DIJ Newsletter 68, Summer 2022
Catchword LINE Mondai
Since the beginning of the Ukraine war, supply chain security has become an important issue globally. Concerning economic security, Japan has already gained some experience, particularly with regard to trade with China. Last year it became clear in Japan that supply chain security concerns not only physical goods and energy carriers, but also digital infrastructure. In March 2021, the security architecture of a programme that most Japanese use on a daily basis came under fire: the messenger application LINE, which has a similar market share in Japan, Taiwan, and Thailand as WhatsApp has in most Western countries.
What has since been discussed as the “LINE problem” (LINE問題) became known to the Japanese public on the morning of March 17, 2021: a front-page article in the Asahi Shimbun (“Personal data of millions of Line users accessed by affiliate in China”) reported that software developers at a contractor company in China had been able to access the personal data of Japanese LINE users. This had, in fact, happened at least 32 times since August 2018. After the story broke, ministries and local authorities halted their cooperation with LINE, despite hopes that the application would support the vaccination campaign against COVID-19.
For his report on March 17, journalist Minemura Kenji received the Japan Newspaper Publishers and Editors Association’s 2021 Award. But the problem may not be limited to LINE: experts also fear that developers from China could access the personal data of foreign users of the Chinese video app TikTok. In the last year of his presidency, Donald Trump even tried to ban TikTok in the United States which, however, was prohibited by a court ruling for lack of evidence. LINE was willing to cooperate with Minemura’s investigation as the company is Japan-based and owned partly by South Koreans and partly by Japanese – and due to the difference that LINE is entrusted with even more sensitive data than TikTok.
Coverage in the Japanese press continued for several weeks. Gradually it became clear how the “LINE problem” had come about and how it could be fixed. Employing Chinese developers was unavoidable for financial reasons, LINE stated, but the risks involved had not been adequately considered. The company’s image was damaged as some of their guarantees regarding the security of data turned out to be inaccurate or misleading. Nevertheless, the following month Amari Akira, an expert in economic security with the ruling Liberal Democratic Party (LDP), expressed relief that the problem had come to light. Japanese companies, Amari said, needed to learn that doing business with China was necessary and useful, but only with greatly increased security measures (Huffington Post article, in Japanese). As part of a more general examination of Japan’s data strategy, I have analyzed the LINE problem from a geopolitical perspective (“Japanese data strategies, global surveillance capitalism, and the ‘LINE problem'”. Matter: Journal of New Materialist Research, 2022, 3(1), 134–159). I conclude that its significance can only be understood against the background of the strategic competition between the United States and China.
In October 2021, Minemura Kenji explained in detail his investigation into the LINE problem and its background in an episode of the Asahi Shimbun‘s podcast series. As its title states, “The core of the LINE problem is China’s National Intelligence Law”. The law was enacted in 2017 and requires all citizens and companies based in China to assist the Chinese state in obtaining information upon request (see article on Lawfare blog by Murray Scot Tanner, 2017). A general suspicion against Chinese companies weighs heavily. But since the LINE problem story broke in March 2021 the fact that companies with contractual partners from China are exposed to a potentially increased risk is, at least with regard to digital infrastructure, being taken into account in Japan.