By Johnathan Koo
Google scrapped their plans to open a data centre on the Tseung Kwan O Industrial Estate site in 2013, which signalled its withdrawal from investing in Hong Kong.
The company has never properly explained the withdrawal. But we may now — after seven years of speculation — be able to draw some conclusions from the clues given by the court judgment in a judicial review case between Hong Kong Science and Technology Parks (operators of the Tseung Kwan O estate) and a locally owned data centre company.
Data security is the top priority for data businesses. However, in the court verdict, the judge ruled for HKSTP and against the data warehouse operators, saying the landlord can enter their customers’ data storage spaces at all times.
More importantly, it is clearly stated that “although reasonable notice is required, there is no right for the customer to refuse entry to HKSTP.” This is a potentially dangerous judgement if we, as Hong Kong citizens, value the privacy and security of data owners.
Clearly, no person and no company would like to see their sensitive and confidential data being accessed by the government at any time. If HKSTP, a public statutory body, is allowed to access their customers’ data storage spaces at any time, it means we are allowing the government to access data of citizens and businesses as a means to facilitate and control data centres in Hong Kong.
When companies consider investment in a city, they always take the credibility and integrity of the local government into account. According to the 2020 Heritage Foundation Index of Economic Freedom Report, Hong Kong, number one for the past 25 years, has been surpassed by Singapore, with significantly decreased scores in “Judicial Effectiveness”, “Government Integrity” and “Investment Freedom”.
Risk assessment always comes before investment. Can investors or companies risk having their data lawfully accessed by the Hong Kong Government? How can they convince their clients that their data will not be passed to a third party?
If it is hard to understand what is at stake here, imagine a bank with a vault located inside a shopping mall where the mall’s landlord has the right to access the vault. Would you feel comfortable as a user of the vault if the shopping mall operators can enter the vault anytime they want, and the bank has no right to refuse?
On the other hand, Singapore has strict protection for digital data. The government, though often criticised as authoritarian, cannot access a data centre without a warrant from a court.
In the Heritage Foundation’s Report, it is also stated that foreign and domestic businesses are treated equally under Singapore law, and nearly all sectors of the economy are open to total foreign ownership.
Hong Kong should learn from Singapore regarding the protection of personal and business data.
When we look back at Google’s mysterious withdrawal, a political lesson should be learned. Google believes in the motto of “Don’t be evil”. We cannot assume the Hong Kong Government or HKSTP will do evil deeds with freedom to access data, but who can guarantee it?
It is understandable that Google, as a global information technology giant, would give up the plan to build a data centre in Hong Kong under these conditions.
Fortunately, only data centres at government or HKSTP venues face this threat. The majority of data centres in Hong Kong are doing a brilliant job of securing clients’ privacy and confidentiality up to international standards.
The Hong Kong government should urgently review its data security policy and the role of HKSTP to limit the damage caused by this case. Otherwise, Hong Kong’s business environment will continue to deteriorate, and in the foreseeable future, it will not regain the title of the most free economy.
If that is the case, HKSTP will fail to fulfil its vision – to deliver social and economic benefits to Hong Kong.
Johnathan Koo studied International Relations in the UK and worked in politics. He is now a freelance writer and commentator.