IAPP). "Analyzing South Korea's Framework Act on the Development of AI." https://iapp.org/news/a/analyzing-south-korea-s-framework-act-on-the-development-of-ai. Accessed 2026-05-19.

[^6]: Information Technology and Innovation Foundation (ITIF). "One Law Sets South Korea's AI Policy, and One Weak Link Could Break It." September 29, 2025. https://itif.org/publications/2025/09/29/one-law-sets-south-koreas-ai-policy-one-weak-link-could-break-it/. Accessed 2026-05-19.

[^7]: White & Case LLP. "AI Watch: Global regulatory tracker - South Korea." https://www.whitecase.com/insight-our-thinking/ai-watch-global-regulatory-tracker-south-korea. Accessed 2026-05-19.

[^8]: Cooley LLP. "South Korea's AI Basic Act: Overview and Key Takeaways." January 27, 2026. https://www.cooley.com/news/insight/2026/2026-01-27-south-koreas-ai-basic-act-overview-and-key-takeaways. Accessed 2026-05-19.

[^9]: Government of the Republic of Korea, Ministry of Science and ICT. "National Strategy for Artificial Intelligence." December 2019. https://wp.oecd.ai/app/uploads/2021/12/Korea_National_Strategy_for_Artificial_Intelligence_2019.pdf. Accessed 2026-05-19.

[^10]: Ministry of Science and ICT. "The Digital New Deal Is to Lead Digital Transition." https://www.msit.go.kr/eng/bbs/view.do?bbsSeqNo=42&nttSeqNo=443. Accessed 2026-05-19.

[^11]: Korea.net. "MSIT announced 'Strategy to realize trustworthy artificial intelligence.'" May 2021. https://www.korea.net/Government/Briefing-Room/Press-Releases/view?articleId=5704. Accessed 2026-05-19.

[^12]: Korea Economic Institute of America. "Timeline of the South Korean Government's AI Efforts." https://keia.org/the-peninsula/timeline-of-the-south-korean-governments-ai-efforts/. Accessed 2026-05-19.

[^13]: The Korea Times. "South Korea presidential AI committee to develop national AI strategy early next year." December 2024. https://www.koreatimes.co.kr/www/nation/2024/12/281_387504.html. Accessed 2026-05-19.

[^14]: The Korea Herald. "Korea Inc. to invest W65tr in AI in 4 years." https://www.koreaherald.com/article/3483070. Accessed 2026-05-19.

[^15]: Ministry of Science and ICT. "'AI Safety Institute' Launched Following the AI Seoul Summit." November 27, 2024. https://www.msit.go.kr/eng/bbs/view.do?nttSeqNo=1058&bbsSeqNo=42&mId=4. Accessed 2026-05-19.

[^16]: Ministry of Science and ICT. "MSIT Announces Legislative Notice for the Enforcement Decree." November 2025. https://www.msit.go.kr/eng/bbs/view.do?bbsSeqNo=42&nttSeqNo=1191. Accessed 2026-05-19.

[^17]: Shin & Kim. "National Assembly passes the AI Basic Act." https://www.shinkim.com/eng/media/newsletter/2667. Accessed 2026-05-19.

[^18]: Baker Botts L.L.P. "South Korean Ministry of Science and ICT Issues Package of Regulations to Supplement AI Framework Act." https://ourtake.bakerbotts.com/post/102low8/south-korean-ministry-of-science-and-ict-issues-package-of-regulations-to-supplem. Accessed 2026-05-19.

[^19]: Center for Security and Emerging Technology (Georgetown). "Framework Act on the Development of Artificial Intelligence and Establishment of Trust." July 2025. https://cset.georgetown.edu/publication/south-korea-ai-law-2025/. Accessed 2026-05-19.

[^20]: Debevoise & Plimpton. "South Korea Enacts New AI Law." March 24, 2025. https://www.debevoisedatablog.com/2025/03/24/south-korea-enacts-new-ai-law/. Accessed 2026-05-19.

[^21]: The Korea Times and Korea Economic Institute (KEI) coverage of South Korea's deepfake and election-act provisions. https://keia.org/the-peninsula/deepfakes-and-korean-society-navigating-risks-and-dilemmas/. Accessed 2026-05-19.

[^22]: AICompliant. "Texas TRAIGA vs Colorado AI Act: AI Compliance Differences." https://aicompliant.ai/blog/texas-traiga-colorado-ai-act-compliance-differences-2026. Accessed 2026-05-19.

[^23]: Littler Mendelson. "Understanding South Korea's New AI Law: Key Considerations for Multinational Employers." https://www.littler.com/news-analysis/asap/understanding-south-koreas-new-ai-law-key-considerations-multinational-employers. Accessed 2026-05-19.

[^24]: National Information Society Agency (NIA). "AI Policy." https://eng.nia.or.kr/site/nia_eng/ex/bbs/ListBusiness.do?businessMnCd=23000200. Accessed 2026-05-19.

[^25]: Regulations.AI. "Enforcement Decree (draft) of the Act on the Promotion of AI Development and Establishing a Trustworthy AI Framework (AI Basic Act) - package of subordinate regulations - South Korea." https://regulations.ai/regulations/korea-2025-9-ai-basic-act-enforcement-decree. Accessed 2026-05-19.

[^26]: Lexology / Korean law-firm analysis. "AI framework act: draft enforcement decree on transparency and safety." https://www.lexology.com/library/detail.aspx?g=8bdc4245-efa9-4fbd-8b3d-b61a1d3ac7c6. Accessed 2026-05-19.

[^27]: Business and Human Rights Resource Centre. "S. Korea: Draft decree for AI Basic Act sparks backlash over limited scope and delayed penalties." https://www.business-humanrights.org/en/latest-news/s-korea-draft-decree-for-ai-basic-act-spark-backlash-over-limited-scope-and-delayed-penalties/. Accessed 2026-05-19.

[^28]: Centraleyes. "South Korea AI Act." https://www.centraleyes.com/south-korea-ai-act/. Accessed 2026-05-19.

[^29]: Optiv. "Global AI Regulations: Reviewing the Landscape of AI Laws in the EU, South Korea and the US." https://www.optiv.com/insights/discover/blog/global-ai-regulations-reviewing-landscape-ai-laws-eu-south-korea-and-us. Accessed 2026-05-19.

[^30]: KoreaTechDesk and Captain Compliance coverage. "Between Innovation and Oversight: Korea's AI Basic Act Enters Enforcement with Uneasy Confidence" and "South Korea's New AI Rules: First in the World, But Startups Aren't Thrilled." https://koreatechdesk.com/korea-ai-basic-act-enforcement-startups-governance and https://captaincompliance.com/news/south-koreas-new-ai-rules-first-in-the-world-but-startups-arent-thrilled/. Accessed 2026-05-19.

[^31]: The Korea Times. "Unclear guidance, vague terms in AI Basic Act leave businesses in limbo." January 2026. https://www.koreatimes.co.kr/amp/business/tech-science/20260129/industry-on-edge-as-ai-basic-act-takes-effect. Accessed 2026-05-19.