 |
| Finance Minister Hyun Oh-seok, center, speaks to the media about the government's personal information protection measures at the government complex in central Seoul, Monday. At right is Financial Services Commission Chairman Shin Je-yoon. / Yonhap |
By Na Jeong-ju
If they use stolen customer data, financial firms will have to pay fines of up to 3 percent of their total sales as early as July. This means fines could reach tens of billions of won in some cases.
The government is also seeking to ban affiliates of financial groups from sharing consumer data with each other, likely dealing a blow to insurance and brokerage subsidiaries which rely on it to attract new customers.
The government also plans to toughen the punishment for CEOs of financial firms that have leaked consumer data or been involved in the trade of stolen data.
These plans were included in a package of measures the government announced Monday to better protect personal information of financial consumers. This follows a massive data theft case involving three firms ― KB Kookmin Card, Lotte Card and NH NongHyup Bank ― in which the information of more than 20 million credit card users was leaked to advertisers.
Financial firms are dissatisfied with the new measures because, if they are caught, they would also have to spend additionally on compensating individual data-theft victims and paying legal expenses to fight lawsuits.
"Of course, there should be heavy punishment for any firms that misuse stolen consumer data for the purpose of selling their products and services," a bank official said on condition of anonymity. "However, the concept of punitive fines is vague, and they could be discriminatory against large firms."
Observers say some of the measures are out of touch with reality, and are not in compliance with existing laws.
The government said it will ban financial firms from keeping the data of consumers who haven't used them for more than five years. Under the current law, however, the firms can keep that data for up to 10 years.
The firms will also be required to encrypt key data, including the resident registration numbers of customers, to prevent hackers and scammers from using the data, even if they are leaked. The firms can demand the resident registration numbers from clients only for their first-time transactions.
"So far, financial firms have collected excessive data from consumers, but have been negligent in protecting them," Finance Minister Hyun Oh-seok said during a press conference, also attended by Financial Services Commission Chairman Shin Je-yoon. "We have to abolish these practices and improve related data protection systems. This is a matter of trust for financial firms."
Hyun vowed to set up data protection measures for telecommunications, medical and public companies in the first half of this year, saying data breaches have become a serious concern to society.
He said all types of firms ― financial or non-financial ― should raise their awareness of data protection, referring to the recent hacking case that occurred at KT Corp., in which the information of up to 16 million subscribers was stolen.
![[ANALYSIS] China's ban on Micron tests Washington-Seoul alliance](https://img.koreatimes.co.kr/upload/thumbnailV2/1785a57b07ae45a7b7db49fdf4acd720.jpg/dims/resize/178/optimize)
![[INTERVIEW] Long-awaited extension of Korean Pavilion at Venice Biennale to be pushed forward](https://img.koreatimes.co.kr/upload/thumbnailV2/d8d5090875824ce08a90bb2c5a8f8c05.jpg/dims/resize/178/optimize)
