Anna Gamvros

Subscribe to all posts by Anna Gamvros

Changes to Hong Kong’s data protection law discussed by government panel

Photo of Anna GamvrosBy Anna Gamvros and Libby Ryan (HK) on Posted in Compliance and risk management, Regulatory response
The discussion paper on the proposed changes to Hong Kong’s Personal Data (Privacy) Ordinance (Cap.486) (the PDPO) was debated by the  Legislative Council’s Panel on Constitutional Affairs’ (the Panel) on 20 January. The proposals set out in LC Paper. No. CB(2) 512/19-20(03) (the Paper) are summarised in our earlier post.… Continue reading

Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

Photo of Anna GamvrosBy Anna Gamvros and Libby Ryan (HK) on Posted in General
2019 saw continued growth and change in data protection and cyber-security across the Asia-Pacific. Following the implementation of the GDPR in May, 2018, many jurisdictions moved to review and strengthen existing data privacy and cyber-security laws. In addition, 2019 saw regulators publishing findings in respect of some of the largest data incidents of 2018. We … Continue reading

Discussion paper published on Hong Kong’s data protection law

Photo of Anna GamvrosBy Anna Gamvros on Posted in Regulatory response
Written by Partner Anna Gamvros and Associate Libby Ryan, both based in the Hong Kong office. Earlier this week, the Constitutional and Mainland Affairs Bureau (the CMAB)  released its discussion paper (LC Paper. No. CB(2) 512/19-20(03) (the Paper) seeking the Legislative Council’s Panel on Constitutional Affairs’ (the Panel) views on proposed changes to the Personal … Continue reading

Overview of Thailand Draft Personal Data Protection Act

Photo of Natpakal Rerknithi (TH)Photo of Anna GamvrosPhoto of Ruby Kwok (HK)By Natpakal Rerknithi (TH), Anna Gamvros and Ruby Kwok (HK) on Posted in Regulatory response
Data protection laws in Asia continue to be introduced and updated. One of the most recent developments in South East Asia is in Thailand. On 22 May 2018, the Thai Cabinet approved in principle a revised draft of Thailand’s first personal data protection act (Draft Act). This Draft Act is currently under consideration by the … Continue reading

China Seeks Comment on Draft Regulation on Critical Information Infrastructure

Photo of Barbara Li (CN)Photo of Anna GamvrosPhoto of Ruby Kwok (HK)By Barbara Li (CN), Anna Gamvros and Ruby Kwok (HK) on Posted in Compliance and risk management, Regulatory response
On 10 July 2017 the Cyberspace Administration of China (CAC) issued a draft Regulation on the Protection of Critical Information Infrastructure (CII Regulation) for public comment. The comment period ends on 10 August 2017. This long-anticipated regulation, formulated pursuant to Article 31 of the Cyber Security Law of China (Cyber Security Law), is a key … Continue reading

Hong Kong: SFC consults on proposed measures to improve cyber security for internet trading of securities in Hong Kong

Photo of James Parker (HK)Photo of Anna GamvrosBy James Parker (HK) and Anna Gamvros on Posted in Compliance and risk management, Cybercrime, Regulatory response
A two-month consultation on proposed measures to reduce and mitigate cyber security risks associated with internet trading of securities in Hong Kong (the Consultation) was launched on 8 May 2017 by the Securities and Futures Commission (the SFC). The Consultation follows a recent review by the SFC of resilience of brokers in Hong Kong to … Continue reading

Cross-border data transfers: China issues new measures to strengthen data localisation

Photo of Barbara Li (CN)Photo of Anna GamvrosPhoto of Ruby Kwok (HK)By Barbara Li (CN), Anna Gamvros and Ruby Kwok (HK) on Posted in Compliance and risk management, Regulatory response
The Cyberspace Administration of China (CAC) issued draft measures for implementing the data localisation provisions under the Cybersecurity Law of China (Cybersecurity Law) and the National Security Law of China on 11 April 2017. The draft regulations are open for public comment until 11 May 2017.… Continue reading

China Cybersecurity: New Law Increases Security Regulation Over Cyberspace

Photo of Anna GamvrosPhoto of Barbara Li (CN)By Anna Gamvros and Barbara Li (CN) on Posted in Compliance and risk management, Regulatory response
On November 7, 2016, the Standing Committee of China’s National People’s Congress (NPC) voted to pass the Cyber Security Law (unofficial English translation). Its draft has gone through three rounds of readings and it will become effective from June 1, 2017. This legislation provides for the Chinese government’s supervisory jurisdiction over cyberspace, defines security obligations for … Continue reading

Hong Kong SFC Launches Review on Brokers’ Internet and Mobile Trading Systems

Photo of Anna GamvrosPhoto of Ruby Kwok (HK)By Anna Gamvros and Ruby Kwok (HK) on Posted in Compliance and risk management, Regulatory response
The Hong Kong Securities and Futures Commission (SFC) has launched a new cybersecurity review to assess the cybersecurity preparedness, compliance and resilience of brokers’ internet and mobile trading systems. This follows the increasing number of security incidents in which customers’ internet and mobile trading accounts were hacked, including 16 incidents involving seven securities brokers and unauthorized trades in excess … Continue reading

Hong Kong Monetary Authority Strengthens Cybersecurity Controls on Banks

Photo of Anna GamvrosPhoto of Ruby Kwok (HK)By Anna Gamvros and Ruby Kwok (HK) on Posted in Regulatory response
The Hong Kong Monetary Authority (HKMA) is taking action to tackle cyber security in the banking sector in Hong Kong through the Cybersecurity Fortification Initiative (CFI) – a new comprehensive initiative announced on May 18, 2016, which aims to raise the level of cybersecurity of the banks in Hong Kong. This follows the Hong Kong Securities and Futures Commission’s (SFC) similar initiative … Continue reading

Hong Kong Regulators Step up Enforcement on Personal Data Protection

Photo of Anna GamvrosPhoto of Ruby Kwok (HK)By Anna Gamvros and Ruby Kwok (HK) on Posted in Regulatory response
Over the past month, Hong Kong Courts and the Securities and Futures Commission (“SFC”) have taken action under the Personal Data (Privacy) Ordinance (“PDPO”) against an insurance agent, a marketing company and a licensed individual for improper handling of personal data, resulting in a Community Service Order, a fine, and an SFC disciplinary action. These … Continue reading

Hong Kong Securities and Futures Commission Focuses on Cybersecurity

Photo of Anna GamvrosBy Anna Gamvros on Posted in Compliance and risk management, Regulatory response, Vendor management and transactions
With its continued focus on cybersecurity, the Hong Kong Securities and Futures Commission (SFC) recently issued a circular to all its licensed corporations (LCs) identifying key areas of concern and suggesting cybersecurity controls. Hong Kong does not have any overarching cybersecurity legislation, and industry-specific regulatory activity in relation to cybersecurity has been limited to date. … Continue reading
LexBlog