22-10-2024 (HONG KONG) Hong Kong has implemented stringent measures restricting civil servants from using unauthorised messaging and cloud storage services on their work computers. The decision, announced by the city’s technology minister, comes in response to what officials describe as “severe internet safety risks”.
Secretary for Innovation, Technology and Industry Sun Dong revealed on Tuesday that popular applications such as WhatsApp, WeChat, and Google Drive are now off-limits on government desktops. Speaking on a radio programme, Sun emphasised that the new regulations mirror similar policies adopted by authorities in the United States and mainland China.
“Over the past year, we’ve faced numerous challenges, with hacking incidents becoming increasingly severe,” Sun explained. “The internal government desktops cannot have instant messaging services like WhatsApp or WeChat installed, as they pose significant internet safety risks.”
The minister acknowledged that while these restrictions might inconvenience civil servants, they are crucial for enhancing overall cybersecurity. He reassured that the ban does not extend to personal mobile devices, suggesting that different departments will likely find suitable alternatives for communication.
This cybersecurity overhaul stems from an updated information technology security policy introduced in April. The new guidelines require civil servants to obtain authorisation from department heads before installing public cloud storage and web-based messaging services on their office computers. The policy encompasses desktop versions of popular messaging apps and the use of personal emails for work purposes.
The implementation of these measures has already begun, with many government offices reporting blocked access to WhatsApp, Gmail, and Google Drive on most computers. Some departments have designated specific machines for accessing blocked websites or downloading files from the internet, according to an anonymous civil servant.
However, the new policy has raised concerns about potential impacts on work efficiency. One government employee noted that WhatsApp had been widely used for daily communication between colleagues and external parties. Another civil servant suggested that a secure internal messaging system would be beneficial for maintaining efficient communication within departments.
The cybersecurity crackdown follows a series of data breaches in Hong Kong over the past year, which resulted in the leakage of residents’ personal information. In May, two government departments reported breaches affecting nearly 130,000 people within just two days. The Companies Registry experienced a fault in its digital platform, exposing names, identity numbers, and addresses of about 110,000 individuals. Simultaneously, the Electrical and Mechanical Services Department reported a leak involving data of 17,000 public housing tenants.
In response to these incidents, the Office of the Government Chief Information Officer instructed all bureaus and departments to conduct comprehensive cybersecurity reviews and report back within a week.
