Korea’s Coupang Controversy and the Platform Law

: Mockery at Home, Criticism Abroad

Public Outrage After the Coupang Data Breach

Sticky notes and signs plastered on Coupang’s Seoul headquarters label the e-commerce giant a “criminal enterprise” (범죄기업) and “murderous company” after a massive data breach exposed personal information from roughly 33.7 million customer accounts. The public backlash has been fierce and unapologetic. South Korean netizens and consumers have unleashed a storm of ridicule, distrust, and anger toward Coupang – often dubbed the “Amazon of Korea” – and its leadership in the wake of the country’s largest-ever data leak  . What might have been a PR blip for a tech giant has spiraled into a nationwide revolt, with online forums and YouTube comment sections brimming with scorn. Many users openly mocked Coupang’s belated compensation offer – 50,000 won (~$35) in shopping vouchers per affected user – as a cynical marketing ploy. “Nominal 50,000-won coupons” that force people to spend more on Coupang’s own services were derided as “a marketing ploy under the guise of apology”, “unusable compensation for real victims,” and “consumption-inducing rather than compensatory” by angry commenters and consumer groups  . The fact that only 5,000 won of the voucher is usable on Coupang’s main site (the rest being split among niche services like luxury goods and travel) provoked instant outrage – a “cheap trick of promotional activities” that one lawmaker said is stoking public fury .

Fueling the distrust is Coupang’s handling of the breach and its aftermath. Initially, the company acknowledged that 33 million+ users’ data (names, emails, phone numbers, addresses) had been compromised – nearly two-thirds of South Korea’s population  . Yet in its own internal probe, Coupang abruptly revised the figure down to just 3,000 accounts, claiming a rogue employee only saved data from those accounts and deleted it without further sharing  . This dramatic downplaying was met with incredulity. South Korea’s Ministry of Science and ICT publicly disputed Coupang’s numbers, confirming through a joint investigation that over 33 million records were in fact leaked, far beyond the 3,000 the company insisted on  . President Lee Jae-myung even called for tougher penalties on Coupang for such corporate negligence in handling one of the nation’s worst data breaches . To many Koreans, Coupang’s narrative sounded like a cover-up – a self-serving tale to placate investors rather than a forthright admission to customers. As one disillusioned user put it, the company is “just trying to save face,” and its hollow apology “feels like a slap in the face to loyal users.” 

Coupang’s leadership, especially founder and Chairman Kim Bom-suk (Bom Kim), has become a lightning rod for public ire. Kim – a Korean American billionaire – conspicuously failed to appear at parliamentary hearings on the breach, citing other appointments, even as his company’s interim CEO and executives were grilled by lawmakers  . This was the eighth time Kim snubbed a National Assembly summons, a pattern legislators slammed as “insolent behavior that disregards the National Assembly and our people.”  In Korean online communities, Kim earned epithets like “kingly” or out-of-touch; many seethed that the chairman was hiding abroad and acting as if accountable to no one. Even Coupang’s interim CEO, Harold Rogers, drew ridicule during a parliamentary hearing when he insisted on using his own interpreter instead of the official translator – a move seen as an attempt to control messaging, which led to a surreal scene of Rogers wearing two earpieces after lawmakers intervened  . Memes spread of the CEO literally needing two translators to dodge questions, emblematic of what critics call Coupang’s slippery corporate behavior.

The cumulative effect of these missteps has been a collapse in public trust. From Naver forums to YouTube comments, many Koreans now speak of Coupang with open scorn – dubbing it a “범죄기업” (criminal enterprise) – and voicing skepticism that the company will face real consequences. Boycotts have trended on social media. Class-action lawsuits are rapidly accruing tens of thousands of claimants as consumers seek direct cash compensation in court  . In short, a significant segment of the Korean public sees the Coupang scandal as symptomatic of a tech titan grown arrogant and unrestrained, and they are responding with mockery and mobilization. The backlash has become a referendum on corporate accountability, with Coupang cast as the villain in a cautionary tale.

