By Kim Tong-hyung
Staff Reporter
In technology-obsessed Korea, a land seemingly fascinated with everything electronic, it seems as if there are no secrets anymore.
Whatever one does or wherever one goes, it appears that no action is left unrecorded. Online verification systems confirm our identity at every turn on the Internet; chip-embedded transport cards and cameras mark our way through subways, buses, tollbooths and airports; photo IDs and sign-ins are required at many buildings; and there just might be a surveillance camera every 10 meters on the way from office to home.
So, apparently, in a country where government agencies, employers, telecommunications providers and Internet companies are intending to check and validate every move of everyone, the amount of personal data they handle is becoming enormous.
This is a growing concern, critics say, as the organizations, who have quite a zeal for collecting information, are putting less thought and effort into protecting it.
A recent report by the National Human Rights Commission exposed public organizations and private companies for their lax security standards regarding private information.
In a survey of 76 government agencies, state-run companies, financial service firms and Internet companies that require users to submit their personal information, 46 said they don't have any employees charged with protecting such data, the commission said.
Twenty-six of them were public organizations, while the remaining 20 were private firms. Of the organizations that did have at least one employee assigned to the protection of personal data, only eight had hired specialized experts to do so.
The country's 23,652 administrative organizations are currently handling more than 322,000 files containing personal data of registered residents, the commission said. According to the survey, conducted over the last seven months, some 15 percent reported having transferred data from their files to other administrative units without completing the relevant legal procedures, the commission said.
The National Health Insurance Corporation (NHIC) was pointed out as having lax standards, as it has provided more than 100 million files of personal information to other organizations since 2008.
Law enforcement authorities were criticized for their lack of care with criminal investigation records.
The National Police Agency currently holds more than 2.03 million files concerning interrogation records, and has been providing the data to other organizations even after the closure of the criminal cases, or after the indicted individuals have served their sentences.
The police's management of its crime information management system (CIMS), which currently contains the investigation records of more than 45 million criminal cases, also came under fire.
The commission claimed that the information contained in the CIMS is being used by investigators randomly, with the police failing to establish self-regulation standards.
And although the law requires CCTV footage to be deleted after 30 days, the police have been rendering the rules irrelevant by making copies of the videos, the commission said.
"The legal restrictions regarding the movement of personal information between public organizations is vague, as you can see by the absurdly large number of personal files moved by the NHIC," said an official from the commission.
"There is a huge amount of personal information being used in the country, but we still lack a system to protect the data and regulate its use. The survey will provide the base material for our draft plan for the rewriting of the Personal Information Protection Act, which we plan to announce next year."
Internet sites such as Naver and Daum, each having more than 30 million subscribers, have been providing the personal information of their users, including resident registration numbers - the Korean equivalent of social security codes - for marketing purposes, without consent.
Banks and credit card companies also need to beef up their security of personal information, the commission said.
thkim@koreatimes.co.kr
