Data hk is a platform for news, analysis and commentary about data in Hong Kong. Its aim is to help people understand the implications of data use and make informed decisions about their personal information. This includes understanding the complexities of data privacy laws and regulations in Hong Kong and the world, as well as keeping up to date with developments in technology and society.
Computer systems rely on data to process tasks ranging from sending emails to performing complex calculations. In fact, they can’t function at all without it. Consequently, data is considered an essential resource that underpins the entire economy. However, there are concerns about the growing control and power that companies with access to data have. This is especially true when it comes to ‘big data’, a term that refers to large sets of data that are analysed for patterns and trends, rather than being analysed individually.
Whether it’s for business intelligence, marketing, or enhancing customer experience, data is an indispensable tool. But the proliferation of data also means that we are constantly exposing our private information to others. The result is that data breaches have become all too common.
In the wake of the recent high-profile incidents, it is worth examining how data breaches occur and what impact they have on us. In particular, it is important to consider what the Hong Kong government’s response will be.
Data is an increasingly central part of contemporary life, but its potential for harm and benefit depends on how it is used and by whom. It’s therefore crucial that we consider the impact of data usage on individuals and communities, particularly when it is transferred between jurisdictions.
The PDPO defines “data user” as any person who controls the collection, holding, processing or use of personal data and it is important to remember that transferring data is a form of data use. As such, the data user must satisfy a number of core statutory obligations including obtaining the voluntary and express consent of the data subject before he can transfer the personal data to a class of persons other than those specified in the PICS or for a purpose other than that stated in the PICS.
Increasing cross-border data flow has led to a renewed focus on the implementation of section 33 of the PDPO. However, resistance from the business community has slowed down progress. This is partly due to the perception that increased cross-border data flows have not undermined personal data privacy, but it has also been a result of difficulties and costs in achieving compliance.
Despite this, it remains important to keep up to date with developments in data protection law and ensure that your business complies. This is especially the case if you plan to export data outside of Hong Kong or if your organisation operates across multiple jurisdictions. To assist you, we have developed a set of recommended model contractual clauses to support data transfers.