SlideShare ist ein Scribd-Unternehmen logo

Data privacy & compliance considerations on using cloud services

Als PPTX, PDF herunterladen
Charles Mok
Charles Mok

For AWS Enterprise Summit 2016

Internet
1 von 21
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Charles Mok ​Legislative Councillor (Information Technology) Data privacy & compliance considerations on using cloud services
Benefits of moving to public cloud • Flexibility • Disaster recovery • Reliability • Cut costs • Scalability for expansion • Performance
Cross-border data operations Dispersed data storage in multiple jurisdictions through cloud Outsource data processing procedures to contractors around the world.
Are these your concerns on using cloud services?
How to know the location at any point in time, its security, and who will have access?
What laws must I follow when engaging a cloud service provider to store personal data in a cloud server that is accessible outside Hong Kong?
How can my company achieve regulatory compliance with the data protection regulations in my jurisdiction?
Challenges to privacy in cloud computing • Location of data and blurred division of responsibilities • Complexity of risk assessment in a cloud environment • Emergence of new business models and their implications for consumer privacy • Data sovereignty and retention requirements
Implications on data protection and privacy Security Is the data protected from theft, leakage, spying or attacks? What is the level of control and protection? Residency Where is the data stored? geographically disbursed? What to do with data in transit & outside territory? Privacy Who can see personally identifiable information (PII)? Storing, transferring, locating and protecting PII
Challenges of cloud and security Maintaining ownership and control of data Info on 3rd party service and distributed infrastructure Deliver resiliency, availability and flexibility of cloud services
Data protection law in HK: DPP3 of PDPO By virtue of Data Protection Principle 3 under the Ordinance, personal data can be transferred outside Hong Kong only if the purpose of the transfer of personal data is the same as or directly related to the original purpose of collecting the data, or with the consent of the data subject.
Hong Kong: Section 33 Personal Data (Privacy) Ordinance • prohibits the transfer of personal data to places outside Hong Kong unless one of a number of conditions is met. • Data users who, without reasonable excuse, contravene Section 33 commit an offence under Section 64A of the Ordinance which carries a fine of up to HK$10,000. • The Commissioner may also issue enforcement notices • The only provision in the PDPO not been executed since 1995
What are the legal requirements of Section 33? Section 33 prohibits the transfer of personal data to places outside Hong Kong unless 1 of the following 6 conditions is met: • Destination of transfer included in “white list” specified by the Commissioner • Destination of transfer have comparable data protection law as PDPO • Data subject’s consent in writing to the transfer • Avoidance or mitigation of adverse action against data subject (proof required) • Exemption under Part VIII towards DPP3 (purpose) applies • Taken all reasonable precautions and exercised all due diligence against mishandling
Who is required to comply with Section 33? Data User a person who either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data.
…what does that mean? A person who is merely transmitting data on behalf of another and not for any of his own purposes is not a data user in relation to that data.
What types of transfers are subject to s.33? (i) transfers of personal data from Hong Kong to a place outside Hong Kong (ii) transfers of personal data between two other jurisdictions where the transfer is controlled by a Hong Kong data user …when data users "consciously" engage outside parties to handle personal data and the process involves data transfer outside Hong Kong.
Voluntary compliance
Status to-date Business Impact Assessment by government to assess compliance measures required of data users Reviewing of “White List” jurisdictions Consider setting a commencement date?
• Policies and laws should evolve with cloud computing technology • Is HK’s legal framework relevant and adequate? Multiple stakeholder approach in policy-making • Maintaining standard and reliability - importance of testing & certification of cloud service providers
Data privacy & compliance considerations on using cloud services

Empfohlen

Opportunities and Challenges in Data Innovation
Opportunities and Challenges in Data InnovationOpportunities and Challenges in Data Innovation
Opportunities and Challenges in Data Innovation
Charles Mok
 
Big Data: Getting Smarter
Big Data: Getting Smarter Big Data: Getting Smarter
Big Data: Getting Smarter
Charles Mok
 
Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...
Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...
Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...
OECD Directorate for Financial and Enterprise Affairs
 
GDPR and IoT: What do you need to know?
GDPR and IoT: What do you need to know?GDPR and IoT: What do you need to know?
GDPR and IoT: What do you need to know?
MicheleNati
 
IoT Guildford Meetup#26: GDPR, IoT and Transparency
IoT Guildford Meetup#26: GDPR, IoT and TransparencyIoT Guildford Meetup#26: GDPR, IoT and Transparency
IoT Guildford Meetup#26: GDPR, IoT and Transparency
MicheleNati
 
Data Portability and Interoperability –KRÄMER – June 2021 OECD discussion
Data Portability and Interoperability –KRÄMER – June 2021 OECD discussionData Portability and Interoperability –KRÄMER – June 2021 OECD discussion
Data Portability and Interoperability –KRÄMER – June 2021 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
Technology tipping points Big Data and Blockchain use case presentation
Technology tipping points Big Data and Blockchain use case presentationTechnology tipping points Big Data and Blockchain use case presentation
Technology tipping points Big Data and Blockchain use case presentation
Vinod Kumar Nerella
 
Coding Data Brokers
Coding Data BrokersCoding Data Brokers
Coding Data Brokers
Communication and Media Studies, Carleton University
 

Empfohlen

Opportunities and Challenges in Data Innovation
Opportunities and Challenges in Data InnovationOpportunities and Challenges in Data Innovation
Opportunities and Challenges in Data Innovation
Charles Mok
 
Big Data: Getting Smarter
Big Data: Getting Smarter Big Data: Getting Smarter
Big Data: Getting Smarter
Charles Mok
 
Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...
Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...
Data Portability and Interoperability – OECD DIGITAL ECONOMY POLICY DIVISION ...
OECD Directorate for Financial and Enterprise Affairs
 
GDPR and IoT: What do you need to know?
GDPR and IoT: What do you need to know?GDPR and IoT: What do you need to know?
GDPR and IoT: What do you need to know?
MicheleNati
 
IoT Guildford Meetup#26: GDPR, IoT and Transparency
IoT Guildford Meetup#26: GDPR, IoT and TransparencyIoT Guildford Meetup#26: GDPR, IoT and Transparency
IoT Guildford Meetup#26: GDPR, IoT and Transparency
MicheleNati
 
Data Portability and Interoperability –KRÄMER – June 2021 OECD discussion
Data Portability and Interoperability –KRÄMER – June 2021 OECD discussionData Portability and Interoperability –KRÄMER – June 2021 OECD discussion
Data Portability and Interoperability –KRÄMER – June 2021 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
Technology tipping points Big Data and Blockchain use case presentation
Technology tipping points Big Data and Blockchain use case presentationTechnology tipping points Big Data and Blockchain use case presentation
Technology tipping points Big Data and Blockchain use case presentation
Vinod Kumar Nerella
 
Coding Data Brokers
Coding Data BrokersCoding Data Brokers
Coding Data Brokers
Communication and Media Studies, Carleton University
 
Big Data & Investment Management: The Potential to Quantify Traditionally Qua...
Big Data & Investment Management: The Potential to Quantify Traditionally Qua...Big Data & Investment Management: The Potential to Quantify Traditionally Qua...
Big Data & Investment Management: The Potential to Quantify Traditionally Qua...
Ken Cutroneo
 
Tijani ppt.pptx prof.pptx 22 (1)
Tijani ppt.pptx prof.pptx 22 (1)Tijani ppt.pptx prof.pptx 22 (1)
Tijani ppt.pptx prof.pptx 22 (1)
Temitayo Tijani, CAMS, CFE
 
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Department for Communities and Local Government Local Digital Campaign
 
Non-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussion
Non-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussionNon-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussion
Non-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
Building Consumers Trust: The role of transparency and control
Building Consumers Trust: The role of transparency and controlBuilding Consumers Trust: The role of transparency and control
Building Consumers Trust: The role of transparency and control
MicheleNati
 
