The phone-hacking exploits of Rupert Murdoch's News of the World have caused global outrage, but in Hong Kong the practice falls into a legal grey area.
In the past month, the 168-year-old British tabloid has been shut, its former editors arrested and owner Murdoch dragged in front of a parliamentary committee for questioning.
That followed the revelations that its staff tampered with the voicemail of a 13-year-old murder victim and of the existence of 4,000 names in notes kept by a private investigator who worked for the paper and served a jail term for hacking the phone of a member of Britain's royal household.
Accessing another person's voicemail is illegal in the UK under the Regulation of Investigatory Powers Act 2000. But in Hong Kong, the Interception of Communications and Surveillance Ordinance applies only to surveillance by public officers.The Personal Data (Privacy) Ordinance offers some degree of protection, but the Office of the Privacy Commissioner's powers of enforcement are weak. The most that could be done in response to a proven complaint would be to issue an enforcement notice, which would make a second offence a criminal act.
'It's a grey area,' said Anthony Poon Kin-sum, a partner in law firm Baker & McKenzie who has handled cases for various newspapers in the High Court. 'But you are basically stealing others' information without permission. I think in Hong Kong this area of the law needs to be developed and legislation sped up.'
The same ease of access enjoyed by the News of the World applies in Hong Kong. 'Too often, the system operators have opted to make things simple for users,' Alan Brill, senior managing director at security firm Kroll Ontrack, said. 'Unless properly set, many voicemail systems allow users to access mail remotely protected by nothing more than a short passcode. And often the system allows trivial passcodes like 0000, 1111, 1234 and the like, which are very easy for a hacker to guess.'
Brill said the passcodes generally do not expire and many systems have a 'mark as unheard' feature, allowing hackers to cover their tracks.