Privacy Policy Terms of Use
Home

News update: Hong Kong Privacy Commissioner claws back privacy protection from agentic AI tools

May 18 2026
 

On 16 March 2026, the Office of the Privacy Commissioner for Personal Data (PCPD) issued a media statement reminding organisations and members of the public to use “OpenClaw” and other agentic artificial intelligence tools with caution. In this news update, Pádraig Walsh from our Data Privacy practice looks at the key data privacy and cybersecurity risks arising from agentic AI that were highlighted by the PCPD and the recommended safeguards to adopt before deployment.

What is agentic AI (and why does it matter)?

Agentic AI tools differs from other AI tools such as AI chatbots. AI chatbots are limited to analysing documents and providing information based on pre-defined questions. Agentic AI can operate as a form of digital assistant that can provide information and carry out tasks independently, once objectives are clearly defined. Agentic AI can read and write local files, deploy system resources, interface with third-party services, or autonomously carry out multiple-step tasks according to pre-defined instructions. This can be deployed for tasks such as handling emails, making hotel reservations and settling payments.  These processes do not require user’s real time involvement once the instructions have been given. Open Claw is one example of this form of agentic AI.

The PCPD has highlighted that these capabilities can amplify privacy and security risks. Agentic AI needs careful design and implementation of access controls, monitoring and technical safeguards across a number of data sets and computer networks and systems. This is particularly necessary to preserve privacy and security. Without strict privilege settings and oversight, expanded access may expose large volumes of personal data to unauthorised access, copying, or onward disclosure. The system may also misread user instructions and delete or change critical information. Risks increase further if connected systems have design flaws or weak safety controls. Malicious code may be introduced and exploited to compromise accounts or take over devices. Agentic AI is becoming increasingly easy to use and deploy. The ease of use can result in premature deployment before privacy and security concerns are fully considered.

PCPD’s suggestions

The PCPD reminded organisations and members of the public that, they should first understand the personal data privacy and security risks involved before deploying or using agentic AI tools. The PCPD recommended users of agentic AI to:

(a)     consider the nature and sensitivity of the personal data involved and grant the minimum access right to agentic AI;

(b)     use the latest official version and avoid third-party versions or outdated versions to reduce risk of data breach incidents from unpatched system vulnerabilities;

(c)     adopt adequate measures to ensure system security and data security;

(d)     install and use plugins with caution, verify that the relevant programmes are official versions to ensure their security;

(e)     conduct continuous risk assessments to identify and evaluate risks involved using agentic AI

Conclusion

Open Claw launched to significant attention and impact, which has since somewhat waned. The PCPD guidance is not limited to one application or tool though. The issues are more pervasive than that. Agentic AI tools have the capacity of performing tasks without human oversight and may in time move beyond answering questions to taking actions across business systems.

The privacy and security consequences of misconfiguration of agentic AI can be immediate and significant. The PCPD will still assess responsibility by reference to the data user collecting and controlling the use of personal data. If an organisation in Hong Kong uses agentic AI in its operations that collects or uses personal data when deployed, then that organisation (and most likely, not the system developer) will be responsible and accountable. The data user (and humans!) must still have oversight of the deployment and activity of agentic AI. The data user will still be accountable.

The PCPD’s statement is a useful reminder that organisations should treat agentic AI deployments as a governance and risk project. Organisations should retain robust oversight and establish systemic rules on what data an AI agent may access and process. We expect regulatory attention in this area to continue as adoption accelerates.

And remember, privacy by design and default from the outset, and human oversight and monitoring in implementation are the key protections. You don’t want a PCPD enforcement action to force you to claw back privacy and security after the event.

Pádraig Walsh and Evelyn Wong

If you want to know more about the content of this article, please contact:

Pádraig Walsh
Partner | Email

Disclaimer: This publication is general in nature and is not intended to constitute legal advice. You should seek professional advice before taking any action in relation to the matters dealt with in this publication. This article was last reviewed on 31 March 2026.

Tags:

Legal Updates TMT

Share this post

Pádraig Walsh

Featured Articles

Insights
News update: Hong Kong Privacy Commissioner claws back privacy protection from agentic AI tools
Pádraig Walsh 18 May 2026
Insights
News update: Finfluencers on the SFC regulatory radar
Pádraig Walsh 18 May 2026
Insights
What Is the Right Measure of Compensation in Hong Kong Discrimination Claims?
Russell Bennett 14 May 2026
Insights
News update: Secondary Trading of Tokenised Authorised Investment Products Permitted in Hong Kong
Pádraig Walsh 04 May 2026
Insights
Enforcement action follows PCPD finding of ineffective data privacy training
Pádraig Walsh 29 April 2026
Insights
What you need to know about the Protection of Critical Infrastructures (Computer Systems) Ordinance, the cybersecurity legislation in Hong Kong (Part 6)
Pádraig Walsh 21 April 2026