Tag archives: Hong Kong

Hong Kong: Bill to combat doxxing acts passed

Data Protection Report - Norton Rose Fulbright

The Personal Data (Privacy) (Amendment) Bill 2021 (the Bill) aimed at combatting doxxing in Hong Kong was passed on 29 September 2021. As discussed in our earlier post, the Bill amends the Personal Data (Privacy) Ordinance (PDPO) by: introducing offences to criminalize doxxing acts; empowering the Privacy Commissioner for Personal Data (the Commissioner) to conduct … Continue reading

Hong Kong Company Director Convicted Under Personal Data (Privacy) Ordinance

By Anna Gamvros and Ruby Kwok (HK) on July 19, 2017 Posted in Compliance and risk management, Regulatory response

A director of a Hong Kong company has been convicted of an offence under the Personal Data (Privacy) Ordinance (“PDPO”). This is the first conviction of its type under the PDPO since the law came into effect in 1996, confirming the potential for directors’ liability under the law.… Continue reading

Hong Kong Monetary Authority Announces Enhanced Competency Framework on Cybersecurity

By Anna Gamvros and Ruby Kwok (HK) on December 27, 2016 Posted in Regulatory response

On 19 December 2016, the Hong Kong Monetary Authority (“HKMA”) announced the launch of the Enhanced Competency Framework on Cybersecurity (“ECF-C”).… Continue reading

Hong Kong SFC Launches Review on Brokers’ Internet and Mobile Trading Systems

By Anna Gamvros and Ruby Kwok (HK) on October 14, 2016 Posted in Compliance and risk management, Regulatory response

The Hong Kong Securities and Futures Commission (SFC) has launched a new cybersecurity review to assess the cybersecurity preparedness, compliance and resilience of brokers’ internet and mobile trading systems. This follows the increasing number of security incidents in which customers’ internet and mobile trading accounts were hacked, including 16 incidents involving seven securities brokers and unauthorized trades in excess … Continue reading

Hong Kong Monetary Authority Strengthens Cybersecurity Controls on Banks

By Anna Gamvros and Ruby Kwok (HK) on May 20, 2016 Posted in Regulatory response

The Hong Kong Monetary Authority (HKMA) is taking action to tackle cyber security in the banking sector in Hong Kong through the Cybersecurity Fortification Initiative (CFI) – a new comprehensive initiative announced on May 18, 2016, which aims to raise the level of cybersecurity of the banks in Hong Kong. This follows the Hong Kong Securities and Futures Commission’s (SFC) similar initiative … Continue reading

Hong Kong Regulators Step up Enforcement on Personal Data Protection

By Anna Gamvros and Ruby Kwok (HK) on May 18, 2016 Posted in Regulatory response

Over the past month, Hong Kong Courts and the Securities and Futures Commission (“SFC”) have taken action under the Personal Data (Privacy) Ordinance (“PDPO”) against an insurance agent, a marketing company and a licensed individual for improper handling of personal data, resulting in a Community Service Order, a fine, and an SFC disciplinary action. These … Continue reading

Hong Kong Securities and Futures Commission Focuses on Cybersecurity

By Anna Gamvros on April 29, 2016 Posted in Compliance and risk management, Regulatory response, Vendor management and transactions

With its continued focus on cybersecurity, the Hong Kong Securities and Futures Commission (SFC) recently issued a circular to all its licensed corporations (LCs) identifying key areas of concern and suggesting cybersecurity controls. Hong Kong does not have any overarching cybersecurity legislation, and industry-specific regulatory activity in relation to cybersecurity has been limited to date. … Continue reading

Major cybersecurity breach hits Hong Kong company

By Stella Cramer (SG) on December 11, 2015 Posted in Data breach, Regulatory response

The Office of the Privacy Commissioner for Personal Data (PCPD) announced on 1 December 2015 that it has commenced an investigation on a data breach incident of VTech Holdings Limited (VTech), a Hong Kong stock exchange listed supplier of children’s learning products that is based in Hong Kong. The scope of the data breach is … Continue reading