Skip to content

Something urgent? Call us now! (852) 3416 1711

Ally Law
Boase Cohen & Collins
Blog

Cybercrime review is long overdue

By Alex Liu

Hong Kong, 6 September 2022: It is obvious to many that Hong Kong’s laws to combat cybercrime are badly outdated. This city completed its last review of online security more than two decades ago, since when the digital revolution has transformed almost every aspect of our lives. So new proposals to introduce specific legislation against cybercrime are both welcome and overdue.

The Law Reform Commission (LRC) has published a consultation paper which recommends introducing a string of new cybercrime offences and giving courts scope to hand out tougher penalties, including life imprisonment in the most serious cases.

Background

Currently, there is no single ordinance in Hong Kong which deals specifically with cybercrime. Until now, law enforcement officers have relied chiefly on Section 161 of the Crimes Ordinance (Cap 200), for the offence of “access to a computer with criminal or dishonest intent”, and section 27A of the Telecommunications Ordinance (Cap 106), forbidding “unauthorized access to any program or data held in a computer”. It is worth noting that Section 161 was enacted in 1993, a time when the internet was only in its formative stages and before the advent of smartphones and social media.

But then came a landmark decision by the Court of Final Appeal in April 2019 which ruled Section 161 did not apply to the use by a person of his or her own computer, including a smartphone. Until that point, Section 161 had been used to prosecute a wide range of smartphone and computer-related crimes, including the taking of up-skirt photos. The need for new legislation was clear.

In fact, the LRC’s Sub-committee on Cybercrime had commenced its study three months before that key judgment, seeking to identify the challenges posed by rapid developments in cybercrime, review existing legislation and make recommendations. In doing so, it examined the regulatory regimes in seven other jurisdictions, namely Australia, Canada, England and Wales, Mainland China, New Zealand, Singapore and the United States.

Proposals

After three and a half years of deliberations, the LRC has produced its consultation paper. At the heart of this document is the suggestion that new legislation should be enacted to cover five types of offences, namely:

  1. illegal access to program or data;
  2. illegal interception of computer data;
  3. illegal interference of computer data;
  4. illegal interference of computer system; and
  5. making available or possessing a device or data for committing a crime.

The paper recommends maximum penalties of two to 14 years’ imprisonment for most offences – compared with two to five years under existing laws – while summary convictions could result in a sentence of up to two years. However, for “aggravated offences”, such as illegal interference with computer data or a computer system, the highest penalty could be life imprisonment.

Given the nature of cybercrime, Hong Kong would be justified in giving the new laws extra-territorial application, says the LRC. As an illustration, the courts here may assume jurisdiction if the perpetrator’s act has caused or may cause serious damage to Hong Kong.

The LRC has stopped short of allowing whistle-blowers who expose wrongdoing to rely on a public interest defence. It maintains that a “reasonable excuse” defence allows courts flexibility to determine what may or may not be acceptable by reference to societal standards. However, it is seeking industry stakeholders’ views on whether there should be any specific defence or exemption for certain professionals or businesses, for example cybersecurity personnel.

It is also worth noting the LRC’s Sub-committee on Cybercrime began its study well over a year before enactment of the national security law in the summer of 2020. “The duty of Hong Kong to safeguard national security reaffirmed the need for reform of cybercrime laws in Hong Kong and the sub-committee has taken this into consideration in its pursuit of the cybercrime project,” says the consultation paper.

Comments

In drafting its recommendations, the LRC has weighed the need to protect the public’s interest and right not to be attacked when using their computer system against the rights of netizens and the interests of persons in the IT industry. In short, it is seeking a balance between effective law enforcement and safeguarding individual rights. The consultation period, which ends on 19 October, is a welcome opportunity for industry stakeholders to have their say.

A Partner in BC&C since 2000, Alex Liu’s key areas of practice include commercial and corporate litigation, investigations by governmental bodies such as the SFC, ICAC and Commercial Crime Bureau, insolvency and debt restructuring, intellectual property, defamation, property and commercial contract drafting. He can be contacted at alex@boasecohencollins.com.

39+ years of legal experience is just a click away.

Friendly and approachable, we are ready to answer your questions and offer you sound advice.

Contact us now

BC&C-contact-us

News & Knowledge

Learn more about what we do and what we say. Subscribe to our newsletter to ensure you receive our updates.

  • This field is for validation purposes and should be left unchanged.

A window of opportunity awaits

Hong Kong, 22 January 2025: A lonely young lady, a middle-aged couple, a professional dancer and a songwriter at his piano – these and other neighbours are spied on by photographer LB “Jeff” Jeffries, confined to his apartment with a broken leg, in the classic 1954 thriller Rear Window. Jeff spends long days and nights […]

Read more

Clock ticking after LGBTQ+ legal victory

By Jasmine Kwong Hong Kong, 10 January 2025: After another landmark court victory for Hong Kong’s LGBTQ+ community, attention now turns to a looming deadline for the government to provide an alternative legal framework that recognises same-sex relationships. Thus far, the authorities have yet to provide an update on their deliberations or engage in any […]

Read more

Law & More: Episode 48 – Geoffrey Ma

Hong Kong, 6 January 2025: In this episode, we are thrilled to be joined by the Honourable Geoffrey Ma, the former Chief Justice of Hong Kong. Geoffrey looks back on his distinguished career, from his upbringing and education in the UK, to his many years at the Hong Kong Bar, and two decades of service […]

Read more

The plague of fake traffic accidents

By Jeffrey Chan Hong Kong, 30 December 2024: Two major police operations in recent weeks have highlighted the long-running issue of fake traffic accidents and the headaches these cause for insurance companies, the government and law enforcement agencies. Bogus claims around motor incidents are part of a rising trend of insurance fraud, with the authorities […]

Read more

Focus on enforcing foreign judgments

Hong Kong, 17 December 2024: Our Consultant John Zhou was pleased to attend a high-powered legal seminar in Hong Kong examining the broad topic of recognition and enforcement of foreign judgments. The five-day course, jointly organised by the Hague Academy of International Law and the Asian Academy of International Law, and held at the latter’s […]

Read more
See all news and knowledge
Ally Law