Hong Kong’s privacy regulator has introduced the Hong Kong International Data Privacy Academy as part of a broader effort to position the city as a leading talent hub in data privacy. The initiative was unveiled during a summit marking the 30th anniversary of the Office of the Privacy Commissioner for Personal Data on Tuesday.
Privacy Commissioner Ada Chung Lai-ling highlighted the academy’s role in providing comprehensive training through public seminars, professional workshops, and expert dialogues. The program aims to equip privacy professionals with the skills needed to navigate evolving compliance demands across jurisdictions, particularly those related to emerging technologies such as artificial intelligence. The academy also supports the local government’s “AI Training for All” initiative.
Targeting data protection officers, legal professionals, and data processors in Hong Kong, mainland China, and beyond, the academy plans to collaborate with global regulators, academics, and industry experts to promote a culture of privacy awareness and enhance data governance practices.
Since its establishment in 1996, the regulator has witnessed a notable increase in privacy concerns from the public. Chung pointed to a rise in annual privacy complaints from 250 to 5,000 over three decades, alongside a tenfold increase in compliance actions—from roughly 80 to nearly 800 each year. The office has also introduced various AI-related guidelines and hosted events to help organizations innovate responsibly while safeguarding personal data.
Chung emphasized that the office will align its efforts with Hong Kong’s inaugural five-year plan, recently opened for public consultation. The government’s plan outlines strategies in economic development, infrastructure, healthcare, education, and green transformation. She noted that this approach reflects a balancing act between fostering technological innovation and ensuring robust security measures.
Secretary for Justice Paul Lam Ting-kwok, present at the summit, reaffirmed the government’s commitment to promoting safe and ethical AI deployment. He underscored the importance of building public trust in data privacy and security, stressing that the national 15th five-year plan prioritizes accelerating innovation while combating data misuse, deepfakes, and privacy violations. Lam noted Hong Kong’s forthcoming five-year plan would align with national objectives to deepen integration with overall national development.
The summit also featured an international panel discussing privacy regulatory frameworks. Dr. Song Kyung-hee, chair of South Korea’s Personal Information Protection Commission, described her country’s approach, which includes stringent penalties—for example, fines up to 10% of annual revenue for severe or repeated violations—as well as financial incentives encouraging corporate investment in privacy protections.
Miguel Bernal-Castillero, director of international, domestic and stakeholder relations at Canada’s Office of the Privacy Commissioner, highlighted Canada’s use of legal measures and international cooperation to uphold data privacy. He pointed to recent investigations into OpenAI’s practices, which found data over-collection and insufficient user consent. Following these findings, OpenAI incorporated safeguards better aligned with Canadian federal privacy laws in subsequent product versions.