Japan’s popular messaging app LINE recently admitted that its users’ personal data stored on its server in Japan could be accessed by China-based engineers that the company had outsourced to. In an official response, LINE admitted that user data had been accessed more than 32 times and that it is now setting up a committee to rectify the situation.
According to a report by Japan’s public broadcaster NHK, LINE had outsourced its system maintainance since 2018 to a company in Shanghai, which allowed four China-based engineers to access to Japanese users’ personal data and information stored on servers in Japan, including users’ names, phone numbers, emails, and even the contents of the communication between users.
The foreign access to the personal data of Japanese nationals may have been in violation of Japan’s Personal Information Protection Act, which requires that if user’s personal information is transferred to a foreign third party, user consent is required.
LINE’s parent company, Z Holdings, stated that four Chinese engineers were involved in the data breach, but it is still investigating whether any data was abused. Z Holdings has also said it will set up a committee within the company to investigations and rectify the situation, according to Japan’s TV Asahi.
The popular Japanese app currently has more than 194 million users across 230 countries, including 86 million users in Japan and 21 million users in Taiwan.
The company has said it changed its data authorizations in late February this year, which makes it impossible for Chinese engineers to view user information. LINE also stated that it will explain how it manages user personal data in a simpler way going forward.
LINE Taiwan expressed on March 17 that LINE will not cooperate with any government to give them free access to user information, nor will it cooperate with monitoring or censorship.
Regarding privacy, such as user data and message content, LINE Taiwan said that it has never provided any personal information of Taiwan users or users in other countries to the Chinese government. The global user data, including Taiwan users, is stored in servers in Japan and South Korea but not in China. Judging from the current login records, the personal data of Taiwanese users has not been exposed to any unauthorized access, the company said.
LINE Taiwan has apologized publicly for the unease and security concerns among its users.