my timesThe Korea Times
  1. Business
  2. Tech & Science

Naver under probe for leaking bloggers' personal information

Listen
By Jun Ji-hye
  • Published KST
  • Updated KST

Naver's ad profit-sharing platform AdPost. / Courtesy of Naver

By Jun Ji-hye

The Korea Communications Commission is investigating Naver over the recent leak of bloggers' personal information, officials said Sunday.

The commission said it will take strict measures if it finds any violations of laws governing the information and communications industry.

The investigation comes after a system error occurred on April 30 when the nation's largest portal operator sent AdPost receipts through emails to bloggers subscribed to the platform. AdPost is the firm's ad profit-sharing platform.

In those emails, the personal information of other bloggers was accidently attached. The number of victims was estimated at 2,200, while leaked information included their names, resident registration numbers and the amount of payment.

“We, together with the Korea Internet and Security Agency (KISA), are investigating Naver regarding details of the incident,” a Korea Communications Commission official said.

AdPost is designed to provide expanded monetization opportunities to creators, offering a user-friendly interface and convenient ad management services, according to Naver.

After the leak of personal information was detected, Naver deleted the emails sent to bloggers, but this has provoked fresh controversy as the firm deleted not only unread emails but also those already opened.

Under Naver's email system, senders are unable to withdraw emails once they have been opened.

Following the measure, users have discovered that a portal operator can access the inboxes of individuals and delete their emails without permission.

Naver said it went through internal discussions and reviewed legal aspects before deciding to retrieve all the emails.

“We concluded that the secondary damage that would be caused by the leak of personal information was more serious,” a Naver official said.

The firm added it complied with guidelines, in a manual by related agencies, regarding instances of leaked personal information. The manuals suggest that a portal operator should withdraw emails if possible, and if not, it should ask the recipient of the email to delete it, according to Naver.

Naver said it only deleted emails sent by the company, claiming it did not look into or change individuals' mail boxes without permission.

The firm added that it is considering compensating the estimated 2,200 victims for damages.