Blockchain across sectors - healthcare, finance, industry, media
Blockchain across sectors - healthcare, finance, industry, mediaBlockchain across sectors - healthcare, finance, industry, media
Blockchain across sectors - healthcare, finance, industry, media
CILIP
 
Data Portability and Interoperability – SWIRE – June 2021 OECD discussion
Data Portability and Interoperability – SWIRE – June 2021 OECD discussionData Portability and Interoperability – SWIRE – June 2021 OECD discussion
Data Portability and Interoperability – SWIRE – June 2021 OECD discussion
OECD Directorate for Financial and Enterprise Affairs
 
E commerce
E commerceE commerce
E commerce
Rajendra_Gahlot
 
S719a
S719aS719a
S719a
ecommerce
 
Big Data from cheap phones
Big Data from cheap phonesBig Data from cheap phones
Big Data from cheap phones
Lenin Alevski Huerta Arias
 
IBM Big Data Platform Nov 2012
IBM Big Data Platform Nov 2012IBM Big Data Platform Nov 2012
IBM Big Data Platform Nov 2012
Swiss Big Data User Group
 
Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...
Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...
Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...
scoopnewsgroup
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
IDC4EU
 
The Future Matters - Mike Maiorana
The Future Matters - Mike MaioranaThe Future Matters - Mike Maiorana
The Future Matters - Mike Maiorana
scoopnewsgroup
 
Privacy market public
Privacy market publicPrivacy market public
Privacy market public
Sachin Gaur
 
Feasibilities Study of Blockchain Ecosystem in Malaysia Government
Feasibilities Study of Blockchain Ecosystem in Malaysia GovernmentFeasibilities Study of Blockchain Ecosystem in Malaysia Government
Feasibilities Study of Blockchain Ecosystem in Malaysia Government
Effendy Zulkifly
 
LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)
Wolfgang Greller
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
EzraGray1
 
LexPredict - Empowering the Future of Legal Decision Making
LexPredict - Empowering the Future of Legal Decision MakingLexPredict - Empowering the Future of Legal Decision Making
LexPredict - Empowering the Future of Legal Decision Making
Daniel Katz
 
Block chain explained
Block chain explainedBlock chain explained
Block chain explained
Washiqur Rahman
 
Multiplexing
MultiplexingMultiplexing
Multiplexing
prateek237
 
FDMA-TDMA-CDMA
FDMA-TDMA-CDMAFDMA-TDMA-CDMA
FDMA-TDMA-CDMA
Sammar Khan
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Big Data & Investment Management: The Potential to Quantify Traditionally Qua...
Big Data & Investment Management: The Potential to Quantify Traditionally Qua...Big Data & Investment Management: The Potential to Quantify Traditionally Qua...
Big Data & Investment Management: The Potential to Quantify Traditionally Qua...
 
Tijani ppt.pptx prof.pptx 22 (1)
Tijani ppt.pptx prof.pptx 22 (1)Tijani ppt.pptx prof.pptx 22 (1)
Tijani ppt.pptx prof.pptx 22 (1)
 
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
Citizen-consumer permission based data sharing | Dr Matt Stroud | January 2015
 
Non-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussion
Non-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussionNon-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussion
Non-Price Effects of Mergers – LYNSKEY – June 2018 OECD discussion
 
Building Consumers Trust: The role of transparency and control
Building Consumers Trust: The role of transparency and controlBuilding Consumers Trust: The role of transparency and control
Building Consumers Trust: The role of transparency and control
 
Blockchain across sectors - healthcare, finance, industry, media
Blockchain across sectors - healthcare, finance, industry, mediaBlockchain across sectors - healthcare, finance, industry, media
Blockchain across sectors - healthcare, finance, industry, media
 
Data Portability and Interoperability – SWIRE – June 2021 OECD discussion
Data Portability and Interoperability – SWIRE – June 2021 OECD discussionData Portability and Interoperability – SWIRE – June 2021 OECD discussion
Data Portability and Interoperability – SWIRE – June 2021 OECD discussion
 
E commerce
E commerceE commerce
E commerce
 
S719a
S719aS719a
S719a
 
Big Data from cheap phones
Big Data from cheap phonesBig Data from cheap phones
Big Data from cheap phones
 
IBM Big Data Platform Nov 2012
IBM Big Data Platform Nov 2012IBM Big Data Platform Nov 2012
IBM Big Data Platform Nov 2012
 
Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...
Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...
Federal and Private Sector Joint Venture Partnership for Data Innovation - Av...
 
