From compliance to confidence: Key takeaways from the PCPD's 2024-25 Annual Report
Contributors:
Sylvia (Pei) Zhang
CIPP/A, CIPP/E, CIPP/US, CIPM, FIP
APAC Privacy Lead Counsel
Align Technology
Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
Artificial intelligence has garnered much talk in 2025 and Hong Kong's Privacy Commissioner for Personal Data has made its opinion on the topic clear.
The PCPD's 2024-25 Annual Report, "Leveraging Artificial Intelligence for a New Digital Privacy Era," concentrates on both the accomplishments and impacts of AI, and offers a clear message: AI, data security and digital trust have all changed how Hong Kong keeps people's private information safe.
"We published the city's inaugural model personal data protection framework for AI to steer Hong Kong's industries and organisations towards the responsible protection of personal data in using AI, while spearheading efforts to strike a delicate balance between innovation and security in AI among global privacy or data protection regulators," Privacy Commissioner Ada Chung states in the report.
Putting AI ethics into practice
In June 2024, the PCPD created the AI Model Framework on Personal Data Protection, one of the first explicit regional frameworks for regulating AI. The framework states AI goes through six stages in its life cycle: collection, use, training, security, transparency and access, and correction — with safeguards in place at each point.
Contributors:
Sylvia (Pei) Zhang
CIPP/A, CIPP/E, CIPP/US, CIPM, FIP
APAC Privacy Lead Counsel
Align Technology