On March 4, 2004, the Hong Kong government released the 2004 Digital 21 Strategy, its third such strategy paper since 1998. Like before, the paper marks out an ambitious roadmap for development across the whole gamut of information and communications technology (ICT) business and activities. It might be of interest to pull together the new laws that are implicit prerequisites for delivery of the latest strategy. In doing this, I have found that the lawmakers will be kept very busy, although some of what is necessary is already in the pipeline.
The strategy walks a proverbial tightrope when addressing personal data privacy. Much is made of the protection offered by the Personal Data (Privacy) Ordinance (PD(P)O). However, this piece of legislation is looking decidedly dusty, having been based on the UK’s Data Protection Act 1984 (the U.K. enacted updated E.U.-compliant privacy laws in 1998). Moreover, there is a weak enforcement culture over data privacy abuses in Hong Kong. I am unaware of any moves to revamp the PD(P)O, yet the increased potential (at least in the eyes of the public) for privacy abuses arising out of the Smart ID cards, planned automated immigration clearance and digital driving licences, should perhaps prompt additional controls. At least there should be revised codes of practice issued by the Privacy Commissioner.
The strategy states: “Given the global concern over information security, we are committed to maintaining a secure environment in the promotion and development of IT.” Hackers are not mentioned specifically, but clearly anti-hacking legislation is required. In fact, a piece of legislation has been waiting in the wings for the past 18 months which would greatly assist in this area. The Criminal Jurisdiction Ordinance (Amendment of Section 2(2)) Order 2002, as and when enacted, will allow Hong Kong courts to exercise jurisdiction over the offenses of unauthorized access to a computer and criminal damage relating to misuse of a computer, and also, access to a computer with criminal or dishonest intent.
This applies even if these crimes are committed or planned outside the geographical boundaries of Hong Kong. Now that cooperation between national police forces has greatly improved, it is this cross-border element of these crimes which often presents one of the biggest hurdles to successful prosecution. It is hoped that these new laws will be enacted soon.
The strategy promises a review, in 2004, of the administrative measures already in place to combat spamming and the case for the introduction of legislative measures. Until now the regulation of spam has not been advanced beyond the level of a Code of Conduct published by the Hong Kong ISP Association. In truth, Hong Kong is not thought to be a hotspot for the origination of spam, so it is unlikely that the introduction of effective anti-spam laws here would drastically reduce the amount of spam we receive in our inboxes. Nevertheless, the government will want to ensure that Hong Kong does not become a target for spam operations simply because we have inadequate controls in place. The growing pains experienced by the U.S. CAN-SPAM legislation will also serve as a salutary reminder that anti-spam legislation is a very tricky area. Rigourous protection of intellectual property rights (IPRs)
The strategy states that the rigourous protection of IPRs remains one of its cornerstones. This is, of course, very important, especially for software rights holders. However, it should be noted that the Strategy is also reflective of the increased dependence of the Hong Kong technology industries upon China as a market. Indeed the Strategy notes that the Hong Kong Productivity Council is establishing presences in cities across the PRD. Everyone who tries to sell copiable goods, software and services in the PRC knows, regardless of the breadth and coverage of the PRC intellectual property laws, that they are routinely ignored — primarily because meaningful enforcement is so difficult.
Now that the Hong Kong government has supposedly forged such close cooperation with its opposite numbers in China, especially the PRD, can we not expect some reciprocal enforcement of IPRs such that Hong Kong’s investment in PRC technology advancement will be better protected?
In conclusion, therefore, interesting times lie ahead for Hong Kong’s lawmakers.