Present. Absent with Apologies. Mr. SIU Sai-wo (Member) Ms. Virginia CHOI (Member) Dr. YIP Chi-kwong (Member) In Attendance

Similar documents
1 February 2016, this Hearing Board, having heard submissions from Mr. Jason Cheng, President of Hodfords.com Ltd, and from Ms.

Process Review Panel for the Financial Reporting Council Annual Report

Hotel Property Investments Limited. Responsible Entity Compliance Committee Charter

File Ref. : HA/COM/6/2 Paper No. HOC 31/97. Minutes of the Meeting of the Housing Authority HOME OWNERSHIP COMMITTEE held on Monday, 17 February 1997.

Our Ref: PCPD(O)26/155/126 PD(P)AC Paper No. 01/14

prima facie case of contravention of the Personal Data (Privacy) Ordinance, Cap

INVESTIGATION REPORT

Construction Industry Council. Committee on Procurement

WONG SHU LING SHIRL Appellant

Amendments to the Main Board Rules. Chapter 1. Chapter 3

ENQUIRY REPORT (E01-10) on the Consolidated Financial Statements of [Listco] and its subsidiaries for the year ended 31 December 2008

QUESTIONS AND ANSWERS IN RELATION TO BURSA MALAYSIA SECURITIES BERHAD LISTING REQUIREMENTS

NOTIFICATION OF THE BOARD OF GOVERNORS OF THE STOCK EXCHANGE OF THAILAND

Ms. Caitríona Lawless (Recording Secretary) Dr. Anna Murphy (Item 6) Ms. Trish O Brien (Item 7) Mr. Ultan Tuite (Item 8)

EDINBURGH NAPIER UNIVERSITY UNIVERSITY COURT

ANNUAL REPORT 2016/17 年報 ANNUAL REPORT 年報

DISCIPLINARY COMMITTEE OF THE ASSOCIATION OF CHARTERED CERTIFIED ACCOUNTANTS. Heard on: 13 November 2014; 22 and 23 April 2015

Regulation of Insurance Intermediaries. Insurance Selling and Administration CP187

Harbour-front Enhancement Committee Sub-committee on Wan Chai Development Phase II Review. Minutes of 5th Meeting

HANG LUNG PROPERTIES LIMITED (Incorporated in Hong Kong with limited liability) (Stock Code: 00101)

HONG KONG EXCHANGES AND CLEARING LIMITED

Dr. Ann Louise Gilligan

234/1 ATTENDANCE. Mr Kit Chivers Mrs Anne Diamond Mr Michael Donnelly Mrs Deirdre Fitzpatrick Mrs Jill Gillespie Mrs Sarah Havlin Dr Margaret Ward

AQUINAS COLLEGE AUDIT COMMITTEE

Review of the initial proposal approval process (Progress report)

NOTICE OF ANNUAL GENERAL MEETING AND ELECTION OF DIRECTORS AND RE-ELECTION OF DIRECTOR AND AMENDMENTS TO ARTICLES OF ASSOCIATION

WHAT TO EXPECT. An Auditee s Guide to the Performance Audit Process

CONCERNING CONCERNING BETWEEN. DECISION The names and identifying details of the parties in this decision have been changed.

THE HONG KONG INSTITUTE OF CHARTERED SECRETARIES. Suggested Answers

ADMISSIONS AND LICENSING COMMITTEE OF THE ASSOCIATION OF CHARTERED CERTIFIED ACCOUNTANTS

Quality and Qualifications Ireland

Melco International Development Limited (Incorporated in Hong Kong with limited liability) Website : (Stock Code : 200)

GUIDELINE ON OUTSOURCING

Agenda Item 3 Paper M10/15 PROBATION BOARD FOR NORTHERN IRELAND BOARD MEETING 18 SEPTEMBER AM CONFERENCE ROOM, PBNI

ROYAL INSTITUTION OF CHARTERED SURVEYORS DISCIPLINARY PANEL HEARING. Case of

NORTHERN IRELAND FIRE & RESCUE SERVICE BOARD MINUTES OF A MEETING 31 MARCH AM

!"#$%&'()* THE ESTATE AGENTS AUTHORITY AND ITS STANDING COMMITTEES

Quality and Qualifications Ireland

AIA Group Limited. (Incorporated in Hong Kong with limited liability) Stock Code: 1299 NOTICE OF ANNUAL GENERAL MEETING

