Following is the full text of the speech delivered by the Director of Information Technology Services, Mr Lau Kam-hung, in a seminar on Internet-related data protection held today (Tuesday):
Ladies and Gentlemen,
Good morning! I am delighted to be invited by the Federation of Hong Kong Industries to give an opening speech in this seminar on Internet-related data protection.
The emergence of the Internet is the most significant feature of the Information Age. It has created an ever expanding and globally connected virtual community, which brings us new ways of doing business, learning and interacting socially.
The development of the Internet is remarkable. The number of Internet users worldwide has already passed the 100 million mark and is expected to reach 150 million by the end of this year. The Internet traffic doubles every 100 days. Electronic commerce is also developing phenomenally around the world. An industry estimate suggested that the amount of commerce conducted over the Internet will rise to US$1 trillion by 2003.
The rapid development and wide adoption of the Internet technology has brought us new business opportunities. On the other hand, the white-collar criminals have also taken this advantage to put it into illegal use. Hackers and crackers are no strangers to us. The number of reported cases to the Police on hacking for the first seven months of 1999 is 102 whereas in 1998 there were only 13 reported cases. According to local newspaper reports, an Internet Service Provider was attacked by two mail bombs last month causing a four-hour interruption to some of its services. Unsolicited mail, harassing or offensive mail, and deceptive mail are frequently received on the Internet. Personal data on the Internet are vulnerable if they are not properly protected.
The HKSAR Government is perfectly aware of the need to keep its own information infrastructure secure. Government bureaux and departments follow a set of security guidelines to protect their IT resources. We will strengthen the security by establishing the Secure Central Internet Gateway (SCIG) to enable Government bureaux and departments to gain access to the Internet, to disseminate information and to communicate with the public over the Internet through a secure and centrally managed gateway. The SCIG, to be set up early next year, will adopt internationally accepted Internet security standards, and will protect the Government bureaux and departments by means of firewalls, virus detection systems and proactive intrusion detection systems.
To facilitate the conduct of business and transactions securely on the Internet, the HKSAR Government, in its "Digital 21" Information Technology Strategy, has laid down several initiatives.
In order to provide a framework for authenticating the identity of participants in performing electronic transactions in Hong Kong, the Government is working towards the development of a Public Key Infrastructure. With this Public Key Infrastructure, not only Government services could be delivered securely over the public networks, a foundation will also be built for the delivery of electronic services of other organisations.
The private sector is free to set up more Certification Authorities to meet the demand of electronic commerce in Hong Kong. To protect consumer interests and enhance users' confidence in electronic transactions, my department is going to set up a Certification Authority Recognition Office (CARO) by the end of the year. Certification Authorities are free to apply for recognition on a voluntary basis, but only those Certification Authorities which have achieved a trust standard and adopted a common and open interface in their operation will be recognised.
To provide the necessary legal framework for the conduct of electronic transactions in Hong Kong, we have introduced the Electronic Transactions Bill into the Legislative Council in July this year. With the enactment of this bill, legal recognition will be given to electronic records and digital signatures. It will also provide a clear legal framework for the operations of the Certification Authorities to authenticate the identities of participants in electronic commerce. This will enable the development of a definitive and supportive legal environment that creates certainty and build business confidence for electronic commerce in Hong Kong.
To promote awareness on security and data protection is an important goal of the Government. Event like today's provides a valuable opportunity for business executives, industry experts and Government officials to exchange ideas and keep ourselves abreast of the various issues on the protection of data in the Internet, intranets and e-commerce. I would like to thank the Federation of Hong Kong Industries for organising this seminar. I am sure that we all will benefit from it.
End/Tuesday, October 26, 1999