Today we meet Jersey’s new Information Commissioner, Paul Vane and ask him about his plans for the JOIC and how we can use Jersey’s strong data protection reputation to our advantage.
Paul is tasked with leading the Jersey Office of the Information Commissioner (JOIC) in the next stage of its development to meet emerging challenges in digital technology, while ensuring Jersey retains its high standing on the international privacy scene.
Communicating the data protection message
To start off, we asked Paul about whether he has any plans to change the way that JOIC works and communicates with controllers and the public?
This is work we have already started in the last twelve months. We have established a vision where we want to create a culture in Jersey where privacy becomes instinctive. A little like putting your seatbelt on when you get into a car or locking your front door behind you when you leave the house. If we can get to a place where our Islanders are actively thinking ‘privacy’ in their day-to-day lives, then this will naturally improve levels of compliance with data protection law right across the business community.
Our simplistic theory is that if we can educate our Islanders on how to manage their own personal information by empowering them to ask the right questions, take the appropriate precautions and ‘think before they do’, then this will filter into their workplaces too, thereby creating a culture of privacy within the organisation and improving compliance.
“Data protection law is all about people”
Most of the last three years post-GDPR and our new laws here in Jersey has been focused on helping businesses get on the road to compliance. We know it doesn’t happen overnight, so we have spent much of the last three years developing guidance and providing support to local businesses. However, data protection law is all about people, and so our priority must also be to educate individuals.
Our plans for the coming year and beyond are to focus more of our efforts on educating the public. We already have a strong presence in mainstream education and since last year have presented to over 1400 children, educating them about the risks of putting their information online, dangers of social media, rights under data protection law and how actions and decisions they make now can have an impact on their future lives.
We are also looking to get involved with more non-commercial social events. For example, three of our team recently ran a stand at the Early Summer Show at the Royal Jersey Showground. It’s events like these that we feel we can really reach out to all ages of the community. We’ll be running our own public awareness raising campaigns as well, so keep an eye out for those.
Internally, we’ll be adding to our own team in the coming months to strengthen our resilience. It’s easy to forget sometimes that we’re only a small team of thirteen full time staff regulating the entire business community in Jersey, whilst still keeping an eye on international developments and raising our international profile.
Can Jersey become a ‘data vault’ for data?
There has been talk of Jersey becoming a form of ‘data vault’ by focusing on its data protection and trusted reputation from the finance industry. Do you think this is likely?
This has been a topic in Jersey for nearly as long as my seventeen-year career in data protection. Whilst I’m not sure we’ll see a huge influx of monstrous data warehouses here, largely due to the geographical limitations of being a small Island, there are still significant opportunities for Jersey to be a world leader in the data digital sector.
We are fortunate in Jersey to have a well-established, well-respected and well-regulated financial services industry. As a result, concepts such as data trusts and data stewardship are real possibilities here and I know that this is an area already under consideration. It is early days, but it is crucially important for Jersey to seize upon and maximise these opportunities to ensure the long term prosperity of our Island.
Using Jersey’s strong data protection reputation
Can Jersey use its strong data protection reputation to attract businesses to the island?
Yes we can, and we already do. However, it’s important not to look at the Island’s data protection regime in isolation. Businesses are attracted to the Island for many reasons. Jersey has spent a lot of time and effort to ensure our reputation as a well-regulated jurisdiction is both promoted and protected. This has largely been in terms of our finance industry, but now extends into many other areas of business including the digital sector.
Organisations such as Digital Jersey are set up specifically to promote Jersey as a digital hub and testbed for start-up tech enterprises, and coupled with a strong legal framework for data protection, Jersey is well placed to take advantage. As I mentioned, the world of data is changing and there are opportunities for Jersey to lead the way. I am certain my colleagues in Government, and at Digital Jersey and Jersey Finance are already looking at these with interest.
My office is also focused on raising our international profile, not just as a regulatory authority but as an Island that is a safe place to live and do business. Trust and confidence are absolutely key to successful businesses. We are actively involved in global international forums which extend into numerous topics.
We represent the Island on a number of working groups of the Global Privacy Assembly, for example, the protection of data protection rights in terms of global Covid-19 responses, data protection in Artificial Intelligence, the role of personal data protection in International humanitarian aid and crisis management and effective enforcement of data protection across the globe, to name a few. All of these operate with the purpose of improving awareness and education in data protection around the world, and ensuring cohesion and cooperation between data protection authorities to make our respective jurisdictions safer places.
Do you have a data protection question that you would like to ask Paul? Drop us a line at [email protected].
Visit the JOIC website to explore a wealth of data protection guidance.
