Exploring the evolution of cybersecurity and privacy law
On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued a Guidance Note on the Recommended Model Contractual Clauses for Cross-border Transfers of Personal Data (2022 Guidance).
The 2022 Guidance is split into three “parts”:
…
As work-from-home (WFH) arrangements become more prevalent, the Privacy Commissioner for Personal Data, Hong Kong has issued three guidance notes for the handling of personal data connected with WFH arrangements.
An employer’s legal obligations as a data user are no different in a WFH arrangement than those in an office environment. However, the circumstances around…
Enacted in 1995 and in force since 1996, the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) (” PDPO “) is one of the earliest data privacy laws in Asia. It was last amended in 2012, with the most notable change being the introduction of direct marketing regulations that came into force in April 2013.…
The European Union (EU) General Data Protection Regulation 2016 (GDPR) came into force on 25 May 2018. A brief summary of the GDPR can be found here: https://www.mayerbrown.com/The-GDPR-The-Changes-That-Will-Affect-Your-Business-05-25-2018/.
Organisations in Hong Kong may need to comply with the GDPR if it (1) has an establishment in the EU, where personal data is processed in…
Computer and Telecommunications Law Review has published Gabriela Kennedy’s article on a statement issued by the Hong Kong Privacy Commissioner (PC) setting out advice on the collection of personal data by Stored Value Facilities (SVF) operators, as the first five stored value facility licenses were granted by the Hong Kong Monetary Authority (HKMA) under the…
Computer and Telecommunications Law Review has published Gabriela Kennedy’s article on personal data and cybersecurity risks that often arise when a company develops a Bring-Your-Own-Device (BYOD) practice. Gabriela discussed the new Information Leaflet issued by the Hong Kong Privacy Commissioner, which aims to help companies continue to comply with the Personal Data (Privacy) Ordinance (Cap.…
On 25 August 2016, the HKMA announced that it had granted five stored value facility (SVF) licences, which are the first set of such licences granted by the Hong Kong Monetary Authority (HKMA) under the new Payment Systems and Stored Value Facilities Ordinance (Cap. 584) (PSSVFO). On the same date, the Hong Kong Privacy Commissioner…
The beauty business in Hong Kong is booming. Treatments can range from traditional facials to more invasive procedures utilising medical devices, such as laser hair removal and intradermal microinjection procedures. On 15 June 2015 and 2 February 2016, the Consumer Council in Hong Kong reported that consumer complaints made against beauty industry businesses rose 5.4%…
Hong Kong’s Privacy Commissioner has issued a revised Code of Practice on Human Resource Management (the “Code”) and a revised Privacy Guidelines for Monitoring and Personal Data Privacy at Work (the “Guidelines”).
Neither the new Code nor the new Guidelines include any material change from their existing versions. The only changes are the new Code…
Bloomberg BNA’s World Data Protection Report re-publishes article by Gabriela Kennedy on David Webb involving the re-use of personal data collected from the public domain.
Gabriela Kennedy takes a look at the decision made by The Administrative Appeals Board (AAB) on 27 October 2015, rejecting an appeal filed by activist David Webb (Webb) against an…
