What's New

Policies, Laws, Guidelines and Technical Standards

Policies

Overall Policy

The “Hong Kong Innovation and Technology Development Blueprint” promulgated by the Government in December 2022 has set out “promoting digital economy development and developing Hong Kong into a smart city” and “accelerating the development of digital economy and smart city to enhance citizens’ quality of life” respectively as part of our four development directions and eight major strategies. These initiatives underscore our data-driven development approach to seize opportunities brought about by digital economy and to integrate into the overall national development.

Data Policy

Under the Open Data Policy promulgated in 2018, government bureaux and departments (B/Ds) are required to make their best endeavours in opening up their data to the public. Our target is to increase the annual usage of open data from 22 billion in 2021 to 58 billion in 2025. The “Chief Executive’s 2024 Policy Address” announced that the Government will compile departmental data catalogues to promote the opening up and sharing of data among B/Ds within 2025.

Data is a key element of new production in the digital era. Effective data governance plays a strategic role in driving our society and economy towards digital transformation and high-quality development. The philosophy and strategy underpinning data governance must be holistic and pay heed to the overriding principle of secure data flow, thereby maximising the value of data resources. The Government has all along been adopting a multi-pronged strategy, encompassing policies, laws and guidelines, infrastructural support, etc., with a view to promoting the sharing, usage, opening up as well as interchange of data, whilst strengthening data security.

The Digital Policy Office (DPO) launched a dedicated webpage on data governance on its website in December 2024, alongside the publication of the “Principles of Data Governance”, which sets out the Government’s guiding principles of data governance. These principles aim to enhance the quality and reliability of data, facilitate data flow and sharing, as well as enhance protection of data in order to support the government departments and society in optimising data and to drive data-based development.

Guiding Principles of Data Governance:

  1. The Government upholds the principles of open data and data sharing. The opening up, sharing and application of data shall be conducted in compliance with relevant laws and regulations. In respect of personal data, open data and data sharing should follow the relevant data protection principles and conducted in compliance with relevant laws and regulations.
  2. Data security forms the foundation of open data and data sharing. The opening up, sharing and application of data shall take into account data security, which includes ensuring security and protection of data content, as well as safeguards on the sharing, flow and usage of data.
  3. Corresponding data governance principles should be adopted for different types of data so as to balance the opening up, usage and protection of data.

Cross-boundary Data Flow Policy

In June 2023, the Innovation, Technology and Industry Bureau (ITIB) and the Cyberspace Administration of China signed the “Memorandum of Understanding on Facilitating Cross-boundary Data Flow Within the Guangdong-Hong Kong-Macao Greater Bay Area” to jointly promote cross-boundary data flow in the Guangdong-Hong Kong-Macao Greater Bay Area (GBA), with the objective of promoting safe and orderly data flow from the Mainland to Hong Kong, with a view to facilitating integration of Hong Kong into the “Digital Bay Area” and promoting collaborative digital development between Hong Kong and the Mainland. In December 2023, the DPO and ITIB announced the “early and pilot implementation” arrangement of the facilitation measure on “Standard Contract for the Cross-boundary Flow of Personal Information Within the GBA (Mainland, Hong Kong)” (the GBA Standard Contract). With effect from 1 November 2024, industries of all sectors in the nine Mainland cities in the GBA and Hong Kong can adopt the GBA Standard Contract on a voluntary basis. This further facilitates the compliance of the cross-boundary flow of personal information by enterprises and encourages the provision of more convenient and beneficial cross-boundary services within the GBA.

In December 2023, the ITIB published the “Policy Statement on Facilitating Data Flow and Safeguarding Data Security in Hong Kong” to set out the Government’s management principles and key strategies as well as 18 action items on facilitating data flow and safeguarding data security, being two important components of data governance.

