Guernsey’s Office of the Data Protection Authority (ODPA) has published its Annual Report for 2020.
The report, published on 23rd August, details its activities under The Data Protection (Bailiwick of Guernsey) Law, 2017 which came into effect in May 2018.
2020 was the first full year of operation under the ODPA Strategic Plan (2019-2022). The Strategic Plan sets out the ODPA’s purpose and how it delivers its regulatory objectives effectively and independently. The ODPA’s key strategic objectives set out how it seeks to predict and prevent harms to individuals from poor handling of their personal data and ensure that detection and enforcement activities are proportionate and effective.
The ODPA’s Annual Report highlights progress made towards its five strategic objectives:
- delivering its enhanced statutory duties; being a relevant, responsive and effective regulator;
- supporting organisations to meet their obligations and empowering individuals to exercise their rights; developing and maintaining effective relationships;
- and elevating discussions around the protection of personal data.
Particular things of note from the Authority’s Annual Report include: the issuing of its first administrative fines to two local companies who committed serious breaches of the local data protection Law; starting a major IT project in March 2020 and completing it on-time and under-budget by December 2020 in time for the changes to the ODPA registration requirements which came into effect on 1 January 2021; and launching its Schools Outreach Programme, which reached over 170 school children in the year.
Commenting on 2020’s activities, Emma Martins, the Bailiwick’s Data Protection Commissioner, said: “2020 was a challenging year across the globe. Despite those challenges, we have continued to deliver on our strategic objectives, and it is testament to the professionalism and hard work of our team and the engagement of our Bailiwick community that we have done so successfully. Reporting on the past year is always a good opportunity to reflect carefully on how we are approaching our statutory duties, and the outcomes we are seeing.
“We recognise the scale of the task ahead as data becomes increasingly interwoven with every aspect of our daily lives, but we are laser focussed on building a culture of respect around the handling of data and ensuring that benefits us all both socially and economically.”
The Chairman of the Data Protection Authority, Richard Thomas CBE commented, “We work hard to deliver on our regulatory duties independently, transparently and ethically. This Annual Report demonstrates our effectiveness, especially against the backdrop of the extraordinary events of 2020. It also highlights the need for the Bailiwick to see the protection of people and their data as a cultural activity, not a box ticking exercise. Embracing high standards of data governance is important both for our community and our economy.”
The 2020 Annual Report can be read here.