Open access to directors' names, but not their home addresses
John Bacon-Shone welcomes the government review of company data
The recent debate about the government proposals to restrict access to the personal information of company directors has been one-sided, so it is useful to re-examine the arguments carefully to see which elements, if any, of the proposals are justified, taking into account press freedom, access to information and privacy.
Firstly, I do not believe press freedom is directly relevant here as there is no proposed restriction on the press that does not apply to the public. Public access to information, however, is important for an open society, including journalistic investigations, and should be restricted only with good justification.
Many years ago, the Law Reform Commission reports on privacy highlighted the need for the government to revisit public access to government registries, such as the Transport Department registry of vehicle ownership and the Land Registry, to ensure that public access is consistent with the purpose of each registry and balances public access to information with privacy concerns.
In this light, a government review of public access to the Companies Registry should be welcomed.
The key information under discussion is director names, and their identity card numbers and residential addresses.
There is general agreement that director names must remain public to ensure that the public can identify who is responsible for a company. We allow company directors to obtain the benefits of reduced tax and liability through using a company, so identifying directors is essential to hold them accountable.
But names are not reliable personal identifiers, given that English names here can be written multiple ways and Chinese names are often not unique. Hence, ID card numbers play an important role in identification. This suggests that the government proposal to show incomplete identity card numbers may not meet the requirement for accurate identification.
The privacy argument here relates to identity theft, of which they are now many cases each year. But an identity card number, while useful for identification, is not a reliable means of authentication. So, it seems that the public benefit of access to full identity card numbers arguably outweighs the privacy protection argument of restricting access.
But the picture looks different when we consider residential addresses. In surveys I did on privacy attitudes, residential addresses were considered sensitive personal data by most Hong Kong people, so public access needs clear justification.
The registered address of a company is already public information. The argument for access to residential addresses hinges on dysfunctional companies that cannot be contacted through the registered company address.
In such a case, having a residential address means, for instance, an employee who has not been paid could get in touch to negotiate payment through, say, the Labour Department. Or potential fraud could be reported to the police, who would retain access. In other words, public access to addresses should be restricted to those with a clearly justified need.
It is fully justified for the government to introduce restrictions on access to company director information. However, it should modify the proposals to retain public access to full ID card numbers while restricting access to residential addresses.
Professor John Bacon-Shone is a former chairman of the Law Reform Commission sub-committee on privacy