As long-time readers of this blog may recall, Google’s operations in South Korea have not been without privacy bumps and bruises along the way. In 2009, Google figured out how it could side-step Korea’s law requiring real-name verification by barring users from uploading videos or comments to its YouTube site in Korea (while allowing them to upload videos and comments to a different country’s version of YouTube). But although it dodged a minefield with that issue, it didn’t fare as well over Street View. In 2010, the government raided Google’s office to determine if Google’s Street View was collecting and storing personal wireless data. The investigation continued into 2011, when the government filed formal changes. Months later, they raided Google’s office again, this time over an app that they suspected had illegally collected location data from application subscribers (the app developer was a subsidiary of Google). By early 2012, Google was in talks with the government as to whether it would “Koreanize” its privacy policy in the wake of complaints over its consolidated privacy policy. And in 2014, the Korean Communications Commission (KCC) was considering more charges against Google for Street View.
But in what may be an even more serious development in 2014, and in the wake of disclosures of files leaked by Edward Snowden, six South Korean users filed suit against Google over sharing their information with third parties – including any data shared with NSA programs such as PRISM. The suit was filed after Google had failed to respond to their request for the records.
This week, the Seoul Central District Court ruled for the plaintiffs.
As Yonhap News reported, the court ordered Google to disclose the list of personal information it has shared with third parties – including the NSA.
“Even if Google has servers in the U.S. or other countries, it must abide by South Korean law when dealing with users in South Korea,” the CCEJ [Citizens’ Coalition for Economic Justice] said in a statement. “
The plaintiffs’ motion for a monetary award was dismissed, but that they prevailed in their main argument is huge.
Lee Min-hyung reports that following the ruling, Google released its official statement, retracting its previous stance that it is not legally bound by the Korean law as the company has servers in the United States.
“We have always and will continue to respect local laws,” Google Korea said. “For this case, we have yet to receive the court decision and will need to review.”
So… assuming, for now, that Google did provide information under one or more government surveillance programs, will Google comply with the ruling compelling disclosure or will it simply stop doing business in South Korea?
It is hard to believe that Google would disclose whatever data they have shared with American surveillance programs – unless they want to and this gives them the opportunity to be transparent. But if Google does comply, then it will likely face many more suits, charges from numerous governments, and fallout here in the U.S. from the NSA.
Stay tuned.