Notes from the Asia-Pacific region, 24 Jan. 2020

(Jan 23, 2020) Happy new year, privacy pros! This week, Australia has thankfully had some relief from the tragic bushfires affecting massive portions of the country. But a recent New York Times story from Kashmir Hill has the privacy world focusing on Australia as the home of facial-recognition startup Clearview AI. The company's technology enables law enforcement to upload a photo of an individual and use that picture to conduct a search across the internet for other photos of the individual pictured, along ... Read More

Hong Kong considers strengthening privacy laws

(Jan 23, 2020) Hong Kong is considering amendments to its Personal Data Ordinance that would give companies five days to report a data breach and empower the privacy commissioner to fine offenders a portion of their global turnover, the South China Morning Post reports. Currently, companies are under no obligation to report a data breach. Under the proposal, the commissioner could impose an administrative fine based on the severity of the incident. The move follows a March 2018 hacking of Cathay Pacific Airway... Read More

Singapore's PDPC publishes feedback on data portability, innovation provisions

(Jan 23, 2020) Singapore's Personal Data Protection Commission published the feedback it received from the public consultation it held on proposed data portability and data innovation provisions for the Personal Data Protection Act. The PDPC got feedback from 44 entities in various sectors. On the proposed data portability requirement, the majority of respondents "did not object to the proposal for the Data Portability Obligation to apply to organisations that are presently covered by the PDPA’s Data Protectio... Read More

Telangana to test facial-recognition software at polls

(Jan 23, 2020) The Indian state of Telangana will test facial-recognition software to verify voters in an upcoming local election, Reuters reports. The Telangana State Election Commission said the technology will be used to “reduce impersonation cases” and voters’ photos will not be stored or used “for any other purpose.” It is the first time facial recognition will be used at the polls in India. “We think it will be an effective tool, and that it can be deployed more widely after this trial,” said Telangana S... Read More

Wong: 'Doxing' complaints increase 75-fold

(Jan 23, 2020) Hong Kong Privacy Commissioner for Personal Data Stephen Kai-yi Wong called a 75-fold year-on-year increase in "doxing" complaints "alarming" as he introduced measures to curb cyberbullying and data leaks in the new year, the South China Morning Post reports. Doxing complaints rose from 57 in 2018 to 4,370 by the end of 2019. As of 10 Jan., Wong referred 1,402 cases to police for further investigation and prosecution, and eight arrests have been made. The government has proposed independent inve... Read More

Chinese association introduces guidelines for facial-recognition payments

(Jan 23, 2020) Biometric Update reports the Payment & Clearing Association of China introduced guidelines for facial-recognition payments. The guidelines require companies to encrypt facial-recognition data and store it separately from other information, such as bank numbers, according to the original report from Caixin Global. Organizations are not allowed to keep facial data following the completion of a transaction. Anli Partners Senior Partner Wang Xinyue said companies that use the technology should g... Read More

Lawyers support privacy commissioner’s stronger powers against 'doxing'

(Jan 23, 2020) A plan to give Hong Kong’s Office of the Privacy Commissioner for Personal Data the power to conduct criminal investigations into "doxing," launch prosecutions, remove doxing content from social media, and require platforms to turn over names and IP addresses of doxers has received support from legal experts, the South China Morning Post reports. Lawyers and scholars called for safeguards to allow for fair criticism and scrutiny of public officials. "If a law can be tailored so that it only catc... Read More

Hong Kong considers PDPO amendments

(Jan 23, 2020) The Hong Kong Privacy Commissioner for Personal Data and the Constitutional and Mainland Affairs Bureau have proposed possible amendments to the Personal Data (Privacy) Ordinance, Lexology reports. As part of the development of the amendments, the privacy commissioner examined laws in Australia, Canada, Singapore, New Zealand and the EU. The two agencies laid out the amendments in a consultation paper, which includes the introduction of data breach notification requirements, data retention perio... Read More

Global News Roundup — Jan. 13–21, 2020

(Jan 21, 2020) In this week’s Privacy Tracker global legislative roundup, European regulators have issued fines totaling 114 million euros since the EU General Data Protection Regulation came into effect. The Italian DPA issued an 11.5 million euro fine against Eni Gas e Luce for violating the GDPR. Hong Kong authorities have proposed amendments strengthening the Personal Data (Privacy) Ordinance and are considering granting the Office of the Privacy Commissioner for Personal Data the authority to investigate ... Read More

Roundup: Europe, Hong Kong and US

(Jan 21, 2020) In this week’s Privacy Tracker global legislative roundup, European regulators have issued fines totaling 114 million euros since the EU General Data Protection Regulation came into effect. The Italian DPA issued an 11.5 million euro fine against Eni Gas e Luce for violating the GDPR. Hong Kong authorities have proposed amendments strengthening the Personal Data (Privacy) Ordinance and are considering granting the Office of the Privacy Commissioner for Personal Data the authority to investigate ... Read More