A letter sent by an industry group that includes the internet firms said companies are concerned that the planned rules to address doxing could put their staff at risk of criminal investigations or prosecutions related to what the firms’ users post online. Doxing refers to the practice of putting people’s personal information online so they can be harassed by others.
Hong Kong’s Constitutional and Mainland Affairs Bureau in May proposed amendments to the city’s data-protection laws that it said were needed to combat doxing, a practice that was prevalent during 2019 protests in the city. The proposals call for punishments of up to 1 million Hong Kong dollars, the equivalent of about $128,800, and up to five years’ imprisonment.
“The only way to avoid these sanctions for technology companies would be to refrain from investing and offering the services in Hong Kong,” said the previously unreported June 25 letter from the Singapore-based Asia Internet Coalition, which was reviewed by The Wall Street Journal.
Tensions have emerged between some of the U.S.’s most powerful firms and Hong Kong authorities as Beijing exerts increasing control over the city and clamps down on political dissent. The American firms and other tech companies last year said they were suspending the processing of requests from Hong Kong law-enforcement agencies following China’s imposition of a national security law on the city.
Jeff Paine, the Asia Internet Coalition’s managing director, in the letter to Hong Kong’s Privacy Commissioner for Personal Data, said that while his group and its members are opposed to doxing, the vague wording in the proposed amendments could mean the firms and their staff based locally could be subject to criminal investigations and prosecution for doxing offenses by their users.
That would represent a “completely disproportionate and unnecessary response,” the letter said. The letter also noted that the proposed amendments could curtail free expression and criminalize even “innocent acts of sharing information online.”
The Coalition suggested that a more clearly defined scope to violations be considered and requested a videoconference to discuss the situation.
A spokeswoman for the Privacy Commissioner for Personal Data acknowledged that the office had received the letter. She said new rules were needed to address doxing, which “has tested the limits of morality and the law.”
The government has handled thousands of doxing-related cases since 2019, and surveys of the public and organizations show strong support for added measures to curb the practice, she said. Police officers and opposition figures were doxed heavily during months of pro-democracy protests in 2019.
“The amendments will not have any bearing on free speech,” which is enshrined in law, and the scope of offenses will be clearly set out in the amendments, the spokeswoman said. The government “strongly rebuts any suggestion that the amendments may in any way affect foreign investment in Hong Kong,” she said.
Representatives for Facebook, Twitter and Google declined to comment on the letter beyond acknowledging that the Coalition had sent it. The companies don’t disclose the number of employees they have in Hong Kong, but they likely employ at least 100 staff combined, analysts estimate.
China’s crackdown on dissent since it imposed a national security law a year ago has driven many people in Hong Kong off social media or to self-censor their posts following a spate of arrests over online remarks.
While Hong Kong’s population of about 7.5 million means it isn’t a major market in terms of its user base, foreign firms often cite the free flow of information in Hong Kong as a key factor for being located in the financial hub.
The letter from the tech giants comes as global companies increasingly consider whether to leave the financial center for cities offering more hospitable business climates.
The anti-doxing amendments will be put before the city’s Legislative Council and a bill is expected to be approved by the end of this legislative year, said Paul Haswell, Hong Kong-based head of the technology, media, and telecom law practice at global law firm Pinsent Masons.
The tech firms’ concerns about the proposed rules are legitimate, Mr. Haswell said. Depending on the wording of the legislation, technology companies headquartered outside Hong Kong, but with operations in the city, could see their staff here held responsible for what people posted, he said.
A broad reading of the rules could suggest that even an unflattering photo of a person taken in public, or of a police officer’s face on the basis that this would constitute personal data, could run afoul of the proposed amendments if posted with malice or an intention to cause harm, he said.
“If not managed with common sense,” the new rules “could make it potentially a risk to post anything relating to another individual on the internet,” he said.
This story has been published from a wire agency feed without modifications to the text
Never miss a story! Stay connected and informed with Mint.
our App Now!!