SOUTH KOREA Law and Practice Contributed by: Kyungsun Kyle Choi, Eui Seok Kim, Han Kyul Nam and Eun Sun Jang, Kim & Chang
or health data. This raises substantial concerns regarding potential privacy breaches. Further- more, if AI-based medical decisions cause harm due to inaccurate or biased algorithmic outputs, tort liability may arise. Consequently, questions about responsibility – whether it lies with the physician, the developer, or the provider – remain unresolved. These uncertainties com- plicate risk management and could hinder trust and the adoption of digital health tools. 4.2 Liability Frameworks Under current laws both in South Korea and abroad, AI systems cannot be recognised as legal entities that can hold intellectual property rights or bear legal responsibility. Consequently, it remains unclear whether liability should rest with the physician using the technology, the developer who created it, or the service provider that deployed it. The recently enacted AI Act offers valuable guidance on the liability framework involving AI. The Act classifies AI systems with serious effects on human life, physical safety, or basic human rights – like those using medical data – as “high-impact” AI, and requires that businesses providing services using high-impact AI clearly disclose their use of AI through measures such as watermarks. Furthermore, AI systems trained with cumulative computational power exceed- ing standards set by presidential decree must meet specific safety obligations. However, the application of these regulations in the healthcare sector remains uncertain, as detailed guidelines for high-impact AI are still in development and are expected to be released in late 2025. In practice, in the healthcare field, liability involv- ing AI is generally determined based on exist- ing laws such as the Product Liability Act, MDA or other relevant healthcare regulations, with
responsibility generally assigned to human actors or legal entities involved in the deploy- ment and use of AI. Accordingly, in the context of medical services involving healthcare pro- fessionals, such as physicians, the impact of the AI Act on liability issues may be somewhat limited. Additionally, sector-specific laws such as the DMPA and MDA continue to govern the approval, monitoring, and post-market surveil- lance of AI-based medical devices and software in healthcare. In the meantime, formal mechanisms for redress – such as civil litigation and regulatory enforce- ment – remain available under the existing legal framework. 4.3 Defences Companies can be exempt from liability if they can prove the presence of a robust compliance system, and show any wrongdoing by an indi- vidual within the company was an isolated event. Such compliance measures include: • strict internal regulations; • rigorous oversight by the legal/compliance teams; • emphasis on compliance by management; and • severe disciplinary sanctions against employ- ees/executives who engage in wrongdoing. Thus far, however, the South Korean government has been strict in exempting companies from liability based solely on the existence of strong compliance systems. In cases where the Product Liability Act (PLA) applies, companies may be exempt from liabil- ity if they can prove that they took all possible measures to detect defects within the scientific and technological standards at the time, or that
114 CHAMBERS.COM
Powered by FlippingBook