Today there was a report that a staff of the Hong Kong Immigration department accidentally allowed a highly sensitive confidential document to be uploaded onto the P2P network, Foxy. Reportedly, the documented uploaded to the P2P network is a document that contains personal information of individuals who were refused entry into Hong Kong, including the reasons and factors that lead to Hong Kong Immigration department to make such ruling.
It is also reported that the reason this staff of the Hong Kong Immigration took this document home onto his computer, is because he is a new staff and wanted to take some cases home to study the associate procedures.
The Hong Kong Immigration claims that they had since removed this confidential document from the staff’s computer and from the Foxy P2P network. They also claim that the said document can no longer be found on the Internet.
As many of you know, anything uploaded to the Internet will most likely be on the Net forever. Depending on the desirability of the file it could spread like wild fire on the Net. Allegedly this file was named “Private xxxxxx.doc”, which is quite attractive to common users of P2P networks.
One thing going for the Hong Kong Immigration department, is that the Foxy P2P network is popular among Hong Kong, Taiwan and mainland China citizens. Therefore, even a file with the word “Private” on it, may not draw too much attention among these users.
What I don’t understand is how can something like this happen in a city like Hong Kong. In most cases, Hong Kong is a modern cosmopolitan financial hub. Unlike its homeland, China, does have human rights, free of speech, free press, privacy policies, etc.
The privacy polices in Hong Kong is very lacking. If something is not done soon there may be more cases of confidential information leaked in wild or worst, more prevalent identify thefts.
I found out today, that Privacy laws in Hong Kong is extremely deficient. Although, there are laws to protect personal privacy of every citizens of Hong Kong. There are no laws to hold employees of institutions that manage and handle individual private data/information.
Without this accountability resulted in situations like the one today with the staff of the Hong Kong Immigration department. It is only a few days ago another case of personal data was leaked at the Hong Kong Hospital Authority. Similar case also happened with the Police department.
It is not that Hong Kong government offices are that much more vulnerable than most western countries/cities. There are similar cases in the United States and United Kingdom, both involved respective law enforcement departments.
So what so different in Hong Kong, I believe is the lack of accountability for the front-line handlers of these personal data of individuals. I do believe that it is not the lack of education or awareness of these front-line handlers. These same individuals if it comes to their own personal data, I believe they would be most diligent.
I think it is time for Hong Kong government to revamp the privacy laws, to ensure all parties in the chain-of-handlers are held accountable for the protection of this information they are appointed to handle.