Hong Kong: Protection of Critical Infrastructures (Computer Systems) Ordinance including cybersecurity regulation introduced to Legislative Council

Protection of Critical Infrastructures (Computer Systems) Ordinance including cybersecurity regulation introduced to Legislative Council

On 6 December 2024, Protection of Critical Infrastructures (Computer Systems) Ordinance (Ordinance No. 4 of 2025) including cybersecurity regulation was introduced to the Legislative Council. The Ordinance would establish cybersecurity obligations f…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other

Implementation Level

national

Government Branch

legislature

Government Body

parliament

Complete timeline of this policy change

Hide details

2024-12-06

under deliberation

On 6 December 2024, Protection of Critical Infrastructures (Computer Systems) Ordinance (Ordinance …

2025-03-19

adopted

On 19 March 2025, Protection of Critical Infrastructures (Computer Systems) Ordinance (Ordinance No…

2025-03-28

in grace period

On 28 March 2025, the Legislative Council's Protection of Critical Infrastructures (Computer System…

2026-01-01

in force

On 1 January 2026, the Legislative Council's Protection of Critical Infrastructures (Computer Syste…

Description

Protection of Critical Infrastructures (Computer Systems) Ordinance including cybersecurity regulation introduced to Legislative Council

Scope

Complete timeline of this policy change