Hong Kong’s ‘smart’ ID card - Resources
Graham Greenleaf
Director, Cyberspace Law & Policy Centre
Faculty of Law, University of New South Wales
Last updated: 26 January 2006

Overviews – critiques of the smart ID card
Other publications
Operation of the smart ID card post-2005
Legal framework of the smart ID card
Legislation (as amended 2003) to introduce the smart ID card
Privacy Commissioner's Code of Practice (1997)
Passage of the smart ID card legislation (2001-03)
Legislative changes
Official background documents

Note: These pages are provided for teaching purposes for my privacy and surveillance law courses, and for public information, concerning Hong Kong’s identity card and number. During 2001-02 I was a Distinguished Visiting Professor at the University of Hong Kong Faculty of Law. I have an ongoing research project concerning Hong Kong’s ID card, the results of which have not yet been published, but some of the outcomes of this research appear below.

Overviews – critiques of the smart ID card

Since 2003 Hong Kong has been replacing its laminated paper ID cards, which have existed since World War II, with a multi-purpose smart card. Both the existing ‘dumb’ card and the new smart card are at the heart of personal data flows in Hong Kong. The core problem of the Hong Kong ID system is that its purpose has never been defined with precision even for the public sector and not at all for the private sector, and it has therefore always been susceptible to ‘function creep’. The smart ID card capitalises on, and increases the dangers, of this weakness. The following papers explain this critique

Other publications

Operation of the smart ID card post-2005

The ‘roll out’ of the smart ID card (ie replacement of existing laminated paper cards) commenced in 2003 and will take until about 2007 to complete. Further details of its operation in practice will be provided here in later updates.
The official view of the introduction of the card is on the HK Government’s Smart ID Card Home Page.
The multi-function aspects of the card have not yet been very successful. Although not properly documented here as yet, the position as known is briefly:

Legal framework of the smart ID card

Legislation (as amended 2003) to introduce the smart ID card


Privacy Commissioner's Code of Practice (1997)

This Code is made under s12(8) of the Personal Data (Privacy) Ordinance. The Data Protection Principles in the Ordinance apply to the ID card. The Code, though made prior to the smart ID card’s introduction, applies to it.

Passage of the smart ID card legislation (2001-03)

These background documents are only for those wanting detailed information.

Legislative changes

Official background documents