On Nov. 4, at the departure hall of Incheon International Airport Terminal 1, travelers are lining up at the SK Telecom roaming center to change their SIM cards. /Courtesy of Yonhap News Agency

SK Telecom's plan to exempt users from penalties related to the 'USIM information hacking incident' has been deemed legally possible according to an analysis by the National Assembly's Legislative Research Service.

Choi Min-hee, the chair of the National Assembly's Science, Technology, Information, Broadcasting and Communications Committee and a member of the Democratic Party of Korea, explained on the 4th that she received a response after inquiring with the Legislative Research Service whether it is legally possible for mobile carriers to unilaterally exempt penalties.

In an official response submitted to Choi's office, the Legislative Research Service stated, 'Since SK Telecom's subscription terms dictate that penalties can be waived in the event of contract cancellation due to the company's fault, if this hacking incident is deemed a service issue caused by SK Telecom, penalties can be waived based on this clause.'

The analysis continued, stating that even if the application of the terms is unclear, 'it is difficult to conclude that it is legally impossible for the company to take voluntary measures to exempt penalties.' This was explained based on the autonomy of contracts and the freedom of agreements between parties according to the terms and conditions regulation law, allowing for flexible responses based on administrative guidance or business judgment.

The Legislative Research Service cited a case from 2016 during the Samsung Electronics Galaxy Note 7 combustion incident, where the three telecommunications companies voluntarily exempted penalties, indicating that voluntary exemptions are legally permissible.

Additionally, in response to the claim that SK Telecom's exemption of penalties could be considered a breach of duty, it noted that 'the decision to exempt penalties is aimed at the company's long-term interests, and the risk that imposing penalties could lead to lawsuits from customers or sanctions from regulatory authorities, along with the unclear circumstances regarding accountability for the hacking incident, makes it difficult to conclude that there was clear intent to breach duty.'

In this context, Choi stated, 'SK Telecom is delaying by avoiding responsibility, claiming that “legal judgment is necessary” or “board approval is required,” and that SK Telecom should fulfill its responsibilities to the public immediately instead of responding passively.'