Hong Kong government recently published a discussion paper exploring potential changes to the Personal Data Protection Ordinance (PDPO). One potential amendment suggested is revising the definition of personal data to include any data identifying someone directly or indirectly, regardless of its source. Such an amendment could have wide-reaching ramifications on business activities related to collection of taxes or duties; prevention of unlawful or seriously improper conduct; news activities and due diligence exercises among others.
An indicative list of exemptions to use limitations and access requirements includes safeguarding Hong Kong’s security, defence or international relations; crime prevention or detection; tax assessment/collection activities; due diligence exercises; life-threatening emergency situations as well as due diligence exercises. The government has also conducted consultations on expanding the current opt-out regime with one where individuals may register their contact details with Telephone Preference Service in order to opt-out of marketing phone calls.
Data is becoming an ever-more essential asset in our digitally driven society, used to make decisions, shape policy and regulations and reveal economic trends. Thus, having access to accurate, up-to-date and reliable information is crucial for the success of any organisation.
Organizations looking to thrive in today’s data environment must understand the context in which they use data, as well as be transparent about its collection and processing methods, in order to meet regulatory obligations without mishandling personal information.
Organizations must understand their responsibilities under the PDPO in order to comply with it effectively. The law establishes clear and robust procedures to protect and manage data, to safeguard individual’s rights and liberties, as well as inform individuals how their personal information is being used.
An effective understanding of the PDPO is vital to any organization in today’s digital environment, enabling them to comply with regulatory and legislative obligations and avoid misusing or mishandling personal data. A firm grasp of this topic will allow companies to comply with regulatory obligations as well as build confidence among customers regarding services and products provided, build lasting customer relationships, increase profits and grow businesses by becoming transparent about how personal data is being utilized; further strengthening relationships. By being open about their usage practices they will encourage long-term loyalty from both customers and partners.