Select a region
The Bailiwick's Data Protection Office carried out 24 investigations and made two high-profile fines in 2020 - however the strategic focus is on ensuring the community "appreciates the need for good protection of data".
The ODPA has published its annual report for 2020, setting out details of its enforcement work, strategic aims and the ever-present role that data plays in our daily lives.
The Bailiwick Commissioner, Emma Martins, confronts a stigma that some have labelled data protection with and seeks to emphasise the benefits that come from good governance and respect.
“What I consider one of the biggest challenges we face in the area of data protection is that it is seen as being in conflict with innovation, progress, prosperity.
“I can (and do) rail against the misleading perception that data protection stands in the way of such important goals, but railing won’t help
Pictured: 2020 in numbers for the ODPA, which had over 900 registered businesses and carried out 24 investigations.
“If our community does not appreciate the need for good protection of data, no amount of law changes will help. What we need to do is reflect seriously on how we can better deliver those objectives by positively engaging organisations and individuals.
“There are lots of ways we can do this, including clearly articulating why data protection is an enabler, both economically and socially; helping organisations to recognise the commercial imperative to respect people’s rights; and building a culture of respect as a jurisdiction which embeds data governance into everything that it does.
“If we do all that well, then we move beyond the sense that regulation is in conflict with prosperity and start to see it as a precondition of it.“
The ODPA publishes information about its enforcement action against data breaches, which is one was that it hopes to communicates the sorts of issues that may lead to regulatory action and, crucially, work to prevent them from happening again.
The Office received 38 complaints about data breaches - the majority of which related to public bodies - investigated 24 of those, and sanctioned 11.
"This year has also seen a number of significant enforcement actions taken by the Authority as a result of complaints made to us," said Mrs Martins.
"Understandably this has led to a degree of media interest and we have taken the deliberate decision to be as open and transparent as possible in all our activities, including regulatory action.
"That has probably been uncomfortable for those organisations. But the principle of openness in dealing with breaches of the Law is an important one because an environment of transparency and accountability encourages trust and confidence in us by those that make complaints."
During 2020, the Authority took its first significant enforcement actions by issuing two administrative fines.
The first was issued to Sure (Guernsey) Limited in September 2020 over inaccuracies in the 2019/2020 telephone directory. They were fined £80,000 for a lack of transparency as to how personal data was to be processed, for publishing personal data which contained inaccuracies, and for the publishing the details of 119 ex-directory members of the community.
The second fine was issued to Trinity Chambers LLP in November 2020 for unauthorised disclosure of highly sensitive and private information about a person and their family.
They were fined £10,000 to reflect the serious nature and impact of failing to look after the data in question, which resulted from sending files via email and by post without appropriate security.
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.