23 May 2014 Charles Mok again demands government internet transparency
On February 19, 2014, Charles Mok, the Legislative Council member that represents the Information Technology Constituency, asked the government to disclose details of the user data and content removal requests that it has been making towards local internet service providers (ISPs). Mok’s questions were answered by Godfrey Leung, acting secretary for commerce and economic development, on the same day.
Mok raised questions about the details of the requests made by government departments to ISPs for disclosure and removal of their users’ information since February 2013. Mok requested information specifically about the names of service providers, reasons for making the requests, and the details of the information requested for disclosure or for removal. Mok also enquired about the internal information request guidelines and mechanisms, and whether the government will make public the corresponding mechanisms that monitor requests made by government departments and law enforcement agencies.
According to the answers provided by Leung, since February 2013, five government departments, namely Companies Registry, Customs and Exercise Department, Hong Kong Police Force, Inland revenue Department and Office of the Communications Authority made a total of 5,507 pieces of user data requests to ISPs. Five departments: Customs and Excise Department, Department of Health (including Chinese Medicine Division, and Drug Office), Hong Kong Police Force, Post Office and Office of the Communications Authority, in total made 1,956 pieces of content removal requests.
Almost all the government requests were acceded to by ISPs, except the requests made by Hong Kong Police Force for data disclosure and removal, which were partially fulfilled, and the requests made by Companies Registry for data disclosure, which has 0% compliance.
The details provided by Leung, however, were far from complete. Important information, such as the names of service providers, remained unavailable from the government. Here is the government’s excuse: “Since the question involves the commercial information of a large number of service providers, it is rather impossible for the Government to obtain consent from all relevant organisations to disclose the required information. Hence, the names of individual service providers have not been made public.”
In particular, Inland Revenue Department did not release anything on its users information request, apart from reasons for making such requests, citing “the secrecy provisions under the Business Registration Ordinance and the Inland Revenue Ordinance” as a defence.
With regard to Mok’s questions on the internal information request guidelines and mechanisms, Leung’s answer was far from satisfactory: “The government departments and law enforcement agencies concerned will ensure that these requests are made only when necessary for the purpose of performing duties. Since the existing mechanism functions effectively, we do not think it is necessary to review the relevant procedures/guidelines.”