*****************************************************

The Government will ensure the security of electronic transactions by constantly enhancing the information security infrastructure in Hong Kong.

At the opening seminar of the Information Systems Security Association's Hong Kong Chapter today (October 18), the Director of Information Technology Services, Mr Alan Wong Chi-kong, spoke on what the Government had done to improve e-security.

He said the Government had placed great emphasis on maintaining a high level of information security.

The Public Key Infrastructure (PKI) was established with an aim to setting up an architectural framework for secure e-business.

The use of digital certificates, founded on the PKI technology, enables users to conduct secure e-transactions and applications over the Internet, such as confidential e-mail exchanges, government electronic services and legally binding business transactions.

The new multi-application smart identity card, which can store a digital certificate, is an initiative to promote the use of PKI.

Mr Wong said that over time, the number of digital certificate users in Hong Kong would greatly increase, and this would create more opportunities for value-added applications as well as the development of e-government and e-business.

To lead by example, the Government is making use of digital certificates and PKI in a variety of applications to ensure secure internal and external e-transactions.

These include its confidential e-mail system and the Electronic Service Delivery Scheme where the public may secure certain public service transactions by attaching digital signatures.

In 2000, the Government enacted the Electronic Transactions Ordinance, giving electronic records and digital signatures the same legal status as their paper-based counterparts.

The ordinance also provides for a voluntary recognition scheme on the operation of certification authorities, which aims to enhance public confidence in using digital certificates.

The Government is reviewing the ordinance to ensure that Hong Kong has the most up-to-date legislative framework for e-business. An amendment bill was submitted to the Legislative Council in June this year, following extensive consultation with the industry and relevant parties.

As for information security in government bureaus and departments, Mr Wong said an IT security policy had been promulgated and government users were provided with guidelines, news and updates.

The Government supported the establishment of the Hong Kong Computer Emergency Response Team Co-ordination Centre in February 2001, which has greatly enhanced Hong Kong's capability to respond to information security incidents and to access relevant information.

Besides performing a co-ordination role in the reporting, responding and handling of information security incidents, the centre issues security and computer virus alerts and handles security incidents reported by the local community.

The Inter-departmental Working Group on Computer Related Crime has been set up to improve existing measures to tackle computer crimes. The working group's recommendations are under implementation.

As public education plays a key role in raising security awareness and promoting ethical practice, the Infosec website (www.infosec.gov.hk) was set up last year to provide public access to information security resources and updates.

The Government has also collaborated with various agencies in organising exhibitions, seminars and conferences to promote public awareness of IT security.

Mr Wong hopes that today's seminar will lead to professionals from the Government, service providers, corporate management and individual users sharing their views and working together more closely to maintain a secure e-business environment in Hong Kong.

Ends/Saturday, October 18, 2003

NNNN