Please read the Korean original here.
“Your Telco Knows What Adult Site You Visited Last Night”: Requesting Abolition of Designated Identity Verification Agencies, which Requires Telecoms to Collect and Retain Personal Data.
Open Net has recently confirmed that the three telecoms retain the data about at which Internet sites their customers used the Identity Verification Services offered by them. We request the abolishment of Designated Identity Verification Agency under the Act on Promotion of Information and Communications Network Utilization and Information Protection(the ‘Network Act’), which allows the three telecoms to retain personal data in a concentrated manner and collect resident registration numbers, or at least cancel the designation of the three telecoms as Identity Verification Agencies. Or we request that the methods of identity verification be left up to the Internet companies instead of requiring the identification scheme based on resident registration numbers, such as the mobile phone identity verification scheme.
In face of the relevant laws that compel Internet companies to verify the identity of users, the Internet companies have resorted to the mobile phone identification scheme because it was apparently the only one available to the general populace. However, the recent KT personal data leakage of 12 million people has proven that the telecoms are not particularly safer than Internet companies in terms of personal data security and therefore are not suitable to be trusted Identity Verification Agencies. Also, the investigation has proven that the telecoms retain the information of when and where the person used the identity verification, which is required for viewing R-rated web comics or playing online games. Through the analysis of the retained information, the telecoms are likely to gain the position of the ‘Big Brother’.
The source of the problem lies in the following laws and government actions: First, the laws like Juvenile Protection Act and the Public Official Election Act still require identity verification for people merely exercising the freedom of speech. Second, the permitted methods of identity verification are limited to the ones using the resident registration numbers database. Lastly, the Ministry of Science, ICT and Future Planning continue to maintain the designation of telecoms to act as the designatedidentity verification agency despite the many fallouts of personal data leakage.