Consultation Paper 53: Corporate Governance Code for captive Insurance and captive Reinsurance Undertakings

PPP Canada. PPP Canada Inc. Annual Report to Parliament on the Privacy Act. April 1, 2012 March 31, 2013

APPOINTMENT OF THE EXTERNAL AUDITOR

OCEAN PARK CONSERVATION FOUNDATION, HONG KONG

UPDATE ON STATUTORY COMPLIANCE ISSUES, INVESTIGATIONS AND THE STATUS OF COUNCIL BYLAWS FOR 1 APRIL TO 30 JUNE 2016

ULSTER SUPPORTED EMPLOYMENT LTD (Company Limited by Guarantee and not having a Share Capital)

XMH HOLDINGS LTD. (Incorporated in the Republic of Singapore) Company Registration Number M

Construction Industry Council. Committee on Subcontracting

Application of SFC License in Hong Kong

SENIOR EXECUTIVE ARCHITECT

RECORDS OF MEETING CLAIMS ADVISORY PERFORMANCE STANDARDS SUBCOMMITTEE

Ombudsman s Determination

LUEN THAI HOLDINGS LIMITED

LEGISLATIVE COUNCIL Bills Committee Electronic Health Record Sharing System Bill

Genting Hong Kong Limited (Continued into Bermuda with limited liability) (Stock Code: 678)

Board of Trustees Fifty-first session Committee on Finance Fourth session

Ombudsman s Determination

FULBRIGHT NEW ZEALAND ALUMNI ASSOCIATION INCORPORATED TE WHAKAWHITINGA AOTEAROA-AMERIKA

AUDIT COMMITTEE. Minutes of the Meeting Held on In the Boardroom, Ysbyty Gwynedd, Bangor

Translation from Polish Bank Millennium S.A. MANAGEMENT BOARD S OPERATIONS BYLAWS

Melco International Development Limited (Incorporated in Hong Kong with limited liability) Website : (Stock Code : 200)

DISCIPLINARY COMMITTEE OF THE ASSOCIATION OF CHARTERED CERTIFIED ACCOUNTANTS REASONS FOR DECISION. Heard on: 23 October and 5 December 2014

October 2017 ANALYSIS OF CORPORATE GOVERNANCE PRACTICE DISCLOSURE IN 2016 ANNUAL REPORTS

THE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL

Northern Ireland Water Ltd Board Meeting 31 March 2011 Westland House. Kevin Steele Non Executive Director

Synopsis of Cases under Formal Investigation by The Ombudsman. I. Cases brought forward from the 4th quarter of 97

The Royal London Mutual Insurance Society Limited With Profits Committee (the Committee ) Corinne McKinnon. Approved on 14 December 2016

英皇鐘錶珠寶有限公司 EMPEROR WATCH & JEWELLERY LIMITED (Incorporated in Hong Kong with limited liability) (Stock Code: 887)

THE CO-OPERATIVE BANK PLC RISK COMMITTEE. Terms of Reference

NORTHERN IRELAND FIRE & RESCUE SERVICE BOARD MINUTES OF A MEETING 30 JUNE PM

TAO HEUNG HOLDINGS LIMITED

c. We did not, and we apologise for not having consulted SGX RegCo in this matter.

CWM TAF UNIVERSITY HEALTH BOARD MINUTES OF THE AUDIT COMMITTEE HELD ON 18 MAY 2015, AT YNYSMEURIG HOUSE, NAVIGATION PARK, ABERCYNON PART 1 CWM TAF

THE HONG KONG INSTITUTE OF CHARTERED SECRETARIES THE INSTITUTE OF CHARTERED SECRETARIES AND ADMINISTRATORS

THE HONG KONG INSTITUTE OF CHARTERED SECRETARIES. Suggested Answers

INVESTIGATION REPORT

Minutes of the 6th Meeting of the Northern Ireland Human Rights Commission Monday 14 June 1999 Temple Court, 1.00pm

CORPORATE GOVERNANCE CODE FOR CREDIT INSTITUTIONS AND INSURANCE UNDERTAKINGS

Apologies: Prof Hugh McKenna Other Apologies: Mrs Louise Skelly, Head of Operations, Patient and Client Council

FOLKESTONE EDUCATION TRUST CORPORATE GOVERNANCE STATEMENT

Will open-ended fund companies (OFCs) serve as an option for Hong Kong-based hedge fund managers?

