Kakao was snooping on websites shared in chats

KakaoTalk has come under fire for mishandling private information obtained from its 40 million users’ chat rooms.

With the excuse of enhancing search results of Daum, the search engine acquired by Kakao last year, the nation’s No. 1 mobile messenger has been disclosing website addresses shared in chat rooms of users on Daum search result pages since January.

Kakao officially apologized Thursday.

“It was thoughtless of us to think that it would be okay to use the website addresses just because they did not include users’ information or the content of conversations,” said Kakao on its official blog. “We realized it was wrong for us to even disclose the information because such information is not intended to be searched for on web portals in the first place. … We apologize once again.”

The controversial practice was exposed by a local media outlet on May 27. It disclosed that a link to a website shared in a private KakaoTalk chat room conversation came up on a Daum search result an hour later.

In other words, Daum learned that the website was related to certain key words when it was shared in a chat room. Thereafter, when the key words were searched by anyone, that website would show up in the results.

A spokesman for Kakao explained that they were able to collect such information based on data provided from the preview function of the app, which pops up when a user shares a link in a chat-room. The preview function provides the webpage’s title and a few photos to give a brief idea about what the webpage is about. A similar preview comes up on Facebook when a person shares a link.

“In order for the preview to show up, the app downloaded on the user’s phone ask our main server to give information based on the website address. As a result, our server is left with a sort of log that includes all the website addresses shared in the users’ chat-room, which we allowed to be shared on Daum,” said Kane Lee, a Kakao spokesman.

“Sometimes, it may come up in the upper part of our search result [at Daum] because we obtained the information first-hand, but ultimately, such website addresses should be searched in all search engines,” he added.

Technically, when a website is not protected by a specific program called robots.txt that blocks uninvited users, any webpage is prone to come up in searches by Daum, Google, Naver and other engines.

“It’s overly hasty to say that they have done anything illegal,” said Park Kyung-sin, a professor at Korea University School of Law.
“But it may bother people who have been using the app under the assumption that their conversation would be kept private. It is certainly problematic that there are no admissions that the company would use website addresses shared in KakaoTalk chatting room for their own purpose,” he added.

This is the second time Kakao has gotten in hot water for mistreating private information of their users. In 2014, KakaoTalk was roundly criticized for allegedly cooperating with prosecutors who were monitoring the Internet in real-time to find people who were posting defaming comments about President Park Geun-hye.

After that scandal was revealed, many KakaoTalk users switched to the Germany-based app Telegram at least temporarily because it offered encrypted technology for chatting.

Rival LINE, operated by No. 1 search engine Naver, has managed to avoid such controversy. Since October last year, the mobile messenger has implemented end-to-end encryption which prevents any third party from tapping into chats both on its mobile and PC versions.

BY JIN EUN-SOO [jin.eunsoo@joongang.co.kr]