Cayman Islands Data Protection Law and Working Group announced
Upon the recommendation of the Hon. Attorney General the Cabinet has approved the reconstitution of the Data Protection Working Group tasked with developing draft Regulations by March 2018, as well as a proposed timeline of January 2019 for the Law to come into effect.
The re-formed Data Protection Working Group has a membership consisting of experts and interested parties from the public and private sector, including Mr. Peter Broadhurst (Broadhurst LLC), Mr. Tim Dawson (Maples), Mr. Peter Colegate (Appleby), Mr. Garfield Ellison and Ms. Nadira Lord (Cabinet Office) and Mr. J. Paul Morgan (OfReg), and will be chaired by the Acting Information Commissioner, Mr. Jan Liebaers. Both Messrs. Broadhurst and Liebaers were members of the original Working Group which developed the Data Protection Bill.
The Data Protection Law 2017 protects the fundamental right to private and family life of individuals, enshrined in the Cayman Islands Constitution and Bill of Rights. The Law is modeled on current European Union legislation, and aims to meet the EU’s requirements for “adequate protection” in relation to the processing of personal data, which allows the international transfer of personal data.
Under the new law any “data controller” in the public or private sector who collects and processes information that can identify an individual will be expected, amongst other things, to tell the individual upfront what the purpose of using the information is, and ensure the information is relevant and not excessive for the purpose it is used for. With certain exemptions, the Law grants individuals the right to access their own personal data, and demand that processing, as well as processing for direct marketing purposes, cease.
Once the Law has come into effect, enforcement will be undertaken by the Office of the Ombudsman.