Kakao Talk Keeps Slacking On Encryption. Why?

In October 2014, South Koreans were given a harsh reality check about their instant messaging privacy, when prosecutors launched an investigation into online messages – private or public – that were deemed insulting or defaming to President Park Geun-hye. This came as a response to her expressing concern over how “such conduct hurts the stature of South Korea and its people.” Included in the investigation were messages sent through the country’s leading messaging app Kakao Talk, used by approximately 90 percent of Korean smartphone owners. Daum Kakao (now simply Kakao), the corporation behind Kakao Talk, chose to fulfill its legal obligation and hand over the chat records to the prosecution. This news stirred up uneasy emotions across the nation, with people realizing their private conversations were not exactly private after all, causing a reported 1.5 million Koreans to temporarily relocate to the Germany-based Telegram, which at the time offered a more secure, end-to-end encrypted (E2EE) chatting option, unlike Kakao Talk.

Today, almost three years later, Kakao Talk remains as the nation’s uncontested choice of messenger. To be more specific, most criticism died down after Kakao rolled out a Secret Chat feature, seemingly inspired by Telegram, as a reaction to the privacy scandal in December 2014. The Secret Chat mode provides users with the option of securing messages with E2EE. This encryption technology ensures only the intended sender and recipient can read the exchanged message in plain text, keeping private correspondences private without any possibility of third party intrusion.

But what feels irrational about this situation is that the storm over privacy has virtually diminished, yet Kakao Talk users are still lacking privacy.

Kakao Talk’s default chat mode is still not end-to-end encrypted. What most users might not realize is that Secret Chat is an option, not the default setting. This means full privacy is only achievable through manual replacement of all regular chats with Secret Chats. The feature is also not available on Kakao Talk’s popular desktop version. 

This reality is particularly alarming at a time where other major messaging apps – including WhatsApp, Line, and iMessage – have already employed end-to-end encryption as their default settings. Yet no one is voicing their dissatisfaction with Kakao’s seemingly slacking efforts at upping encryption standards and improving user privacy. Why is that?

A quick search on Korea’s top search engine Naver shows that articles featuring keywords “Kakao Talk,” “encryption,” and “privacy” are almost exclusively published in late 2014. That is when Kakao’s plans to introduce the end-to-end encrypted mode to Kakao Talk hit the news. After that, virtually nothing has been written about the privacy level of the country’s most popular app.

There’s a reason for the inaction. Most domestic users are not concerned about privacy due to it being a marginalized and even underdeveloped concept in the Korean society. This relative indifference to privacy questions arguably stems from the by now unconscious prioritization of national security over individual privacy. Such mindset was mainly created during decades of military tension and authoritarian rule, when securing national security often came at the expense of personal space. And over the years, privacy lost much of its presence, worth, and meaning in the Korean society. 

The momentum for privacy awareness is still pending. Even today, in 2017, the Korean public appears to have little sense of – and maybe even less recognize the need for – what many other technically advanced societies are rather loudly defending as privacy. 

Even when the Kakao Talk controversy broke out, the public did not blame Kakao Daum for breaching their privacy by handing over users’ message logs to the prosecution. The outrage was rather caused by the public dismay at the breach of social contract between them and government, and to a slightly lesser degree, Kakao Daum. It was about the government placing the Korean public against an impenetrable wall of private and public power, at a politically tense time, and Kakao Daum riding with it, albeit somewhat involuntarily. The main issue wasn’t privacy – it was the exercise of power politics, evoking feelings of betrayal and marginalization, that primarily upset the general public.

It would probably take another heated controversy over access to Kakao Talk logs to generate public interest in privacy issues and discussion on the place of privacy in a mature democracy. Right now, the debate is lacking substance, sincerity, and even hope, due to many feeling indefinitely enslaved to the strict and intrusive legal administration. This might also explain why Kakao is not initiating stronger default encryption on its services. Maybe there will be more leverage for progressive discussion on privacy with the coming of a new administration. Then it’s just a matter of how and when to trigger that talk, and how much it can influence the current standards for national security.