Home | Databases | WorldLII | Search | Feedback Edited Legal Collections Data

McLeish, Robin; Greenleaf, Graham --- "Hong Kong" [2008] ELECD 404; in Rule, B. James (ed), "Global Privacy Protection" (Edward Elgar Publishing, 2008)

Book Title: Global Privacy Protection

Editor(s): Rule, B. James

Publisher: Edward Elgar Publishing

ISBN (hard cover): 9781848440630

Section: Chapter 8

Section Title: Hong Kong

Author(s): McLeish, Robin; Greenleaf, Graham

Number of pages: 27

Extract:

8. Hong Kong
Robin McLeish and Graham Greenleaf

INTRODUCTION

Data Spills on the Hong Kong Internet

In March 2006 personal data, including names, addresses, Hong Kong ID card
numbers and in some cases details of criminal convictions, of an estimated
20,000 people who had made formal complaints against the Hong Kong police
since 1996 were found on an unprotected web site in Hong Kong. The more
serious complaints against the police included allegations of sexual assault,
fraud and corruption, and seven complaints were still under investigation.
People named in the list have described the disclosure as `a nightmare . . .'.
The South China Morning Post (SCMP) claimed `thousands of people are
living in fear' as a result. Legislators claim that the disclosures, particularly of
the HK ID card numbers which are widely used as an identity credential, are
a `big threat' to the financial interests of the persons concerned. This is the
most dramatic privacy issue in Hong Kong's history, in its combination of the
number of people affected and the sensitivity of the data involved.
The scandal erupted when a corporate governance activist accidently found
the data when searching the internet for a person's address. Hong Kong's
Independent Police Complaints Council (IPCC) admitted it was the source of
the data, apparently uploaded to a server of a Hong Kong company by a
contractor to the IPCC who was transferring data from one IPCC computer to
another. The data had been accessible on the web for three years. ...