Section 33Part 8 — Data Protection
Data protection
←→ Navigate · Click subsection badges to collapse · Press ? for help
The Governor, on the recommendation of the Authority, may make regulations prescribing standards for the processing of personal data, whether or not the personal data originates inside the Islands.
Regulations made under subsection (1) may provide for —
the protection of privacy;
the voluntary registration and de-registration to those standards by data controllers and data processors;
the establishment by the Authority of a register that is available for public inspection showing particulars of data controllers and data processors who have registered or de-registered to those standards and the dates of such registration or de-registration, and the countries in respect of which the registration or de-registration applies;
the application of those standards to the countries specified in the regulations;
different standards to be applied in respect of personal data originating from different countries; and
such matters as may be necessary or convenient for giving effect to this Part or for its administration.
A data controller or data processor who voluntarily registers to a standard prescribed in regulations made under subsection (1) and who fails to comply with that standard, as it may be amended from time to time, in respect of any personal data originating from a country to which the standard applies that is collected by the data controller during the period of registration, including any time after de-registration is guilty of an offence and liable on summary conviction to a fine of fifty thousand dollars and to imprisonment for six months, and if the offence of which he is convicted is continued after conviction he commits a further offence and liable to a fine of five thousand dollars for every day on which the offence is so continued.
Defined Terms
personal datadata controllersdata processorsAuthority