According to a recent report, Hong Kong has the potential to serve as a data hub in the Greater Bay Area (GBA) for implementing a pilot scheme on cross-border data flow. A special task force is recommended to coordinate data transfer issues within the GBA.
These are the key insights of a research conducted by the City University of Hong Kong (CityU) and the Hong Kong branch of an American major tech firm.
Titled “Legal Research Project: Proposal for Hong Kong to be a Data Center Hub for the Greater Bay Area and China”, the research examined the legal issues related to cross-border data transfer and recommended Hong Kong as a suitable location to serve as a data depository and processing centre for the GBA.
The research reviewed the legal framework of data protection and cybersecurity and identified the key restrictions on free data flow among the three jurisdictions in China, Hong Kong and Macau. However, China the tightest restriction; Hong Kong has no legal restriction on data flow.
Hong Kong’s data protection law focuses on the protection of privacy and security of personal data. Currently, there is no legal or regulatory restriction on cross-border transfer of data to and from the city. It is in a good position to be a data hub for the GBA as a pilot.
It was noted that Hong Kong has actively participated in international agreements about cross-border data transfer. This, in conjunction with Hong Kong’s international positioning and robust legal framework, make it the prime location for the data centre hub for the GBA, and potentially for entire China in the long run.
Gradually implemented a pilot scheme
The research recommends a step-by-step pilot approach, which synchronises the policies, regimes, and technical aspects related to data transfer within the GBA.
A special task force group is recommended to coordinate the legal institutions and government agencies in Guangdong, Hong Kong, and Macau.
It was noted that the HKSAR Government can take the lead in lobbying the governments in China and Macau to gather for a discussion.
In addition, the research recommends the establishment of a “white list” or a “negative list” for data flow.
The “white list” permits certain categories of data to enter and exit in certain circumstances, while the “negative list” is able to ascertain the scope of data that are not allowed to be transferred freely.
The ‘white list’ can be started with less sensitive or critical data such as open data and data not subject to legal or regulatory restrictions.
Members of the special task force can discuss the white list or negative list together. Hong Kong’s data governance should be elevated to an international standard to make the city a trusted location for cross-border data flow while facilitating innovation and technology progress.
Doing well in terms of protecting local data will give the region greater credibility, building trust for other jurisdictions to allow data to enter and exit.
The Institute of Big Data Governance (IBDG) is a group of entrepreneurs and tech companies in Hong Kong. It’s a vision to turn Hong Kong into a global data hub.
The institute is working on some self-regulatory guiding principles related to data leakage such as the number of hours organizations have to inform data owners in the case of personal data breaches.
As the council member of the IBDG, the American tech firm believes that tech is key to unleashing the true potential of the GBA.
It was noted that data analytics is the means to get competitive advantages for businesses, governments as well as for R&D within the GBA. All sectors can be benefited from Hong Kong as a data hub.