119 / 192
staff’s attention. After this reported incident, the clinic agreed to put in place a daily
monitoring procedure by arranging a designated staff to check that all files retrieved
each day were returned and properly stored. A log would also be kept to record the
movement of files which could be retrieved for purposes other than medical
consultations.
(f) Mobile Application Developers
8.29
Mobile applications (“apps”) are now common and popular tools. Apps are used on
mobile devices constantly, to check account balances, to purchase goods or services,
to watch news, to search for information and to communicate with friends and relatives,
etc. App developers often collect and process a wide range of personal data through
these tools, and therefore they play a key role in privacy safeguards. It is incumbent
upon them to keep abreast of the relevant trends and developments in technology so
that they can update their apps to achieve enhanced functionality, but without
compromising personal data privacy protection.
21
8.30
A self-initiated investigation by the Commissioner against an app developer concerned
the leakage of its customers’ personal data through a travel assistant app running on
Apple Inc.’s iOS platform.
22
The developer had outsourced the development of the app
to a mainland contractor. The app provided online services to mobile device users (who
were registered members or casual customers) including flight ticket
reservation/purchase, flight itinerary management, information on destinations as well as
other services. Both members and casual customers were required to input their
personal data (full name, gender, date of birth, HKID or passport number) and a contact
person’s name, telephone number and email address when they reserved or purchased
flight tickets for the first time. For subsequent transactions through the app, registered
members were recognised by their log-in account created during membership
registration, while casual customers were recognised by the unique MAC address
23
of
the mobile device using the app. Notwithstanding the subsequent launch of new
features of the iOS7 platform (for reason of privacy protection), which would block the
reading by apps of MAC addresses and provide a fixed number instead, the contractor
failed to take appropriate steps to update the app. As a result, when a casual customer
attempted to reserve/purchase tickets using a mobile device operating on iOS7, the
app would show on the monitor of the mobile device not only that customer’s records
(order histories and personal data) but also those of all other casual customers who had
made transactions through the app.
24
By virtue of section 65(2) of the Ordinance,
25
the
21
The Commissioner has issued a
“Best Practice Guide for Mobile App Development”
providing practical guidance on
privacy protection to mobile app developer, available on the Website:
https://www.pcpd.org.hk//english/resources_centre/publications/files/Best_Practice_Guide_for_Mobile_App_Development_20151103.pdf
22
See Investigation Report No.14-6453, available on the Website:
https://www.pcpd.org.hk/english/enforcement/commissioners_findings/investigation_reports/files/R14_6453_e.pdf23
A media access control address (MAC address) is a unique identifier assigned to network interfaces for communications
on the physical network segment. It is a 48-bit hexadecimal number most often assigned by the manufacturer of a
network interface and exists in all mobile computing devices with network connectivity.
24
These casual customers were identified as one person based on the same fictitious MAC address under the new privacy
protection feature of iOS7.