登錄
選單
登錄
海擇短評 Haize Comment:
Kakao與支付寶的商業合作案,將是韓國新國會任內中韓關係的試金石
韓國今年國會改選的中韓關係,到底是仍在總統轄下逢中必反,還是商業歸商業,Kakao與支付寶商業合作案的法律裁決,會是一個試金石。
近期韓國金融監管機構FSS(金融監督局, Financial Supervisory Service)公告並指控,自2019年11月以來,當Kakao Pay的韓國客戶進行海外支付時,持續向支付寶提供與訂單/付款資訊無關的用戶個人資料,例如Kakao帳戶ID和電話號碼;而支付寶是Kakao Pay的第二大股東。Kakao Pay則回應,向支付寶提供的資訊經過去識別化,並基於業務委託關係發送,不需要用戶同意;且數據傳輸經過嚴格加密,因此不存在未經客戶同意非法提供資訊的說法。目前FSS的最終裁決尚未出爐。海擇資本認為, FSS如何對Kakao與支付寶的商業合作定性,將會是中韓當下關係的試金石。
海擇資本認為,本事件在東北亞有幾個重要的可對比事件可做為參考:
1. 2019年,全球網路大監管浪潮興起之際,韓國的個人信息保護委員會(PIPC, Personal Information Protection Commission)曾基於Google與Meta(Facebook前身, NASDAQ: META)未經使用者同意就向第三方廠商服務商提供用戶資料的現象,分別對兩家公司罰款692億韓元(5400萬美元)和308億韓元(2400萬美元)。
2. 2022年,總統尹錫悅就任後,OpenAI曾因為ChatGPT遭駭客入侵,洩露韓國用戶的信用卡個人資訊(姓名、電子郵件地址、信用卡號碼和信用卡到期日期),且未依規定在洩漏後24小時內報告所屬監管單位,被罰款360萬韓元(2,829美元)。該案也因罰款之低深受爭議。
3. 2024年,由日本軟銀與南韓Naver共同持有的Line,因Naver發生個人資訊外洩事件,且Naver與Line在技術設施和服務運營上有一定的共享,日本總務省兩度向Line品牌的控股公司LY Corporation發布行政指導,要求Naver變更持股比例,將股份賣與日企。該事件引發Naver產品長慎重熩(Jungho Shin)及軟銀集團策略長桶谷拓(Taku Oketani)都退出LY董事會,目前資本關係則尚未有變動。
取得去識別化資訊的大數據利用或盈利化,是業界常見的合作方式,台灣也有以此盈利的大公司,比如威朋(Vpon)。本次事件目前在韓國民間輿論未引起逢中必反的衝動,不過從官方披露的資訊來看,官方目前依韓國的"個人信息保護法(Personal Information Protection Act, PIPA)"及"信用情報利用及保護相關法(Credit Information Use and Protection Act)",強調Kakao Pay事件覆蓋的廣度(該公司與支付寶共享4,045萬客戶的542億條個人資料)、無法去識別化(該加密數據有可能會被破解),並可能舉出Toss與Naver Pay作為反例,氛圍頗為不妙。最終的裁定如何,值得觀察。
-------
Haize Capital Insights of the Day
The business collaboration between Kakao and Alipay will be a litmus test for Korea-China relations during the term of Korea's new National Assembly.
As South Korea prepares for its National Assembly elections this year, the nature of Korea-China relations remains uncertain. Will it continue under the current administration’s anti-China stance, or will business be kept separate from politics? The legal ruling on the business collaboration between Kakao and Alipay may serve as a litmus test for this issue.
Recently, Korea’s Financial Supervisory Service (FSS) announced and accused Kakao Pay of providing Alipay with user personal data unrelated to orders or payments—such as Kakao account IDs and phone numbers—since November 2019 when Korean Kakao Pay customers made overseas payments. Alipay is Kakao Pay’s second-largest shareholder. In response, Kakao Pay stated that the information provided to Alipay had been de-identified and was sent based on a business delegation agreement, which did not require user consent. Kakao Pay also emphasized that the data was encrypted, and thus the notion of illegally providing user information without consent was unfounded. The FSS has yet to issue a final ruling. Haize Capital believes that how the FSS defines the commercial relationship between Kakao and Alipay will be a litmus test for current Korea-China relations.
Haize Capital also notes that this case can be compared to several important events in Northeast Asia:
1. In 2019, amidst a global wave of internet regulations, South Korea's Personal Information Protection Commission (PIPC) fined Google and Meta (formerly Facebook, NASDAQ: META) 69.2 billion KRW ($54 million) and 30.8 billion KRW ($24 million), respectively, for providing user data to third-party service providers without user consent.
2. In 2022, after President Yoon Suk-yeol took office, OpenAI was fined 3.6 million KRW ($2,829) after ChatGPT was hacked, leaking Korean users’ credit card personal information (name, email address, credit card number, and expiration date), and for failing to report the breach to the regulatory authorities within 24 hours. This case sparked controversy due to the low penalty.
3. In 2024, Japan's Ministry of Internal Affairs issued two administrative guidance orders to LY Corporation, the holding company for the Line brand jointly owned by Japan’s SoftBank and South Korea’s Naver, demanding Naver reduce its stake in Line and sell shares to Japanese companies after a personal information leakage incident at Naver. Since Naver and Line share technical infrastructure and service operations, this led to the resignation of Naver’s Chief Product Officer, Jungho Shin, and SoftBank’s Chief Strategy Officer, Taku Oketani, from LY’s board of directors. However, no changes have been made to the capital structure so far.
The use and monetization of de-identified data for big data analysis is a common collaboration model in the industry, with large companies in Taiwan, such as Vpon, profiting from it. While this event has not sparked anti-China sentiment among the Korean public, official information suggests that authorities are focusing on the scale of the Kakao Pay case—where 54.2 billion data points from 40.45 million customers were shared with Alipay—and the potential risk of re-identification (encrypted data possibly being decrypted), citing Toss and Naver Pay as counterexamples. The atmosphere appears unfavorable, and the final ruling will be worth watching.
標籤 Label: SouthKorea Kakao Alipay FSS SoftBank OpenAI Google ChatGPT PIPC Naver LY Line KakaoPay