By Simon Berry and Daisy Shen
Questions often arise about the scope of a data user’s obligations to respond to data subject access requests. Hong Kong’s Privacy Commissioner for Personal Data offers some guidance in a recently issued Guidance Note (Guidance on Proper Handling of Data Access Request and Charging of Data Access Request Fee by Data Users).
The Guidance Note addresses, among other matters/questions:
- What constitutes a data access request (a “DAR”);
- Steps for complying with a