bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

helpersCheckIsPostiesArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

moreOnThisArticles

urlAlias

commentCount

authorLocations

authors

corrections

sponsorType

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

additionalInfoBoxes

quizIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

The scandal-hit Octopus Rewards scheme restarts today, 10 months after it was found to have sold members' personal data to third parties for HK$44 million.
Company bosses say they have cleaned up their act and will start registering members using a redesigned form to comply with the privacy commissioner's guidelines issued after an investigation.
It vowed that it would not transfer customer data to any third party for direct marketing. 
Members will no longer be required to reveal their identity card or passport number and their date of birth. 
It will also be optional for them to disclose their monthly income and personal interests.
Terms and conditions will appear in bigger print and a section on personal data collection will be in bold type. 
If members do not want to receive marketing offers from the company, they indicate this on the form. However, they will need to check all four boxes of 'e-mail', 'SMS', 'direct mail' and 'phone' to stop all forms of communication.
The company has also hired  an officer specialising in data protection.
Federation of Trade Unions lawmaker Wong Kwok-hing  said it was a welcome improvement.
 'The most important improvement is to show the terms and conditions in a larger font. That can allow members to read through carefully and clearly,' he said.
It was also good that members were no longer forced to reveal their monthly income levels, he said.
Octopus Rewards made the changes after a privacy commissioner's report in October said the company violated three data protection principles, including collecting more data than needed to verify its customers' identities and selling it for monetary gain. 
Instead of issuing an enforcement notice, it accepted an undertaking from Octopus that it would, within two months, destroy and erase its members' identity card numbers and birth dates from its data base. 
The commissioner found that the personal data of more than 1 million Octopus cardholders was sold to business partners for HK$44 million without the cardholders' consent in the five years from 2006. The scandal came to light in July last year.



Your data's safe: Octopus vow as scheme returns