Korea’s Online Platform Law: Intent and Scope

Even before Coupang’s data fiasco, South Korea was gearing up to rein in its powerful online platforms. The so-called Online Platform Law (온플법) – officially an amendment to the Act on Fair Transactions in Large Retail Business – is the government’s attempt to address perceived monopolistic and unfair practices by Big Tech and e-commerce players. In essence, the law targets any large online platform with over 3 trillion won (~$2.2 billion) in revenue, imposing new obligations to prevent abuses of market dominance . The intent is to promote fairness in platform commerce by outlawing practices such as self-preferencing (favoring a company’s own products or services in search results or marketplace rankings), bundling disparate services to hinder competitors, and restricting merchants from multihoming (using multiple platforms) . In practical terms, a firm like Coupang – which operates everything from shopping and food delivery to travel and streaming – would be prohibited from unfairly steering users to its own offerings at the expense of third-party sellers, or from coercing business partners into exclusive deals across its ecosystem.

Korean policymakers crafted the bill amid rising concerns that a few tech giants (Naver, Kakao, Coupang, and foreign players like Google) are leveraging their gatekeeper status to squash competition and exploit consumers and small merchants. The law would empower the Korea Fair Trade Commission (KFTC) to designate such dominant platforms and enforce ex ante rules on them – somewhat akin to the EU’s Digital Markets Act, but tailored to Korea’s market  . Proposed measures include heftier fines (the cap raised from 6% to 8% of relevant revenue) and faster injunctions to halt anti-competitive conduct . Notably, the KFTC’s approach evolved over time: initially envisioning an aggressive EU-style standalone law (the Platform Competition Promotion Act), it later pivoted to a more modest amendment with “ex-post” enforcement and legal presumptions of dominance, partly in response to stakeholder feedback  . Still, the core goal remains intact – to hold tech platforms accountable for treating consumers and business users fairly, given these platforms now serve as critical infrastructure in Korea’s digital economy.

Domestically, the platform regulation push enjoys significant public and political support, fueled by high-profile incidents. When a fire at a Kakao data center in 2022 knocked out essential services, for example, it underscored the risks of over-concentration and rallied calls for platform accountability. Likewise, Coupang’s recent meltdown – from labor safety controversies to this data breach – has only solidified the perception that big tech firms left to their own devices can pose systemic threats. Lawmakers in Seoul argue that clear rules are needed to prevent abuses and level the playing field for smaller competitors and consumers. In President Lee’s administration, the platform law is portrayed as a pro-consumer, pro-competition reform, not an anti-business one. Korea’s trade minister has stated the bill “aims to address challenges in the Korean digital market today,” not to discriminate against foreign companies  . Nevertheless, what South Koreans see as a long-overdue check on tech monopolies has provoked a very different reaction across the Pacific.

U.S. Criticisms: “Protectionism” and Overregulation Fears

In Washington, the Online Platform Law has been met with sharp criticism, framed less as a consumer protection effort and more as a potential trade barrier. American officials and industry groups allege that Seoul’s bill disproportionately targets U.S. tech giants and could impede digital trade  . A July 2025 letter from 43 members of the U.S. House of Representatives – prompted by White House pressure – explicitly warned that Korea’s platform regulations are “excessive” and “designed to undermine innovative business models and disadvantage successful American companies.”   The law’s high revenue threshold and focus on global platform practices mean that U.S.-based firms like Google, Apple, Meta, and even Coupang’s U.S.-listed parent could be among the primary targets. This has led American observers to brand the bill as “discriminatory”. They argue it mirrors the EU’s Digital Markets Act – which Washington has also criticized – effectively singling out big U.S. tech firms while exempting or ignoring Chinese competitors that may not meet the criteria in Korea’s market . In the words of one Congressional letter, Korea’s proposal “would advance the interests of the Chinese Communist Party (CCP) by disproportionately targeting American companies while exempting major Chinese digital giants like ByteDance, Alibaba and Temu.” 

