4

PCPD News

私隱專員公署通訊

•

Issue no. 30

專題報道

Cover Story

私隱專員評論

•

流動裝置已改變了商業運作及我們

的生活，裝置內往往載有大量個人

資料，包括許多生活上的個人私

隱，使用這些裝置時，私隱保障變

得非常重要。

•

抽查應用程式結果清楚顯示本地流

動應用程式的私隱政策透明度，明

顯不足，強差人意。

•

要尊重用戶的私隱，透明而公開的

政策是必須的。程式要求查閱大量

個人資料，卻未有充分解釋會如何

收集、使用及披露個人資料，用戶

下載具私隱風險

;

程式開發商在保

障使用流動裝置的私隱事宜中，責

無旁貸。

公署加強的執法及推廣工作

本地行動

•

保障使用流動裝置私隱是公署

2014

及

2015

年的私隱保障的重要

工作，公署會 強與業界的聯繫及公

眾的教育，以確保各方均嚴謹看待

私隱保障。

•

公署於

2014

年初起已舉辦了八場

的程式開發須知研討會，協助他們

了解及要求他們遵從條例訂定的法

律責任。

•

於

2014

年

11

月

25

日 出 版《 開

發流動應用程式最佳行事方式指

引》，以簡易的指引協助程式開發

商有效地為程式設計進行私隱風險

評估。

•

為遏止違規情況繼續擴散，及增加

阻嚇力，公署會嚴肅調查投訴的個

案，並主動開展符規調查，繼而採

取執法行動。

國際聯合行動

•

電子世界中參與收集及使用個人資

料的持份者亦擔當私隱保障的重要

角色

;

包括裝置生產商及應用程式

供 應 平 台（

Google Play

和

Apple

App Store

等

)

。

•

世界各地的私隱執法機關在

2014

年

12

月

9

日發出公開信，促請應

用程式供應平台強制規定，若流動

應用程式開發商要收集個人資料，

必須在用戶下載程式前提供私隱政

策連結，讓用戶清楚明白應用程式

如何收集、使用及披露其個人資料

以決定下載與否。

•

公開信由香港個人資料私隱專員公

署與加拿大私隱專員公署聯合發

起，其他

21

個資料保障機關已簽

署支持。

•

公署相信應用程式供應平台若承諾

要求平台上的所有應用程式及時向

用戶提供有關查閱或收集個人資料

的私隱政策，便可發揮重要的把關

角色。

The Commissioner’s Comments

• Mobile devices are ubiquitous

and have transformed business

operations and our lives. With

all they contain and all they may

reveal, they hold for many people

the privacies of life. Safeguarding

privacy in the use of these devices

is therefore imperative.

• The findings reveal prevalent

inadequacies in the transparency

of privacy policies of local apps.

• Transparency is central to respecting

the privacy of individuals and it

is paramount that organisations

develop transparent online privacy

policies. Apps request access

to a wide range of personal data

without explaining how the data

would be collected, used and

disclosed, putting users’ privacy at

risk. App developers must live up

to the responsibility of safeguarding

privacy in the use of mobile devices.

PCPD’s Enhanced Enforcement and

Promotion Work

Local initiatives

• Safeguarding privacy in the use

of mobile devices is the PCPD’s

prime objective in 2014 and 2015.

The PCPD will continue to engage

the app developers' community

and the general public to ensure

that they do take privacy seriously.

• The PCPD has conducted a total

of eight seminars with mobile app

developers in 2014 to assist them

in understanding and complying

with the Ordinance.

• The PCPD published on 25 November

2014 “Best Practice Guide for Mobile

App Development”, a simple and

handy guide for app developers to

conduct privacy risk assessment

when designing apps.

• To de t e r p r o l i f e r a t i on o f t he

ma l p r a c t i c e s , t he PCPD wi l l

investigate into complaints and

initiate compliance investigations,

and take appropriate enforcement

actions.

Cooperation with overseas regulators

• Not only the organisations collecting

data directly but also device or

operating system manufacturers

and app marketplaces play an

important role in safeguarding

consumer privacy.

• On 9 December 2014, privacy

en f o rcemen t au t ho r i t i e s f r om

around the world called on (in

an open letter) app marketplaces

to make it mandatory for mobile

app developers to post links to

privacy policies prior to download

i f t h e y a r e g o i n g t o c o l l e c t

personal information. Having

such information about privacy

policies allows individuals to

decide prior to download whether

they are comfortable with the

collection, use and disclosure of

their personal data before the app

is even on their device.

• The open letter was initiated jointly

by the PCPD and the Office of the

Privacy Commissioner of Canada.

21 other data protection authorities

have signed on in support.

• Th e PCPD b e l i e v e s t h e a p p

marketplace operators play an

important gatekeeping role if they

commit to require all apps under

their listings to provide users with

timely access to the app's privacy

po l i cy conc e r n i ng a c c e s s o r

collection of personal data.