PCO Office of the Privacy Commissioner for Personal Data, Hong Kong imagebanner image
Privacy Policy StatementSearchSite DirectoryText Only VersionChinese  
image
About PCPD
image
The Ordinance
image
PCPD Activities
image
Information Centreimage
Privacy Zone for Youngsters
image
Publications and Videos
image
Enquiries and Complaints
image
Case Notes
image
Contact Us
image
Press ReleasesSpeeches and Articles & PapersAnnouncement of Public Interest
Exhibition MaterialsOther Related WebsitesArchiveOther Resources
On-line Self TrainingSubmissions to Public Consultation
image

Information Centre
speeches and Articles

 
 
Date: July 30 - August 1, 1998

Electronic Commerce, Consumer Rights and Data Privacy (cont.)

The Role of Government

Regulatory Framework

It is recognised that the effective development of electronic commerce should be led by the private sector and market-driven. However, there is a critical role played by the government to provide a regulatory framework for a legal environment for electronic commerce, and to protect consumers' interests in accordance to the "consumer bill of rights", including the protection of data privacy. The regulatory framework, may it be on the basis of legislations (government regulatory), or codes of practice developed by industries (private sector self-regulatory) or a mix of legislations and complementary codes of practice by industries (co-regulatory), should aim to bring about an environment which is:

  • simple;
  • stable;
  • predictable;
  • at the minimum equivalent (to the legal protection as provided by the laws and practices that apply to traditional forms of commerce);
  • internationally consistent; and
  • technology neutral.

The regulatory areas notably include:

  • Electronic Transactions
    To enact legislations or amend existing commercial and contract laws to facilitate electronic recording and filing of documents; to establish procedures and standards regarding the authentication and integrity of electronic signatures, and to establish effective dispute resolution mechanisms.
  • Contents Control
    Many countries place an emphasis on the need to monitor and control contents of websites within their jurisdiction or to block access to prohibited materials in overseas websites. The reasons include the protection of children from offensive materials such as pornography, materials deemed as politically subversive, or discriminatory, e.g. racial hatred.
  • Intellectual Property Rights (IPR)
    Laws and regulations with respect to copyrights, patents, and trademarks need to be updated to take into account of these issues in cyberspace.?In addition, two specific areas which require attention are the registration of Internet domain names and the establishment of sui generis database protection.
  • Crimes in Cyberspace
    Crimes in cyberspace, e.g. phoney investment schemes, Internet gambling in some jurisdictions, the access to information where the offender has an intent to defraud or frauds are resulted, would require specific regulations or updating of existing criminal laws.
  • Open and Fair Trade Practices
    Fair competition for the offering of goods and services, open access to telecommunication networks and services, truthful and accurate advertising, protection of children from harmful advertising practices, are some of the issues for consideration.
  • Regulations Which have Direct or Indirect Bearing on Data Privacy

    Specific regulation on data privacy
    Whether through the enactment of a generic legislative measure or the development of codes of practice for industries, the rights of an individual regarding data privacy as outlined earlier on in the consumer electronic bill of rights should be adequately protected.

    Security
    The requirements for security range from the security of telecommunications networks and information systems to the security of data, including personal data, collected and transmitted over the Internet. Whenever relevant, particularly for sensitive data, highly secure and reliable data encryption measures should be provided for data transfer. There should be a balanced solution to protecting the individual's right of data privacy while allowing for exceptional access to personal data to satisfy overriding public interests or national security when relevant.

    Spamming
    Protection from privacy intrusion caused by unsolicited emails should be provided by making it a violation for spammers to send messages without a return address or with a forged return address, or messages with misleading subject lines.?The ISPs could also be required to establish spam-blocking policy and to deter spamming.

    Defamation
    Flaming, sending an abusive or derogatory message, is a known phenomenon on Internet, which is often regarded as a lawless zone due to its borderless nature. Defamation issues arise with regards to the liability of individuals, websites and ISPs.

    Direct Marketing
    Mandatory provision of an "opt-out" choice, and the establishment of a national "opt-out database" of individuals to switch-off unwanted direct marketing messages or emails should be considered.

Next Page

Back to top

Archive

  imageNotice/ Copyright 2001 Office of the Privacy Commissioner for Personal Data, Hong Kong. All rights reserved. Disclaimer