Commissioner Calls For Regulation Over Database Fears
"); jQuery("#212 h3").html("

"); });
2023-06-01 HKT 16:03
The Privacy Commissioner has called on the government to regulate credit reference databases after finding breaches by a Kowloon Bay software company put at risk the personal data of some 180,000 people.
The commissioner's office on Thursday said it has served an enforcement notice on the firm Softmedia, whose credit reference system is used by almost 700 money lenders.
The office launched an investigation into the company after a man complained that several firms had accessed his credit data even though he had not given his consent and had never even applied for loans from them.
The complainant said he was informed about the firms' access to his records by another lender who then asked him whether he had recently experienced severe financial difficulties.
The investigation found that Softmedia gave the money lenders almost unlimited access to borrowers' information for a very low fee and that it didn't monitor access to the database.
Passwords for the system could be weak and didn't have to be changed regularly, meaning former members of staff at the lenders could potentially gain access, the commissioner's office added.
At a press conference, Privacy Commissioner Ada Chung said Softmedia – whose clients also include listed companies and government departments – had violated the Personal Data (Privacy) Ordinance and had been ordered to take a number of steps, including imposing restrictions on access to the database and verifying that the money lenders have permission from borrowers to access their information.
Chung also noted that the company's credit reference system is not regulated by any bank or money lender association, isn't covered by any ordinance related to the finance industry, and doesn't have to comply with a code of practice.
"The situation is far from satisfactory," the commissioner said.
She added that to protect people's privacy, the operation and management of credit reference databases should be regulated or supervised through laws, guidelines, industry codes or licensing systems.
"It is of crucial importance that appropriate penalties should be imposed on wrongdoers, that the privacy of borrowers should be adequately protected, and the security of the database should be properly safeguarded."
Fraud & AML In Asia: What Banks Need To Know In 2026
Fraud and AML in Asia have shifted over the past year. Alongside the system-level attacks that continue, panellists poi... Read more
Hong Kongs Total AUM Hits Record HK$42.2 Trillion In 2025
According to the Securities and Futures Commission (SFC), Hong Kong’s total assets under management (AUM) reached a r... Read more
Hyundai Card Leverages Apple Pay To Target Gen Z Users
Hyundai Card launched six new debit and hybrid cards tailored to Apple Pay users in April. The South Korean issuer is t... Read more
DBS And Samsung Securities Partner For Global Wealth Expansion
DBS has signed a MoU with South Korea’s Samsung Securities to establish a strategic partnership in wealth management.... Read more
RedotPay Selects OpenPayd For Treasury Operations And Global Remittances
RedotPay has selected OpenPayd to enhance its treasury operations and cross-border remittance services. The company wil... Read more
JCB Rolls Out Contactless Transit Payments Across Taipei Metro
JCB has rolled out contactless payment acceptance on the Taipei Metro. The integration allows cardholders to tap physic... Read more