Key takeaways:

- Unsurprisingly, Korean enforcement authorities say the majority of serious leakage cases now involve Chinese counterparts, whether directly or through front companies.

- Korea is taking steps to build a functional architecture of laws, screening mechanisms, and enforcement measures. But these tools still do not fully match the threat.

- Fixing the espionage law, strengthening investment screening, and deepening allied cooperation are not three separate agendas; they are mutually reinforcing pieces of a single tech security regime.

For more than twenty years, South Korea has struggled to keep its cutting-edge technological secrets from leaking overseas. International competitors, often with the help of nefarious company insiders, have been responsible for losses totalling trillions of won in Korea’s leading industries, and with each new generation of semiconductors, ships, batteries, and displays, the costs of trade secret theft rise. Successive administrations have recognised this crisis, and regulations have been strengthened since the early 2000s to both prevent the theft of technology secrets and to punish those responsible. The current government is no exception. Over the past year, the Lee Jae Myung administration has tightened investment screening around “national core technologies,” launched high-profile crackdowns on illegal tech exports, and prepared long-overdue reforms to the espionage law. Yet the system still has serious shortcomings. Without closer coordination with allies and tougher scrutiny of risky Chinese-linked investments, Korea risks nothing less than the collapse of its flagship industries.

A Longstanding Problem is Getting Worse

In late November, police in Gyeonggi referred three former and current employees of SK Enpulse, an SKC-affiliated semiconductor materials firm, to prosecutors for allegedly attempting to leak domestically developed “blank mask” technology to China. Investigators alleged that a former engineer conspired with internal staff to steal blueprints and planned to secure Chinese investment to build a production facility abroad, though police intervened before the materials were successfully transferred. Because these blank masks are critical inputs for advanced semiconductor manufacturing and had previously been dominated by Japanese suppliers, the technology was strategically sensitive for South Korea.

This case exemplifies a longstanding trend. In July, the National Police Agency launched a 100-day nationwide crackdown on illegal exports of core technologies after a surge in cases involving semiconductors, EV batteries, and defense technologies. Police explicitly linked the campaign to an uptick in “high-stakes” leakage attempts, many involving intermediaries seeking to move Korean know-how into Chinese firms.

China is not the only destination, but it is the most important. Beijing’s industrial policy has placed massive pressure on sectors where Korean firms have long held a lead, such as displays, batteries, and memory chips. Chinese local governments and private equity funds have been actively encouraged to acquire overseas high-tech assets and talent, often through indirect routes such as offshore funds or consortium deals. Unsurprisingly, Korean enforcement authorities say the majority of serious leakage cases now involve Chinese counterparts, whether directly or through front companies.

A more practical policy toolbox

The Lee government has followed its predecessor in upgrading the legal toolbox available to address technology theft. Amendments to the Act on Prevention of Divulgence and Protection of Industrial Technology (the Industrial Technology Protection Act) and its Enforcement Decree came into force on July 22, 2025. The revisions expand the scope of “national core technologies” (NCTs), strengthen oversight of mergers and acquisitions involving NCT-holding entities, and sharpen penalties for unauthorized transfer abroad. Regulators have also tried to address industry complaints about uncertainty and delay. The Ministry of Trade, Industry and Energy (MOTIE) has proposed capping the review period for NCT designations and export approvals at 45 days, extendable once, to make compliance more predictable for firms whose business models depend on global collaboration.

These measures complement a more proactive industrial policy. Seoul is courting foreign partners to deepen its semiconductor and AI ecosystems with deals like the recent memorandum of understanding with SoftBank’s Arm Holdings to build a chip design training facility in Korea, which aims to train around 1,400 high-level chip designers and bolster system-semiconductor capabilities. A more sophisticated domestic ecosystem can, in theory, both attract trusted partners and reduce dependence on risky technology deals. Taken together, Korea is taking steps to build a functional architecture of laws, screening mechanisms, and enforcement measures. But these tools still do not fully match the threat.

Creating a Forward-Looking Solution

The most urgent gap remains the Criminal Code’s espionage provision, Article 98. For decades, this article was narrowly interpreted as applying mainly to spying “for the enemy” (in practice, North Korea) on traditional military secrets. The National Intelligence Service (NIS) has repeatedly warned that under the existing wording, it is extremely difficult to prosecute foreign agents or brokers who steal strategic technologies for other states, including China.

That may finally be changing. Earlier this month, the National Assembly’s Legislation and Judiciary Committee advanced a bipartisan amendment to broaden the scope of the espionage crime beyond North Korea, explicitly covering the theft of strategic technologies and data critical to national and economic security. If passed, investigators would gain a more flexible tool to target foreign operatives and domestic collaborators working on behalf of hostile states.

But to truly function as a 21st-century economic-espionage statute, the revised article must address a few issues. First, it must cover economic and industrial secrets with clear national-security implications, not just classic military intelligence. Second, it must allow prosecution of foreign nationals and overseas conspiracies that have substantial effects in Korea, in line with how the U.S. and some European states treat extraterritorial economic espionage. Finally, it must avoid overbreadth and politicisation. Safeguards are needed so that journalists, whistleblowers, or legitimate researchers are not swept up in vague “security” charges. If policymakers get the balance wrong by either leaving loopholes that foreign agents can exploit, or creating a chilling effect on legitimate activity, then the revision could prove ineffective. But doing nothing is no longer an option, as the current framework leaves Korea dependent on a patchwork of industrial-technology statutes that were never designed to address state-sponsored industrial espionage networks.

A second priority is tightening the investment and ownership channels through which sensitive technology can migrate abroad. Korea’s recent reforms to the Industrial Technology Protection Act and related decrees already require prior approval for foreign acquisitions or share purchases involving firms that hold national core technologies. However, it could also prioritise screening transactions like joint ventures, R&D partnerships, and licensing deals that can involve more risk than simple equity stakes. In addition, research funding and collaboration with high-risk partners, particularly those with affiliations to the Chinese government and military, should be more closely regulated. This would not mean shutting the door on foreign capital. Korean policymakers are simultaneously expanding incentives for trusted investors in strategic industries. But a credible tech-security strategy requires a sharper distinction between high-trust and high-risk investments.

Finally, Korea’s efforts to protect cutting-edge technology cannot be purely domestic. The emerging reality is a loose techno-bloc of allies in which the U.S., Japan, the EU, and like-minded partners coordinate export controls, investment screening, and research security. Korea is already deeply integrated into this ecosystem through semiconductor supply chains and its alliance commitments, but its domestic legal and policy frameworks still lag behind the level of coordination that Washington and Brussels increasingly expect. To rectify this, Korea should engage in more formalised information-sharing on economic espionage cases with key partners, especially where the same Chinese or other foreign entities target multiple allied firms. Capacity-building for universities and SMEs, which remain the weakest link in Korea’s tech-security ecosystem, should also be done in tandem with overseas partners and private security firms that specialize in risk management. Government plans have highlighted the need to support smaller institutions in building security systems, but these efforts would benefit from multilateral systems with shared best practices.

Korea’s durable tech security regime

The past year has shown that the Lee government is willing to act to prevent technology theft. It has strengthened existing statutes, launched high-profile crackdowns, and signalled that protecting technology is now a central pillar of national strategy. But the continuation of high-stakes cases shows that adversaries are evolving just as quickly. Fixing the espionage law, strengthening investment screening, and deepening allied cooperation are not three separate agendas; they are mutually reinforcing pieces of a single tech security regime. If Korea can move decisively on all three fronts, it will not only better protect its crown-jewel technologies, it will also cement its role as a trusted partner in the global contest over who controls the technologies that will define the coming decade.