South Korea's privacy watchdog fined Bithumb 210M won for sending order-book data to an exchange users hadn't approved, adding to compliance pressure.
Alpha Score of 68 reflects moderate overall profile with strong momentum, moderate value, moderate quality, moderate sentiment.
South Korea’s personal information watchdog fined Bithumb 210 million won, about $136,000, for sending user data to an exchange customers never approved.
The Personal Information Protection Commission issued the penalty and a corrective order after its 12th plenary meeting on June 24. The case stemmed from questions raised during a 2025 parliamentary audit about Bithumb’s practice of sharing its order book with overseas platforms.
Order-book sharing lets exchanges pool buy and sell orders so trades match across venues. The PIPC found that Bithumb shared its Tether USDT order book with overseas exchanges from September to November 2025. Users had consented to a transfer involving Stellar exchange. The regulator said member numbers and order data actually went to a system operated by bingx.com, not Stellar.
The recipient mismatch turned a standard liquidity partnership into a privacy violation. The regulator also examined Bithumb’s virtual asset transfers to 13 overseas exchanges. It found Bithumb sent sender and recipient data, including names, wallet addresses, and in one case dates of birth, for anti-money laundering checks.
The PIPC acknowledged that personal information may be needed for AML purposes during virtual asset transfers. It stressed that cross-border transfers remain closely tied to a user’s right to control personal data. “The cross-border transfer of personal information is a matter closely related to the data subject’s right to self-determination,” the commission said, according to the report.
The order requires Bithumb to correct its overseas transfer process and explain relevant transfers clearly in its personal information processing policy.
The fine adds to Bithumb’s regulatory pressure in South Korea. Regulators earlier hit the exchange with a 36.8 billion won penalty for AML-related violations involving customer checks, transaction monitoring, and transfers tied to unregistered overseas virtual asset service providers.
South Korea has proposed crypto AML rule changes that could automatically flag all overseas-linked transfers above 10 million won. The industry warned that local exchanges could face heavy reporting pressure. The government also plans to share crypto transaction data with 48 countries under the OECD Crypto-Asset Reporting Framework.
The PIPC released new guidelines for personal information protection in blockchain services alongside the Bithumb sanction. The guidelines call for controls over on-chain disclosures, tracking risks, participant data sharing, and personal information destruction. The watchdog said firms should consider privacy protection from the planning stage when building blockchain services.
The watchdog said it will continue to respond strictly to violations of the Personal Information Protection Act and keep setting standards that balance data protection with safe use of new technologies.
Prepared with AlphaScala editorial tooling from the source reporting linked above. Indexable analysis may include a cited Alpha Score value. Publishing checks screen each story before release. Educational coverage, not personalized advice.