Personal Data Protection Reports to Parliament
Bahamians appear reluctant to register complaints with the Office of the Data Protection Commissioner, Parliament was informed.
“Encouraging our citizens to formally register their complaints remains a challenge,” Data Protection Commissioner, George E Rodgers, said in his annual report, 2010.
Nevertheless, promoting general awareness of data protection in the nation’s private and public sectors “remains paramount,” he said. The report was tabled in Parliament.
“The Bahamas is part of the global arena and we are inextricably linked to and affected by the advancement in technology.
“As a result, the ease with which personal information can be collected, stored and disclosed adds to the ongoing challenge to protect our fundamental privacy rights,” stated Mr. Rodgers.
Last year there were six formal complaints and 32 enquiries compared to five complaints and 22 enquiries the year before.
“It was encouraging to note that the enquiries were more substantive, giving the impression that there is greater grasp of the principles and intent of the Data Protection Act (DPA),” said Mr. Rodgers.
Three of the complaints related to the operation of timeshare properties in The Bahamas.
“As these were outside the purview of the Data Protection Commissioner, they were redirected to the Bahamas Investment Authority,” said Mr. Rodgers.
Of the other three, one sought help in a matter that was more akin to freedom of information than data protection, Mr. Rodgers explained.
He advised that as freedom of information legislation was still pending, he was unable to provide any assistance in that regard.
The other two related to a refusal to release personal information on request; and correcting personal information already held on file.
Data protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal information.
The Data Protection (Privacy of Personal Information) Act places responsibility on persons processing personal information, and confers rights on those who are the subject of that information.
It also sets out the legal framework for the collection, use and disclosure of personal information that is consistent with international principles.
“From our point of view,” stated Mr. Rodgers, “the key principle of data protection is that living individuals should be able to control how personal information about them is used, with or without their consent.
“We live in an information age where the need to protect our personal information is becoming more acute each day.”
The enactment of the Data Protection Act and the establishment of the Office of the Data Protection Commissioner in 2006 “were truly significant steps in the right direction,” Mr. Rodgers said.
Along with the Computer Misuse Act and the Electronic Communications and Transactions Act, “citizens are given important rights, including the right to know what information is held about them and the right to correct information that is wrong.
“The DPA helps to protect the interest of individuals by making it an obligation of both the private and the public sectors to manage the personal information they hold in an appropriate way that is consistent with the rights of the data subject as provided by law,” said Mr. Rodgers.
The importance of the DPA in the global arena, he said, is manifested by its prominence as an element in all Tax Information Exchange Agreements successfully negotiated between The Bahamas and 24 countries.
He reminded public and private sector organisations that only one year is left of the five-year grace period allowed for the continued use of existing personal information without being fully compliant with the DPA.
“Time is running out and all stakeholders should now be well on the way to ensuring that personal data files are updated and/or purged to promote good data protection practices,” said Mr. Rodgers.financial, Internet