Kang Seung-woo is the Business Desk editor at The Korea Times. Prior to this position, he covered politics, national affairs, finance and sports.
Absent 'global' CEO
By Kang Seung-woo
Coupang founder and de facto controlling shareholder Kim Bom-suk, also known as Bom Kim, ultimately did not appear before the National Assembly during Wednesday’s parliamentary hearing.
The hearing, convened to address the e-commerce giant’s massive personal data breach, went forward without the figure the public most wanted to hear from. Kim, chairman of the Coupang Inc. board, and other former top executives submitted written excuses for their absence, leaving only Coupang Korea’s interim chief to field questions.
Kim cited his “official business schedule” as the reason for skipping the hearing, claiming that, as CEO of a global company operating in more than 170 countries, he could not attend. But the excuse rings hollow given the scale of the data breach: More than 33.7 million users — roughly two-thirds of Korea’s population — had their personal information exposed, and over 90 percent of Coupang’s revenue comes from Korea. Few issues could be more urgent or more directly tied to the company’s core business.
This was far from a routine political summons. Coupang has become a national platform, with over 34 million monthly active users. A data breach of this magnitude is closer to a national crisis than a corporate mishap. Yet key questions — how the breach occurred, how long the company knew about it and what concrete measures are being taken to prevent a recurrence — remain unanswered. Even more striking is the absence of a direct apology from the company’s ultimate decision-maker.
Kim’s no-show follows a long-established pattern. Over the past decade, he has been summoned six times to National Assembly audits or hearings and has never appeared, offering excuses ranging from injuries to overseas commitments. In 2021, just ahead of the implementation of the Serious Accidents Punishment Act, he stepped down as chairman of Coupang Korea’s board and as a registered director, effectively severing formal legal ties to the company’s Korean operations. In this latest crisis, Kim again remained silent, while former CEOs argued that having resigned, they were no longer in a position to represent the company. The result was a hearing stripped of substance before it even began.
The problem goes beyond mere attendance or, in this case, absence. Coupang’s response exposes a deeper issue: how global platform companies perceive — and evade — responsibility in the very markets that sustain them. The company rose to dominance through aggressive pricing, rapid delivery and massive data accumulation, reshaping Korea’s retail ecosystem along the way. With that scale comes heightened obligations, particularly in safeguarding user information. Yet the public has witnessed lax security management, delayed communication and a conspicuous effort to minimize accountability.
A truly global company must meet global standards of responsibility. When Toyota faced a massive recall crisis in 2010, then-CEO Akio Toyoda personally testified before the U.S. Congress, offering an apology and pledging reforms. In the European Union, the General Data Protection Regulation allows regulators to impose fines of up to 4 percent of a company’s global revenue for serious data breaches, regardless of where the company is headquartered. Nationality and residence are not shields against accountability; they define the scope of responsibility.
The Coupang case underscores the limits of parliamentary hearings in holding multinational platform firms accountable. Public scolding alone cannot compel responsibility from executives who operate beyond domestic legal reach. What is needed are institutional and legal reforms. For large-scale platform companies, the data protection responsibilities of de facto controlling executives must be clearly defined by law. When major breaches occur, regulators should have the authority to impose meaningful sanctions. Punitive damages and expanded class-action mechanisms, especially in cases of gross negligence, should no longer be taboo.
Kim built Coupang’s business in Korea and Korean consumers turned it into one of the country’s most powerful platforms. Responsibility should follow the same path. If profits are earned in Korea while accountability is deferred behind U.S. corporate structures and citizenship, public trust will continue to erode. No amount of corporate messaging or technical fixes can restore credibility without visible leadership accountability.
The measure of a global company is not its valuation or geographic reach, but how it responds when trust is broken. Kim’s absence from the National Assembly was more than a missed appearance; it was a telling symbol of how easily responsibility can vanish when it is needed most — and why Korea must rethink how it holds powerful platform companies accountable.
Kang Seung-woo is the business desk editor at The Korea Times.