Presentation is loading. Please wait.

Presentation is loading. Please wait.

Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,

Similar presentations


Presentation on theme: "Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,"— Presentation transcript:

1 Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL, ICC “Building Trust in the Online Environment: Business to Consumer Dispute Resolution” The Crowne Plaza Promenade Hotel The Hague, The Netherlands 11 - 12 December 2000 1

2 Electronic Commerce Consumer TRUST & CONFIDENCE Identity of suppliers? Integrity of information? Electronic contract? Payment reliability? Errors/frauds? DATA PRIVACY? 2

3 Forrester Research, October 1999, US 90% of online consumers want to have control over how their personal data is used once it has been collected two out of three people say that they have reservations about giving out personal information online consumers who have moderate privacy concerns spend 21% less online than those who have less than moderate concerns 3

4 4

5 5

6 The basic premise is “What is illegal off-line is also illegal on-line” 6

7 Personal Data (Privacy) Ordinance Data Protection Principles Principle 1 - Purpose and manner of collection - this provides for the lawful and fair collection of personal data and sets out the information a data user must give to a data subject when collecting personal data from the subject. Principle 2 - Accuracy and duration of retention - this provides that personal data should be accurate, up-to- date and kept no longer than necessary. 7

8 Personal Data (Privacy) Ordinance Data Protection Principles Principle 3 - Use of personal data - this provides that unless the data subject gives consent otherwise personal data should be used for the purposes for which they were collected or a directly related purpose. Principle 4 - Security of personal data - this requires appropriate security measures to be applied to personal data (including data in a form in which access to or processing of the data is not practicable). 8

9 Personal Data (Privacy) Ordinance Data Protection Principles Principle 5 - Information to be generally available - this provides for openness by data users about the kinds of personal data they hold and the main purposes for which personal data are used. Principle 6 - Access to personal data - this provides for data subjects to have rights of access to and correction of their personal data. 9

10 Data Privacy Issues on Internet no personal information collection (PIC) statement with on- line data collection by websites no display of data privacy policy statement with websites data collection without consent (e-mail address, cookies, etc.) unfair collection (e.g. from children) interception of data during transmission use of data different from original purpose of collection security of data held in websites spamming identity theft 10

11 Sample Survey of Hong Kong - Based Web Sites Conducted between July to October 1998 Visited 531 sites from both public and private sectors 11

12 Objectives To assess the extent to which Hong Kong-based web sites are operated in a manner that meets: -the requirements of the Personal Data (Privacy) Ordinance -standards of good and reasonable personal information handling 12

13 Provision of Personal Information Collection (PIC) Statement 339 sites had personal data collection forms 13

14 Provision of Privacy Policy Statement Only 21 sites had Privacy Policy Statements 14

15 Results of Compliance Check Exercise 59 sites (25%) of 236 sites which have online personal data collection form displayed a PPS 15

16 Results of Compliance Check Exercise 220 sites (93%) of the 236 sites which have online personal data collection forms displayed a PICS Formal investigations being carried out into 16 sites (7%) 236 sites have online personal data collection forms 339 sites had online personal data collection forms 16

17 Guidelines on the Protection of Personal Data Privacy on the Internet “Internet Surfing with Privacy in Mind” - A Guide for Individual Net users “Personal Data Privacy and the Internet” - A Guide for Data Users “Preparing On-line - Personal Information Collection Statements and Privacy Policy Statements” 17

18 Launching in 2001 A Series on “E-Privacy” 18

19 Privacy Commissioner for Personal Data Hong Kong Website: http://www.pco.org.hk Hotline: (852) 2827 2827 `19


Download ppt "Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,"

Similar presentations


Ads by Google