A former UK Information Commissioner and current advisor to Prime Minister Theresa May has been selected for the £400-a-day job as Chair of the new Guernsey Data Protection Authority.
Richard Thomas will be formally appointed in May, when the new law comes into effect, but will work on a shadow basis with immediate effect.
He was awarded a CBE in 2009 for public service and will help shape the way data protection is regulated in the island, as the Bailiwick continues preparations for the introduction of its new data protection law.
The new law, approved by the States in November, seeks to meet the same standards for personal data as the EU General Data Protection Regulation (GDPR) and Law Enforcement Directive, which come into force in May 2018.
Following the introduction of the new data protection law, strengthened governance arrangements will be put in place to ensure the Bailiwick’s Data Protection Commissioner receives, and is supported by, enhanced regulatory oversight and greater independence from government.
The Chair will be paid £400 a day with the role expected to take up between 10-15 days per year. He was the UK’s Information Commissioner from 2002 to 2009, responsible for enforcement of the Data Protection and Freedom of Information Acts. He was subsequently the Chairman of the Administrative Justice and Tribunals Council and served as a Member of the Committee on Standards in Public Life from 2012 to 2017. In January 2018, he was appointed by the Prime Minister to the Advisory Committee on Business Appointments.
Deputy Mary Lowe, President of the Committee for Home Affairs, said: “I am delighted that someone of Richard’s unquestionable expertise has agreed to Chair the new Data Protection Authority. His appointment is a real coup for the island, as few can match his experience in this field. Richard will provide independent advice to the Data Protection Commissioner and the States on the development and implementation of governance arrangements and structures relating to the new data protection legislation.”
Richard said: “I welcome the opportunity to work with the Data Protection Commissioner and the States to ensure the island’s regulatory framework is appropriately robust and well supported. The new law puts the island in an excellent position to maintain EU adequacy following the introduction of GDPR in May, and the oversight role of the Data Protection Authority’s board, once established, will further support that position. The new data protection law will affect almost every business in the island and how the island is viewed on a global stage. As such, a proportionate and effective regulatory framework is needed to protect people’s personal information and to ensure that the Bailiwick is seen as a well-regulated, safe and secure place for business to operate.”
