Skip to content

PCPD e-Newsletter

PCPD Facebook Instagram LinkedIn Twitter Weibo YouTube

To help data practitioners gear up for the challenges of the new legal frameworks, Mr Stephen Kai-yi Wong, Barrister, Privacy Commissioner for Personal Data, Hong Kong, will conduct a webinar covering the key aspects of the global development in personal data protection being driven by elevated privacy expectations and a wide range of far-reaching privacy issues.

Enrol now

Jointly held by members of the Asia Pacific Privacy Authorities (APPA), Privacy Awareness Week (PAW) is an annual promotion campaign which aims at raising public awareness of the importance of protecting personal data through weeklong educational activities. Now in its fourteenth year, PAW 2020 was held by the Privacy Commissioner from 22 to 26 June in Hong Kong, under the theme “Protecting Privacy and Respecting Dignity for a Smart Hong Kong”.

Through a wide range of programmes, the PCPD reached out to different sectors and strata of the community to raise awareness of protecting and respecting privacy.

As part of the tradition, this office has created e-posters for members of the public to download and spread privacy-centric message across. This year, the themes of the e-posters revolve around responsible use of CCTV and minimisation in data collection. 

Limited print copies of the e-posters are available if you would fancy having them pinned up. Please email and we will post you some copies.   

Download here
Download here

PAW 2020 Webinar “Privacy Awareness Week 2020: From Principles to Practice – Personal Data Protection for Enterprises”

The Privacy Commissioner hosted webinar “From Principles to Practice – Personal Data Protection for Enterprises” on 24 June, which was attended by more than 850 participants comprising privacy management professionals, members of the Data Protection Officers’ Club, employers, executives, human resources practitioners, etc. Through video conferencing and live streaming on social media platforms, the Privacy Commissioner explained how to conduct Privacy Impact Assessment and implement Privacy by Design, and the essence of data ethics and its practice. The Privacy Commissioner also provided updates on the enforcement experience of the General Data Protection Regulation of the European Union in the past two years and the latest privacy-related regulations in the mainland. During the webinar, privacy issues relating to COVID-19, including protection of privacy when using video conferencing apps, safeguards for employees’ personal data under the pandemic, etc. were also discussed.

Download Presentation Materials
(Chinese version only)



From Principles to Practice – SME Personal Data Protection Toolkit

This booklet is designed to facilitate small and medium enterprises to develop a compliance strategy that best suits their needs in practising data governance and compliance with the requirements of the PDPO. It includes checklists that help determine whether the necessary policies, control measures and procedures are in place and to meet the expectations of consumers. It also comes with a set of learning cards for easy reference.

You can obtain a physical copy of the Toolkit from our office (Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai) during opening hours of Reception Counter, or simply download from our website.

Read the Toolkit



Booklet: An Update on European Union General Data Protection Regulation 2016

The EU GDPR has set a new high-water mark when it became effective on 25 May 2018. There have been cases of GDPR violations imposed with fines over the past two years. It has also triggered a new round of legislative reforms around the world. This revised booklet is the “2.0 version” of the 2018 issue. It takes stock of the implementation of the EU GDPR and the relevant cases, aiming to assist organisations and businesses to have a better understanding of the application of the GDPR.

The major enhancements in this “2.0 version” include an overview of the implementation of the GDPR in the past two years, with related guidelines explained and concrete examples drawn from official sources (i.e. the European Commission, European Data Protection Board and EU supervisory authorities) and significant sanction cases on GDPR quoted.

You can obtain a print copy of the Booklet from our office (Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai) during opening hours of Reception Counter, or simply download from our website.

Read the Booklet

Guidance on Election Activities for Candidates, Government Departments, Public Opinion Research, Organisations and Members of the Public (Revised in June 2020)



In view of the personal data privacy issues arising from elections in recent years, this Guidance Note has been updated to continue to serve as a reminder to various stakeholders involved in election activities to practice data governance and comply with the requirements under the Personal Data (Privacy) Ordinance (PDPO) when handling personal data of electors.

This office also held a webinar on 30 June , specifically for LegCo and District Council Members, candidates, political groups and those involved in the planning of election activities. The participants were briefed on how to respect personal data privacy in election activities, with the aid of real-life cases and a question-and-answer session.

Read the Guidance
(Chinese version only)

Online Professional Workshop - Data Protection in Direct Marketing Activities

Date: 14 July (Tuesday)
Time: 2:15pm - 5:15pm
Fee: $750/ $600*
Mode: Online

* Discounted fee for members of PCPD's Data Protection Officers' Club and the supporting organisations only.

