For a Non-Prescribed Product, which includes: plugs, adaptors, extension units, lamp holders, flexible cords, and unvented thermal storage type electric water heaters, the following are accepted as a certificate of safety compliance:
- A declaration of conformity issued by a 'recognised manufacturer';
- A certificate or test report issued by a 'recognised certification body' (RCB) under registration of EMSD in one of the following: CB test certificates issued by National Certification Bodies participating in the CB Scheme; Endorsed certificates or test reports issued by organisations accredited by the Hong Kong laboratory Accreditation Scheme (HOKLAS) or by the Hong Kong Accreditation Service (HKAS); Endorsed certificates or test reports issued by organisations that have been accredited by those bodies which have mutual recognition agreements with HOKLAS or HKAS.
For a Non-Prescribed Product, which includes all other electrical products, in addition to the two types of documents stated above, a declaration of conformity (DOC) issued by the product manufacturer will also be accepted as a certificate of safety compliance. Non-prescribed products must comply with the Hong Kong Essential Requirements, which are presumed to be fulfilled if the product complies with relevant IEC standards. A Certificate of Conformity, as described below, or a Declaration of Conformity (DoC) is required to show compliance.

Hong Kong is a free port, which means that no tariff is charged on the import or export of goods. Therefore, there is no need to implement a de minimis threshold.

According to the Trade Marks Ordinance, an application to register a domain name must be made to a domain name registrar, and the applicant for a domain name must accompany the application with evidence of entitlement to that name, such as a copy of its Business Registration Certificate. In addition, businesses that want to register a "com.hk" (English Domain Name) and/or ".公司.hk" and/or ".公司.香港" (Chinese Domain Names) must be registered companies in Hong Kong. Furthermore, there are no registration obligations for second-level ".hk" domain names, while third-level ".hk" domain names are exclusively accessible to entities with a local presence in Hong Kong.

The Trade Descriptions Ordinance (Cap. 362) (TDO) and the Sale of Goods Ordinance (Cap. 26) (SGO) are generic consumer protection laws protecting general consumers against unfair trade practices. However, as generic consumer protection laws, TDO and SGO do not specifically address the distant nature of an online transaction. For the pre-purchase stage, TDO and SGO do not contain provisions requiring online retailers to provide information such as contact details, procedures for order cancellation, and goods refund/return policy. Neither do they set out a mandatory cooling-off period, which refers to the period of time following the conclusion of a contract whereby a supplier allows its customers to unilaterally cancel the contract without having to provide a reason. As to the post-purchase stage, there are no standardised goods refund/return policies for online shopping.

The Copyright Ordinance establishes a safe harbour regime for intermediaries for copyright infringements. The liability of Internet service providers (ISPs) will depend on the type of service being provided. The Copyright Ordinance (CO) provides specific exemption from liability for those service providers who merely provide physical facilities, such as the hardware and network infrastructure, to clients/customers for network communications and access through the internet. In addition, for other ISPs, liability for copyright infringement can arise if the ISP itself is found to have engaged in unauthorised acts or it is held responsible for contributing to or making possible the act of infringement by another. Depending on the type of service provided by the ISP, it may be liable for direct copyright infringement, either as a primary or secondary infringer. Under section 22(2) of the CO, even if an ISP does not commit direct infringement, it can still be liable on the basis that it "authorised" the infringing acts.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Hong Kong's law and jurisprudence. On 31 October 2019, the High Court handed down an interim injunction against the "promotion, encouragement and incitement of the use or threat of violence via Internet-based platform or medium". Subsequently, the High Court amended its injunction to restrain only those who willfully assist others in posting inciting material online. In other words, online service providers (OSPs) are not in breach of the injunction, even if they enable posts to be made on their platforms without knowing the facts or contents of such publications. Furthermore, the injunction does not impose a positive duty on OSPs to search for or filter out unlawful content uploaded by others.

The Telecommunications (Registration of SIM Cards) Regulation has taken effect in September 2021 to implement the Real-name Registration Programme for Subscriber Identification Module (SIM) Cards. According to Art. 5 of the Regulation, telecommunications operators must not activate SIM cards unless users have registered their personal data, including their full name in English and Chinese, HKID number or other identity document number, a copy of their identity document and date of birth.

Hong Kong has appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

It is reported that the Office of the Communications Authority (OFCA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Under Section 33 of the Personal Data (Privacy) Ordinance, there are prohibitions against the transfer of personal data outside Hong Kong except in specified circumstances. However, this Section has not yet come into operation. If the data is transferred by a data controller to its outsourcing agent situated outside Hong Kong for processing the data, the data user remains liable for all acts done by its agent in relation to the mishandling of the personal data.

Hong Kong’s Securities and Futures Commission released a circular in October 2019 that requires banks and other regulated groups to store data locally or ensure that their cloud provider will hand over information on request.

Hong Kong has joined an agreement with binding commitments to open transfers of data across borders: the Australia-Hong Kong Free Trade Agreement and associated Investment Agreement [Art. 11.7(2) and 11.15(1)].

The Personal Data (Privacy) Ordinance, as amended in 2012 ('the PDPO'), is the main legislation in Hong Kong which aims to protect the privacy of individuals in relation to personal data and to regulate the collection, holding, processing, or use of personal data based on a set of data protection principles ('DPPs').

Pursuant to Art. 43 of the Law of the People's Republic of China on Safeguarding National Security in the Hong Kong Special Administrative Region (National Security Law), the Chief Executive may authorise the interception of communications or the covert surveillance of an individual if they think it is necessary and proportionate to the purpose for which such actions are sought. As a result, it is reported that the Law allows the government to request sensitive data if national security is deemed to be at risk and that such authorisations are not legally reviewable. The National Security Law is implemented through the Implementation Rules for Art. 43 of the Law of the People’s Republic of China on Safeguarding National Security in the Hong Kong Special Administrative Region.

According to the Communications Authority Ordinance and the Companies Ordinance, there are no ownership restrictions for telecommunications, manufacturing of information and communication technology goods and products, computer and related services, and online broadcasting. In addition, it is reported that there are no foreign ownership limitations in the telecom sector.