The Institute of Big Data Governance (IBDG), a non-profit platform, has been established this month in Hong Kong to promote better protection of big data, with a vision to turn Hong Kong into a global data centre.
In six months from now, the IBDG will formulate a set of standards and principles on big data governance. It aims to encourage businesses to self-govern their use and protection of big data. The thinking is that a strong legal framework, coupled with a self-governing culture of strongly principled data protection, will attract those who wish to hold sensitive data securely will want to situate their business in Hong Kong.
The Institute will also recruit members and make public the principles and the member list on its website.
“The world is paying more attention to data protection and what it means to national security, and they are actively enforcing regulations. Hong Kong needs to get on the same page with other advanced cities,” said Mr Allen Yeung, founder of the IBDG.
Principles: A higher order of guidance
“Regulations alone are not enough amid the rapid development of the big data industry. There is a need for principles that are of higher standard than the regulations to avoid incidents,” Mr Yeung said.
The IBDG will work with committees and experts who draw international experience to come up with the guidelines.
Updated from time to time, one example of the principles is to require data users to inform those affected of a data breach within a timeframe.
The Institute will implement a reporting mechanism to monitor its members. Any member found violating the principles will have its membership revoked, and improvement must be made to join the IBDG again.
Currently in Hong Kong, data-related issues are handled by the Office of the Privacy Commissioner for Personal Data (PCPD). It is a statutory body created to enforce the Personal Data (Privacy) Ordinance, which secures the protection of privacy of individuals.
98 pound weakling
But the PCPD has been widely seen weak. There is no statutory requirement that requires data users to inform the PCPD about a data breach incident and the PCPD has no power to directly levy fines or penalties.
This year, it took Cathay Pacific months to report a major data breach affecting 9.4 million passengers that leaked passport numbers, credit card numbers, and email addresses.
But Mr Yeung stressed that the IBDG is not to replace the PCPD, as it is not a law-enforcement body. It will only support and work closely with the PCPD.
He further suggested that if personal data is protected effectively, big data can create vast market opportunities for businesses and the innovation and technology sector.
“Research firm International Data Corporation predicts that worldwide revenues for big data and business analytics solutions will grow from an estimated US$166 billion in 2017 to US$260 billion in 2022,” he noted.
Mr Yeung’s view was supported by Mr Stephen Wong, Privacy Commissioner for Personal Data at the PCPD.
“Big data governance is necessary to protect personal data and consolidate Hong Kong’s reputation as a cross-border trading and business hub,” he said.
An ideal data centre
Through self-governance with the strict rules, Mr Yeung hopes Hong Kong could become a global data centre that is trusted by the global community and boost the local data industry.
Hong Kong was named the most suitable location in the Asia Pacific for setting up data centres, according to Asia Pacific Datacenter Index published by International Data Corporation in 2014.
This city is one of the few in Asia that has a safe environment sheltered from natural disasters, a reliable and stable supply of electricity, and advanced telecom infrastructure.
(Printer – R&R Publishing Limited, Suite 705, 7/F, Cheong K. Building, 84-86 Des Voeux Road Central, HK)