Data hk is a website that provides access to over one million open data from various resources. It also offers a variety of visualization tools for users to view and analyze the data. This website also allows users to download the data in a number of different formats including spreadsheets, graphs and maps. It is a great resource for researchers and other professionals.
The Personal Data (Protection) Ordinance (“PDPO”) governs data protection in Hong Kong. It establishes data subject rights and imposes obligations on data controllers through six core data protection principles. The PDPO is intended to apply where a Hong Kong entity controls the collection, processing, holding or use of personal data even if that takes place outside Hong Kong.
In 2014, increased cross-border data flow was a reason for the Government to have a renewed focus on section 33 implementation. The purpose of section 33 is to prohibit the transfer of personal data outside of Hong Kong unless certain conditions are met. In particular, the data user must expressly inform the data subject on or before the original collection of his personal data of the purposes for which that data may be used, and the classes of persons to whom that data can be transferred, and obtain the voluntary and express consent of the data subject for the transfer.
Furthermore, the data user must carry out a transfer impact assessment before transferring personal data to a foreign jurisdiction. A transfer impact assessment is designed to help the data user identify and adopt supplementary measures that will bring the level of personal data protection in the foreign jurisdiction up to Hong Kong standards. This is especially important in cases where the foreign jurisdiction’s legislation or practices fail to satisfy the PDPO’s requirements.
Lastly, the data user must take steps to ensure that any third party that processes or handles the data that has been transferred to the foreign jurisdiction will comply with the PDPO’s requirements. This will ensure that the data remains secure and is used only for the purposes for which it was collected.
The PCPD has published two sets of recommended model contractual clauses that cater to these situations. The first set, which came into effect on 1 October 2012, addresses transfers between entities that are both in and out of Hong Kong. The second, which was released in 2021, relates to transfers between two entities neither of which is located in Hong Kong but where both are controlled by a Hong Kong data user.
The PCPD expects to release additional model contractual clauses in the future to address other scenarios involving the transfer of personal data between Hong Kong and other jurisdictions. Those models will be designed to meet the unique circumstances of Hong Kong’s international trading environment, taking into account both its reputation as a trusted and robust international data hub and its legislative and regulatory framework that provides high levels of privacy protection.