The number of data leak cases in Hong Kong hit a record high last year, with information and communications technology-related complaints more than doubling, Privacy Commissioner for Personal Data Stephen Wong Kai-yi revealed on Thursday.

The office was notified with 129 cases of data breach last year, a 22 percent increase compared with that of 2017. Data was leaked through hacking, system configuration, loss of documents or portable devices and inadvertent disclosures of data by fax, email or post.

Last year, the office received 1,890 cases of complaints regarding personal data leakage, a 23 percent rise from that of 2017. Of these, a record-high 501 cases of complaints related to the use of ICT were recorded - twice the figure in 2017.

Common issues in the use of ICT included data leaks via the internet, social networking websites and mobile apps.

Currently, it's not mandatory for private companies to notify the office about data breaches. Wong said the record-high number of reported cases last year indicates that companies are more aware of their ethical responsibilities to safeguard data security and the public interest.

But with the development of ICT, there was also a rising demand for data security protection, he explained.

Wong, also a barrister, said the office is in the final stage of its review of the Personal Data (Privacy) Ordinance in Hong Kong. Potential amendment proposals will include whether to reinforce punishments, and also make it mandatory for companies to notify the office about data breaches.

The office will refer to the General Data Protection Regulation of the European Union. The regulation, which came into force on May 25 last year, was considered the highest standard of data protection in the world, Wong said.

Amendment suggestions are likely to be submitted to the government within a few months, Wong said.

Last year saw Cathay Pacific's large-scale customer data leakage incident. Hong Kong's flagship airline announced last October that the data of some 9.4 million passengers had been accessed without authorization.

Wong said he was not in the position to comment as the case was subject to legal procedures.

heshusi@chinadailyhk.com

(HK Edition 02/01/2019 page4)