Computerworld Hong Kong celebrates its 30th year in 2014. To review the growth and achievement of the local IT industry in the past three decades, CWHK presents the "Hong Kong IT Heroes" series. In the first story of this series, CWHK talked with local IT veteran Stephen Lau.
Computerworld HK (CWHK): What was Hong Kong's IT environment like in the 1980s?
Stephen Lau (SL): Back then the hot topic was global finance. It was the beginning of worldwide markets and global systems—stock trading systems, flight ticketing systems. I worked for the government for about seven years, but then decided to join Citibank.
It was an unusual move, as I was the head of the Government Data Processing Agency (GDPA: a precursor of today's OGCIO) and most people in that position would stay with the government. But I was keen to return and work in the private sector, so I joined Citibank's Asia Pacific Op and Tech division. The role covered both technology and operations, which included managing backroom systems and dealing with risk management and processes.
The mid-80s saw negotiations between the UK and China over the handover, with many people moving overseas due to perceived uncertainty of Hong Kong's future. My role at Citibank was a regional one so I was traveling extensively across the region. There was also a time when I was stationed in London to steer a global project.
CWHK: In the 90s you became Hong Kong's first Privacy Commissioner. How did you get into that role?
SL: In 1995, the government introduced the Personal Data Privacy Ordinance (PDPO). Part of the initiative was to set up the Office of Privacy Commissioner for Personal Data—an independent body to promote privacy and enforce the ordinance. This law applies to both public and private sectors and since I had experience in both, I was appointed to the role.
I also understood the relationship between technology and data privacy. During the early 80s, when I was with the GDPA, I wrote an internal document to warn about the risk of personal data with the rising of digitalization.
Although different regulations required organizations to keep large volume of customer or transactional data, this information was almost impossible to search when they were stored in paper format. To conduct a legal background check of a company or person was very difficult and time-consuming.
We called it "practical obscurity": meaning the data was there, but unsearchable.
Digitization of data makes searching and co-relation of data so much easier. Now personal data searches can be done from a terminal or mobile device. Since the 80s, all personal data privacy invasion incidents have been related to IT.
Sign up for Computerworld eNewsletters.