The European Union is introducing new regulations governing data protection. Claire Milne, Partner within the Corporate Department in the Isle of Man, examines the potential implications for the Isle of Man.
The current data protection regime in the European Union (EU) dates back 20 years – before the growth of the internet and the digital economy.
The European Commission put forward its data protection reforms in January 2012 to make, in its view, the EU fit for the digital age. After much debate, the new reforms have now been accepted. The main reform is the General Data Protection Regulation (GDPR). As the new regime will be effected by way of regulation (rather than directive) it will have direct effect in each EU member state and therefore, each member state will have exactly the same legislation.
The Isle of Man is not part of the EU but has adopted legislation that is modelled on current EU data protection legislation to allow the Isle of Man to obtain a so-called "adequacy finding." An adequacy finding means that the European Commission has deemed that the Island's law ensures an adequate level of protection for personal data and this aids the transfer of personal data in and out of the Island. To retain its adequacy finding, the Isle of Man will need to enact new data protection legislation following the changes to the EU regime.
Article first published by Business 365 in June 2016
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.