Hong Kong government plans new law banning computer data deemed harmful to Hong Kong

The law will apply anywhere in the world, and could usher in Great Firewall-style censorship, analysts warn.
By Cheryl Tung and Lee Yuk Yue for RFA Cantonese and by Chen Zifei for RFA Mandarin
Hong Kong government plans new law banning computer data deemed harmful to Hong Kong
RFA photo illustration; AFP and Adobe Stock photos

Authorities in Hong Kong are planning a new law regulating cybercrime, in a move that could lay the groundwork for China-style censorship of the city's internet.

The law, which is currently at the consultation stage via the city's Law Reform Commission, would create new crimes including hacking, or unlawful interference with computer systems, as well as possessing data deemed "criminal" by the authorities.

Like the draconian national security law imposed on Hong Kong by the ruling Chinese Communist Party (CCP) from July 1, 2020, the cybercrime law will apply to acts and possibly speech anywhere in the world. It could also apply to data deemed in breach of that law, which contains broad definitions of subversion, sedition, secessionist and terrorist speech and activity.

"The principle of extraterritorial jurisdiction should apply," the Law Reform Commission said in a news release about the law. "This amendment may also violate the law even if the cloud server data is not in Hong Kong."

The law could apply anywhere if the victim or perpetrator are from Hong Kong, if any of the computer hardware or software is located in the city, or even if the perpetrator's actions are deemed "seriously damaging" to Hong Kong, according to Derek Chan, of the commission's subcommittee on cybercrime.

"At present, it is common practice to store data on cloud servers," Chan told reporters on July 20. "Many cloud servers are not located in Hong Kong, and the data isn't in Hong Kong."

"A hacker may not necessarily be a Hong Konger, but the data and people in the database would probably be [related to] Hong Kong," Chan said.

"We think Hong Kong should have jurisdiction, even if neither the data nor the person accessing it are in Hong Kong," he said.

The Computer Network Crime Subcommittee working under the Law Reform Commission of Hong Kong (LRC) issued a consultation paper on July 20, 2022, on "Computer Network Dependence Offenses and Jurisdiction Matters."
The Computer Network Crime Subcommittee working under the Law Reform Commission of Hong Kong (LRC) issued a consultation paper on July 20, 2022, on "Computer Network Dependence Offenses and Jurisdiction Matters."
'Very frightening'

The new law will likely criminalize "possession of criminal equipment or information" as well as "knowingly providing [such] equipment or information," according to a consultation paper issued by the commission.

It could also lead to a new regulatory body to issue licenses to online security companies, to enable them to carry on their research without running afoul of the law, the CCP-backed Wen Wei Po and Ta Kung Pao reported.

"The industry may have to set up a registration system to issue licenses to relevant industry personnel," the merged papers quoted Chan as saying.

Hong Kong data scientist and pro-democracy activist Wong Ho-wa said many things remain unclear about the proposed law, including how easy it would be to break it.

"This is very frightening; the public is bound to be afraid of how this will be implemented, with such broad [definitions]," Wong told RFA. "Even people who supply equipment could be targeted, say for selling routers or servers to others."

"The net is cast so wide that it will be very hard to avoid it, so that will scare a lot of people," he said. "The definitions are very broad, when you actually try to figure them out."

Wong cited the example of using VPNs to circumvent censorship, which could be viewed under the law as "unlawfully interfering with computer data."

"Maybe it won't criminalize regular citizens who use a VPN to watch Netflix, but what if a lot of people visited the same website? Would that be illegal interference? I don't know," he said.

US travel warning

Current affairs commentator Sang Pu, who is a lawyer by training, said the law appears to extend the reach of the national security law into cyberspace.

"They are extending their controls using computer and cybercrime as a pretext," Sang told RFA. "I am very worried that this will lead to internet blocks and censorship, and all of the AI censorship and keyword search term censorship we see in [mainland] China being implemented in Hong Kong."

The plans emerged as the United States updated its travel advice to citizens planning to travel to Hong Kong to "exercise increased caution due to wrongful detentions" and "arbitrary enforcement of local laws."

Currently, anyone anywhere in the world, of any nationality can be arrested in territory controlled by China or countries with extradition agreements with Beijing, if they are deemed to have broken Hong Kong's national security law, which criminalizes speech or actions believed to "incite hatred or dissatisfaction" against the authorities.

"A [Chinese government] propaganda campaign has falsely accused individuals, including U.S. citizens, of fomenting unrest in ... Hong Kong," the advisory warns. "In some cases, the campaign has published their personal information, resulting in threats of violence on social media."

The warning came on the third anniversary of bloody attacks by unidentified thugs in white T-shirts on activists and passengers at Yuen Long MTR station at the height of the 2019 protest movement.

Social scientist Chung Kim-wah said the current administration including chief executive John Lee and security chief Chris Tang were promoted after playing a key role in suppressing the protests, which began as a mass movement against extradition to mainland China, and broadened to include demands for fully democratic elections and great official accountability.

"John Lee, Chris Tang and the others all bear an unavoidable responsibility for everything that happened before and after the July 21, 2019 incident," Chung told RFA. "Now, they are high-ranking government officials, and are ... covering up the facts."

Police were criticized for failing to intervene to prevent the attacks despite being flooded with emergency calls for nearly 40 minutes after the attackers started beating people.

Translated and edited by Luisetta Mudie.


Add your comment by filling out the form below in plain text. Comments are approved by a moderator and can be edited in accordance with RFAs Terms of Use. Comments will not appear in real time. RFA is not responsible for the content of the postings. Please, be respectful of others' point of view and stick to the facts.