Hello and greetings from Hong Kong.

The winter sun is shining, the sky is blue, 2018 is off to a fine start!

Data privacy activity in the region is also moving along nicely, particularly in Singapore. Singapore’s new law on government data sharing, which was highlighted in a previous Digest, came into effect on 9 Jan. This new law provides that if a public sector officer shares the personal data of a Singaporean, such officer may be fined up to SG$5,000 and/or jailed for up to two years. And just today it was reported that Singapore’s data privacy watchdog has cracked down on digital marketing agency Social Metric once again for a “flagrant privacy breach” that saw the personal information of 588 people, including 155 children, made publicly available on its website. Social Metric was fined SG$18,000 for the incident.

Moving the spotlight to India, recent studies show that Indian consumers are more comfortable with using fingerprint, facial and voice recognition over passwords, or PINs. It will be interesting to see whether consumers across the broader Asia region share the same views, particularly given recent reports show CFOs in Asia are eager to support biometric authentication in respect of payment authorizations. Nearly one third of corporates surveyed believe that biometric authentication is more secure than other identifiers.

Finishing up with developments right here in Hong Kong, the Privacy Commissioner last week issued concerns about the online circulation of video clips and photos of private activities in homes and hotel rooms, warning that such circulation could be in breach of the data protection principles, particularly DPP1(2). DPP1(2) provides personal data should be collected through means that are lawful and fair. What is lawful and fair depends on the circumstances. For example, it was held in a case that filming celebrities in their homes from a distance using zoom lenses was a violation of DPP1(2). Some things are best left under wraps!

Enjoy this week’s Digest.

Anna