Laws, Guidelines and Technical Standards

The need for protecting data including personal data grows with the advancement of the digital economy. We pay heed to the “Personal Data (Privacy) Ordinance”, “Guidance on the Ethical Development and Use of Artificial Intelligence” and “Artificial Intelligence: Model Personal Data Protection Framework” issued by the Office of the Privacy Commissioner for Personal Data (PCPD), as well as other relevant laws, administrative measures and industry guidelines, in the collection, holding, processing, use, control and protection of data including personal data and those derived from different business processes.

In promoting open data and application, the Government has also provided technical standards and rules on usage and security in respect of data governance. Other than formulating the “Security Regulations” which is for internal reference, the Government and related organisations have also released the “IT Security Standards and Best Practices”, “Guidance on the Ethical Development and Use of Artificial Intelligence”, “Artificial Intelligence: Model Personal Data Protection Framework”, “Ethical Artificial Intelligence Framework”, “Interoperability Framework for E-Government”, “Common Chinese Language Interface” and “Practice Guide on Data Centre Security” for reference by all sectors. Multiple security measures and working mechanisms have been established, covering government data protection, audit and risk assessment, incident handling and response, education and training, etc., to comprehensively maintain government systems and data security.

In view of the latest development of generative AI, the Government has updated the “Ethical Artificial Intelligence Framework” in August 2023 to provide clearer guidance to B/Ds on developing applications with AI-related technologies. The Government has also commissioned the InnoHK research centre specialised in generative AI to study and propose appropriate rules and guidelines on the accuracy, responsibility and information security of the generative AI technology and its application.

The full text of the “IT Security Standards and Best Practices” and “Ethical Artificial Intelligence Framework” have been uploaded to the relevant government websites for reference by public and private institutions. This allows individual institutions to adopt appropriate IT security risk management principles and measures according to their specific situations, thereby enhancing their awareness and capabilities in protecting data.

In October 2024, the Financial Services and the Treasury Bureau published the “Policy Statement on Responsible Application of Artificial Intelligence in the Financial Market”, setting out the Government’s policy stance and approach towards the responsible application of AI in the financial market.

Guidelines Issued by Other Related Public Organisations

The “Guidelines on the Use of Generative Artificial Intelligence for Judges and Judicial Officers and Support Staff of the Hong Kong Judiciary” of the Hong Kong Judiciary sets out general rules and guiding principles for Judges and Judicial Officers and support staff of the Judiciary on the use of generative AI in performing judicial and administrative duties.

Facilitating of the Cross-boundary Data Flow within the Greater Bay Area
Exhibition of the 4th Anniversary of Hong Kong National Security Law
The 2025-26 Budget Public Consultation
The Chief Executive’s 2024 Policy Address
2025 National Games - Hong Kong
“Smart Silver” Digital Inclusion Programme for Elders
Enriched ICT Training Programme for the Elderly - Courses of the new round invite enrolment applications
ICT Outreach Programme for the Elderly
Let Social Enterprises Bloom!
Legislative Control of Cannabidiol (CBD)
National Security Education Day
Electronic Health Record Sharing System (eHealth)
Improve Electoral System Ensure Patriots Administering Hong Kong
iAM Smart Safe and Swift
CSDI website
Safeguarding National Security
Multi-functional Smart Lampposts
ICT Event Calendar
Smart Government Innovation Lab
talent.gov.hk
New Patent System
Elderly IT Learning Portal
Hong Kong Legal Hub
Guangdong-Hong Kong-Macao Greater Bay Area
Cybersec Infohub
Corruption Prevention Advisory Service
Cyber Security Information Portal
IT Career Role Models Platform
Hong Kong Smart City
Digital Accessibility Campaign
Mutual Recognition of Electronic Signature Certificates issued by Hong Kong and Guangdong
Marketing Consultancy Office (Rehabilitation)
Developing Datacentre in Hong Kong
Wi-Fi․HK
GovHK Website
Government Computer Emergency Response Team Hong Kong (GovCERT․HK)
DATA․GOV․HK
Hong Kong ICT Awards
INFO SEC
Student IT Corner
1823
SIE Fund