Laws Related to Misuse of Computer and Data Privacy

Telecommunication Ordinance Section 27A

27A. Unauthorized access to computer by telecommunication
     (1) Any person who, by telecommunications, knowingly causes a computer to perform 
         any function to obtain unauthorized access to any program or data held in a 
         computer commits an offence and is liable on conviction to a fine at level 4. 
         (Amended 36 of 2000 s. 28)
     (2) For the purposes of subsection (1)-
         (a) the intent of the person need not be directed at-
             (i)   any particular program or data;
             (ii)  a program or data of a particular kind; or
             (iii) a program or data held in a particular computer;
         (b) access of any kind by a person to any program or data held in a computer 
             is unauthorized if he is not entitled to control access of the kind in 
             question to the program or data held in the computer and-
             (i)   he has not been authorized to obtain access of the kind in question 
                   to the program or data held in the computer by any person who is so 
                   entitled;
             (ii)  he does not believe that he has been so authorized; and
             (iii) he does not believe that he would have been so authorized if he had 
                   applied for the appropriate authority.

(from Cap 106 Telecommunications Ordinance)


Crimes Ordinance Section 59 and 161

59. Interpretation
    (1)  In this Part, "property" (財產) means-
         (a) ...
         (b) any program, or data, held in a computer or in a computer storage medium,
             whether or not the program or data is property of a tangible nature.
    (1A) In this Part, "to destroy or damage any property" (摧毀或損壞財產) in relation
         to a computer includes the misuse of a computer.
    In this subsection, "misuse of a computer" (誤用電腦) means-
         (a) to cause a computer to function other than as it has been established to 
             function by or on behalf of its owner, notwithstanding that the misuse may
             not impair the operation of the computer or a program held in the computer
             or the reliability of data held in the computer;
         (b) to alter or erase any program or data held in a computer or in a computer
             storage medium;
         (c) to add any program or data to the contents of a computer or of a computer
             storage medium, and any act which contributes towards causing the misuse of
             a kind referred to in paragraph (a), (b) or (c) shall be regarded as 
             causing it. (Added 23 of 1993 s. 3)
161. Access to computer with criminal or dishonest intent
     (1) Any person who obtains access to a computer-
         (a) with intent to commit an offence;
         (b) with a dishonest intent to deceive;
         (c) with a view to dishonest gain for himself or another; or
         (d) with a dishonest intent to cause loss to another,
     whether on the same occasion as he obtains such access or on any future occasion,
     commits an offence and is liable on conviction upon indictment to imprisonment for
     5 years.

(from Cap 200 CRIMES ORDINANCE)


Theft Ordinance Section 11

11. Burglary
    (3A) The reference in subsection (2)(c) to doing unlawful damage to anything in a
         building includes-
         (a) unlawfully causing a computer in the building to function other than as it
             has been established by or on behalf of its owner to function, 
             notwithstanding that the unlawful action may not impair the operation
             of the computer or a program held in the computer or the reliability of 
             data held in the computer;
         (b) unlawfully altering or erasing any program, or data, held in a computer in
             the building or in a computer storage medium in the building; and
         (c) unlawfully adding any program or data to the contents of a computer in the
             building or a computer storage medium in the building.

(from Cap 210 THEFT ORDINANCE)


Copyright Protection in the Hong Kong SAR

The Copyright Ordinance currently in force in the Hong Kong SAR has come into
effect since 27 June 1997. The Ordinance as reviewed and revised from time to 
time provides comprehensive protection for recognised categories of literary, 
dramatic, musical and artistic works, as well as for films, television broadcasts 
and cable diffusion, and works made available to the public on the Internet. 
Furthermore, performers of live performances and persons having exclusive 
recording contracts with performers are also entitled to protection.

(from Copyright Protection in the Hong Kong SAR)


The Personal Data (Privacy) Ordinance

The PDPO is applicable to both the private and the public sectors. It
is technology-neutral and principle-based. The Data Protection Principles
("DPPs" or "DPP"), which are contained in Schedule 1 to the PDPO, outline
how data users should collect, handle and use personal data, complemented
by other provisions imposing further compliance requirements.

The collective objective of DPPs is to ensure that personal data is 
collected on a fully-informed basis and in a fair manner, with due 
consideration towards minimising the amount of personal data collected. 
Once collected, the personal data should be processed in a secure manner 
and should only be kept for as long as necessary for the fulfillment of 
the purposes of using the data. Use of the data should be limited to or 
related to the original collection purpose. Data subjects are given the 
right to access and make correction to their data.

(from The Personal Data (Privacy) Ordinance