Data hk refers to information regarding individuals or groups collected, processed, and used by an organisation. Data is an asset which provides vital resources for research, business operations and social services; contributing significantly to economic development as a result. If handled incorrectly however, data can lead to problems like privacy violations and loss of trust that necessitate policies and guidelines being developed around it.

In 2020, an increase in cross-border data flow was seen as being vital to Hong Kong’s economy and facilitation was considered essential to its success – leading to the decision to postpone implementation of Section 33.

An essential factor is defining who constitutes a data user. According to definition, data users include any individual or organisation who independently or jointly controls the collection, holding, processing or use of personal data – this definition includes companies which process personal information on behalf of others – including organisations that process such data on behalf of third-parties. It’s an inclusive definition and may encompass numerous different kinds of organizations.

Under the PDPO, data users must inform individuals before collecting their personal data of its intended use and whom it may be disclosed or transferred to. Disclosure is one form of use while transfer represents a distinct activity from initial collection.

PDPO does not contain a legal restriction on the transfer of personal data outside Hong Kong; however, it provides various safeguards to safeguard personal information, such as:

The PCPD has issued guidance and model clauses regarding cross-border data transfer; these recommendations are non-binding. Therefore, use of contracts to protect personal data transferred cross-border from Hong Kong is currently mostly voluntary; over time however, we hope greater harmonization between national laws and practices will occur. At the heart of it all lies a strategy to benefit all citizens in all countries – an example being the General Data Protection Regulation (GDPR), set to come into force this May in Europe. This new legislation will both strengthen and harmonise data protection across Europe, and build trust in online business transactions. Furthermore, it will make compliance with laws easier. Additionally, it will increase transparency and accountability of data use, allow individuals access their personal data for correction or deletion purposes and set global data protection standards that benefit businesses as well as individuals alike. With more high-quality data becoming readily available worldwide, innovation will flourish more readily leading to economic development worldwide.