Wednesday, April 23, 2008

Web Firms to Face Heavy Penalties for Info Leaks

http://english.chosun.com/w21data/html/news/200804/200804220019.html

Web Firms to Face Heavy Penalties for Info Leaks
Updated Apr.22,2008 09:32 KST

Under a proposed law revision, chief executives of Korean Internet companies like Auction would face heavy penalties for large-scale leaks of users' personal information due to lax security. The penalties would include up two years in prison and large fines based on company sales. The revision would also ban Internet companies from keeping users' residence registration numbers.
The Korea Communications Committee is pushing for the revision of the Information and Communications Network Act with a view to imposing heavier penalties on those responsible for information leaks, it was learned on Monday.
A senior KCC member said, "Under the current law, Internet companies are fined up to W10 million (US$1=W992) for a large-scale personal information leak. This hasn't been as effective as it looks, so we're pushing for a revision of the law to impose prison terms and heavy fines on the CEOs of Internet companies if personal information leaks occur." To hold big Internet companies responsible for such leaks, the fines would be equivalent to 1 to 3 percent of total sales.
The revised law would also make it mandatory for Internet companies to check and verify "i-PINs" (Internet personal identification numbers). This measure is designed to stop companies from keeping the users' residence registration numbers, a key item of personal information.
According to the KCC, i-PINs are not susceptible to leaks as they are used only once, when the user's identity is checked by the Internet company, and they are not stored by the companies.
Naver and Daum currently keep residence registration numbers of some 30 million users each. Experts are concerned that an attack by hackers on either of these companies could result in a leak larger than the one at Auction, in which the personal information of 10.81 million users was leaked.
Nonetheless, Internet companies have opposed the mandatory introduction of the i-PIN system for fear that their user numbers could fall.
(englishnews@chosun.com )

http://english.chosun.com/w21data/html/news/200804/200804220019.html
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)