The new FCA and PRA Senior Managers and Certification Regime and Code of Conduct. A guide to the current proposals. August

Quality Assurance. Report 2016

ADMISSIONS AND LICENSING COMMITTEE OF THE ASSOCIATION OF CHARTERED CERTIFIED ACCOUNTANTS

SILCHESTER INTERNATIONAL INVESTORS DATA PROTECTION POLICY

Report Published under Section 48(2) of the Personal Data (Privacy) Ordinance (Cap. 486) Report Number: R

CHOICE OF MEANS OF RECEIVING AND LANGUAGE OF CORPORATE COMMUNICATIONS

Report on the Securities and Futures Commission s 2014 annual review of the Exchange s performance in its regulation of listing matters

Ombudsman s Determination

FINAL NOTICE. 3. For the reasons listed below, the Authority has decided to refuse the Application.

Ms. Elza Yuen, PricewaterhouseCoopers (for item 2 only)

INVITATION TO TENDER FOR THE CO-ORDINATION OF THE STUDENT ENTERPRISE AWARDS

!= =!"#$ Report on Activities Privacy-Related Issues. = = = = = = Privacy-Related Issues

APEC CROSS-BORDER PRIVACY RULES SYSTEM JOINT OVERSIGHT PANEL ADDENDUM TO THE RECOMMENDATION REPORT ON APEC RECOGNITION OF JIPDEC

Ombudsman s Determination

FOLKESTONE EDUCATION TRUST CORPORATE GOVERNANCE STATEMENT

BRIEF FOR THE LEGISLATIVE COUNCIL 2003 CIVIL SERVICE PAY ADJUSTMENT

Contract notice. Services

SA SA INTERNATIONAL HOLDINGS LIMITED

It is resolved that this proposal be submitted to the general meeting of the Bank for consideration. For a comparative table of the amendments to the

MINUTES OF THE TRUST BOARD MEETING HELD ON 2 APRIL 2014, 13:00 HRS BOARD ROOM, TRUST HEADQUARTERS, QUEEN S HOSPITAL

Transcription:

Minutes of the 29th Meeting of the Personal Data (Privacy) Advisory Committee held at 13/F., 248 Queen s Road East, Wan Chai, Hong Kong at 12:30pm on 9 July 2010 Present Mr. Roderick WOO, Privacy Commissioner (Chairman) Mr. Arthur HO, Deputy Secretary for Constitutional and Mainland Affairs (Member) Mr. Anthony CHOW (Member) Mr. Bunny CHAN (Member) Ms. Shirley HA (Member) Mr. Edwin TAM (Member) (joined meeting at 1:00pm) Absent with Apologies Mr. SIU Sai-wo (Member) Ms. Virginia CHOI (Member) Dr. YIP Chi-kwong (Member) In Attendance Ms. Margaret CHIU, Deputy Privacy Commissioner Ms. Vanessa WU, Acting Chief Personal Data Officer (only present for discussion of PD(P)AC Paper No. 09/10) Mr. Alan KWAN, Policy Advisor (Secretary) (I) Approval of Minutes of meeting 1.1 The minutes of the meeting held on 9 February 2010 were confirmed without amendments. 1

(II) Matters Arising from Minutes of Last Meeting Measures to improve compliance of 45-day requirements 2.1 The Chairman said that the efforts to improve compliance of 45-day requirements were ongoing. For instance, for the purpose of streamlining workflow, the Privacy Commissioner ( PC ) had issued instructions to delegate to the Senior Personal Data Officer ( SPDO ) to issue s.38 letters to complainants after approval was obtained from PC to commence investigation. Another measure adopted to improve efficiency was to split the existing manpower of the Operations Division into two teams, one to screen complaints received and handle section 39 cases and the other to investigate into section 38 cases. 2.2 The Chairman reported that PCPD had thus far not received any written suggestions from Members on recommended ways to tackle the 45-day issue. Positive mortgage data 2.3 The Chairman confirmed that PCPD had been having a series of working level meetings with the Hong Kong Monetary Authority to address the issue of including positive mortgage data in the consumer credit database. The Chairman referred Members to a submission (which was attached in the document bundle of the meeting) sent by a Member expressing views on the subject matter. (III) To approve the Rules of Meeting Procedures (PD(P) AC Paper No. 07/10) 3.1 The Chairman invited comment from Members on the revised Rules of Meeting Procedures ( the draft Rules ). A Member asked whether a meeting should include one being held by means of paper meeting. The Chairman replied that this is not the intended mode of meeting covered in the draft Rules, but he would open this matter for Members discussion in future with the new PC. 2