U.S. officials also bristle at what they perceive as heavy-handed enforcement tactics embedded in Korea’s regulatory approach. They point to the KFTC’s history of “dawn raids” (surprise on-site investigations) and its willingness to criminally prosecute business practices that, in the U.S., might be handled as civil matters or not penalized at all . From the American perspective, this raises due process concerns for foreign companies operating in Korea. The U.S. Chamber of Commerce and tech lobbies have complained that the Korean law lacks clarity and sufficient consultation, potentially subjecting companies to unpredictable regulatory actions in a market already known for strict local standards on things like data and security. In fact, the U.S. Trade Representative’s 2025 National Trade Estimate (NTE) report explicitly labeled Korea’s online platform bill a “digital trade barrier,” lumping it alongside restrictions on foreign cloud services and proposed network usage fees on foreign content providers as measures that unfairly hobble U.S. firms .

American unease has escalated into formal diplomatic pressure. U.S. trade negotiators have pressed their Korean counterparts on the issue in high-level talks, tying it to broader discussions on tariffs and market access . The Trump (and now post-Trump) administration even floated the possibility of retaliatory tariffs, implicitly using Korea’s export-dependent economy as leverage if Seoul doesn’t reconsider the platform regulations  . In a U.S. Congressional hearing bluntly titled “Anti-American Antitrust: How Foreign Competition Policies Are Harming U.S. Businesses,” Korea’s platform law was cited as a prime example – an accusation that Korea is using regulation as de facto protectionism under the guise of antitrust. Prominent U.S. figures, such as former National Security Advisor Robert O’Brien, publicly warned that South Korea’s aggressive stance toward companies like Coupang in the wake of the data breach could jeopardize Korea-U.S. trade ties . The underlying message from Washington has been consistent: if Korea implements the platform law as envisioned, American tech companies (and by extension, investors) will suffer, and we view that as a hostile move in terms of trade.

This transpacific tension places Seoul in a delicate position. Korean officials insist the law is not about nationality but behavior – any firm engaging in exploitative practices in Korea, domestic or foreign, would be subject to it. They note that Korean giants like Naver and Kakao are just as affected as Google. But U.S. skepticism remains high. The backdrop of these complaints is a broader fear in Silicon Valley and D.C. that the “Brussels Effect” – where strict EU-style tech regulations spread globally – is now reaching Asia . Korea’s law, in U.S. eyes, could set a precedent encouraging other countries to corral Big Tech (often American) under the banner of “digital sovereignty.” Hence the vehement pushback: branding the law a “non-tariff barrier” and urging Korea to water it down or abandon it for the sake of free trade and innovation  .

Ironically, amid these U.S. criticisms that Korea is overregulating platforms, Koreans at home are charging that their government hasn’t regulated them enough. This disparity in viewpoints has laid bare a striking disconnect.

Korean Citizens: Demanding Tougher Regulation, Not Less

From the standpoint of the South Korean public and many lawmakers, the notion that Korea is too strict on platform companies elicits bitter laughter. Many Koreans feel that big tech platforms operate with impunity, and that laws are either too weak or too laxly enforced to protect consumers and society. The Coupang incident has only reinforced this sentiment. Observers note that Coupang’s first instinct after discovering the breach was not to alert Korean users or authorities, but to quietly fix its narrative and legal exposure. In fact, Coupang delayed disclosure of the breach (initially revealed by a user who noticed suspicious activity ) and only came forward under pressure . Even then, the company seemed more concerned with overseas regulators: it hurried to file its internal probe results with the U.S. SEC (Securities and Exchange Commission) – portraying the damage as minimal – while Korean regulators were still investigating and explicitly objecting to Coupang’s unilateral announcement  . This move angered officials in Seoul. The Science Ministry scolded Coupang for an unverified disclosure that bypassed the government’s ongoing probe . To Korean eyes, it looked like Coupang was prioritizing its Wall Street investors and legal obligations in New York over transparency with Korean victims – essentially confirming the very criticism that the company was following a “U.S. playbook” and putting customers second  .

