The Office of the Privacy Commissioner for Personal Data (PCPD), Hong Kong issued the following press release today:
PCPD’s Concern about Posting Video of Students Online
(13 May 2015) In response to the concern about the alleged unconsented uploading of video clips of secondary school students online, the Office of the Privacy Commissioner for Personal Data (“PCPD”) reminds the public of the privacy and legal issues associated with the collection and use of personal data, and calls for data users to respect the privacy rights of individuals.
We are particularly concerned about the incident as it involves youngsters and their rights to privacy in the cyber world. Any complaints made to the PCPD would be handled in accordance to established procedures. If there is a prima facie case of any contravention of the data protection principles or other provisions under the Personal Data (Privacy) Ordinance, the PCPD may initiate a formal investigation into the matters.
Based on the information in the media and other information gathered by the PCPD so far, the following data protection principles may be relevant to the incident:-
Data Protection Principle 1 (Data Collection Principle)
This Data Collection Principle requires the data user to collect personal data in a lawful and fair way, and for a purpose directly related to its function or activity. All practicable steps shall be taken on or before collecting the data to notify the data subjects of the purpose of data collection and the classes of persons to whom the data may be transferred.
An organisation may collect personal data directly related to its functions or activities. However, the collection should be in accordance with the above requirements.
Data Protection Principle 3 (Data Use Principle)
This Data Use Principle requires personal data to be used for the purpose for which the data is collected or a directly related purpose, unless voluntary and explicit consent is obtained from the data subject.
Hence, an organization, before using or publishing any personal data collected, needs to ascertain if such use or publication is for the purpose for which the data is collected or a directly related purpose, unless voluntary and explicit consent is obtained from the data subject.
Cyber-bullying
Any improper use or sharing of personal data, online or otherwise, could be far reaching and long lasting, especially when the data is related to youngsters who are vulnerable to harassment and disparaging comments. Schools and parents need to educate youngsters about their privacy rights and responsibilities, when the latter dealt with threatening and harassing messages on the Internet. If youngsters suspect that their privacy rights relating to personal data are being abused, they should seek help from their parents or legal guardian, and make a complaint to the PCPD.
Cyber-bullying inflicts harm on the victims that can have devastating effects. People’s lives offline may also be adversely affected as a result. In October 2014, the PCPD published a leaflet entitled “Cyber-bullying – What you need to know”1 to remind the public of the privacy and legal issues associated with cyber-bullying, and called for internet users to respect the right to privacy in the cyber world.
The PCPD will continue to closely monitor the situation, and take follow up action as appropriate in light of further developments.
– End –
1 “Cyber-bullying – What you need to know”
http://www.pcpd.org.hk/english/news_events/media_statements/files/cyberbullying_e.pdf/
Related media coverage: Privacy watchdog may launch probe after pupils complain video clip was posted online without consent