 |
| Naver data center in Chuncheon Gangwon Province. Courtesy of NBP |
By Kim Hyun-bin
Naver, the country's leading portal, has been under fire for collecting and storing sensitive customer information including social security numbers and medical history in a backup data storage facility overseas. Calls have been growing to conduct an investigation into the matter to see if the risky move violates related security laws.
The data was stored in Hong Kong where China recently imposed a new security law, allowing the Chinese government to retrieve sensitive and personal customer data from companies there.
"The revised Hong Kong security laws allows the Chinese government to take our people's personal information without a warrant and this cannot be allowed," said Rep. Kim Young-bae, a member of the ruling Democratic Party of Korea.
As the controversy heightens, Naver announced it is transferring all data from Hong Kong to Singapore and is in the process of deleting the information from its Hong Kong database.
"Between July 6 and 10, we have physically destroyed the backup data server in Hong Kong, and are transferring all data to Singapore," a Naver official said.
There are growing calls for an investigation into the portal's excessive collection of personal data with some calling the move illegal.
Rep. Kim, who is on the Public Administration and Security Committee, said the excessive collection of personal data could be in violation of the law.
 |
| Naver CEO Han Seong-sook |
Naver currently has 32 million members and obtains the personal data through its portal, search engine, shopping, O2O, finance, video streaming and navigation platforms.
The company makes it mandatory for customers to agree on the collection of data and personal information when utilizing its services.
"Naver requires the minimum customer information for membership registration including ID, password, date of birth, gender and cellphone number. If we need additional information we receive optional consent from the users," Naver said.
The lawmaker says apart from the mandatory personal information Naver collects customers' clothing size which is entered when shopping through Naver Shopping.
Naver is also accused of storing children's information which the current law has banned including their personal information, nicknames and family photos.
The company also has been requiring proof of employment, diploma, work experience certificate and even smartphone contacts to be uploaded in order for a user to upload a profile to Naver People.
Under Naver's AI platform Clova it gathers voice command information, the address of the unit installed, name, GPS, user login information and customer service history.
"Naver has been collecting unauthorized user information from clothing size to family pictures and all this should not be collected," Kim said. "Even though Naver gathered it, the company needs to immediately delete it from its database after it fulfills its purpose there."
All the mentioned data had been transferred and backed up at Naver Business Platform (NBP) in Hong Kong, which the company claimed was established in preparation for potential natural disasters and emergencies within Korea.
"Naver could have backed up its data within the country in a different location. I don't know why it went abroad. If it went abroad to cut operating costs it makes sense, but Hong Kong and Singapore's price index and cost of living are higher than most other countries," an industry official said.
Calls for an investigation are growing to see if Naver is appropriately gathering and protecting the private data of its customers.
Starting Oct. 1, 2016, all data was being sent automatically to NBP in Hong Kong leaving open the possibility the collected personal data could be accessed by an unauthorized third party.
"Under the current law, which limits the collection of personal information, if there are any changes or additional information collected, the company needs prior approval from users," Kim said. "Naver did not receive the approval. It only sent out a notice that it plans to store additional information. We need to strengthen related laws to protect the public's personal information."
![[ANALYSIS] China's ban on Micron tests Washington-Seoul alliance](https://img.koreatimes.co.kr/upload/thumbnailV2/1785a57b07ae45a7b7db49fdf4acd720.jpg/dims/resize/178/optimize)
![[INTERVIEW] Long-awaited extension of Korean Pavilion at Venice Biennale to be pushed forward](https://img.koreatimes.co.kr/upload/thumbnailV2/d8d5090875824ce08a90bb2c5a8f8c05.jpg/dims/resize/178/optimize)
