CIG tries again on data law

| 22/09/2014

(CNS): The Cayman Islands Government is launching another public consultation on the proposed Data Protection Bill. This 2014 draft of the proposed law aims to protect the right of individuals to have access to their own personal data held by private sector or government entities and to help protect it from getting into the wrong hands. Officials say this two month discussion will be the last public consultation on this latest version before Cabinet completes its review. Government has been trying to implement a data protection law for more than three years but has encountered a number of challenges in drafting legislation that is acceptable.

The goal is to ensure that any personal or sensitive information kept about people in the public or private spheres is accessible to those it’s about but not to others except in limited circumstances.

Cabinet is seeking public feedback again on the proposed law after the draft was published on Friday, as it will impact everyone who lives and works here as it applies to the private sector as well as government. The long delayed law needs to be implemented to meet government’s obligations under the Bill of Rights in the constitution, which relates to the right to a private and family life.

The proposed legislation requires that individuals must be able to access information about themselves but that data must also be properly managed by those who are holdingit. Anything from a home address of a customer or an email account of an individual to more sensitive information such as genetic, economic or health related data.

People holding information expressing an opinion about people as well as the intended use the data will be put to will fall under the law and data controllers will be required to register.  From documents relating to a person’s racial or ethnic origin to their political opinions, religious beliefs as well as more obvious information such as a criminal record could be considered sensitive. The draft legislation detail the procedures by which data subjects may request information about themselves from data controllers, and outlines fines for any failure to comply. It also requires the registration of data controllers.

The law does provide for some notable exceptions to the general rules relating to crime and government fees and duties, as well as journalism, literature and art, legal proceedings (clause 30), corporate finance and legal professional privilege. The law also provides for Cabinet, to make additional exemptions.

The draft also proposes that the Information Commissioner’s Office (ICO), which presently enforces the Freedom of Information (FOI) Law, would have a similar mandate with regards to the Data Protection Law.

Since work began on drafting the law members of the data protection working group have included representatives from the attorney general’s chambers, the information and communications technology authority (ICTA), the Cayman Islands Monetary Authority (CIMA), the ICO, and the FOI unit. Others were drawn from civil society organizations such as the Law Society, the Bar Association, and the Banker’s Association among others.

A copy of the document is posted below or can be viewed at and  Oofficials said, this is the third and final public consultation but information from previous consultations is available at

Cabinet will make its decision on the draft discussion paper following the two month discussion period which ends on 18 November. All comments and questions should be sent to before the deadline.

Print Friendly, PDF & Email

Category: Local News

About the Author ()

Comments (9)

Trackback URL | Comments RSS Feed

  1. Peter Milburn says:

    More time wasting!!!!

  2. Anonymous says:

    Well, with Data Protection in place, there goes FOI requests…. saw this one coming and whistle blowing proection not here yet.

    • Protect FOI says:

      FOIs have proven to be a godsend, I can sleep at night knowing the truth.  Please do not take away FOIs.  The inner peace is good, but sadly not one instance of enforcement when the truth comes out.  I am desperate to see ONE fine $20,000 for withholding a qualified Caymanian application in a white collar role?

      Immigration has failed us.  Daily expat permits are renewed as our recent university grads who went to the USA to gain work experience and came back wiith glowing refereces and are ready! to take the job (even at a lower entry level salary) are still being passed over.

      Shame on the cronies who are ignoring the locals.  Shame on the politicfians who are ignoring the FOIs.

      Shame on us all for breaking the rules and policies, but at least the FOI let's us know we are in the right, it is the system that is broken.

      Data protection is important, but FOIs are too.

  3. Anonymous says:

    Not needed, inappropriate, and requiring hundreds of extra employes to decipher and interpret, let alone implement. Enforcement will be impossible. Who is going to stop this madness! It is destroying Cayman.

    • Just copy the Channel Islands says:

      Why are we recreating the wheel?  The Channel Islands have the benchmark of Data Protection and is a stronger law than the UK laws. 

      Stop complicating matters.  Copy what works and get on with it.  Nothing to see here, move on. 

      • Anonymous says:

        The Data Protection draft is essentially just that, with revision in areas to conform to local specifications.

        • Anonymous says:

          Draft legislation that is appropriate to us and helps us or don't draft anything at all! Get it?

    • Anonymous says:

      If you read the law it creates a whole new Govt department.  Here we go increase size of the civil service again!  It also requires all dive operators, car rental agencies etc to hire a Data Controller.  Again increasing cost of doing business. 

  4. Anonymous says:

    HA HA!