- U.S. investors allege South Korea’s response to a massive Coupang data leak was discriminatory and overly punitive
- Petition seeks a formal enquiry by the U.S. Trade Representative under the U.S.–Korea free trade deal
What happened: Heightened trade tension over regulatory response to major breach
In a rare escalation of a corporate dispute into a potential international trade issue, two major U.S. investors in Coupang Inc — Greenoaks and Altimeter — have formally urged the United States government to investigate South Korea’s handling of the e-commerce firm’s data breach and related regulatory actions. The investors filed a notice of intent to arbitrate against the South Korean government under the U.S.–Korea Free Trade Agreement (KORUS), triggering a 90-day consultation period before formal arbitration could proceed. They are also pressing the U.S. Trade Representative (USTR) to consider trade remedies, including tariffs or sanctions, if discriminatory conduct is confirmed.
The dispute stems from a November 2025 disclosure that personal data belonging to about 33 million Coupang customers — roughly two-thirds of South Korea’s population — was compromised in one of the country’s largest data breaches on record. South Korean authorities responded with widespread investigations spanning labour, customs, financial and security dimensions that the investors say go far beyond routine regulatory enforcement. Coupang’s shares listed in New York have fallen sharply since the breach was revealed.
Also Read: Coupang pledges $1.18 billion in vouchers after massive South Korean data breach
Also Read: Who is Bom Kim? CEO of Coupang and one of Korea’s 50 richest men
Why it’s important
The action taken by Greenoaks and Altimeter is unusual: U.S. private investors rarely seek to involve their government in trade disputes over the regulatory conduct of another sovereign state. Their appeal to the USTR and invocation of KORUS raises questions about how far regulators can go in policing corporate conduct — particularly around cybersecurity incidents — without edging into protectionist measures.
South Korean officials have rejected claims of discrimination, with the Trade Minister saying the response was justified given the unprecedented scale of the breach and that misunderstandings about Seoul’s intent remain. The broader context includes strong domestic pressure within South Korea for tougher penalties, including possible class-action reforms and even business suspensions, as public outrage over the leak persists.
The outcome of this complaint — including whether the USTR will launch a formal probe — could set a precedent for how international trade rules intersect with national data protection and corporate accountability regimes. It may also test diplomatic and economic ties between the U.S. and South Korea at a time when tech regulation is increasingly a flashpoint in global trade.
