Hong Kong defends privacy laws amid big tech backlash
A technology industry body has proposed a number of amendments to the laws which it says are too broad
Hong Kong has defended bringing in changes to its privacy laws, which a technology industry body has raised a number of concerns about.
The new laws target “doxxing”, which is a malicious act where people’s personal information is published online. This is a tactic used during the pro-democracy protests in Hong Kong during 2019 where government supporters sought to identify masked protestors, while protestors themselves reportedly shared private information about police officers and their families, as reported by the Guardian.
Hong Kong’s Privacy Commissioner for Personal Data (PCPD) reaffirmed that the laws will only concern “unlawful” doxxing acts and the PCPD’s related enforcement powers.
“The scope of the doxxing offence will be clearly set out in the Amendments. The PCPD strongly rebuts any suggestion that the Amendments may in any way affect foreign investment in Hong Kong,” it said in a statement.
The proposed legislation has been met with some resistance from the Asia Internet Coalition (AIC), an industry association of leading internet and tech companies in the Asia Pacific region with an objective to promote the understanding and resolution of Internet and ICT policy issues. Based in Singapore, AIC counts on Big Tech companies among its members, such as Apple, Facebook, Google, Amazon and SAP.
In a letter sent to the PCPD on June 25, and made public this week, AIC established a number of proposed amendments to the law, stating that the proposed legislation was too broad.
Owning your own access security
The key to building strong cloud security and avoiding the risk of vendor lock-inDownload now
AIC said that as online services are provided by offshore global or regional headquarter companies, local staff of overseas platforms “are not responsible for the operations of the platforms; neither do they (or the local subsidiary by which they are employed) have access right or control to administer the online platform contents”.
It said that any rectification notice “may only be legitimately issued against the real operating entity of the online services platform outside of Hong Kong, and it would be a fallacy to issue the same against their local subsidiaries or entities, or to hold them or their employees legally liable for the same.”
AIC went on to underline that the only way for tech companies to avoid these sanctions would be to refrain from investing and offering their services in Hong Kong, which could deprive businesses and consumers and create new barriers to trade.
“Thus, the possibility of prosecuting subsidiary employees will create uncertainties for businesses and affect Hong Kong’s development as an innovation and technology hub. If it remains the PCPD or the Administration’s intention to hold the employees of the local subsidiaries or entities liable for doxxing content, we seek clarification on the legal basis of doing so.”
The PCPD has stated it is welcoming views from stakeholders and will meet with representatives of the AIC to “better understand their views”.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download