Data hk is the leading regional internet exchange and one of the most carrier-dense network hubs in Asia. Our Hong Kong IBX data centers offer a strategic digital infrastructure foothold in a major business hub and serve as the gateway to mainland China. They host professional services firms, banks, fintech startups and enterprises of all sizes. With direct access to the world’s largest cloud providers, and liquid-to-the-cage infrastructure, our data centers provide a strong foundation for high-availability deployments and a competitive edge in Hong Kong’s thriving market.
The PDPO established an individual’s rights and specific obligations for data controllers, and regulated the collection, processing, holding and use of personal data through six data protection principles. Despite being amended twice in 2012 and 2021, the legislation remains highly restrictive on how personal data may be used.
For example, a person’s name and HKID number are considered personal data and should not be displayed together in public or shared with anyone outside the company for any purpose unless that person consents to the use. In addition, it is a crime to share personal data for the purposes of direct marketing without prior consent.
Modernisation of data protection laws in Hong Kong has been mooted, including a revision of the definition of personal data that aligns with that in the GDPR. Such a change would broaden the scope of data that is subject to protection, increasing compliance measures for businesses that hold and process personal information.
While data transfers are common and essential across businesses, it’s important to understand the regulatory regime governing those transfers to reduce business risk and promote efficient compliance across an organisation. This article, by Padraig Walsh of Tanner De Witt, takes a look at the interpretation of key data privacy concepts under Hong Kong law that can impact how companies transfer data.