Free Wi-fi at West Kowloon terminus ‘not a risk’ transport minister says, but service provider admits it will give your personal data to Chinese authorities
Fear and confusion emerges over whether users of free internet service at city station for Guangzhou-Shenzhen-Hong Kong Express Rail Link risk having personal data sent to mainland
Hong Kong’s transport minister Frank Chan Fan has played down concerns over the security of free public Wi-fi at the new West Kowloon terminus for the cross-border high-speed rail, and said passengers’ personal data would not be passed to “other people”.
But, confusion reigned on Wednesday as the terms and conditions listed by Comba Telecom, which provides the Wi-fi, required users to agree to the firm collecting passengers’ names, telephone numbers, email addresses, and information on the websites they visited.
Meanwhile, lawmaker Michael Tien Puk-sun, a former chairman of Kowloon-Canton Railway Corporation, said people were making a “big fuss” over nothing.
Chan’s assurance came after fears emerged that people’s personal data would be automatically transferred to mainland authorities, once they connect to the free Wi-fi service for the Guangzhou-Shenzhen-Hong Kong Express Rail Link.
“For those who use the express rail’s Wi-fi service within the Hong Kong territory, their personal information would not be passed to other people,” Chan said, during an impromptu visit to the terminus.
“I think the MTR Corporation hasn’t made it clear enough about this Wi-fi policy. It will clarify this matter at a later date.”
Tien focused his criticism on those he said were making a fuss, even though they knew they would eventually face the prospect of having their data shared with mainland authorities once they crossed the border.
“I think people are making a big fuss,” he said. “We all know that once we cross the border and enter the mainland soil, we are subject to the scrutiny of the mainland authorities when using the mainland’s Wi-fi service.
“This has been understood. You can’t escape that unless you don’t travel to the mainland, or you don’t use the mainland Wi-fi service.”
An MTR spokeswoman confirmed when passengers connected to the free Wi-fi service of the high-speed rail within the Hong Kong territory, their personal data would not be passed over to the mainland authorities.
“Once the train enters the mainland territory, this service will be subject to mainland laws and regulations. Users will then be requested to log in again. Passengers may choose to use the service again, and if they do so, they are required to comply with the relevant mainland laws and regulations,” she said.
She added that there were some ambiguities in the personal information collection statement issued by Comba and the MTR Corp had already requested it revise the statement.
The Wi-fi service for the HK$84.4-billion (US$10.8 billion) express rail link is provided by Comba Telecom, a Hong Kong listed company, under a contract valued at more than HK$35 million.
Under the agreement with the MTR Corp, the telecom firm will provide Wi-fi for passengers at the West Kowloon terminus, and on-board the nine Vibrant Express trains serving the railway.
Comba said it will collect a variety of data on people who use its service, with that information primarily used for handling inquiries and complaints.
The information and personal data, which the company shares with third parties “inside or outside Hong Kong”, will be used for research, statistical and behavioural analysis, and improving the firm’s service.
Among the third parties the firm identifies are the Hong Kong government, the mainland government, or its authorised agencies, with information being provided in connection with any investigation for the purpose of preventing or detecting crimes.
Users must agree to the terms and conditions, disclaimer and the privacy data statement before they can access the free service.
Privacy Commissioner Stephen Wong Kai-yi said the policy adopted by Comba was in line with the common approach taken by other service providers.
He said any Wi-fi service providers in Hong Kong were subject to the city’s privacy laws, with regard to the collection and use of personal data, which should not be excessive. They should also be transparent.
“When Wi-fi service providers are collecting personal data, they must ensure to keep users informed about the purposes of the data collection,” he said.
He advised users to have a good grasp of the provider’s personal data collection policy before using the Wi-fi service.
Tickets sales for the rail link are still slow, with a total of 3,886 tickets sold on Tuesday, the second day of the pre-sale. As of 7.30pm on Wednesday, 1,833 had been sold.