Privacy chief wants 'do-not-call' register
The privacy watchdog wants a 'do-not-call' register to guard against telemarketers phoning people - and a law that requires the callers to say where they got the recitpient's contact details from.
Privacy Commissioner for Personal Data Allan Chiang Yam-wang says these were measures worth recommending to the public during a consultation on a review of privacy law due to end in January.
The register would enable people to opt out of receiving calls from marketers; they can already opt out of receiving electronically generated calls and faxes through a registry operated by the Office of the Telecommunications Authority (Ofta). Marketing companies are required to check the register before sending out messages.
'We believe the public would like to have a one-stop service, so it would be good if the new do-not-call register system including direct marketing activities could be managed by Ofta,' Chiang said yesterday in an interview.
He said there might be technical difficulties in tracing offending callers as the numbers used changed frequently. But experience had shown that telecommunications operators could help find out who made the calls.
'The telemarketing company is responsible, not the telemarketer making the phone calls,' Chiang said. He hoped the register would help those whose data had recently been found to be given widespread distribution.
He cited the Telephone Preference Service in Britain, an official central opt-out register on which individuals can record their preferences not to receive unsolicited sales or marketing calls.
He also advocates a law requiring data users to tell the subjects where they got their personal details. Chiang said Australia had adopted a similar measure.
The two proposals have been listed in the consultation document, and forums will be held to collect views from the public.
Chiang, meanwhile, is continuing to insist his office be given the right to carry out criminal investigations, amid mounting concern over widespread abuse of data.
'Having investigative powers does not necessarily imply excessive power for the privacy watchdog, as the power of prosecution would still remain with the Department of Justice,' he said. 'The power to conduct criminal investigations and to prosecute would still be vested in different institutions to maintain checks and balances.'
He said the present system, in which the commission can refer cases to police for criminal investigation, had resulted in very few prosecutions in recent years.
'In many cases, police rely on our assistance in investigating privacy intrusions but we usually are told the cases must be dropped as they think there is not enough evidence to proceed,' he said.
Only one case out of the eight referred for police investigation last year found its way to court.
While the government says few agencies in Hong Kong have the power Chiang seeks, he said that in fact many had it. He cited as examples the Securities and Futures Commission, the Vocational Training Council and the Construction Workers Registration Authority.
Chiang also wants the power to award compensation to aggrieved data subjects and to impose monetary penalties for severe breaches.
'If we had [such powers], the Octopus Company could have been fined for selling personal data of 2.4 million customers without their consent,' he said.
While seeking many changes to the privacy law, Chiang did not provide any action plan for the future if the request for additional investigative power was denied by the government. 'I respect the views of the public on our role and powers and this is why I hope the public will give their views during the consultation.'