Society

Exposure of Personal Information


On January 8, the personal information of 35 million customers in KB Card, Lotte Card, and NH Card was revealed. The leaked information was used for criminal acts like phishing and smishing. After their personal information was exposed, many customers demanded the reissuance or cancellation of their cards or to withdraw from the card companies. However, many customers still worry about their personal information.

After the incident, the Financial Supervisory Service announced that the original data had been retrieved, and there would be no more disclosures elsewhere. However, crimes of smishing and voice phishing related to the disclosure have continued.

Before this incident occurred, the government imposed a light punishment on the leaking of personal information. A person who leaked personal information was sentenced to under 5 years’ imprisonment or fined under fifty million won. Therefore, many people worried about whether the leaking of personal information would continue because of this light punishment. However, on January 22, the government announced a policy to prevent the exposure of personal information.

The policy is that a financial institution that discloses personal information must pay a fine of 1% of sales, and the CEO and executives will receive a heavy punishment such as suspension or dismissal. Moreover, financial institutions can obtain only necessary information such as name, resident registration number, and phone number. In the case of a customer who closes an account, financial institutions have to discard the customer’s personal credit information within 5 years. According to this policy, the government will severely punish companies that disclose personal information. However, weak punishment is still imposed on people who leak personal information.

Unlike the weak punishment in Korea, in the USA, a person who discloses personal information is sentenced to up to 20 years’ imprisonment, and a company that discloses personal information has to pay a considerable fine. In addition, a company that discloses personal information must pay damages to its customers. Last November, Target, which is an American retail company, revealed the information of 40 million customers. The person who leaked the information was sentenced to 20 years’ imprisonment, and a fine of more than 61 million dollars was imposed on Target.

Likewise, in 2007, the information of 8.5 million customers was disclosed by Certegy Check Services, an American financial services company. After this, customers sued Certegy Check Services. As a result, the company paid damages of 20,000 dollars to each customer. Like this, when personal information is leaked in the USA, the American government severely punishes the person who leaked the information and the company, and the company pays damages to its customers.

To prevent the disclosure of personal information, the government and the Financial Supervisory Service have to severely punish people who leak personal information and their companies. Then, the public’s anxiety about their personal information will be relieved.