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
Beyond Privacy: Learning Data Ethics - European Big Data Community Forum 2019...
 
The Future Matters - Mike Maiorana
The Future Matters - Mike MaioranaThe Future Matters - Mike Maiorana
The Future Matters - Mike Maiorana
 
Privacy market public
Privacy market publicPrivacy market public
Privacy market public
 
Feasibilities Study of Blockchain Ecosystem in Malaysia Government
Feasibilities Study of Blockchain Ecosystem in Malaysia GovernmentFeasibilities Study of Blockchain Ecosystem in Malaysia Government
Feasibilities Study of Blockchain Ecosystem in Malaysia Government
 
LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)LAK16 privacy and analytics (2016)
LAK16 privacy and analytics (2016)
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
 
LexPredict - Empowering the Future of Legal Decision Making
LexPredict - Empowering the Future of Legal Decision MakingLexPredict - Empowering the Future of Legal Decision Making
LexPredict - Empowering the Future of Legal Decision Making
 
Block chain explained
Block chain explainedBlock chain explained
Block chain explained
 

Andere mochten auch

Andere mochten auch (6)

Multiplexing
MultiplexingMultiplexing
Multiplexing
 
FDMA-TDMA-CDMA
FDMA-TDMA-CDMAFDMA-TDMA-CDMA
FDMA-TDMA-CDMA
 
Unpacking TOGAF's 'Phase B': Business Transformation, Business Architecture a...
Unpacking TOGAF's 'Phase B': Business Transformation, Business Architecture a...Unpacking TOGAF's 'Phase B': Business Transformation, Business Architecture a...
Unpacking TOGAF's 'Phase B': Business Transformation, Business Architecture a...
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Cloud computing Basics
Cloud computing BasicsCloud computing Basics
Cloud computing Basics
 
Multiplexing, fdma,tdma,cdma
Multiplexing, fdma,tdma,cdmaMultiplexing, fdma,tdma,cdma
Multiplexing, fdma,tdma,cdma
 

Ähnlich wie Data privacy & compliance considerations on using cloud services

12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated
wdsnead
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
SecurityScorecard
 

Ähnlich wie Data privacy & compliance considerations on using cloud services (20)

12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated12 02-14 information security managers - unannotated
12 02-14 information security managers - unannotated
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Ivan Horodyskyy - Сloud and GDPR Legal and Organizational Steps to be Taken
Ivan Horodyskyy - Сloud and GDPR Legal and Organizational Steps to be TakenIvan Horodyskyy - Сloud and GDPR Legal and Organizational Steps to be Taken
Ivan Horodyskyy - Сloud and GDPR Legal and Organizational Steps to be Taken
 
Data protection within development
Data protection within developmentData protection within development
Data protection within development
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Hong Kong ICT Policies and Opportunities
Hong Kong ICT Policies and OpportunitiesHong Kong ICT Policies and Opportunities
Hong Kong ICT Policies and Opportunities
 
Kawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the CloudKawser Hamid : ICO and Data Protection in the Cloud
Kawser Hamid : ICO and Data Protection in the Cloud
 
How MongoDB can accelerate a path to GDPR compliance
How MongoDB can accelerate a path to GDPR complianceHow MongoDB can accelerate a path to GDPR compliance
How MongoDB can accelerate a path to GDPR compliance
 
GDPR and Blockchain
GDPR and BlockchainGDPR and Blockchain
GDPR and Blockchain
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
 
Administrative and public law seminar
Administrative and public law seminarAdministrative and public law seminar
Administrative and public law seminar
 
GDPR SECURITY ISSUES
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...
 
