SEOUL, Dec. 1 (Korea Bizwire) – The government’s investigation into allegations that Android phones secretly collected users’ location data is a rising subject of concern for many, who worry that existing laws have a severely limiting effect on any penalties the government may dole out.
For the particular violation that Google is accused of, the only way to impose sanctions is through a criminal investigation, but the singular characteristics of many foreign tech firms considerably hinder this approach. This has led to voices calling for a change to current laws, while at the same time referring to the government investigation as an “investigation in name only”.
According to multiple government officials, the current price to pay if found guilty of violating the location information law is a maximum prison term of five years and a fine of up to 50 million won, which as mentioned can only be levied through criminal prosecution.
What this means for government agencies like the Korea Communications Commission (KCC) is that even if its own inquiry discovers wrongdoing by a tech firm (in this case Google), the most it can do is turn the case over to prosecutors and request an investigation into the suspect.
Allegations of wrongful data collection are not the first that have been levied against the Silicon Valley search giant. In 2014, Google was successfully fined, while in 2011, it managed to shutter an investigation by having its U.S.-based engineers refuse to appear in South Korean court.
Recognizing the need for stronger regulatory powers, the KCC proposed a revision to the location information law that would penalize future infractions with hefty fines, but it languished in the offices of the Ministry of Government Legislation, which only recently concluded its deliberations on the proposal. When it will actually be passed into law remains uncertain.
Even if the bill passes in the National Assembly, concerns remain. The bill as crafted by the KCC stipulates that fines levied are calculated as a certain percentage of the guilty party’s generated revenue from its business operations. More specifically, the percentage constituting the fine is taken from the revenues generated by the business that has been found to have infringed on the location data law.
There are two problems here: First, companies can reduce, sometimes drastically, the amount fined if their revenues are either low or nonexistent. Second, for monoliths like Google, with fingers in a number of different ventures, a small fine incurred in one of its smaller businesses would amount to little more than pocket change for a large company.
This is precisely what happened in 2014, the year Google was found guilty of breaking the law governing information and communications networks, which unlike location data, does carry a fine. However, Google insisted that the project in question (Google Street View) was still in the process of development and had generated no revenue whatsoever. Ultimately, the company was fined 210 million won, a not insignificant amount, but also judged to be insufficient to put a scare into an entity that brings in 90 trillion won every year.
Subsequently, legal experts have called for fines to be based on a percentage of a firm’s total revenue, labeling the laws regulating location data privacy as ineffectual.
Google was discovered to have collected location data through smartphones operating Android operating systems from January to November, data which was then transferred to its American servers.
Kevin Lee (firstname.lastname@example.org)