3.2 A Member raised query as to whether the manner of circulation of paper mentioned in Section 9.1 of the draft Rules was confined to the purpose of transacting any business. The Chairman confirmed that Section 9.1 applied to the circulation of papers for purpose of transacting a specific business which was not the same as the holding of a meeting with named agenda. 3.3 Members agreed to adopt the revised rules of meeting procedures. (IV) To report on measures to enhance Compliance and Internal Control of PCPD (PD(P) AC Paper No. 08/10) 4.1 The Chairman tabled a speech on 12 May 2010 from the Chief Secretary for Administration to respond to Public Accounts Committee ( PAC ) Report No. 53 in which the issues of Internal Controller and management study were mentioned. The Chairman quoted a paragraph from the speech: The government agreed that PCPD had accepted the recommendations of the PAC and planned to engage a professional management consultancy to review the internal procedural matters for recommending measures to enhance compliance and internal control. Separately, the PCPD is currently recruiting an Internal Controller to supervise and monitor the work of the relevant Divisions of the PCPD to ensure compliance and proper internal control and achievement of performance targets. Recruitment of Internal Controller (IC) 4.2 The Chairman reported that during the recruitment exercise that took place in May 2010, 6 candidates were invited to the interview and 1 candidate was screened in for second interview. After the second interview, PC was not satisfied that the said candidate possessed the necessary skills and experience for the job. As no suitable candidate was in sight, PCPD commenced a second round of recruitment exercise towards the end of June. 3

4.3 In this second round recruitment, PCPD shortlisted 4 candidates. PC intended to conduct interviews and compile a report by the end of July but he would not make any decision on employment as he thought it was a matter to be more appropriately considered and decided by the new PC. 4.4 A Member was concerned if there would be a big time lag between the interviews of the candidates and the arrival of the new PC. Another Member responded that the recruitment of the new PC had already reached final stage and therefore he did not see that would present a problem. 4.5 Members requested for an explanantion on the recruitment of the IC and the segregation of duties between the IC and the Deputy Privacy Commissioner ( DPC ). The Chairman explained that the role of IC was more akin to an Assistant Privacy Commissioner. The IC should have hands-on experience in monitoring the internal controls and day-to-day performance across all divisions. Differing from the main duties of the DPC, the IC would oversee the works of all functional divisions to improve efficiency, co-ordination, compliance and governance. Management Consultancy Study on Compliance 4.6 The Chairman reported that PCPD invited two professional firms, namely PricewaterhouseCoopers and Hays Group, to advise and provide proposals on comprehensive review of the organisational structure, conditions of service, staff management and measures to strengthen internal control and compliance of the PCPD. The example of the Equal Opportunities Commission ( EOC ) was quoted. After the audit report, EOC commissioned a professional management consultant to provide advice on proper implementation of the recommendations given by the Director of Audit and the Public Accounts Committee, with specific funding provided by CMAB. 4

4.7 A Member enquired about the timing of the study. The Chairman replied that the process involved application to CMAB for special funding subsidy, tender procedures, execution and report writing and he estimated that the study would take about 3 to 4 months time to complete depending on the scope of the study. The employment of a 1-year time limited post of the IC served as an immediate measure on enhancing monitoring and compliance of daily operations of PCPD pending completion of the study and implementation of any approved recommendations. 4.8 A Member reported that the CMAB would likely support the commissioning of the study provided that the cost was reasonable and the study focused on the compliance with the recommendations contained in the Audit and PAC Reports. He had reservations on the proposal for the consultancy to also examine other matters such as staff structure, salary, appraisal, promotion and grievance policies as these were not issues raised in the Audit study and the examination of them might raise undue expectation from staff. Another Member shared his past experience of a subvented hospital which undertook a study into delinking its payscale from the Government system. He believed that the consultant retained had adopted a commercial approach in conducting the study and there was an expectation gap between the user and consultant on the results of the study. 4.9 The Chairman concluded that PCPD would continue to finalise the scope of the study with CMAB. He expressed difficulty in recruiting and retaining capable staff if the term of the employment contract was short. 5

