On 9 April 2021, the Legislative Council Panel on Financial Affairs discussed the proposed implementation of a new inspection regime. The proposal is set out in LC Paper No. CB(1)737/20-21(07).
The Companies Register (the ‘Register”) maintained by the Companies Registry (“CR”) contains personal information made available for public inspection under the Companies Ordinance (Cap. 622) (“CO”). The Register allows public inspection to cater for the purposes set out in the CO, such as for ascertaining the particulars of a company’s directors or other officers, or the particulars of a person appointed as the liquidator or provisional liquidator in the winding up of a company.
The personal information made available for public inspection in the Register includes, amongst other data, the usual residential addresses (“URA”) and full identification numbers (“IDN”) of directors, company secretaries and some other individuals (such as liquidators and provisional liquidators).
In recent years, there has been rising community concern over whether personal information contained in public registers are adequately protected, especially in the light of increased reported cases of doxxing and personal data misuse. In its report issued in 2015, the Office of the Privacy Commissioner for Personal Data suggested that the Government limit the disclosure of identification numbers and residential addresses of company directors filed with the CR.
Upon the implementation of the new inspection regime, all searchers (including the media) will continue to be able to access the information of directors on the Register, including their personal correspondence addresses (in place of URA) and partial IDN (the alphabet(s) and three digits in the case of Hong Kong identity card).
The Financial Services and the Treasury Bureau (“FSTB”) plans to commence the new inspection regime in phases, with corresponding necessary legislative amendments, as follows –
Phase 1 – with immediate effect, companies will be able to withhold from public inspection in their own registers the URA of directors and full IDN of directors and company secretaries;
Phase 2 – with effect from October 2022, CR will be able to protect from public inspection the Protected Information contained in all documents filed for registration; and
Phase 3 – with effect from December 2023, individuals may apply to the CR for protection from public inspection their URA and full IDN contained in documents already registered with the CR.
The phased commencement of the new inspection regime requires making of subsidiary legislation. FSTB plans to introduce this subsidiary legislation into the Legislative Council for negative vetting in May 2021.