On June 27, 2012, the Hong Kong Legislative Council passed a bill to amend the Personal Data (Privacy) Ordinance (the “Ordinance”). The amendment will become effective in phases. Most provisions will become effective on October 21, 2012, and the others will take effect on a day to be announced by publication in the Hong Kong Government Gazette.
The amendment establishes a number of changes and new requirements, but the principal changes include provisions imposing increased notification and consent requirements for data users that seek to:
- sell personal data;
- use personal data for their own direct marketing purposes; or
- provide personal data to another person for that other person’s direct marketing purposes.
In addition, the amendment imposes potentially significant criminal penalties for data users that violate these requirements.
Read more of this article on Privacy and Information Security Law Blog