Save the Date: Aug 11th virtual meeting for Caribbean privacy pros
Commissioner White to join regulators and experts across the region for the next IAPP Caribbean KnowledgeNet.
On 11 August 2021, the Office of the Privacy Commissioner for Bermuda will participate in a networking webinar discussion for the Caribbean region, hosted by the International Association of Privacy Professionals (IAPP). Speakers will include:
Nancy Volesky, Gateway Systems (Bermuda)
Rishi Maharaj, EquiGov Institute
Jan Liebaers, Deputy Ombudsman of the Cayman Islands
Alexander White, Privacy Commissioner for Bermuda
Event Details: 11 August 2021, 7-8:30pm Atlantic / 6-7:30pm Eastern / 5-6:30pm Caribbean
"Building an Effective Data Protection Regulatory Regime"
The Caribbean is part of the rapidly growing digital economy. This comes with increased risks of data breaches similar to those affecting millions worldwide. Globally, some countries have modern, robust data protection laws with enhanced protections for personal information and that strengthen the rights of data subjects.
There is growing recognition in the Caribbean by heads of state that the developments in the digital economy and the use of digital platforms require legislative support in the form of modern data protection and data sharing frameworks. This will no doubt build and foster public trust in online services and protect individuals’ right to privacy
In this webinar we will speak to data privacy experts throughout the region on the adoption of new data protection laws, the introduction of some of these new privacy frameworks and the development of the corresponding regulatory regimes. We will explore the practices and requirements introduced by regulatory authorities and discuss the ways in which these new regimes seek to protect the rights of individuals while helping to create an enabling environment for data sharing, e-governance and ease of data flow within and outside the Caribbean.
For more details and to register for the event, see the webinar event page.
To reach out to the Office of the Privacy Commissioner, please visit our Contact Us page.
Rights and responsibilities relating to data privacy are set out in the Personal Information Protection Act 2016 (PIPA). Bermuda's PIPA received Royal Assent on 27 July 2016. Sections relating to the appointment of the Privacy Commissioner were enacted on 2 December 2016, including the creation of the Office as well as those duties and powers relevant to its operation in the period leading up to the implementation of the whole Act. The Commissioner works to facilitate the advancement of consequential amendments to other Acts in order to harmonise them with PIPA.
The Office of the Privacy Commissioner for Bermuda (PrivCom) is an independent supervisory authority established in accordance with the Personal Information Protection Act 2016 (PIPA).
The mandate of the Privacy Commissioner is to regulate the use of personal information by organisations in a manner which recognizes both the need to protect the rights of individuals in relation to their personal information and the need for organisations to use personal information for legitimate purposes, among other duties.
The Privacy Commissioner's powers and responsibilities include monitoring the processing of personal information by both private- and public-sector organisations, investigating compliance with PIPA, issue guidance and recommendations, liaise with other enforcement agencies, and advise on policies and legislation that affect privacy. PrivCom also works to raise awareness and educate the public about privacy risks, and to protect people’s rights and freedoms when their personal data is used. The general powers of the Privacy Commissioner are outlined in Article 29 of PIPA.
Alexander White (Privacy Commissioner) was appointed by Excellency the Governor, after consultation with the Premier and Opposition Leader, to take office on 20 January 2020.
Privacy is the right of an individual to be left alone and in control of information about oneself. In addition to the protections in PIPA, the right to privacy or private life is enshrined in the United Nations' Universal Declaration of Human Rights (Article 12) and the European Convention of Human Rights (Article 8).
"Personal information" or data is a defined term in PIPA that means any information about an identified or identifiable individual. Examples include names, dates of birth, photographs, video footage, email addresses and telephone numbers. "Sensitive personal information" is a defined term in PIPA that includes information relating to such aspects as place of origin, race, colour, sex, sexual life, health, disabilities, religious beliefs, and biometric and genetic information. (Note: This is not a complete list.)
"Use" of personal information is a defined term in PIPA that means "carrying out any operation on personal information, including collecting, obtaining, recording, holding, storing, organising, adapting, altering, retrieving, transferring, consulting, disclosing, disseminating or otherwise making available, combining, blocking, erasing or destroying it."