Personal Data (Privacy) Ordinance
The following paragraphs list the Data Protection Principles extracted from the leaflet published by the Hong Kong Government (Oct 1995):
Principle 1 - Purpose and manner of collection:
This provides for the lawful and fair collection of personal data and sets out the information a data user must give to a data subject when collecting personal data from that subject.
Principle 2 - Accuracy and duration of retention:
This provides that personal data should be accurate, up-to-date and kept no longer than necessary.
Principle 3 - User of personal data:
this provides that unless the data subject gives consent otherwise personal data should be used for the purposes for which they were collected or a directly related purpose.
Principle 4 - Security of personal data:
This requires appropriate security measures to be applied to personal data (including data in a form in which access to or processing of the data is not practicable).
Principle 5 - Information to be generally available:
This provides for openness by data users about the kinds for personal data they hold and the main purposes of which personal data are used.
Principle 6 - Access to personal data:
This provides for data subjects to have rights of access to and correction of their personal data.
(1) Telecommunication Ordinance
"27A. Unauthorized access to computer by telecommunication
(2) For the purposes of subsection (1) -
(a) the intent of the person need not be directed at -
(i) any particular program or data;
(b) access of any kind by a person to any program or data held in a computer is unauthorized if he is not entitled to control access of the kind in question to the program or data held in the computer and ;
(ii) a program or data of particular kind; or
(iii) a program or data held in a particular computer;(i) he has not been authorized to obtain access of the kind in question to the program or data held in the computer by any person who is so entitled;
(ii) he does not believe that he has been so authorized; and
(iii) he does not believe that he would have been so authorized if he had applied for the appropriate authority. "
Crimes Ordinance Note
2,3 & 4
"
(1) In this Part, "property" means --"(a)
(1A) In this Part, "to destroy or damage any property" in relation to a computer includes the misuse of a computer. In this subsection, "misuses of a computer" means --
.
.
(b) any program, or data, held in a computer or in a computer storage medium, whether or not the program or data is property of a tangible nature.(a) to cause a computer to function other than as it has been established to function by or on behalf of its owner, notwithstanding that the misuse may not impair the operation of the computer or a program held in the computer or the reliability of data held in the computer;
.
(b) to alter or erase any program or data held in a computer or in a computer storage medium;
(c) to add any program or data to the contents of a computer of a computer or of a computer storage medium; and any act which contributes towards causing the misuse of a kind referred to in paragraph (a), (b) or (c) shall be regarded as causing it."
.161. Access to computer with criminal or dishonest intent
(1) Any person who obtains access to a computer--
.(a) with intent to commit an offence;
(b) with a dishonest intent to deceive;
(c) with a view to dishonest gain for himself or another; or with a dishonest intent to cause loss to another, whether on the same occasion as he obtains such access or on any future occasion, commits an offence and is liable on conviction upon indictment to imprisonment for 5 years.
.
"(3A) The reference in subsection (2)(c) to doing unlawful damage to anything in a building includes -