[Hong Kong, May 14, 2020] The Institute of Big Data Governance (iBDG) announces today the launch of Big Data Governance Principles 2.0.  This is an elevation of last August’s version 1.0, which was launched with the Independent Assessment Scheme 1.0, as part of a highly collaborative effort with iBDG’s founding members. Today’s announcement is an effort in line with facilitation and engagement of Privacy Commissioner for Personal Data (PCPD)  to promote a digital economy while protecting personal privacy in developing Hong Kong into a global data hub.

​

“Data has replaced oil as the world’s most valuable resource,” Allen Yeung, Founding Chairman of iBDG and former Chief Information Officer of HKSARG, remarked. “As we promote the data economy, we must properly address the issues of personal privacy and data security. The iBDG was founded to provide the industry with a framework of data governance, including the setting up of the Big Data Governance Principles and the Independent Assessment Scheme that are on par with international standards, so that data owners can exchange data with confidence in the age of data economy.”

​

Refined Governance Principles for Better Personal Data Protection

​

 “The Committee has performed a thorough review of the 4 key areas as laid out in the Big Data Governance Principles 1.0: Big Data processing, Personal Data Breach Prevention, Data Transfer and Continuous Improvement. A new section of Data Retention and Security Control is added along with revisions to all other sections to enhance personal data protection,” Rocky Cheng, Chairman of the Data Governance Principle Committee.

​

Big Data Governance Principles 2.0 clearly points out that whenever data is exchanged, it must be anonymised and the data receiver cannot purposely re-identify any individual.

​

“ The underlying principle of PCPD for regulation is that economy development would be promoted at the same time when we perform our functions and exercise our powers under the Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”) when data users carry out data trading or data exchange, they may comply with the requirements for collecting and using personal data under PDPO by (1) using personal information collection statement (PICS), (2) obtaining data subjects’ consents or (3) adopting data anonymization. As to data anonymization, organizations should stay vigilant for the risk of re-identification and make regular assessment on the data anonymization. I hope Big Data Governance Principles 2.0 would provide a referential standard for data economic development in Hong Kong and organization’s protection of personal data” Stephen Wong, Privacy Commissioner for Personal Data, Hong Kong.

​

Certification for Data Exchange

​

Our Big Data Governance Assessment Scheme makes reference to seven national and international standards. Companies certified under the assessment scheme must clearly demonstrate their capabilities and compliance with comprehensive data protection and governance, before they can be qualified as iBDG Certified Members, and therefore be recognized as trusted parties for data exchange. iBDG is in the process of setting up an independent Certification Vetting Committee, with vetting members comprising of council members and external experts, to vigorously vet, approve and, where appropriate, arbitrate and disqualify members’ qualification.

​

iBDG shall make public on their website a list of Pledge Corporate Members and Certified Corporate Members for full transparency. iBDG is pleased to note that Cherrypicks, a Hong Kong’s early homegrown innovator, is the first organization to conduct data certification and is applying for a Certified Member status.

​

Sharings from the Industry and iBDG’s Members on Data Governance’ importance

​

Leading companies across different sectors were invited to join iBDG as Founding Corporate Members, including FSI (Hong Kong Exchanges and Clearing, Ping An Group), Public Sector (CLP Power, Hong Kong Airport Authority), Retails & Logistics (Fung Group), Advisory (Ernst and Young), ICT (Alibaba Cloud, China Unicom, HK Science & Technology Parks Corporation, Microsoft, OneAsia, SAP, SUNeVision and Tencent Cloud).

​

Public Sector member representative Joseph Law, Senior Director of Planning & Development in CLP shares that CLP applauds the efforts of IBDG to further raise HK’s position as a data governance center of excellence.  FSI member representative Richard Leung, CTO of HKEX Group mentioned that HKEX is delighted to be part of this Hong Kong wide collaborative initiative to shape and define governance around Data in the region. Data is a cornerstone of their operations as Asia’s largest and most liquid international financial market, and the group is look forward to working with all iBDG members on the future of Data in Hong Kong.

​

In today’s press conference, representatives from the industry including Larry Li, Managing Director & Head of Project Management, Group Strategy & Projects, HKEX; Tony Lau, Managing Director, Fung Omni Services and Jason Chiu , CEO, Cherrypicks were invited to share their views as data owners and data receivers and how the Principles and Independent Assessment Scheme helped with their business.

​

Tony Lau, Managing Director, Fung Omni Services: “Data privacy and protection is paramount to public confidence in e-commerce. Fung Omni is excited to work with iBDG in its endeavor to make Hong Kong a global leader in data protection, which will benefit our industry tremendously as data is becoming the most valuable asset in the world of commerce, iBDG’s role in protecting it is indispensable.”

​

Going forward, iBDG will continue to seek public and our founding corporate members’ advices in refining our iBDG Big Data Governance Principles and Independent Assessment Scheme to ensure they remain useful and relevant to the evolving needs of businesses and the society.