| |
INTRODUCTION
What does the code of practice
cover ?
The
code of practice gives practical guidance to data users*
on the application of requirements of the Personal Data
(Privacy) Ordinance ("the Ordinance") to the collection,
accuracy, retention, use and security of :
- the
identity card ("ID card") number and copies of the
ID card; and
-
other identifiers that uniquely identify individuals,
e.g. passport numbers, employee numbers, examination
candidate numbers and patient numbers.
*
A data user is defined in the Personal Data (Privacy)
Ordinance as meaning, in relation to personal data,
a person who either alone or jointly or in common with
other persons, controls the collection, holding, processing
or use of the data. In practice, a data user could be
a company, a government department or other public body
or an individual.
What happens if the code is
not complied with ?
- Non-compliance
with the code is not itself unlawful. However, it
will give rise to a presumption against the party
concerned in any proceedings involving an alleged
breach of the Ordinance. These proceedings could be
before the Administrative Appeals Board, a magistrate
or a court.
- Non-compliance
with the code would also weigh against the party concerned
in any case under investigation by the Privacy Commissioner
for Personal Data.
When does the code take effect
?
The
code was approved on 19 December 1997. Its requirements
will take effect in two stages:
| Stage
1. |
All requirements
except the requirement specified in stage 2 below will
take effect on 19 June 1998. |
| |
|
| Stage 2. |
The requirement
that data users should not issue to any individual a card,
such as a staff card, which has the ID card number printed
on it (details in step 5 in the ID card number section
below) will take effect on 19 December 1998. |
STEP-BY-STEP
GUIDE TO COMPLIANCE WITH THE CODE
ID CARD NUMBER
BASIC POSITION:
No right to compel an individual to provide an ID card number
unless authorised by law
Unless
authorized by law, no data user may compel
an individual to provide his or her ID card number.
A data user may request an individual
to provide his or her ID card number under the circumstances
where the collection of the ID number is permitted by
this code . In such a case, the code does not, and in
law could not, prohibit a data user from refusing to
deal with an individual who declines to provide his
or her ID card number. However, before doing so, the
data user should pay particular attention to step 1
below, which requires that consideration be given to
offering less privacy-intrusive alternatives to the
individual.
Step 1 : Consider alternatives
to collecting ID card numbers
A
data user that proposes to collect ID card numbers should
first consider whether there are any less privacy-intrusive
alternatives. If there are, the data user should give
the individual the option of choosing such alternatives.
Examples of such alternatives are:
-
to use another personal identifier of the individual's
choice e.g. a passport number;
- to
accept identification of the individual by someone
known to the data user, e.g. where a resident at a
block of flats known to the security guard identifies
a visitor;
- to
accept some form of security e.g. a monetary deposit.
Step
2 : Check whether your collection of ID card numbers
comes under one or other of the circumstances where
this is permitted in the code
A
data user is permitted to collect an ID card number
only under one or other of the following general circumstances:
- Where
an Ordinance gives the data user a power to require
individuals to provide ID card numbers, e.g. section
5 of the Registration of Persons Ordinance (Cap. 177)
gives public officers such a power.
- Where
an Ordinance requires the data user to collect the
ID card number, e.g. section 17K of the Immigration
Ordinance (Cap. 115) requires employers to keep a
record of the number of the document, which is usually
an ID card, by virtue of which each employee is lawfully
employable.
- Where
the use of the ID card number is necessary to carry
out any of the purposes mentioned in section 57(1)
of the Ordinance, which are the safeguarding of security,
defence or international relations in respect of Hong
Kong.
- Where
the use of the ID card number is necessary to carry
out any of the purposes mentioned in section 58(1)
of the Ordinance, which include the prevention or
detection of crime, and the assessment or collection
of any tax or duty.
- Where
the use of the ID card number is necessary to enable
the person to carry out functions related to the operation
of a tribunal or court, e.g. to ensure the correct
identification of individuals involved in court proceedings.
- To
enable the data user to identify the individual concerned
or to attribute data to him or her where any of the
following is necessary:
- to
advance the interests of the individual, e.g.
to ensure that the correct medical record is referred
to when treating a patient,
-
to prevent any third party other than the data
user from suffering a detriment, e.g. to ensure
that someone else is not given the wrong medication
because the wrong medical record is referred to,
- to
enable the data user to safeguard against damage
or loss that is more than trivial, e.g. drivers
involved in a traffic accident may exchange ID
card number in order to identify each other when
pursuing a claim arising from the accident.
More
specifically, a data user is permitted to collect ID
card numbers under the following circumstances:
[Image of image]
- For
inclusion in a document that establishes or is evidence
of any legal or equitable right or interest or legal
liability that is not trivial, e.g. in documents that
establish an individual's right of ownership of a
flat. Do not collect an ID card number just to safeguard
against a trivial loss.
- As
the means of future identification of an individual
who is permitted to enter premises where monitoring
of the activities of the individual inside the premises
is not reasonably practicable, e.g. entry to a commercial
building outside office hours.
- As
the means of future identification of an individual
who is permitted to use equipment where monitoring
of the use of the equipment is not reasonably practicable,
e.g. the use of a computer that is out of sight of
the staff concerned.
-
As a condition for allowing the individual to have
custody or control of property which is of a value
that is more than trivial, e.g. a rental car.
Step 3 : Check whether the way
you collect ID card numbers ensures that they are truly the
ID card numbers of the individuals providing them
To ensure accuracy,
when a data user collects ID card numbers from the individuals who are
the [Image of image]holders
of the ID cards, it should do so only in one or other of the following
ways.
- Directly
from the ID card physically produced in person by
the individual, e.g. where an individual attends in
person at a retail outlet of a utility company to
apply for service.
- If
the individual provides his or her ID card number
without at the same time showing the ID card, for
example in a form which is posted to the data user
or over the phone, check the number so collected against
the physical production of the ID card in person by
the individual before using the number for any purpose.
For example, a job applicant may provide his or her
ID card number in a job application form which is
mailed to the employer, but before the employer uses
the number, say, to check whether the individual is
a previous employee, it should be checked against
the physical production of the ID card by the individual.
- If
the individual has been given the option either to
provide a copy of his or her ID card or to present
his or her ID card in person, and has chosen to do
the former, the data user is permitted to collect
the ID card number from such a copy e.g. where an
individual chooses to make a postal application for
a driving licence rather than apply for the licence
in person.
Back to top
[Image of Next Page]
|