Key Takeaways:

  • A practical approach to compliance with the requirements under the PDPO in direct marketing activities
  • Hands-on solutions to problems that marketers face in devising direct marketing activities
  • Sharing of conviction cases
Enrol Now

Other Professional Workshops on Data Protection in July - August 2020

Enrol Now

Online Introduction to the Personal Data (Privacy) Ordinance (PDPO) Seminar

Date: 8 July (Wednesday)
Time: 3:00pm - 4:30pm
Fee: Free of charge

Key Takeaways:

  • A general introduction to the PDPO
  • The six data protection principles
  • Offences & compensation
  • Direct marketing
  • Q & A session


Enrol Now

Big data, artificial intelligence, privacy protection, GDPR…… are on everyone’s lips this day and age. The role of a data protection officer (DPO) in enterprises is gaining importance worldwide and also here in Hong Kong. DPO plays a data securing leadership role in a company, overseeing a company’s data protection strategy. Do you want to receive updated data protection information? Are you looking for an effective way to interact and learn with your counterparts? Or would you like to keep up with the latest trends of the international privacy landscape? To stay ahead of the game, become a member of the Data Protection Officers' Club (DPOC).

The Club provides a platform for data protection personnels or interested individuals to obtain updated information on data protection and participate in training and sharing sessions organised by the PCPD.

Click here to apply

Cybersecurity Risks Soar amid COVID-19 Privacy Commissioner Provides Security Advisories (26 June 2020)  

Read media statement

Privacy Commissioner Organises Online Workshop “Privacy Awareness Week 2020: From Principles to Practice – Personal Data Protection for Enterprises”

Updating Businesses on Developments of Global Privacy Regulations Practising Compliance and Data Ethics (24 June 2020)

Read media statement

Privacy Commissioner Revises Guidance on Election Activities relating to Personal Data and Organises Seminar (18 June 2020)

Read media statement

Data Breach Incident of the University of Hong Kong (17 June 2020)

Read media statement

Google’s piecemeal privacy changes now let users auto-delete their data

Google has announced to make several privacy changes for users. It will make it easier for users to go “incognito” and pause data collection as they use Google’s mobile apps. It will also allow its users to auto-delete their data after 18 months.

Read more

New privacy and security features announced at Apple's WWDC 2020

Apple has unveiled a host of privacy upgrades set to feature in iOS 14, in a move designed to further solidify its stellar reputation in the context of security and data protection. One of the most significant new measures would be requirement of all developers to provide a summary of an app’s privacy practices and the data it collects, to be displayed before the user activates a download.

Read more

Do you reuse passwords and write them down for financial accounts? You're not alone! Britain is in need of cyber security education, say experts

Cyber security experts warn some of the country is in need of online password education after a survey revealed more than a quarter of Britons reuse up to five passwords across all their financial accounts and one in five admitted to writing them down.

Read more


Introduction to the Regulations in the Mainland of China Concerning Personal Information and Cybersecurity Involved in Civil and Commercial Affairs

This booklet provides an overview of related regulations regarding personal data protection in the mainland of China. It serves as a handy kit to help the business sector better understand the relevant regulatory regime, so that they could expand their online business smoothly in the Greater Bay Area and maximise business benefits in the data economy.

You can obtain a print copy of the Booklet from our office (Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai) during opening hours of Reception Counter, or simply download from our website.

Read the Booklet

For enquiry, please contact us.
Address: Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong         Tel: (852) 2877 7179

If you do not wish to receive the PCPD e-Newsletter, please click here to unsubscribe.



The information and suggestions provided in this publication are for general reference only. They do not serve as an exhaustive guide to the application of the law. The Privacy Commissioner makes no express or implied warranties of accuracy or fitness for a particular purpose or use with respect to the information and suggestions set out in this publication. This publication also contains information or suggestions contributed by others, whose views or opinions are solely those of the contributors and do not necessarily reflect or represent those of the Privacy Commissioner. All information and suggestions provided in this publication will not affect the functions and powers conferred upon the Privacy Commissioner under the Personal Data (Privacy) Ordinance.

The PCPD shall not be liable for any damages (including but not limited to damages for loss of business or loss of profits) arising in contract, tort or otherwise from (i) the use of or inability to use this publication or its content, or (ii) from any action taken or decision made on the basis of the content of this publication.

If you click any hyperlink in this publication that brings you to sites operated by other organisations, the PCPD accepts no responsibility for the contents of those sites and shall not be liable for any loss or damage arising out of and/or incidental to the use of the contents.