Table of Contents Table of Contents
Previous Page  119 / 192 Next Page
Show Menu
Previous Page 119 / 192 Next Page
Page Background

staff’s attention. After this reported incident, the clinic agreed to put in place a daily

monitoring procedure by arranging a designated staff to check that all files retrieved

each day were returned and properly stored. A log would also be kept to record the

movement of files which could be retrieved for purposes other than medical


(f) Mobile Application Developers


Mobile applications (“apps”) are now common and popular tools. Apps are used on

mobile devices constantly, to check account balances, to purchase goods or services,

to watch news, to search for information and to communicate with friends and relatives,

etc. App developers often collect and process a wide range of personal data through

these tools, and therefore they play a key role in privacy safeguards. It is incumbent

upon them to keep abreast of the relevant trends and developments in technology so

that they can update their apps to achieve enhanced functionality, but without

compromising personal data privacy protection.



A self-initiated investigation by the Commissioner against an app developer concerned

the leakage of its customers’ personal data through a travel assistant app running on

Apple Inc.’s iOS platform.


The developer had outsourced the development of the app

to a mainland contractor. The app provided online services to mobile device users (who

were registered members or casual customers) including flight ticket

reservation/purchase, flight itinerary management, information on destinations as well as

other services. Both members and casual customers were required to input their

personal data (full name, gender, date of birth, HKID or passport number) and a contact

person’s name, telephone number and email address when they reserved or purchased

flight tickets for the first time. For subsequent transactions through the app, registered

members were recognised by their log-in account created during membership

registration, while casual customers were recognised by the unique MAC address



the mobile device using the app. Notwithstanding the subsequent launch of new

features of the iOS7 platform (for reason of privacy protection), which would block the

reading by apps of MAC addresses and provide a fixed number instead, the contractor

failed to take appropriate steps to update the app. As a result, when a casual customer

attempted to reserve/purchase tickets using a mobile device operating on iOS7, the

app would show on the monitor of the mobile device not only that customer’s records

(order histories and personal data) but also those of all other casual customers who had

made transactions through the app.


By virtue of section 65(2) of the Ordinance,




The Commissioner has issued a

“Best Practice Guide for Mobile App Development”

providing practical guidance on

privacy protection to mobile app developer, available on the Website:



See Investigation Report No.14-6453, available on the Website:


A media access control address (MAC address) is a unique identifier assigned to network interfaces for communications

on the physical network segment. It is a 48-bit hexadecimal number most often assigned by the manufacturer of a

network interface and exists in all mobile computing devices with network connectivity.


These casual customers were identified as one person based on the same fictitious MAC address under the new privacy

protection feature of iOS7.