Websites will need to find new systems to authenticate users once new laws come in to place in South Korea. According to Yonhap News Agency, the Korea Communications Commission announced last Friday that national security numbers will no longer be allowed to be collected from August 18 this year. Sites which have collected users’ identification numbers must also destroy the information within a period of two years.Many South Korean sites usually require users to reveal personal information including their real names and national security numbers when signing up for a service or site membership. The system has received much backlash in recent years after a string of constant attacks on the servers of portal sites — this resulting in millions of users’ personal data being leaked. The KCC said the following about the new law:
“The revision of this communications law will safely protect the privacy of citizens and it is hoped that it will help bring significant improvements to the standards of protecting information for domestic companies.”
Once the law comes in to effect, websites must also report any attacks which result in the leaking of personal information to the KCC. Some major portal sites such as the popular Naver, have already stopped collecting such information and started to provide alternative ways for users to authenticate themselves.
Such rigid systems have proved frustrating for many of the expat community living in Korea as many websites only had systems in place for Korean ID numbers. The news was met with hope that signing up for such sites would become easier though some remained skeptical saying, “I’ll believe it when I see it.”
What does this mean for startups? In fact, many startups have actually done away with real name systems right from the start. Nevertheless, companies that still require security numbers will first have to decide whether they will keep using a real name system and secondly, how they will implement it.