The Hong Kong government is planning a new law designed to make the operators of public utilities and other crucial infrastructure step up security against cyber attacks.

The move was announced on Wednesday during Chief Executive Carrie Lam’s last policy address of her current term, confirming earlier media reports.

Policy Address 2021
Workers handing out copies of the latest Policy Address on a footbridge to the government headquarters on October 6, 2021. Photo: Candice Chau/HKFP.

The Security Bureau and the Innovation and Technology Bureaus are conducting a joint study, paving the way for a legal framework that will require compliance from private companies, statutory bodies and government departments on cybersecurity, government sources told HKFP.

Hong Kong has seen a series of cybersecurity attacks, such as when a local airline’s cache of client data was stolen, or when the Hospital Authority saw its patients’ data hacked. Authorities want to strengthen defences against similar incidents.

While it has yet to be determined which infrastructure or companies are considered critical, they may include public utilities, internet service providers and transport, the sources said.

YouTube video

Operators will be asked to strengthen their own information system’s security, for example by drawing up security guidelines, contingency plans, or incident reporting mechanisms in accordance with the law.

The law will offer a macro framework that will regulate companies and institutions instead of personal behaviour, the sources said.

It will consider similar legislation elsewhere such as in mainland China, which implemented cybersecurity laws in 2017, and Macau, which brought in a law in 2019.

Support HKFP  |  Code of Ethics  |  Error/typo?  |  Contact Us  |  Newsletter  | Transparency & Annual Report | Apps

Help safeguard press freedom & keep HKFP free for all readers by supporting our team

contribute to hkfp
2023 fund hkfp
YouTube video

Support press freedom & help us surpass 1,000 monthly Patrons: 100% independent, governed by an ethics code & not-for-profit.

contact hkfp
Selina Cheng

Selina Cheng

Selina Cheng is a Hong Kong journalist who previously worked with HK01, Quartz and AFP Beijing. She also covered the Umbrella Movement for AP and reported for a newspaper in France. Selina has studied investigative reporting at the Columbia Journalism School.