It is little surprise, then, that Korean lawmakers and citizens are calling for more robust oversight. Far from viewing the Online Platform Law as overreach, many see it as a necessary corrective to rein in companies that have outgrown current regulations. Some Korean critics even worry the latest draft of the law has been “watered down” under foreign pressure, arguing that the KFTC “conceded too much” by shifting to a softer approach and abandoning stronger, EU-like measures . Consumer advocates and small business groups in Korea largely support tougher rules, believing that without them, the imbalance of power between giant platforms and users or merchants will only worsen. The Coupang data leak has become a rallying point, with civic organizations demanding the government make an example of the company. President Lee’s public call for stern punishment and an expanded investigation task force (involving police, data protection authorities, and even the National Intelligence Service) reflects a domestic consensus that Korea’s legal system must catch up to the influence of its tech behemoths  .

In the eyes of Korean consumers, if anything, laws like the platform bill don’t go far enough. A vivid illustration came during the National Assembly hearing on the breach, when lawmakers lambasted Coupang’s voucher compensation scheme. One representative pointed out that such coupon-based “compensation” wouldn’t even be allowed in the United States, citing U.S. court precedents that treat coupon settlements as inadequate under the Class Action Fairness Act . It was a moment of bitter irony: a Korean lawmaker effectively arguing that U.S. consumer protection norms are tougher than Korea’s, and that Korean customers deserve the same level of respect. Many in the public agreed – why should Korean victims settle for “apology coupons” that feel more like a sales promotion, when a U.S. user base in a similar scenario might see a real payout or stricter corporate penalties? This speaks to a perceived regulatory double standard. Foreign governments worry Korea is punishing companies like Google or Apple too harshly, while Korean citizens look at companies like Coupang and complain that punishments are too mild to change behavior.

Indeed, past incidents have left Koreans cynical about enforcement. Mega-fines or executive jail time for tech titans are exceedingly rare in South Korea. More often, settlements are reached or penalties amount to slaps on the wrist (as critics characterize them). For example, data protection breaches historically yielded modest fines under the Personal Information Protection Act, often seen as just the cost of doing business. That is why the 33-million-user leak – and Coupang’s apparently lackadaisical prevention and response – so infuriated the public. To them, it signaled that despite existing laws, a dominant platform felt it could cut corners with security and honesty. In this context, calls to strengthen the Platform Law and rigorously enforce it resonate with a public that wants to see genuine accountability. “User trust is the real currency,” as one Korean tech column put it, and right now that trust is badly broken .

All of this sets the stage for a confrontation: Korea’s government is caught between domestic pressure to get tough on Big Tech and international pressure (primarily from the U.S.) to ease off. The resulting policy path will have implications well beyond Korea’s borders.

Between Two Standards: Implications for Tech Governance and Accountability

The stark contrast between South Korean public opinion and U.S. policy critiques underscores a broader challenge in the digital age: how to govern global tech platforms in a way that satisfies local demands for accountability while respecting international trade norms. In the Coupang saga and the debate over the Online Platform Law, we essentially see two narratives colliding. One narrative – driven by Korean consumers, civic groups, and many officials – is that platform giants must be kept in check by robust laws, or they will abuse their power and endanger the public. The other narrative – coming from Washington and multinational corporations – is that overzealous regulation (especially by individual nations) can fragment the digital economy and often masks protectionist motives.

