Opposition Leader On PIPA Amendment Bill
Noting that the OBA “support this bill which makes consequential amendments to the Public Access To Information Act 2010 and the PATI Regulations 2014,” Opposition Leader Cole Simons said he is ”concerned that there has not been adequate discussions with all of the stake holders involved, especially small businesses.”
Speaking in the House of Assembly, Mr. Simons said, “We in the One Bermuda Alliance support this bill which makes consequential amendments to the Public Access To Information Act 2010 and the PATI Regulations 2014, and gives the Minister the power to make further consequential and related amendments to the Act. It cleans up the overloaded Public Access to Information Act 2010.
“Administratively it cleans up both acts and clearly segregates the features and responsibilities of the PATI ACT of 2010 and the PIPA Act of 2016.
“This legislation allows the minister to bring different sectors of the legislation into effect for different organizations.
“For example, international business might well be prepared for data privacy compliance, and they may also be under an obligation to ensure that any personal information that they receive from foreign jurisdiction is protected.
“These organizations will benefit from the guidance of the standards prescribed by the UK, EU, US and Canada.
“In addition, the legislation is great because it guarantees our citizens the right to privacy as is the case in many jurisdictions, like Switzerland, the EU, Canada, Japan, and Norway.
“In addition, the privacy act is putting an individual in control of information about themselves.
“Individuals will have more control over their information and how it is used and controlled. In addition, individuals will also be a regulator of their own personal information.
“There could be 60K individual regulators.
“This information could include health care information, travel data, vaccination data, and spending habits,
“The legislation was designed to uphold personal information rights in electronic form and hard copy forms held by all business, organizations, charities and government departments.
“One of the questions in this space is where is this information house? What server is it held on , and what protections against cyber threats are in place in these organizations?
“As an international financial center, business people are forced to remain abreast of the continuous changing of landscape of global PIPA Regulations, be they AML regulations, KYC regulations, ATF Regulations, FATCA Regs, BEPS regs and CRS regs.
“There are also the General Data Protection Regulations which were adopted by the EU to protect EU citizens and gives those citizens more control over how companies use personal data.
“On the operations side, data privacy is basically how an individual’s personal information is collected, handled, stored and shared. In some countries robust legislation and regulations provide individuals with safeguards for their personal data and this is applauded and welcomed.
“At home, here in Bermuda, as PIPA is coming into force this month, I am concerned that there has not been adequate discussions with all of the stake holders involved, especially small businesses.
“The larger businesses and IB business may be okay because they have the resources and capital to develop the appropriate infrastructure to support PIPA regulations.
“The questions for all organizations that collect and use personal information is:
“Are you administratively ready to comply with PIPA?
“How will you secure the consent necessary to collect and use the personal data?
“How will you manage communications with individuals who want to see a copy of all personal information that you have about them?
“How will you manage their requests for corrections or deletions of personal data?
“To what extend must you revise your outsourcing and data processing service agreements?
“Are you organized to comply with an individual’s direction for you to stop using their personal data?
“Are you prepared to review all of your business’ business processes with a view of possibly revising or reengineering them so that they are PIPA compliant processes.
“Mr. Deputy Speaker as indicated earlier, the above questions are easily addressed for larger local and international company as they have the resources and capital to become PIPA compliant.
“What happens to our local small businesses who are just making it during these challenging economic times?
“These PIPA protocols and requirements will place additional financial and resource burdens on their resources and their already stretched businesses?
“How will they be supported? Will the be penalized because they can not afford these new new requirements at this time?
“Where would these small businesses like health stores, pharmacies, retail stores, message therapists, cafes store their clients’ names, addresses, phone numbers, IP addresses, social security numbers, gender, race, political affiliation and medical conditions.
“From the individuals’ perspective:
“How will they be provided with comfort that their personal data will only be processed after they give have given consent?
“How will they know that only necessary data is collected for processing?
“How will they know that their personal data is current and up to date?
“How will they know that their data will be kept safe?
“How will they know that their personal data is to be only kept for as long as it is needed?
“How are these individuals protected from criminal threats, and commercial threats?
“How do they protect themselves from government threats, as biometric data and facial recognition technology is used across the world for law enforcement and state monitoring purposes and national security purposes.
“The impact of these amendments are very complex for Bermuda and yet they are required, and should be endorsed so that individual privacy rights are protected and honored.
“Others whom I have spoken to, take the view that our privacy rights do not go far enough, and could be enshrined in Bermuda’s constitution, as is the case in Switzerland.”
Read More About
Category: All
