Data hk is a Hong Kong-based non-profit organization that seeks to foster openness, transparency, and good data practices. It also supports the development of local talents and global technology leadership in the big data industry. It has forged an alliance with Greater Bay Area International Information Technology Industry Association (GBAITA) and Institute of Big Data Governance (iBDG) in addition to mainland and overseas data industry organizations. The new alliance aims to attract global leading companies, industry experts and technology pioneers to gather in Hong Kong for resource sharing and accelerate the transformation of scientific research results into commercial value.

The new alliance is expected to play a critical role in developing Hong Kong into an international data trade hub, as well as a world-class regional centre for data governance and policy formulation. Hong Kong’s strengths in the big data industry, including its global reputation, business environment and rule of law, will provide strong support to the alliance. Moreover, the SAR’s openness and its global connectivity will further enhance Hong Kong’s position as an international hub for promoting data flows and activating the value of data elements.

In this regard, it is important to note that data transfer issues under PDPO apply where the person controls the collection, holding, processing or use of personal data in, or from, Hong Kong, regardless of whether the actual data processing cycle takes place outside Hong Kong. This is a key distinction that differs from the European Union’s “Model Clauses” that only apply where the data processing cycle actually takes place in the EU.

A data exporter must take the opportunity to review its PICS to determine if it has properly disclosed that personal data may be transferred abroad, and the underlying grounds. It should also consider whether the proposed transfer may constitute a new purpose for which the prescribed consent of the data subject is needed. This step is markedly less onerous under Hong Kong’s PDPO than it is under GDPR, but it remains a necessary obligation to fulfil in respect of any cross-border data transfer.

Scholars across disciplines have emphasized the dual position of data as both an object of political struggle and a weapon in repertoires of political action. The 2019 Hong Kong protests have substantiated this duality through the creative incorporations of data-based practice into contentious politics and social movements. The protesters’ collective and networked program of sousveillance, and their different moral justifications for doxing, demonstrate how data is simultaneously an objective and a tool in the political arena.

Data transfers between data users can be complex and difficult to manage. However, with careful planning and compliance with relevant laws, data transfers can be efficient, cost-effective and secure. This article, authored by Padraig Walsh from the Data Privacy practice group at Tanner De Witt, explores some of the key points to note for effective and compliant cross-border data transfers. Please contact us for further advice on this topic.