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
 
State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...
 
Cloud and security 6 jul2013 v2
Cloud and security 6 jul2013 v2Cloud and security 6 jul2013 v2
Cloud and security 6 jul2013 v2
 
NetSquared London - GDPR for charities
NetSquared London - GDPR for charitiesNetSquared London - GDPR for charities
NetSquared London - GDPR for charities
 
Blake Lapthorn's In-House Lawyer and Decision Maker's forum - 12 September 2013
Blake Lapthorn's In-House Lawyer and Decision Maker's forum - 12 September 2013Blake Lapthorn's In-House Lawyer and Decision Maker's forum - 12 September 2013
Blake Lapthorn's In-House Lawyer and Decision Maker's forum - 12 September 2013
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 

Mehr von Charles Mok

Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...
Charles Mok
 
Misinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the WorldMisinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the World
Charles Mok
 

Mehr von Charles Mok (20)

Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
 
Threats to the Internet
Threats to the Internet Threats to the Internet
Threats to the Internet
 
Cyber Risks in Hong Kong
Cyber Risks in Hong KongCyber Risks in Hong Kong
Cyber Risks in Hong Kong
 
ICANN TWNIC TWIGF 2023: Compliance through Compulsion
ICANN TWNIC TWIGF 2023: Compliance through CompulsionICANN TWNIC TWIGF 2023: Compliance through Compulsion
ICANN TWNIC TWIGF 2023: Compliance through Compulsion
 
全球數位威權趨勢及對台灣的挑戰和機遇
全球數位威權趨勢及對台灣的挑戰和機遇全球數位威權趨勢及對台灣的挑戰和機遇
全球數位威權趨勢及對台灣的挑戰和機遇
 
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationDigital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
 
HKU Tech for Good year2.pdf
HKU Tech for Good year2.pdfHKU Tech for Good year2.pdf
HKU Tech for Good year2.pdf
 
Technology4democracy: The Potential of Web3 and Blockchain for Democracy
Technology4democracy: The Potential of Web3 and Blockchain for DemocracyTechnology4democracy: The Potential of Web3 and Blockchain for Democracy
Technology4democracy: The Potential of Web3 and Blockchain for Democracy
 
APAC Data Center Infrastructure Observations
APAC Data Center Infrastructure ObservationsAPAC Data Center Infrastructure Observations
APAC Data Center Infrastructure Observations
 
Chinese Digital Repression
Chinese Digital RepressionChinese Digital Repression
Chinese Digital Repression
 
Technology, Data and Ethics
Technology, Data and EthicsTechnology, Data and Ethics
Technology, Data and Ethics
 
全球數位威權趨勢對台灣的挑戰和機遇
全球數位威權趨勢對台灣的挑戰和機遇全球數位威權趨勢對台灣的挑戰和機遇
全球數位威權趨勢對台灣的挑戰和機遇
 
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
台灣數位經濟及區塊鏈的機遇與挑戰.pdf台灣數位經濟及區塊鏈的機遇與挑戰.pdf
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
 
Censorship, Surveillance and Cyber Threats in Hong Kong.pdf
Censorship, Surveillance and Cyber Threats in Hong Kong.pdfCensorship, Surveillance and Cyber Threats in Hong Kong.pdf
Censorship, Surveillance and Cyber Threats in Hong Kong.pdf
 
HKU Tech for Good.pdf
HKU Tech for Good.pdfHKU Tech for Good.pdf
HKU Tech for Good.pdf
 
Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...
 
Misinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the WorldMisinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the World
 
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and TrendsFrom Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
 
From Crypto to Trust and Identity
From Crypto to Trust and IdentityFrom Crypto to Trust and Identity
From Crypto to Trust and Identity
 
Have you AI'ed today? A Reality Check
Have you AI'ed today? A Reality CheckHave you AI'ed today? A Reality Check
Have you AI'ed today? A Reality Check
 

Kürzlich hochgeladen

VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
SUHANI PANDEY
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
roncy bisnoi
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
SUHANI PANDEY
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
nirzagarg
 
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
SUHANI PANDEY
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 

Kürzlich hochgeladen (20)

VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 

Data privacy & compliance considerations on using cloud services

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Charles Mok ​Legislative Councillor (Information Technology) Data privacy & compliance considerations on using cloud services
  • 2. Benefits of moving to public cloud • Flexibility • Disaster recovery • Reliability • Cut costs • Scalability for expansion • Performance
  • 3. Cross-border data operations Dispersed data storage in multiple jurisdictions through cloud Outsource data processing procedures to contractors around the world.
  • 4. Are these your concerns on using cloud services?
  • 5. How to know the location at any point in time, its security, and who will have access?
  • 6. What laws must I follow when engaging a cloud service provider to store personal data in a cloud server that is accessible outside Hong Kong?
  • 7. How can my company achieve regulatory compliance with the data protection regulations in my jurisdiction?
  • 8. Challenges to privacy in cloud computing • Location of data and blurred division of responsibilities • Complexity of risk assessment in a cloud environment • Emergence of new business models and their implications for consumer privacy • Data sovereignty and retention requirements
  • 9. Implications on data protection and privacy Security Is the data protected from theft, leakage, spying or attacks? What is the level of control and protection? Residency Where is the data stored? geographically disbursed? What to do with data in transit & outside territory? Privacy Who can see personally identifiable information (PII)? Storing, transferring, locating and protecting PII
  • 10. Challenges of cloud and security Maintaining ownership and control of data Info on 3rd party service and distributed infrastructure Deliver resiliency, availability and flexibility of cloud services
  • 11. Data protection law in HK: DPP3 of PDPO By virtue of Data Protection Principle 3 under the Ordinance, personal data can be transferred outside Hong Kong only if the purpose of the transfer of personal data is the same as or directly related to the original purpose of collecting the data, or with the consent of the data subject.
  • 12. Hong Kong: Section 33 Personal Data (Privacy) Ordinance • prohibits the transfer of personal data to places outside Hong Kong unless one of a number of conditions is met. • Data users who, without reasonable excuse, contravene Section 33 commit an offence under Section 64A of the Ordinance which carries a fine of up to HK$10,000. • The Commissioner may also issue enforcement notices • The only provision in the PDPO not been executed since 1995
  • 13. What are the legal requirements of Section 33? Section 33 prohibits the transfer of personal data to places outside Hong Kong unless 1 of the following 6 conditions is met: • Destination of transfer included in “white list” specified by the Commissioner • Destination of transfer have comparable data protection law as PDPO • Data subject’s consent in writing to the transfer • Avoidance or mitigation of adverse action against data subject (proof required) • Exemption under Part VIII towards DPP3 (purpose) applies • Taken all reasonable precautions and exercised all due diligence against mishandling
  • 14. Who is required to comply with Section 33? Data User a person who either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data.
  • 15. …what does that mean? A person who is merely transmitting data on behalf of another and not for any of his own purposes is not a data user in relation to that data.
  • 16. What types of transfers are subject to s.33? (i) transfers of personal data from Hong Kong to a place outside Hong Kong (ii) transfers of personal data between two other jurisdictions where the transfer is controlled by a Hong Kong data user …when data users "consciously" engage outside parties to handle personal data and the process involves data transfer outside Hong Kong.
  • 18. Status to-date Business Impact Assessment by government to assess compliance measures required of data users Reviewing of “White List” jurisdictions Consider setting a commencement date?
  • 19.
  • 20. • Policies and laws should evolve with cloud computing technology • Is HK’s legal framework relevant and adequate? Multiple stakeholder approach in policy-making • Maintaining standard and reliability - importance of testing & certification of cloud service providers

Hinweis der Redaktion

  1. implication and current status of regulations esp Sec 33 of the PDPO
  2.  implication and current status of regulations esp Sec 33 of the PDPO
  3. It follows that such person, not being a data user, is not required to observe Section 33.