The data hk website provides access to publicly available datasets that are collected or created by the Hong Kong government. The datasets can be sorted, searched and filtered by various criteria. Some datasets also have links to related resources, such as news articles or blogs.
A discussion paper published by the HK government earlier this year explored potential changes to the PDPO, including a change to the definition of personal data. This would mean that in order for information to be classed as personal data, it must concern a living individual and can be identified or reasonably identifiable. It is not clear what the implications of this proposed change will be, but it may mean that more kinds of information are considered personal data.
This could have an impact on businesses that use data-related technologies to learn about individuals’ behaviours. The PDPO requires that these businesses take additional compliance measures to ensure that their processing activities are compliant with the PDPO.
HK-dir administers a number of application-based public services, including grants/benefits, approvals of various kinds, prizes/awards etc. In order to operate these public services it is necessary to collect various types of personal data from applicants. The type of data collected will depend on the specific aims of each service.
For example, when an applicant applies for a grant, the data required includes the applicant’s name and HKID number. Similarly, when an applicant attends a training course, seminar, webinar or conference, the data collected might include names, email addresses, titles/organisational affiliations and other relevant details. This information is only used for the purpose of the event and is deleted when the event has finished.
Personal data is also collected for administrative purposes, such as managing job applications and archiving. These records are kept securely in line with archive regulations.
When a personal data set is provided for download, it is important to note how the data has been processed, including any syntactic and semantic transformations that have taken place. This will influence how the data can be analysed and how it is incorporated into systems or products.
Direct marketing practices remain one of the main enforcement areas for the Privacy Commissioner’s office. The Commissioner has investigated and prosecuted a number of cases involving the misuse of personal data for direct marketing purposes in recent years. People can protect their personal data from such abuse by registering with the Do Not Call Register and by choosing not to consent to direct marketing communications.