This isn’t just a philosophical debate; it has real consequences for transnational tech governance. If Korea presses ahead with strict platform regulations, it could inspire other countries to follow suit, creating a patchwork of local rules that companies like Google or Amazon (or Coupang) have to navigate. Proponents say this is simply the assertion of digital sovereignty and consumer rights. But detractors warn it could lead to a “splinternet” of differing regulations, complicating global commerce and possibly inviting retaliatory measures. The Korea-U.S. friction here is a microcosm of that tension. We have a U.S. Congress willing to threaten trade retaliation over another nation’s tech policies  , which is extraordinary and speaks to how strategic Big Tech has become in geopolitics. At the same time, we have a U.S.-listed company (Coupang) that operates in Korea but apparently felt it needed to placate U.S. investors and legal requirements first – even if that meant irking Korean authorities and public sentiment  . This kind of jurisdictional arbitrage by companies can weaken the authority of any single regulator. It shows that corporate accountability can fall into the gaps between nations, unless those nations work out new cooperative frameworks.

The credibility of Korea’s regulatory institutions is on the line. Incidents like the Coupang breach and the ensuing NIS controversy test whether Korean agencies can effectively police domestic companies, even those with foreign ties or political clout. The National Intelligence Service’s unusual public rebuke – calling out Coupang’s interim CEO for undermining the spy agency’s credibility with false claims  – highlights how high the stakes have become. When a nation’s spy agency and a top tech firm get into a public war of words, it’s a sign that trust has broken down on multiple fronts. For the Korean public, such spats can either be reassuring (showing that the government isn’t afraid to confront a powerful company) or alarming (revealing disarray in how the state handles crises). So far, many Koreans seem to side with the government’s tougher line on Coupang – they want their institutions to stand firm. But if those institutions are seen as bending to U.S. pressure on the platform law, or if they ultimately let Coupang off lightly behind closed doors, public cynicism will only deepen.

Conversely, from the U.S. viewpoint, if Korea’s approach is perceived as unfairly targeting American interests, it could set back bilateral cooperation on other fronts. The transnational debate over tech regulation is increasingly entangled with trade and diplomacy. We are witnessing a scenario where a data breach in Seoul prompted commentary in Washington boardrooms, and where a Korean bill in the National Assembly became fodder for U.S. election-cycle rhetoric about “standing up for American business.” This dynamic suggests that countries may need to forge new agreements or dialogues on digital policy – akin to trade agreements, but focusing on platform governance – to prevent misunderstandings and resolve conflicts. Without that, every major regulatory move (be it Korea’s platform law, Europe’s DMA, or U.S. antitrust bills) risks being interpreted through a nationalistic lens, eliciting tit-for-tat responses.

Ultimately, the Coupang–NIS controversy and the battle over the Online Platform Law illuminate a global predicament: how to ensure tech giants are answerable to the people and governments impacted by their actions. South Koreans, bruised by one tech scandal after another, are pleading for stronger protections and genuine corporate responsibility. Americans, wary of foreign regulations setting precedents, are pushing back to protect their economic interests and ideals of innovation. Both sides raise valid concerns – about freedom vs. fairness, about who gets to set the rules of the digital marketplace. The challenge for policymakers is to bridge this divide.

If Korea can recalibrate its platform regulations to address legitimate U.S. concerns without diluting the protections Korean consumers seek, it could provide a model for balancing national interest with global cooperation. Perhaps it will mean more transparency in how companies are designated and investigated, or carving out exceptions for truly global business norms. Or perhaps Seoul will press ahead unapologetically, betting that protecting its citizens (and asserting its regulatory autonomy) is worth any trade risk. Either way, one takeaway is clear: public trust in technology – and in the institutions that regulate technology – has become a defining issue of our time. As the Coupang saga shows, when that trust is shattered, the repercussions echo across borders. The ridicule and anger on Korean social media may seem worlds apart from the corridors of power in Washington, but they are two sides of the same coin – a coin that global tech companies and regulators alike will ignore at their peril.

Sources: South Korean news reports and commentary on the Coupang data breach and public response    ; Official statements and articles on Korea’s proposed Online Platform Law  ; U.S. government and industry critiques of the law  ; Parliamentary hearing coverage and expert analysis illustrating the gap between foreign and domestic perspectives  .