What does this cover?

Hong Kong Broadband Network has been convicted of a criminal offence and fined HK$ 30,000 (c. £2,500) due to breaches of direct marketing provisions in the Personal Data (Privacy) Ordinance (PDPO).

The company failed to action a customer's direct marketing opt-out request, breaching section 35(G) of the PDPO.

The Privacy Commissioner, as well as the Police and Justice Department are taking a strong approach concerning direct marketing breaches.  The maximum fine for such offences under the PDPO has been increased to HK$ 500,000 (c. £42,000) and up to three years' in prison.

The statement made by the Office of the Privacy Commissioner for Personal Data can be found here

What action could be taken to manage risks that may arise from this development?

Companies should ensure customers' opt out requests are always observed. Clear policies and procedures and training will assist with this, as well as supporting a defence in the event a breach does occur.