Privacy breach incidents outline need for compensation fund

January 02, 2019 11:28
People affected by data breaches should be compensated after penalizing the errant firms, a columnist suggests. Photo: Freepik

If you ask me to pick just one major issue in a review of 2018, I would recommend privacy-breach incidents as the key topic.

Popularity of internet and social media have come at the cost of people's privacy.

From the Cambridge Analytica event (which saw the firm harvest data on over 50 million American  Facebook users) to the data leak that hit India's national identity database Aadhaar, as well as several incidents pertaining to various corporates including names such as athletic brand Under Armour and hotel chain Marriott International, there were plenty of hacking events globally.

Last year in Hong Kong, Cathay Pacific Airways reported a major data leak affecting up to 9.4 million passengers. In other news, data on 380,000 customers of Hong Kong Broadband Network (HKBN) was exposed in a data leak.

Given these incidents, we come to the question: How do we protect our privacy, at a time when hackers seem to be getting the better of IT guys?

We can discuss various solutions, but I would, in the meantime, suggest one initiative that can bring some relief to the general public.                                                     

Authorities should introduce new rules to impose fines on corporates that fail to protect their customers' data. The money gathered through the fines should then go toward a compensation fund for the people affected by data leakage.

This article appeared in the Hong Kong Economic Journal on Dec 31

Translation by Julie Zhu

[Chinese version 中文版]

– Contact us at [email protected]m


Hong Kong Information Technology Federation honorary chairman