AG says Data Protection Act will need constant reviewThursday, May 21, 2020
BY BALFORD HENRY
ATTORNEY General Marlene Malahoo Forte says that the Data Protection Act, which was approved Tuesday by the House of Representatives, must be kept under constant review.
“This is a type of law that will have to be kept under constant review and update and, perhaps, with a time limit that our law reform and law-making process is yet to be acquainted with,” Malahoo Forte said.
She was speaking at the end of the approximately 30-month-long legislative exercise in the House of Representatives, under the watch of a joint select committee originally chaired by St Catherine South Central MP Andrew Wheatley in 2017, and eventually taken over by his successor as minister of science, energy and technology, Fayval Williams, in February 2019.
Parliamentary colleagues from both sides of the House of Representatives heaped praises on Williams for successfully piloting the Bill through often dangerous waters, to the point where it was unanimously approved by the House of Representatives and will now head to the Senate for final approval next week.
Opposition spokesmen Julian Robinson and Mark Golding joined with Government colleagues, including Juliet Cuthbert, in crediting the minister for her commitment to having the Bill approved. However, the report of the joint select committee (JSC) which approved the changes to the Act noted that there are serious concerns raised by contributors to the process, which no doubt gave rise to the attorney general's comments.
The JSC reported that it took note of the general concerns raised in submissions from sources, particularly with regard to the powers given to, and a lack of an oversight for, the information commissioner operating as a body corporate.
Other issues raised included: Registration requirements; notification of contravention or breach; processing for the purpose of journalism; temporary exemption for manual data held by public authorities; appointment of data protection officers; fines to be charged; the “one size fit all” approach of the proposed legislation on all entities; and the need for a tiered approach.
The committee also noted that various entities requested exemption from particular provisions of the Bill, in light of the fact that there were other legislation and regulations governing them.
The report said that the ministry noted the instances where a data controller or his representative would not be required to comply with the disclosure data subject requirements, data protection standards and some of the provisions of the Bill.
The categories included national security; law enforcement; taxation; statutory functions; regulatory activities; journalism, literature and art; research, history and statistics; information required to be made available to the public by or under an enactment; disclosure required by law or made in connection with legal proceedings; parliamentary privileges; domestic purposes; and some miscellaneous matters.
The committee also agreed with the attorney general about the need for intensive public education to allow the general public to understand the proposed legislation.