August 15, 2024 at 02:37AM
Kakao Pay, a subsidiary of Kakao, shared data from 40 million users with Alipay’s Singaporean arm, without consent. Korea’s Financial Supervisory Service found this sharing illegal, citing violations of privacy laws and cross-border data transfer rules. Concerns were raised regarding the scope of data shared and the potential misuse by Alipay’s parent company, Ant Group. Kakao Pay denies any wrongdoing.
Based on the meeting notes, the key takeaways are:
1. Kakao Pay shared data from over 40 million users with Alipay’s Singaporean arm without user consent, which violates the Credit Information Use and Protection Act.
2. The shared personal data included Kakao Account ID, mobile phone number, email address, Kakao Pay subscription history, and transactions.
3. Kakao Pay claimed the data sharing was part of a business collaboration and insisted that consent was not required. They also mentioned that all information was encrypted.
4. The Financial Supervisory Service (FSS) doubled down on its stance, emphasizing that the sharing of such a vast amount of data was not necessary for enabling overseas payments and was against the regulations.
5. FSS highlighted concerns about the encryption used by Kakao Pay, stating that it was not secure, and also mentioned plans for legal review and inspections of similar data misuse cases.
6. Ant Group, the parent company of Alipay, is the second-largest shareholder of Kakao Pay, raising concerns about potential misuse of the data by Chinese entities operating in the Korean market.
7. The news of the data leak caused Kakao Pay shares to plummet, adding to the woes of the Kakao Group, which also saw its founder indicted on charges of stock market manipulation.
These takeaways summarize the main points from the meeting notes. Let me know if you need further clarification or additional information.