(V) To report on section 39 cases and investigation cases and to seek members advice (PD(P) AC Paper No. 09/10) 5.1 The Chairman reported that PCPD would continue to handle complaints in a timely and expeditious manner. PCPD undertook a staff redeployment exercise in June 2010 for the Operations Division and the Compliance Division in order to speed up the complaint handling process as well as providing proper training to junior staff and new recruits. 5.2 The Chairman emphasized that of the three NGOs related to human rights in Hong Kong, namely EOC, PCPD and Office of the Ombudsman that all have complaint handling function, only PCPD faced with the 45-day statutory restriction. He was mystified as to the rationale of this statutory provision under Personal Data (Privacy) Ordinance ( PDPO ) as he could not find any public records during the legislative stage giving background to this provision. 5.3 A Member noted that the consultation document on the PDPO issued by the government had included a proposal to amend section 39(3) to remove the 45-day requirement and he understood that there was no strong objection from public to the proposed amendment. (VI) To report on some selected cases and developments (PD(P) AC Paper No. 10/10) 6.1 A Member was concerned with the impact of Google s case on the general public. The Chairman explained that Google s Street View Cars had in the past collected payload data, i.e. unencrypted Wi-Fi data ( Data ) which might contain personal data. PC had promptly requested and secured from Google an Undertaking to take appropriate remedial measures, including stopping the Street View Cars operation and the collection of Wi-Fi data. 6

6.2 The Chairman reported that Google confirmed in public that it had mistakenly collected the Data. PCPD was asking Google to provide technical assistance to view the Data collected which was still in progress. 6.3 A Member asked about actions taken by overseas privacy regulators on this Google incident. The Chairman replied that the authority in U.K. and Ireland believed that the Data were collected mistakenly by Google and requested Google to delete the Data. PC would decide on the next step to take after viewing the Data and considering the impact of the case on personal data privacy. 6.4 A Member questioned whether Google would be unable to provide the intended location services if the Data were deleted. The Chairman referred Member to the Undertaking given by Google and since technical aspects were canvassed, he suggested that he would ask PCPD s IT Adviser to contact him after the meeting to explain the technical side. 6.5 The Chairman gave brief summary of the issuance of the Guidance Note on Data Breach Handling and the Giving of Breach Notification as well as the ongoing inspection conducted on TransUnion. (VII) Any other business PCPD Guidelines Note on PIA and CCTV 7.1 The Chairman reported that PCPD would shortly issue two guidance notes on CCTV and the conduct of Privacy Impact Assessment respectively. These were issues of public concerns. Octopus Cards 7.2 The Chairman reported that for the Octopus Card issue, there was no complaint henceforth received that warranted an investigation. The Chairman reported that he had met with senior management of Octopus Card Limited on 7 July 2010 to discuss the concern regarding the system and its likely impact on personal data 7

protection. (Post-meeting note: On 9 July 2010, PCPD received further information that Octopus had sold customers personal data for profit. The PCPD took follow up action and commenced an investigation on 22 July 2010.) 7.3 The Chairman reported that the senior management of the Octopus Card Limited confirmed that the cards would no longer store ID card numbers in the personalized cards from the fourth quarter this year. 7.4 A Member requested PCPD to contact Mainland Privacy authority to ensure the personal data stored in Octopus card would not be transferred outside Hong Kong especially after the Octopus card developed its cross-bordering features by end of this year. 7.5 The Chairman stated that there was no corresponding privacy regulating authority in the Mainland but he promised to keep close watch on the management of the personal data of the cardholders by Octopus Card Limited and he suggested them to conduct Privacy Impact Assessment before launch of any project or service which have personal data privacy impact. A Briefing on Work Done by the PCPD during the Period from August 2005 to July 2010 7.6 The Chairman presented a summary highlighting the work done by PCPD for the period from August 2005 to July 2010 for the Members reference. 7.7 Acknowledging the work done by PCPD under the leadership of Mr. Roderick B WOO as Privacy Commissioner and since this would be the last meeting before his term ended, a Member proposed a Vote of Thanks to him for his hard work and accomplishments over the past 5 years. 8

(VIII) Adjournment of Meeting 8.1 There being no other business, the meeting ended at 2:30pm. 9

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback