The government of the Cayman Islands is currently reviewing draft legislation that, if passed, would institute a robust data protection framework. The draft legislation comes four years after the Cayman Islands enacted the Freedom of Information (FOI) Law and will soon be available for public comment. The DPL “is modeled after the EU Data Protection Directive (95/46/EC) and on the UK’s Data Protection Act 1998,” says Deputy Information Commissioner Jan Liebaers. “It is structured more concisely than its predecessors, with consecutive parts dealing with principles, rights of data subjects, notification responsibilities of data controllers, exemptions, functions of the information commissioner and enforcement.”
Additionally, the proposal would place the DPL under the “auspices of the existing freedom of information commissioner. “As deputy information commissioner,” notes Liebaers, “I will likely play a central role in the planning and implementation of the new law and in the enforcement once it comes into effect.” Liebaers says the driving force behind the draft bill is to gain adequacy status from the European Commission. Attaining adequacy, he says, would not only allow more fluid data flows, but also “strengthen links between businesses in the Caymans and the EU as well as multinationals which do business in the Cayman Islands.” Fluid, strengthened links would make it “easier for EU businesses to outsource certain operations involving personal data to the Cayman Islands.”