It’s now less than two months until Korea begins to enforce the highly contentious “shutdown law” (also known as the “Cinderella law”), which will bar kids aged 16 and under from playing online games between the hours of midnight and 6am. But now, adding to doubts about whether it will actually achieve anything, the law is facing another thorny question: given Nate/Cyworld’s recent security breach, is it right to compel youngsters to register their personal information with gaming companies?
On the 16th of this month, at a forum titled “Information Rights Through Revisions to the Game Law,” Jang Yeo-gyeong of the Progressive Network Centre said, “If the shutdown law is enforced, we’ll have the real-name system being applied to games too, so once again, criticism will arise about the gathering of personal data.”
ZDNet says that concerns such as this are becoming ever more pronounced as the campaign to repeal the real-name system heats up. Games companies themselves are expressing concern that with the shutdown law depending on registering real names online, there’s a real possibility that leaks of personal information could occur again. Making things more complicated still, the original bill was amended in June to include a “selective shutdown clause,” which extends the ban to those aged 19 and under if the person’s legal guardian gives consent.
The stated goal of this legislation is preventing young people from getting too immersed in games. Even if you accept that we need to verify their identities by insisting on checking their real names, at the very least it’s a violation of their rights. The shutdown law may not insist that people actually use their real names when playing games or chatting, but it does push gaming companies to retain information with which the companies can track down users’ real names.
Jang also rejected the possible alternative of using an i-PIN, or Internet Personal Identification Number, saying:
If you look at the process of issuing i-PINs, personal verification information including social security numbers is delivered to five private credit agencies, so there’s a high risk that these companies could be targeted for theft. Also, in carrying out the public task of gathering personal data to help prevent identity theft, these companies are actually using this private information to turn a profit.
The shutdown law, which always smacked of political populism rather than informed policy, seems to be facing increasingly steep hurdles as its implementation date draws closer. Besides swimming against the trickle of greater liberalisation of Korea’s internet, the law is facing challenges on human rights grounds, and has major practical issues, too. For one thing, many PC bangs already bar minors from entering after 10pm; for another, determined (and devious) gamers will apparently be able to circumvent the law by using an adult’s ID.
With all this grief, lawmakers (or at least law enforcers) must be wondering whether it’s worth all the bother.
Thanks again to @sunlars for her help in untangling some of the knottier parts of this story.