Should the RRN system be maintained or abolished?
ONE OF the most widely known methods in examining whether someone is a citizen of a country is to check his identity number issued by the government. For Koreans, that number is more widely known as the Resident Registration Number (RRN). Korean citizens are asked to provide their RRN when they enter college, open a new bank account, claim medical insurance, or when making a passport to travel abroad. Even when they become members of a website, Koreans are, asked to confirm their RRN. With such wide usage, there is no doubt that RRN controls a large proportion of our lives and there are not many things we can do without it. Recently, however, RRN seems to be faced with a difficult situation and we cannot promise that the current system will be able to survive from this spiral of controversy.
*RRN: Resident Registration Number, South Korean identification system
The beginning of RRN
To understand how RRN was created, we have to first look into an event that occurred in 1968. On January, 1968, 31 armed North Korean special forces infiltrated into Cheongwadae, the residency of the Korean President. This incident was pivotal in enacting the “Citizen Registration Act”. In accordance to the new law, the Korean government began to issue RRNs, a national ID card for all citizens above 18. The original purpose of RRN was to distinguish spies and terrorists from citizens. Yet the system started to develop in usage, and in 1975, the traditional RRN system was developed into the current 13-digit RRN system. The first 6 digits show the date of birth, while the next 7 show the sex, natal area, order of birth registration, and a number to verify any errors.
As mentioned above, RRN also plays an important role in all areas of national security and in personal security, including one’s residence, taxation, military service, medical service, pension, education, election and the list goes on. However, this means that one could be completely exposed if someone was to gain access to the RRNs. Recent security issues with RRN, such as the recent information leakage from three credit card companies that occurred this past December – the largest information leak ever - and because of the fact that RRN is excessively used in both public and private sectors, the security of RRN is being questioned, and these controversies have led to a debate over the maintenance of the RRN system.
The two sides of the debate
Before starting a debate over conserving or discarding the RRN system, we should take a look into the problems of the current system. Since RRN contains an individual’s basic information, it remains permanent during his lifetime once it is given. Thus, leaking one’s RRN can leave the individual exposed to identity theft, voice phishing, or an illegal transaction of RRN in the black market. Over the years, RRN usage started to go outside of its original purpose, which was to serve as a means of identity for public services. According to a survey by the Ministry of Security and Public Administration (MOSPA) in 2013, 88% of public institutions and 62% of Korea’s private enterprises required RRN for ID confirmation and over 90% of online websites were unnecessarily collecting RRNs merely for identification purposes.
The most problematic point is that RRN is vulnerable to the danger of information leakage. According to a study conducted by a civil group named Citizens’ Action Network, when the computer network for RRNs was put into operation for the first time in 1991, the private information of more than 150,000 people was stolen from its database and up until now, the information of about 374 million individuals has been leaked and transferred to advertising agents, lenders and messenger offices without the consent of each individual. Leakage of RRNs is so serious that they are even browse-able in non-Korean websites, such as Google and Baidu and it is impossible to track where these RRNs have been used. There is no doubt that reorganization and supplement of the current RRN system is needed. As such, a legislation hearing conducted by the Security & Public Administration Committee of the National Assembly took place on Feb., 19, 2014, which looked into the reformation of current RRN system.
The abolitionists wanted to abolish the current RRN system to prevent further disclosure of personal information. According to this point of view, numbers containing personal information that is used without the individual’s consent violates basic human rights. They also claim that the RRN requirement for many Korean websites are restricting free online discussion because people are afraid of having their information exposed. Han Sang-hee (Prof., The Graduate School of Law, Konkuk Univ.) said that, “RRN is a gross violation of human rights and in a country where ‘true’ democracy is practiced, it is hard to find a system similar with ours.” The German high court has, for instance, declared applying a uniform number for people as unconstitutional. Kim Da-in (Soph., Dept. of Dentistry, Wonkwang Univ.) added that, “when I got my ID card, it felt like the country is treating us like a potential criminal.”
The second opinion is that we should reinforce the current system by developing a device to prevent information leakage while improving the infrastructure of the current RRN system. The Constitutional Research Institute clarified that it is almost impossible to abolish the RRN system considering the cost and social consequences that would follow if the system was abolished. Instead, they argued that using uniformed number instead of using randomized numbers for each usage – medical service, military service, banking, education, election, taxation, for instance - is more effective. Besides, with the online identification system, it is easy to regulate undesirable acts based on anonymity and accessibility, such as the circulation of illegal information, or the manipulation of public opinions. According to Kim Min-ho (Prof., The Graduate School of Law, Sungkyunkwan Univ.), “RRN is definitely needed to provide a seamless public service for people. With the exception of a few countries, almost all nations have their own system with identification numbers and it is time to look for an improvement with low costs and high-efficiency, rather than an unrealistic abolishment or the current system.”
Efforts to improve the current RRN system
Recently the government has started to make changes to the current RRN system by applying measures such as i-pin, public-key certificates, which have stated to replace RRN as a means of identification on some public services, restricting the scope of RRN usage. Also, the government decided to enact a law to prohibit the reckless collection of RRN online and have started to restrict the usage of RRN for financial documents However, measures such as i-pin and public-key certificates cannot be the final solution, since the RRN is still required to activate these changes. Furthermore, personal information that is already illegally accessed cannot be revoked, even if policies to regulate unmeasured collecting of RRNs online take place. For these reasons, a complete re-examination of the current RRN system is required. Yet according to the Ministry of Security and Public Administration (MOSPA), an overhaul of its existing system is nearly impossible considering the expected social conflicts.
Then what are the possible alternatives? In Sweden, although identification numbers containing private information like one’s date of birth and sex is being used, the numbers are only used for public service purpose. In Japan, ID numbers are changeable and no private information is included. Other alternatives include randomly issuing an ID card with meaningless numbers that do not contain personal information, allowing individuals to change RRNs periodically, getting rid of inefficient practices like collecting RRNs in almost every sector, or strictly regulating RRNs for the purpose of public service only. Members of the Democratic Party have also proposed changing the RRNs for victims of information leakage. In addition, a civic group suggested using unique identification numbers for every sector – medical service, pension, election, military service, education – as another solution.
* * *
Reestablishment of the current RRN system may cause social conflicts due to uncertainties to its results. Yet, when the need for change is high, such risks should be taken. There is a saying that goes as such: “mend the barn after the horse is stolen.” If there is a general recognition for the need for reorganization of the current RRN system and if there is a way to guarantee the protection of public interests, we should take measures to reform the current system, before the situation get worsen. Perhaps, now is the time to give Resident Registration Numbers their true roles back, a number for public services.