Sustainable Living Hong Kong

Octopus made HK$44 million from selling the data of 1.97 million cardholders and there is suggestion that, apart from things like names, ID card numbers, addresses and phone numbers, the shopping habits of cardholders, as recorded on the card when people used it to make purchases, were also sold.

Outrageous, eh? Funny thing is, there’s no complaint about the voluntary surrender of even more personal data that range from photos of private indiscretions to preferences for a whole range of goods and services that feature on Facebook everyday. How much is Facebook making out of all this data? And is anybody in Hong Kong complaining?

I’ve been told to put this blog on Facebook, that personal data is optional in opening an account, etc etc, but once the account and ‘friends’ and information accumulate, it becomes a pool of marketing data that will be used to, at the very least, annoy us. I don’t have a Facebook account, and it scares me that, even though I don’t, Facebook knows me well enough to identify my friends – as well as people I know of but am by no means well-acquainted with – and send me invitations to sign up.

The Octopus brouhaha shows just how much our personal data is worth, and yet we give it away for free, thinking we enjoy a great social networking service, free. When are we going to learn? At the very least, the precious time that would have been spent maintaining a Facebook page – plus the time spent trying to get on top of Facebook’s deliberately nebulous privacy settings – is worth too much. If Mark ‘Suckerberg’ were to pay me the kind of money Octopus has made from the data of its cardholders, it may be worth considering. Otherwise, no thanks.

Pick up any kind of registration form in Hong Kong and you’d find yourself being asked to give away your ID card number, address, birthday and more besides, and we’re not talking about a clinic or a bank. Why does the supermarket need to know this? Or the boutique? For targeted marketing of course – you know, so they can chop down the trees and send you junk mail or help their suppliers foist products on you. Does anybody complain about this ubiquitous personal data-mining?

What has the privacy commissioner done to stop this kind of abuse?