The Personal Data (Privacy) (Amendment) Bill 2021 (the Bill) aimed at combatting doxxing in Hong Kong was passed on 29 September 2021. As discussed in our earlier post, the Bill amends the Personal Data (Privacy) Ordinance (PDPO) by: introducing offences to criminalize doxxing acts; empowering the Privacy Commissioner for Personal Data (the Commissioner) to conduct … Continue reading
A director of a Hong Kong company has been convicted of an offence under the Personal Data (Privacy) Ordinance (“PDPO”). This is the first conviction of its type under the PDPO since the law came into effect in 1996, confirming the potential for directors’ liability under the law.… Continue reading
On 19 December 2016, the Hong Kong Monetary Authority (“HKMA”) announced the launch of the Enhanced Competency Framework on Cybersecurity (“ECF-C”).… Continue reading
The Hong Kong Securities and Futures Commission (SFC) has launched a new cybersecurity review to assess the cybersecurity preparedness, compliance and resilience of brokers’ internet and mobile trading systems. This follows the increasing number of security incidents in which customers’ internet and mobile trading accounts were hacked, including 16 incidents involving seven securities brokers and unauthorized trades in excess … Continue reading
The Hong Kong Monetary Authority (HKMA) is taking action to tackle cyber security in the banking sector in Hong Kong through the Cybersecurity Fortification Initiative (CFI) – a new comprehensive initiative announced on May 18, 2016, which aims to raise the level of cybersecurity of the banks in Hong Kong. This follows the Hong Kong Securities and Futures Commission’s (SFC) similar initiative … Continue reading
Over the past month, Hong Kong Courts and the Securities and Futures Commission (“SFC”) have taken action under the Personal Data (Privacy) Ordinance (“PDPO”) against an insurance agent, a marketing company and a licensed individual for improper handling of personal data, resulting in a Community Service Order, a fine, and an SFC disciplinary action. These … Continue reading
With its continued focus on cybersecurity, the Hong Kong Securities and Futures Commission (SFC) recently issued a circular to all its licensed corporations (LCs) identifying key areas of concern and suggesting cybersecurity controls. Hong Kong does not have any overarching cybersecurity legislation, and industry-specific regulatory activity in relation to cybersecurity has been limited to date. … Continue reading
The Office of the Privacy Commissioner for Personal Data (PCPD) announced on 1 December 2015 that it has commenced an investigation on a data breach incident of VTech Holdings Limited (VTech), a Hong Kong stock exchange listed supplier of children’s learning products that is based in Hong Kong. The scope of the data breach is … Continue reading