Recommendation for improvement of “Naver, change so that ID is not exposed on blog” by the Personal Information Committee

The Personal Information Protection Committee announced on the 12th that it had recommended Naver not to expose user accounts (IDs) in blog addresses. The Personal Information Commission has been investigating related complaints that spam emails are being sent due to exposure of accounts on Naver blog addresses.

The Personal Information Commission held the first plenary meeting at the government complex in Seoul on the morning of the same day and determined that Naver’s policy had obtained consent for the collection and use of personal information, but the service design was implemented without considering personal information protection. It is said that the account exposed through the blog can be abused for sending spam and unauthorized intrusion (hacking) attacks, so improvement is needed.

In this case, the Personal Information Commission conducted an investigation after receiving a complaint from the National Shinmungo that spam emails were sent due to the exposure of the account to the Naver blog address. The Personal Information Commission said that as a result of checking five blogs with a large number of users in Korea, it confirmed that the user’s account was exposed to the Naver blog address. On the other hand, for Naver Posts and Brunch, user IDs are automatically generated at random, and users directly input IDs for Daum blogs and Tistory.

Blog address generation system status

Yang Cheong-sam, head of the investigation and coordination division of the Personal Information Committee, said, “In order to safely process personal information in information and communication-based services, it is necessary to carefully consider personal information protection from the service planning and design stage. We will continue to work hard to make it universally established.”

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *