Abstract image of a woman sitting on books and studying on a laptop

Personal Data Privacy and Information Security

Download as PPT, PDF
Charles Mok, profile picture
Charles Mok

The document discusses personal data protection, privacy, and information security issues in Hong Kong. It provides an overview of Hong Kong's Personal Data Protection Ordinance, which regulates the handling of personal data and establishes six data protection principles. It notes incidents of data leakage in Hong Kong and emerging issues around topics like social media, online anonymity, and information security threats potentially posed by governments. Resources on privacy and information security in Hong Kong are also listed.

Technology
1 of 11
Downloaded 27 times
1
2
3
4
5
6
7
8
9
10
11
Personal Data Protection and Information Security INET Colombo 2011 Session II: Making the Internet Safe for Everyone Charles Mok Internet Society Hong Kong 2011.05.23
Privacy and Security Internet for all -> more problems? Growing awareness and media attention on personal data protection, privacy and information security Privacy legislation Security vs convenience and openness However, there is a contrasting attitude on others vs attitude on oneself
Privacy Law in Hong Kong Personal Data Protection Ordinance, enacted in 1997. Enforced by the Privacy Commissioner for Personal Data Issue code of practice Investigate suspected breaches and issue enforcement notices Awareness and education 2010 Review of the ordinance
Scope of the Ordinance The Ordinance covers any data relating directly or indirectly to a living individual (data subject), from which it is practicable to ascertain the identity of the individual and which are in a form in which access or processing is practicable. It applies to any person (data user) that controls the collection, holding, processing or use of personal data.
Six Data Protection Principles Principle 1: Purpose and manner of collection Principle 2: Accuracy and duration of retention Principle 3: Use of personal data Principle 4: Security of personal data Principle 5: Information to be generally available Principle 6: Access to personal data
Incidents – Leakages Public hospitals – staff losing USB thumb drives and other storage devices Police, immigration and fire departments* – leaking personal information and documents over P2P networks e.g. Foxy Banks – losing servers and tapes with customer transaction information Octopus (payment smartcard) – selling customer information to telemarketers and insurance companies
Other Recent PCO Actions Google collection of WiFi payload data Google Street View car operation Sony PlayStation Network
Emerging Issues Impact of social media Conflicts between openness, freedom and abuse Identity fraud 'Human flesh search' and online bullying Anonymity vs. calls for 'real name system' Example: Korea real name system for online games causing even more personal data leakages? Information security issues SME and zombie networks -> Korean legislation Mobile security
More threats What if your information security threat is from your Government? Great Firewall of China From Web 1.0 to Web 2.0 (e.g. Green Dam) Centralizing Internet control under the State Council Moving from servers to personal devices From filtering to surveillance, i.e. government spyware Destabilizing VP, Gmail and 'Real Name System' Government surveillance on dissidents and their supporters on blocked services such as Twitter A trend for more governments in the world to imitate?
Resources Privacy Commissioner for Personal Data www.pdpd.org.hk HK SAR Government's Infosec public website www.infosec.gov.hk HK CERT www.hkcert.org
莫乃光 Charles Mok [email_address] http://www.charlesmok.hk http://www.isoc.hk

More Related Content

PDF
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Financial Poise
 
PPT
Privacy and Data Security: Risk Management and Avoidance
Amy Purcell
 
PDF
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Financial Poise
 
PPTX
Data Privacy Introduction
Prachi Gulihar
 
PPTX
Privacy and Protection of Personal Information law seminar
Lance Michalson
 
PPTX
GDPR Is Coming – Are Emailers Ready?
MediaPost
 
PPTX
Unit 6 Privacy and Data Protection 8 hr
Tushar Rajput
 
PDF
CSR PII White Paper
Dmcenter
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Financial Poise
 
Privacy and Data Security: Risk Management and Avoidance
Amy Purcell
 
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Financial Poise
 
Data Privacy Introduction
Prachi Gulihar
 
Privacy and Protection of Personal Information law seminar
Lance Michalson
 
GDPR Is Coming – Are Emailers Ready?
MediaPost
 
Unit 6 Privacy and Data Protection 8 hr
Tushar Rajput
 
CSR PII White Paper
Dmcenter
 

What's hot (19)

PDF
Cloud primer
Zeno Idzerda
 
PPTX
Data Protection in India
Home
 
PDF
California Consumer Privacy Act - What You Need To Know
TokenEx
 
PPTX
Be aware of the laws in South Africa that apply to email
Lance Michalson
 
PPTX
Data protection regulation
Greg Ezeilo
 
PDF
Personal Data Protection Law
Hatice Zümbül, LL.M.
 
PPTX
Be aware of the ICT laws that apply to your organisation
Lance Michalson
 
PDF
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
DDMA
 
PPTX
Preparing for GDPR: What Every B2B Marketer Must Know
Integrate
 
PDF
GDPR: how IT works
Morris Dorfer
 
PPTX
California Consumer Privacy Act: What your brand needs to know
Ogilvy Health
 
PPTX
Data privacy presentation
Travers Morgan
 
PPTX
GDPR Is Coming – Are Search Marketers Ready?
MediaPost
 
PPTX
GDPR- GENERAL DATA PROTECTION REGULATION
Saurabh Pandey
 
PDF
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
Kenneth Riley
 
PDF
Cyber Claims Brief Summer 2016
Anthony Rapa
 
PPTX
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
PPTX
General Data Protection Regulation for Ops
Kamil Rextin
 
PPT
Privacy - USC 2005
Internet Law Center
 
Cloud primer
Zeno Idzerda
 
Data Protection in India
Home
 
California Consumer Privacy Act - What You Need To Know
TokenEx
 
Be aware of the laws in South Africa that apply to email
Lance Michalson
 
Data protection regulation
Greg Ezeilo
 
Personal Data Protection Law
Hatice Zümbül, LL.M.
 
Be aware of the ICT laws that apply to your organisation
Lance Michalson
 
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
DDMA
 
Preparing for GDPR: What Every B2B Marketer Must Know
Integrate
 
GDPR: how IT works
Morris Dorfer
 
California Consumer Privacy Act: What your brand needs to know
Ogilvy Health
 
Data privacy presentation
Travers Morgan
 
GDPR Is Coming – Are Search Marketers Ready?
MediaPost
 
GDPR- GENERAL DATA PROTECTION REGULATION
Saurabh Pandey
 
[Title Redacted for Privacy Purposes]: How Internal Audit Can Help Drive Priv...
Kenneth Riley
 
Cyber Claims Brief Summer 2016
Anthony Rapa
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
General Data Protection Regulation for Ops
Kamil Rextin
 
Privacy - USC 2005
Internet Law Center
 
Ad

Viewers also liked (8)

PPTX
The effects of Social Networking upon society
Bishrul Haq
 
PPTX
Security models of modern mobile systems
Divya Raval
 
PPTX
Impact Of IT on Society.
Monica Khatri
 
PPS
Introduction to Data Protection and Information Security
Jisc Scotland
 
PPTX
Changes made by Information Technology (IT) in our Society
Jigyasa Singh
 
PPTX
Data Privacy and Protection Presentation
mlw32785
 
PDF
The effect of technology on today's society ppt
oacore
 
PPTX
Slideshare ppt
Mandy Suzanne
 
The effects of Social Networking upon society
Bishrul Haq
 
Security models of modern mobile systems
Divya Raval
 
Impact Of IT on Society.
Monica Khatri
 
Introduction to Data Protection and Information Security
Jisc Scotland
 
Changes made by Information Technology (IT) in our Society
Jigyasa Singh
 
Data Privacy and Protection Presentation
mlw32785
 
The effect of technology on today's society ppt
oacore
 
Slideshare ppt
Mandy Suzanne
 
Ad

Similar to Personal Data Privacy and Information Security (20)

PPT
Chapter2
Pibi Lu
 
PDF
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
Symantec
 
PPT
Policies and Law in IT
Anushka Perera
 
PPTX
Lofty Ideals: The Nature of Clouds and Encryption
Sean Whalen
 
PPTX
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Irish Future Internet Forum
 
PDF
delphix-wp-gdpr-for-data-masking
Jes Breslaw
 
PPTX
14-Computer Privacy and Security Principles.pptx
wylobide
 
PDF
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
PDF
How Well Do You Know Data Privacy Laws_ Think Again!.pdf
CyberPro Magazine
 
PPTX
CHAPTER 5 CYBER LAW / SECURITY MALAYSIA
geniusempire1110
 
PPTX
The GDPR for Techies
Lilian Edwards
 
PDF
Be careful what you wish for: the great Data Protection law reform - Lilian E...
IISPEastMids
 
PDF
Data Personal Privacy in the Age of Digital Improvement.pdf
Acme Minds
 
PPTX
Police surveillance of social media - do you have a reasonable expectation of...
Lilian Edwards
 
DOCX
Module 1- Living in the IT Era GE 12 FOR CHED
ShaneMarizCRoslin
 
PPT
Innocenzo Genna, Genna Cabinet, Bruxelles: Privacy in the electronic communic...
FIA2010
 
PDF
Sovereignty: the state of data
dan hyde
 
PPT
Security Regulatory Framework
anthonywong
 
PPTX
Lesson4-Privacy and Data Protection.pptx
adnis1
 
PPT
Legal Perspective on Information Management “New Social Media – The New Recor...
anthonywong
 
Chapter2
Pibi Lu
 
The Evolution of Data Privacy - A Symantec Information Security Perspective o...
Symantec
 
Policies and Law in IT
Anushka Perera
 
Lofty Ideals: The Nature of Clouds and Encryption
Sean Whalen
 
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Irish Future Internet Forum
 
delphix-wp-gdpr-for-data-masking
Jes Breslaw
 
14-Computer Privacy and Security Principles.pptx
wylobide
 
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
How Well Do You Know Data Privacy Laws_ Think Again!.pdf
CyberPro Magazine
 
CHAPTER 5 CYBER LAW / SECURITY MALAYSIA
geniusempire1110
 
The GDPR for Techies
Lilian Edwards
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
IISPEastMids
 
Data Personal Privacy in the Age of Digital Improvement.pdf
Acme Minds
 
Police surveillance of social media - do you have a reasonable expectation of...
Lilian Edwards
 
Module 1- Living in the IT Era GE 12 FOR CHED
ShaneMarizCRoslin
 
Innocenzo Genna, Genna Cabinet, Bruxelles: Privacy in the electronic communic...
FIA2010
 
Sovereignty: the state of data
dan hyde
 
Security Regulatory Framework
anthonywong
 
Lesson4-Privacy and Data Protection.pptx
adnis1
 
Legal Perspective on Information Management “New Social Media – The New Recor...
anthonywong
 

More from Charles Mok (20)

PDF
Lessons from DeepSeek: Democratizing AI and Open Source
Charles Mok
 
PDF
Digital Democracy (Germany Taiwan Dialogue Platform event)
Charles Mok
 
PDF
Taiwan's Digital Security Pillars: Cyber Infrastructure
Charles Mok
 
PDF
The Future of Artificial Intelligence Governance
Charles Mok
 
PDF
The Geopolitics of Undersea Cable Resilience
Charles Mok
 
PDF
TWIGF Day 0 Tutorial: Security & Resilience
Charles Mok
 
PDF
APAC Data Center Infrastructure Observations
Charles Mok
 
PDF
Technology, Data and Ethics
Charles Mok
 
PDF
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
Charles Mok
 
PDF
Why open and interoperable Internet infrastructure is key to the Internet's c...
Charles Mok
 
PDF
From Crypto to Trust and Identity
Charles Mok
 
PDF
Have you AI'ed today? A Reality Check
Charles Mok
 
PDF
The Trouble with "Fake News" Laws
Charles Mok
 
PDF
2020-21 Budget -- New measures on I&T
Charles Mok
 
PDF
2020-21年財政預算案——創科項目重點
Charles Mok
 
PDF
在數碼時代阻止假新聞與捍衛言論自由
Charles Mok
 
PDF
Mistrust vs Misinformation: Fake News, AI and Privacy -- The Next Frontiers i...
Charles Mok
 
PDF
香港科技罪行法例改革:何去何從?
Charles Mok
 
PDF
Driving Hong Kong Forward in the Age of 5G and Innovation
Charles Mok
 
PDF
Computer Crime Law in Hong Kong
Charles Mok
 
Lessons from DeepSeek: Democratizing AI and Open Source
Charles Mok
 
Digital Democracy (Germany Taiwan Dialogue Platform event)
Charles Mok
 
Taiwan's Digital Security Pillars: Cyber Infrastructure
Charles Mok
 
The Future of Artificial Intelligence Governance
Charles Mok
 
The Geopolitics of Undersea Cable Resilience
Charles Mok
 
TWIGF Day 0 Tutorial: Security & Resilience
Charles Mok
 
APAC Data Center Infrastructure Observations
Charles Mok
 
Technology, Data and Ethics
Charles Mok
 
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
Charles Mok
 
Why open and interoperable Internet infrastructure is key to the Internet's c...
Charles Mok
 
From Crypto to Trust and Identity
Charles Mok
 
Have you AI'ed today? A Reality Check
Charles Mok
 
The Trouble with "Fake News" Laws
Charles Mok
 
2020-21 Budget -- New measures on I&T
Charles Mok
 
2020-21年財政預算案——創科項目重點
Charles Mok
 
在數碼時代阻止假新聞與捍衛言論自由
Charles Mok
 
Mistrust vs Misinformation: Fake News, AI and Privacy -- The Next Frontiers i...
Charles Mok
 
香港科技罪行法例改革:何去何從?
Charles Mok
 
Driving Hong Kong Forward in the Age of 5G and Innovation
Charles Mok
 
Computer Crime Law in Hong Kong
Charles Mok
 

Recently uploaded (20)

PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Unlock new opportunities with location data.pdf
Precisely
 
PPTX
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
PDF
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
The various Industrial Revolutions .pptx
bandileshozi3
 
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
Modernising the Digital Integration Hub
Daniel Toomey
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Unlock new opportunities with location data.pdf
Precisely
 
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
Five Habits of High-Impact Board Members
OnBoard
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
Geologic Time for studying geology for geologist
ssuser738f5a
 
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Getting Started with Data Integration: FME Form 101
Safe Software
 

Personal Data Privacy and Information Security

  • 1. Personal Data Protection and Information Security INET Colombo 2011 Session II: Making the Internet Safe for Everyone Charles Mok Internet Society Hong Kong 2011.05.23
  • 2. Privacy and Security Internet for all -> more problems? Growing awareness and media attention on personal data protection, privacy and information security Privacy legislation Security vs convenience and openness However, there is a contrasting attitude on others vs attitude on oneself
  • 3. Privacy Law in Hong Kong Personal Data Protection Ordinance, enacted in 1997. Enforced by the Privacy Commissioner for Personal Data Issue code of practice Investigate suspected breaches and issue enforcement notices Awareness and education 2010 Review of the ordinance
  • 4. Scope of the Ordinance The Ordinance covers any data relating directly or indirectly to a living individual (data subject), from which it is practicable to ascertain the identity of the individual and which are in a form in which access or processing is practicable. It applies to any person (data user) that controls the collection, holding, processing or use of personal data.
  • 5. Six Data Protection Principles Principle 1: Purpose and manner of collection Principle 2: Accuracy and duration of retention Principle 3: Use of personal data Principle 4: Security of personal data Principle 5: Information to be generally available Principle 6: Access to personal data
  • 6. Incidents – Leakages Public hospitals – staff losing USB thumb drives and other storage devices Police, immigration and fire departments* – leaking personal information and documents over P2P networks e.g. Foxy Banks – losing servers and tapes with customer transaction information Octopus (payment smartcard) – selling customer information to telemarketers and insurance companies
  • 7. Other Recent PCO Actions Google collection of WiFi payload data Google Street View car operation Sony PlayStation Network
  • 8. Emerging Issues Impact of social media Conflicts between openness, freedom and abuse Identity fraud 'Human flesh search' and online bullying Anonymity vs. calls for 'real name system' Example: Korea real name system for online games causing even more personal data leakages? Information security issues SME and zombie networks -> Korean legislation Mobile security
  • 9. More threats What if your information security threat is from your Government? Great Firewall of China From Web 1.0 to Web 2.0 (e.g. Green Dam) Centralizing Internet control under the State Council Moving from servers to personal devices From filtering to surveillance, i.e. government spyware Destabilizing VP, Gmail and 'Real Name System' Government surveillance on dissidents and their supporters on blocked services such as Twitter A trend for more governments in the world to imitate?
  • 10. Resources Privacy Commissioner for Personal Data www.pdpd.org.hk HK SAR Government's Infosec public website www.infosec.gov.hk HK CERT www.hkcert.org
  • 11. 莫乃光 Charles Mok [email_address] http://www.charlesmok.hk http://www.isoc.hk