Hong Kong is a global data center hub with dense concentrations of enterprises, networks and IT service providers. Equinix’s colocation facilities in Hong Kong connect you to this ecosystem in one of the world’s most carrier-dense network hubs.

A proposal to modernise data protection laws in Hong Kong has been mooted. One possible change is to broaden the definition of personal data to include any information that could be used to identify an individual. This would catch a wider range of uses of personal data, and increase the obligations placed on businesses that use such data.

Data protection in Hong Kong is governed by the Personal Data (Privacy) Ordinance (“PDPO”). PDPO sets out an array of data subject rights, specific obligations to data controllers and six data protection principles.

In particular, PDPO requires that data users only disclose an individual’s personal data to third parties for the purpose that was originally notified to the individual, or for a use permitted by law. In other words, it is a breach of PDPO for a data user to share an individual’s personal data with others without their consent, except where the disclosure is in accordance with the law or under a court order.