Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain.

Published byOmarion Somerset Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain."— Presentation transcript:

1 1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain Information and the Protection of Personal Data

2 2 Sources of Public Domain Information  Companies register  Land register  Register of vehicles  SFC’s register of licensed persons and registered institutions  Notice of intended marriage  Register of voters

3 3  Judiciary’s daily cause list  Judiciary’s cause book  Government gazette  Telephone directory  Professional or business directory, listing or notice Sources of Public Domain Information

4 4 Correction: Personal data, be it publicly available or not, is subject to protection under the PDPO Myth: Public Domain Information is Open to Unrestricted Use

5 5 Use Limitations  DPP3: unless the data subject has given prior consent, personal data shall be used for the purpose for which they were originally collected or a directly related purpose

6 6 Personal Data in Public Domain still Subject to PDPO  Government confirmed LRC’s view “putting personal data in the public domain does not make the data available for use for any purpose”  Hon Chu JA in Re Hui Kee Chun, CACV 4/2012 DPP3 “is directed against the misuse of personal data and it matters not that the personal data involved has been published elsewhere or is publicly available”

7 7 Implications of Unfettered Use of Data  Privacy intrusion in general  Insufficient or no control over data security, accuracy, retention  Function creep, e.g. direct marketing, profiling  Identity theft, stalking and surveillance etc.

8 8 Use Limitations  DPP3: unless the data subject has given prior consent, personal data shall be used for the purpose for which they were originally collected or a directly related purpose

9 9 Use Limitations  Original purpose: explicit SFC’s register: Security & Futures Ordinance “ For the purposes of enabling any member of the public to ascertain whether he is dealing with a licensed person or a registered institution in matters of or connected with any regulated activity and to ascertain the particulars of the licence or registration of such person or institution (as the case may be), the register shall be made available for public inspection…”

10 10  Original purpose: explicit Government telephone directory: an explicit use restriction to the effect that the information (government officials’ names and contact details) is not intended to be used for direct marketing activities and the information should not be transferred for commercial gains Use Limitations

11 11 Use Limitations  Original purpose: implied Register of vehicles is established under the Road Traffic (Registration and Licensing of Vehicles) Regulation “to provide for the regulation of road traffic and the use of vehicles and roads (including private roads) and for other purposes connected therewith” Hence permitted use of personal data should relate to traffic and transport matters

12 12 Use Limitations  Directly related purpose  Data subject’s reasonable expectation: Assessed on a case by case basis Take into account specific context of data collection and sensitivity of data Will a reasonable person in the data subject’s situation finds the data re-use unexpected, inappropriate or otherwise objectionable based on the context of the data collection?

13 13  Vehicle owner  Company director  Property owner Hypothetical Scenarios for DPP3 Application

14 14 Privacy rights Other rights Public interests

15 15 Exemptions from DPP3 under PDPO  Section 52 (domestic purposes)  Section 58 (crime)  Section 59 (health)  Section 60B (legal proceedings)  Section 61 (news)  Section 62 (statistics and research)  Section 63 (emergency situation)

16 16 Protection Measures: Examples of Good Practice  Vehicle owners particulars Administrative measures to remind applicants that personal data is provided for traffic and transport-related matters Applicants asked to declare purpose of use of personal data sought

17 17 Protection Measures: Examples of Good Practice  Land registry Massive download of data not possible  Marriage registry Notice amended in 2005 to include less data than those supplied by the marrying parties  Register of voters Use of personal data for any purpose other than a purpose related to the election is an offence under the Electoral Affairs Commission Regulation

18 18 Protection Measures: Examples of Good Practice  Government telephone directory An explicit use restriction to the effect that the information (government officials’ names and contact details) is not intended to be used for direct marketing activities and the information should not be transferred for commercial gains

19 19 Protection Measures: Examples of Failures  Vehicle owners particulars Irrespective of whether a purpose of use of data is indicated and what purpose is indicated, C for T has to comply with the request  Company register Unfettered public access to company directors’ HKID and residential addresses  Land registry Unfettered public access to property owners’ identity card numbers and signatures

20 20 Way Ahead  Education  Enforcement  Legislation

21 21 Thank You

Download ppt "1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain."

Similar presentations

PRIVACY ACT OF 1974 OVERVIEW. FAIR INFORMATION PRACTICES The Privacy Act is primarily concerned with fair information practices. The Privacy Act is primarily.

PRIVACY ACT OF 1974 OVERVIEW. FAIR INFORMATION PRACTICES The Privacy Act is primarily concerned with fair information practices. The Privacy Act is primarily.
Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
IMPS Information Management and Policy Services Information Services Directorate A briefing for all University staff November 2004 New Information Legislation.

IMPS Information Management and Policy Services Information Services Directorate A briefing for all University staff November 2004 New Information Legislation.
Data Protection Information Management / Jody McKenzie.

Data Protection Information Management / Jody McKenzie.
BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date: 09.07.14.

BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date:
Unified Carrier Registration (UCR) Update August 24, 2006.

Unified Carrier Registration (UCR) Update August 24, 2006.
Brokering Requirements for the Firearms Industry July 2012 www.pwc.com/us/forensics Export Control Services.

Brokering Requirements for the Firearms Industry July Export Control Services.
Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology

Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology
Hong Kong Privacy Code on Human Resource Management

Hong Kong Privacy Code on Human Resource Management
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
2 H. Westley Clark, M.D., J.D., M.P.H., CAS, FASAM Director Center for Substance Abuse Treatment Substance Abuse Mental Health Services Administration.

2 H. Westley Clark, M.D., J.D., M.P.H., CAS, FASAM Director Center for Substance Abuse Treatment Substance Abuse Mental Health Services Administration.
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.

Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.

Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.
Data Protection Overview

Data Protection Overview
The Data Protection Act

The Data Protection Act
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)

Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
THE PERSONAL DATA PROTECTION ACT 2010: ISSUES & IMPLICATIONS

THE PERSONAL DATA PROTECTION ACT 2010: ISSUES & IMPLICATIONS
1 Introduction to the Personal Data (Privacy) Ordinance.

1 Introduction to the Personal Data (Privacy) Ordinance.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.

Similar presentations

Ads by Google