Kamis, 07 Agustus 2008

Leakage of Private Information a Major Problem


According to an article in the Korea Times, the unauthorized leaking of private information continues to be a major problem in South Korea. According to a member of the ruling Grand National Party, ".. unauthorized officials at public firms had searched and even leaked sensitive private information on numerous citizens.

He said officials at the National Health Insurance Corp. had inspected more than 12,000 citizens' private information such as home address, annual income and health conditions between 2002 and May this year, adding such illegalities have been rampant at the National Pension Service as well. Among the victims are famous entertainers and politicians including Bae Yong-joon, Kim Tae-hee and even President Lee Myung-bak. Males searched the data to check whether their girl friends had an abortion. Employees collected home addresses to dole out wedding invitation cards. Some workers sold a pile of such information to private financial companies."

"A recent Korea Information Security Agency (KISA) report showed that of 700 public offices' Web sites, 54.1 percent or 379 were highly vulnerable to leaks. The report stated KISA collected more than 67,000 social security numbers through the Internet homepages." The social security numbers referred to in the Korea Times article are actually national citizen's ID numbers, the rough Korean equivalent of a U.S. social security number, but arguably even more personal and confidential than a social security number.

The Korea Times article also notes that the government is updating regulations to prevent private information leakage on public institutes' Web sites. It also plans to spend $700 million to install anti-hacking tools on them. A new law will mandate every public and private organization handling private information to encode subscribers' information such as bank accounts, social security (citizen's national ID) numbers, IDs and passwords.

The web site of Korea Information Security Agency (KISA) is a useful source of information regarding all aspects of internet security, including SPAM, identity theft, electronic certificates and privacy issues. Unfortunately, the English side of the web site has not been updated, for the most part, since 2006. However, it is still worth a visit.