Skip to content

DPOC e-Newsletter

Facebook Youtube

The PCPD, together with members of the Asia Pacific Privacy Authorities, launches the “Privacy Awareness Week 2018” (PAW 2018) from 7 to 13 May. The theme of PAW 2018 in Hong Kong is “Privacy: From Principles to Practice”, aiming to raise awareness of the importance of “protect and respect personal data” culture among companies / organisations as well as members of the public.
Read Media Statement

Four new posters designed by the PCPD for the PAW 2018
Download All Posters

Inauguration Ceremony of PAW 2018 cum Kick-off Ceremony of Privacy Campaign for SME and Forum on Cyber Security (8 May 2018)

The PAW 2018 Inauguration Ceremony, attended by an audience of over 200, was held on 8 May . It coincided with the Kick-off Ceremony of the Privacy Campaign for SME. The Non-official Member of the Executive Council and Member of the Legislative Council, the Honourable Jeffrey Kin-fung LAM, GBS JP was invited to be the officiating guest of the ceremonies.

After the Kick-off Ceremony, the PCPD staged the Forum on Cyber Security. The panel featured Chief Executive Officer of the Hong Kong Cyberport Management Company Limited, Mr Peter King-shun YAN, Detective Senior Inspector, Cyber Security and Technology Crime Bureau of the Hong Kong Police Force, Mr Dicky Tik-ki WONG, and Ms Nicola TANG, Senior Personal Data Officer of the PCPD. Facilitated by Honorary President of The Hong Kong Information Technology Federation, and Member of Standing Committee on Technological Developments of PCPD, Mr Francis FONG, the panel speakers shared their insights and experience concerning data protection in the context of cyber security.

DPOC Welcome Reception cum Lunch Talk on Privacy and Social Media Marketing (10 May 2018)

The Privacy Commissioner for Personal Data welcomed DPOC members at the reception. During the Welcome Session, a talk on Privacy and Social Media Marketing was held. Mr Ralph Szeto, Chairman of the Hong Kong Association of Interactive Marketing and Mr Brad KWOK, Senior Personal Data Officer of the PCPD shared with members on privacy and social media marketing.
Download Presentation Materials
View Photo Album

Educational Talks to Senior Citizens (7-13 May 2018)

To help senior citizens recognise potential data privacy risks and prevent them from being victimised by crime and financial exploitation, five talks were held in collaboration with NGOs to share tips on personal data protection in daily life.

School talks for Partnering Schools of Student Ambassador for Privacy Protection Programme
 (7 & 10 May)

The 2018 Student Ambassador for Privacy Protection Programme consisted of a Partnering School Recognition Prgramme and a mobile app design competition. Schools were invited to join as school partners to organise on-campus promotions in relation to the protection of personal data. To help secondary school students to acquire basic knowledge of the Personal Data (Privacy) Ordinance and to learn how to protect their online privacy, school talks were organised with the support of the partnering schools.
 

Privacy Commissioner Mr Stephen Wong was invited to be a judge of the “Hong Kong Inter-Collegiate Debate Competition 2018” co-organised by RTHK and Hong Kong Federation of Students (6 May 2018)
Read More
 

PCPD Awarded ERB “Manpower Developer” (4 May 2018)
Read Media Statement

11 May 2018

Privacy Commissioner Meets Central and Western Concern Group Regarding Legislative Councillor Ted Hui's Incident

 

Read Media Statement (Chinese only)

Professional Workshops on Data Protection
Limited seats available for June courses!

These professional workshops are tailored to the needs of those people wishing to deepen their knowledge of data protection. Key features include:

  • Analysis of each data protection principle with relevant real-life scenarios
  • Codes of Practice and Guidelines
  • Updated guidance notes from the PCPD
  • Lessons learnt from real cases
  • Recommended good practices
Enrol Now!

Direct Marketing

An educational institution made the following enquires to the PCPD in relation to the sending of course information to its students and staff members through the email network (“sending of email”):

Whether the sending of email constituted “direct marketing” (“DM”) within the meaning of the Ordinance, and if so, could it be regarded as “general communications” between the educational institution and its students/staff members, thereby being exempted from the requirements under Part VIA of the Ordinance.

(a) DM is defined by the Ordinance to include the offering, or advertising of the availability of goods, facilities or services through direct marketing means. “Direct marketing means” includes sending information or goods, addressed to specific persons, by electronic mail. If the sending of email involved offering of new courses organized by the institution, it would constitute DM and the institution would need to observe the requirements under Part VIA of the Ordinance which regulate the use and provision for use of personal data in DM activity.

(b) The institution would be required to obtain the consent of its students/staff members before using their personal data in DM. When using their personal data in DM for the first time, the institution would need to inform them that the institution would, without charge, cease to use the data in DM if it is so required. The institution would also be required to comply with any opt-out requests made by its students/staff members.

(c) The Ordinance does not contain any exemption in relation to “general communications” between a data user and a data subject. However, the requirements for a data user to notify a data subject of his intention to use the data subject’s personal data in DM and to obtain the data subject’s consent to the intended use do not apply to the personal data which the data user has control over its use before the effective date of the legal requirements (i.e. 1 April 2013) if-

- the data subject had been explicitly informed by the data user, in a manner which is easily understandable and easily readable (if informed in writing), of the intended use or use of the data subject’s personal data in DM in relation to the class of products or services;

- the data user had so used any of the data;

- the data subject had not required the data user to cease to use any of the data; and - the data user had not in relation to such use contravened any provision of the Ordinance as in force at the time of the use.

Extended Reading:
Reference

Q: Which of the following is correct when an organisation uses CCTV in its shops for monitoring?

A. A prominent notice should be placed at the shop entrance and in the surveillance area.
B. All staff members can be allowed to access the CCTV records.
C. If CCTV cameras are installed in changing rooms, customers and staff members must be reminded to take extra care when using the rooms.

The correct answer is A. A prominent notice should be placed at the shop entrance and in the surveillance area reminding customers and staff that they will be monitored and stating the specific purpose of the monitoring. Security measures should be in place to prevent unauthorised access to the CCTV records. No CCTV cameras should be installed in places where customers and staff members expect a relatively high degree of privacy, such as in rest rooms or changing rooms.

Q: What should a shop do if it is required by the Police to provide its CCTV records?

A. Provide them immediately without asking for the reason.
B. Ask the Police why they need the records and how they will be used before making a decision.
C. Refuse to provide the records as they belong to the organisation.

The correct answer is B. Before transferring CCTV records to a third party (including the Police), the shop should exercise due care to consider if the grounds for disclosing the personal data are lawful. The shop may disclose its CCTV records to a third party if it is provided with sufficient information to ensure the use of the data is exempted under the Personal Data (Privacy)Ordinance ("the Ordinance") (e.g. for the prevention or detection of crime).

Extended Reading:

Guidance on CCTV Surveillance and Use of Drones

Tips on Maintenance of Devices 

Understand what precautions to take before handing over a device for repair/sale/disposal.

Think Privacy! Be Smart Online

Visit the PCPD's mini-website and view a series of educational videos and play the game!

Data Breach Notification

An online page with relevant guidance notes and functions for submitting data breach notification to the PCPD.
More
More
More

For enquiry, please contact us.
Address: 12/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong            Tel: (852) 2877 7171

You are receiving our e-Newsletters because you are a current member of the DPOC and it is one of the membership privileges that we provide. If you do not wish to receive them, please click here to unsubscribe.


Copyright | Disclaimer