Case Notes

year Category By Provisions/DPPs/COPs/Guidelines By Topic/Subject Matter keyword:

Case No.:2018C09

This case related to DPP4 - Security of personal data... <more>

Areas of Concern:DPP4

Case No.:2017DB02

IT system containing over 11,000 unencrypted patients’ records being hacked – DPP 4 – security of personal data... <more>

Areas of Concern:DPP4

Case No.:2016DB04

Online food ordering records leaked to the Internet involving 62,539 customers – DPP 4 – security of personal data... <more>

Areas of Concern:DPP4

Case No.:2016DB01

Credit card data of 11,655 Hong Kong customers hacked by a zero-day malware – DPP 4 – security of personal data... <more>

Areas of Concern:DPP4

Case No.:2016C03

This case related to DPP3 - Use of personal data... <more>

Areas of Concern:DPP3

Case No.:2015A03

This case related to Section 37 (Complaints), Section 38 (Investigations by the Commissioner) of the Ordinance... <more>

Areas of Concern:Section 37 of the Ordinance, Section 38 of the Ordinance

Case No.:2014E01

Whether the upload of the images to an online public platform is directly related to the purpose of collection... <more>

Areas of Concern:DPP1, DPP3

Case No.:2012E01

Whether the installation of software for monitoring its students' browsing activities would contravene the requirements of the Ordinance... <more>

Areas of Concern:DPP1, Monitoring

Case No.:2011C06

A travel agency requesting membership registrants to provide personal data must not collect excessive personal data and must inform data subjects... <more>

Areas of Concern:DPP1, DPP3

Case No.:2009E01

What are the appropriate steps to be taken by a data user in data loss or leakage incidents... <more>

Areas of Concern:DPP4

Case No.:2009A02

This page only provides Chinese version temporarily... <more>

Case No.:2008E08

Using the identity card number input via a web page to verify an individual's entitlement to benefit or confirmation of provision of services... <more>

Areas of Concern:DPP1, DPP2, Identity Card