Skip to content

Our Role

What We Do

The Office of the Privacy Commissioner for Personal Data is an independent statutory body set up to oversee the enforcement of the Personal Data (Privacy) Ordinance (Cap. 486) which came into force on 20th December, 1996.

Mission Statement

To secure the protection of privacy of individuals with respect to personal data through promotion, monitoring and  supervision of compliance with the Ordinance.

Strategies and Key Goals

Enforcement

Strategies Key Goals
  • To ensure equity, fairness and operational efficiency
  • To act independently, impartially and without fear or favour
  • To partner with other regulators, leveraging their legislative mandates, institutional tools and enforcement powers
  • To partner with overseas data protection authorities for handling cross-border privacy issues and complaints
  • Complaints are investigated and resolved efficiently in a manner that is fair to all parties concerned
  • Enquiries are responded to professionally and efficiently
  • Meritorious applications for legal assistance are entertained and aggrieved individuals compensated

Monitoring and Supervising Compliance

Strategies Key Goals
  • To investigate proactively and fairly into areas where the privacy risks are significant
  • To partner with other regulators, leveraging their legislative mandates, institutional tools and enforcement powers
  • To partner with overseas data protection authorities for handling cross-border privacy issues and complaints
  • Organisational data users are facilitated to meet their data protection obligations and adopt good privacy practices

Promotion

Strategies Key Goals
  • To seek proactively the holistic engagement of stakeholders
  • To promote best practices among organisational data users on top of meeting minimum legal requirements
  • To maximise publicity and education impact through websites, publications and media exposure
  • To engage the community, in particular, young people
  • To use lessons learnt from investigations as a means of educating data users and data subjects
  • A better understanding of the laws and principles in the community is articulated, recognising not only the rights and obligations but also expectations and limitations in personal data protection
  • Organisations in public and private sector understand their obligations as data users under the Ordinance and the ways to meet them
  • Individual and organisational data users understand the role of the PCPD and the assistance the PCPD may provide

Corporate Governance

Strategies Key Goals
  • To adhere to the principles of transparency and accountability
  • To maximise utilisation of resources to achieve economy, efficiency and effectiveness
  • To make continuous effort to streamline work procedures
  • To apply a “selective in order to be effective” approach in prioritising work, with an emphasis on assignments that will have the greatest impact
  • To build and maintain a loyal and professional team
  • High standard of corporate governance is achieved

Meeting Changing Needs

Strategies Key Goals
  • To keep abreast of technological development
  • To monitor international development and trend
  • To keep track of evolving local privacy expectation
  • Existing and proposed laws and regulatory systems are relevant and effective