Hong Kong personal data watchdog warns on consumer loyalty programmes

Retailers love to offer membership and rewards programmes to lure and retain consumers but Hong Kong’s privacy chief on Monday warned that many shops fail to provide customers with transparency, choices and control over the use of personal data.

Releasing a report on personal data collection by customer loyalty and rewards programmes, Privacy Commissioner Stephen Wong Kai-yi called on retail firms to thoroughly explain to customers their privacy policies and practices, respect customers’ right to privacy and give them control over their own personal data.

He also advised individuals to read a programme’s privacy policy carefully to understand the possible use and sharing of their data, and assess the related privacy risks before joining such programmes.

Do-not-call register as law the best option to protect personal data in Hong Kong, privacy chief says

The report examined 30 customer loyalty and rewards programmes from six sectors - retail, hotel, catering, airline, cinema and petrol - in late May 2017. The programmes were picked due to their popularity in the local market and potential to collect substantial amounts of personal data from a large number of individuals.

It was found that most of the privacy policies of the programmes lacked transparency.

“Many privacy policies lacked clarity because broad and vague descriptions were used,” the report said, and that many firms used “our parent companies”, “any of our subsidiaries” and “business partners” as the classes of those they would share clients’ personal data with.

The report also noted that customers were unable to provide meaningful consent for data collection.