GF 323
CONFIDENTIAL
-
12
-
機密
(e)
take on responsibility for general surveillance of compliance and
investigation of complaints (paragraphs 21 and 22); and
the possibility of any threat of the denial to Hong Kong of trans-border data flow be kept under constant review (paragraph 20).
Implications of the Adoption of the Working Group's Recommendations
24.
The Administrative Services and Information Branch has examined the recommendations of the Working Group and considers them to be practicable in the current circumstances. It is, therefore, proposed that the Administrative Services and Information Branch should work out a strategy whereby data users in the private sector would be advised to adopt the Data Protection Code of Practice. It is anticipated that major banks, financial institutions and legal firms, particularly those which operate on a multi-national basis, are already aware of the data protection principles and are complying with them to a large extent. Indeed, Hong Kong is probably benefitting from legislation passed elsewhere. Credit card statements in Hong Kong, for example, usually provide far more information than is necessary under Hong Kong's laws. The findings of the Sub-committee of the Working Group which examined the position in the private sector indicate that the major data users who record and process personal data are likely to be amenable to advice because they realise that the alternative would be comprehensive legislation with its attendant cost to the private sector.
25.
It is agreed that at the moment the objective should be instituting measures preventive, rather than punitive, in nature with a view to minimising future adverse effects of information technology on the safekeeping of personal information. The case for moving into a voluntary compliance situation with attendant legislation and bureacracy does not appear to have been fully established as yet. Meanwhile, with appropriate publicity on the data protection principles, the public may, as a result, develop a greater awareness of the potential dangers of unprotected personal data. The possibility of restrictions on the flow of data across international boundaries has been touched upon by the Working Group, but its significance to Hong Kong, particularly in view of the transfer of sovereignty in 1997, may have been under-estimated. The Council of Europe Convention will no doubt be a factor in persuading other trading countries outside Europe to reconsider their position vis-a-vis personal data protection legislation. There would appear to be valid grounds for monitoring the
CONFIDENTIAL
機密
No comments yet.
Private notes are available after approval.