Korea Rolls Back ‘Real Name’ and ID Number Surveillance

Privacy Laws & Business International Report, No. 119, pp. 20-1, October 2012

UNSW Law Research Paper No. 2012-57

4 Pages Posted: 10 Dec 2012

See all articles by Whon-il Park

Whon-il Park

Kyung-Hee University

Graham Greenleaf

University of New South Wales, Faculty of Law

Date Written: December 10, 2012


South Korea’s online ‘real name’ statute - Article 44-5 of the Act on Promotion of Information and Communications Network Utilization and Data Protection, etc. (the 'ICN Act') was enacted in 2007 in response to such things as posted Internet comments describing fictitious sex scandals and plastic surgery operations concerning celebrities, and a number of suicides of celebrities. It required large-scale portal sites with more than 100,000 visitors on average a day to record the real name identities of visitors posting comments, usually via the poster's resident registration number (RRN). One result was that many South Koreans Internet commentators started to use overseas websites which allowed anonymous posting, such as Google and Twitter, and some therefore argued the law discriminated against domestic Internet services. A series of security breaches resulting in leaks of of personal data concerning millions of South Koreans from those websites that were required to adopt real-name policy also occurred over the last couple of years.

In August 2012 South Korea’s Constitutional Court unanimously held that the ‘real name’ statute is unconstitutional because the public gains achieved had not been substantial enough to justify restrictions on individuals' rights to free speech. The two cases decided by the Court were brought by individuals who were required to provide their real names in order to make postings, and also by an online Internet publisher required by the law to verify the names of those posting. This article analyses the Court’s reasoning, in the context of other decisions concerning freedom of speech, and the overall relaxation of South Korea’s previously very restrictive Internet environment.

Legislative reform has occurred in parallel. The RRN was previously compulsory in almost all dealings with government and many organizations in the private sector. Abuse of the RRN accounted for over 20% of all complaints about misuse of personal information. Under Korea’s new Personal Information Protection Act of 2011, unique identifiers the including RRN may not be processed without consent and explicit legislative approval. Alternative means of identification other than the RRN must now be provided by processors where individuals are subscribing to web-based services.

The article concludes with parallels between developments in Korean and European data protection.

Keywords: Korea, privacy, data privacy, real names, RRN, constitution

Suggested Citation

Park, Whon-il and Greenleaf, Graham, Korea Rolls Back ‘Real Name’ and ID Number Surveillance (December 10, 2012). Privacy Laws & Business International Report, No. 119, pp. 20-1, October 2012; UNSW Law Research Paper No. 2012-57. Available at SSRN: https://ssrn.com/abstract=2187232

Whon-il Park

Kyung-Hee University ( email )

Seoul, Gyeonggi-Do 446-701
Korea, Republic of (South Korea)

Graham Greenleaf (Contact Author)

University of New South Wales, Faculty of Law ( email )

Sydney, New South Wales 2052
+61 2 9385 2233 (Phone)
+61 2 9385 1175 (Fax)

HOME PAGE: http://www2.austlii.edu.au/~graham

Register to save articles to
your library


Paper statistics

Abstract Views
PlumX Metrics