DAB urged strengthening supervision and accountability to prevent further leakage of Government data

May 6, 2024

The Companies Registry had an incident of personal data leakage after the Electrical and Mechanical Services Department had a similar incident. Panel on Information Technology and Broadcasting Chairman Elizabeth Quat stated that the incidents showed that cybersecurity and protection of personal privacy could be strengthened. She urged the responsible persons in the Government to take more secure measures to protect privacy of personal data and that relevant persons should be held accountable.

Elizabeth Quat pointed out the leakage was due to poor management and human error. The DAB made these recommendations:

1. The authorities must conduct a thorough investigation hold relevant persons accountable;

2. If any negligence or violation of regulations is revealed, the relevant persons must be subject to disciplinary action;

3. The Government should perform personal data assessment and audit in IT projects to ensure that systems do not disclose excessive and unnecessary personal data to the public; and

4. In the future, the Digital Policy Office should closely monitor and safeguard against any cyber attacks and security threats, to issue warnings, and enhance adaptability of the Government departments and resistance against risks.

Media enquiries: LegCo member Elizabeth Quat 9031 7995