The Personal Data Protection Ordinance in Hong Kong
Data is increasingly becoming a critical factor in the creation of digital goods and services. Just as an automaker can’t produce a car without the financial capital to do so, companies can no longer operate in the digital economy without reliable and robust data. As a result, it is essential that all organizations, regardless of their size or industry, have strong data management practices.
In the context of Hong Kong, the PDPO defines personal data as any data that relates directly or indirectly to an individual from which it is practicable for the person to be identified. It also requires that a data user take reasonable measures to protect personal data from unauthorised access, processing, erasure or loss.
However, the PDPO does permit the use of personal data where it is necessary for the protection of public interest or the economic interests of the Hong Kong economy. This includes the prevention or detection of crimes, the assessment or collection of any tax or duty, and the reporting of matters to the relevant authorities. It also permits the sharing of personal data for law enforcement or public interest purposes.
In addition, the PDPO does allow individuals to request that data users not contact them for marketing purposes, or to remove their details from a database, either wholly or partly. In order to comply with these requests, the data user must provide proof of identity and a record of the personal information in question. The data user must also delete the personal information within 30 days.
Furthermore, the PDPO does permit data to be transferred abroad for purposes of processing, but only where it is necessary and proportionate to the purpose of the transfer. The transfer must also be carried out by a data user who is a party to a data protection agreement with the foreign jurisdiction, or where there are adequate safeguards in place for the protection of personal data.
Equinix offers a number of secure, high-performance data centers in Hong Kong. Our facilities are business hubs that offer a dense concentration of enterprises, networks and IT service providers. Our customers benefit from our proximity to a rich industry ecosystem and a carrier-dense network infrastructure, and can easily connect to other data centers in the region to form their own private data clouds.