Line, the Japan-based messaging and payments app with millions of users across Southeast Asia, has recognized that its data protection regimes have multiple flaws and therefore put personal information at risk. users.
Parent company Z-Holdings yesterday released a report compiled by a special advisory committee on global data governance it assembled following revelations that certain user data had been processed in China and / or stored in South Korea.
Line is very popular in Japan, where it has over 85 million monthly users and is so widespread that the country’s government uses it as a channel for digital services. The app has also made inroads in South Korea, Thailand, Taiwan, and other Asian countries, earning it a total user population of over 700 million, of which over 150 million are monthly active users.
The company’s payment service, LINEpay, processed transactions valued at over $ 8.5 billion annually before Line became part of Z-Holdings in March 2021.
The main conclusion of the committee’s report is that Line outsourced some of its data processing to China without ever stopping to think that the Middle Empire government might decide to examine user data. The report points out that this was a big failure that amounted to the company ignoring Japan’s economic security.
The company also admitted to lying to users when it promised that all data was stored in Japan – some also went to servers located in South Korea. (The company is partially owned by Seoul-based Naver Corporation.)
The report offers the usual prescription of social media to fix the problem: an apology, noting that the company is striving to do the right thing, and a promise to do better in the future.
For Line, this means new committees to take data security into account, ensuring that communications with users do not contain lies, and a recognition that the company must understand what the laws of different jurisdictions – and changes to those laws – mean to Line users everywhere. Especially if its operations will cross national borders.
Another element identified as needing more work is governance through Z-Holdings. This is important because the company also owns Yahoo! Japan, and data sharing between brands was mentioned.
Line also issued a advice to users which explains how it responds to requests from law enforcement authorities to access user data.
This document boils down to a commitment to comply with Japanese law and the disclosure of user ID, email address, phone number and even messages from users if they have not been sent. with end-to-end encryption.
Line will not automatically transmit this data. The document explains that a privacy team assesses incoming requests from investigators and may reject them if an investigation is deemed too broad or has “legal insufficiency.”
The company will also not assist the authorities in all matters. Instead, the company will only consider submitting data for surveys on:
- Bodily injury (murder, bodily injury, etc.)
- Pecuniary damage (fraud, blackmail, etc.)
- Child abuse
- Illegal trade (drug trafficking, bank account fraud, money laundering, etc.)
- Threats of illegal activity (suicide threats, murder threats, bomb threats, etc.)
Isn’t it nice to know that at least one of the Asian tech giants has more or less the same blind spots as Facebook and its friends? ®