In honour of Data Privacy Day, 28 January 2022, we invite the community to join us in events and reflection on the importance of your PIPA rights! Check back here for the latest details on planned events and other announcements throughout the week.
Monday, January 24th: Data Privacy Day is not until Friday January 28th, but what's the reason for this day - and this date? Commissioner White explains in our office's first ever blog post: "How to Celebrate Data Privacy Day."
Privacy is a booming industry - and we are hiring! Today our office made a special announcement about a new senior leadership team member: starting March 2022, we welcome Cha'Von Clarke-Joell to our senior leadership team as Assistant Commissioner (Policy & Engagement)!
Tuesday, January 25th:
Today's free event focuses on the importance of data privacy for small businesses; you can register here for this one-hour online event, hosted over Zoom from 3-4pm AST.
Did you know that PrivCom has signed up with the Stay Safe Online initiative as a Data Privacy Week Champion? Stay Safe Online is a source of free materials and resources for privacy officers who want to raise awareness around Data Privacy Day.
Our office also provides resources for privacy officers and the general public on our Legislation & Guidance page. Today's the day to see our FAQ section for more tips!
Wednesday, January 26th: Today, the Bermuda Economic Development Corporation (BEDC) will be hosting a lunchtime webinar from 12:30-1:30pm AST featuring local expert Noel Pearman. You can register here for this free Zoom event!
Are you more of a morning person? The UK chapters of the International Association of Privacy Professionals will be jointly hosting an event for privacy officers discussing global trends for 2022 from 7:30-9am AST. Brew your coffee and register here for this event!
Thursday, January 27th: Today's virtual event focuses on data privacy issues for children and teens, with a discussion of rules and trends from both sides of the Atlantic. Register for this event from 1-2pm AST here!
Then, from 3-4pm AST, join PrivCom and others around the world in on a global conversation on privacy topics. Follow this link and use hashtag "#DataPrivacyChat" to join in!
Friday, January 28th: It's officially Data Privacy Day! Do you need an introduction into the basic ideas and principles of data privacy? Register for today's live GoToWebinar workshop from 2-4pm AST for an overview!
Our office also provides an on-demand "Privacy and PIPA" training that you can watch any time! Follow this link for details.
After work hours, join the local chapter of the International Association of Privacy Professionals (IAPP) for a virtual happy hour event from 5:30-6:30pm AST. Commissioner White will lead a brief discussion of our 2022 priorities, followed by a casual online networking event. For more details and to register, follow this link.
Happy Data Privacy Day 2022!
To reach out to the Office of the Privacy Commissioner, please visit our Contact Us page.
Press Background:
Rights and responsibilities relating to data privacy are set out in the Personal Information Protection Act 2016 (PIPA). Bermuda's PIPA received Royal Assent on 27 July 2016. Sections relating to the appointment of the Privacy Commissioner were enacted on 2 December 2016, including the creation of the Office as well as those duties and powers relevant to its operation in the period leading up to the implementation of the whole Act. The Commissioner works to facilitate the advancement of consequential amendments to other Acts in order to harmonise them with PIPA.
The Office of the Privacy Commissioner for Bermuda (PrivCom) is an independent supervisory authority established in accordance with the Personal Information Protection Act 2016 (PIPA).
The mandate of the Privacy Commissioner is to regulate the use of personal information by organisations in a manner which recognizes both the need to protect the rights of individuals in relation to their personal information and the need for organisations to use personal information for legitimate purposes, among other duties.
The Privacy Commissioner's powers and responsibilities include monitoring the processing of personal information by both private- and public-sector organisations, investigating compliance with PIPA, issue guidance and recommendations, liaise with other enforcement agencies, and advise on policies and legislation that affect privacy. PrivCom's mission is also to raise awareness and educate the public about privacy risks and to protect people’s rights and freedoms when their personal data is used. The general powers of the Privacy Commissioner are outlined in Article 29 of PIPA.
Alexander White (Privacy Commissioner) was appointed by H. E. the Governor, after consultation with the Premier and Opposition Leader, to take office on 20 January 2020.
Privacy is the right of an individual to be left alone and in control of information about oneself. In addition to the protections in PIPA, the right to privacy or private life is enshrined in the United Nations' Universal Declaration of Human Rights (Article 12) and the European Convention of Human Rights (Article 8).
"Personal information" or data is a defined term in PIPA that means any information about an an identified or identifiable individual. Examples include names, dates of birth, photographs, video footage, email addresses and telephone numbers. "Sensitive personal information" is a defined term in PIPA that includes information relating to such aspects as place of origin, race, colour, sex, sexual life, health, disabilities, religious beliefs, and biometric and genetic information. (Note: This is not a complete list.)
"Use" of personal information is a defined term in PIPA that means "carrying out any operation on personal information, including collecting, obtaining, recording, holding, storing, organising, adapting, altering, retrieving, transferring, consulting, disclosing, disseminating or otherwise making available, combining, blocking, erasing or destroying it."
"Security" is addressed in section 13 of PIPA: "An organisation shall protect personal information that it holds with appropriate safeguards against risk, including loss; unauthorised access, destruction, use, modification or disclosure; or any other misuse. Such safeguards shall be proportional to the likelihood and severity of the harm ... the sensitivity of the personal information ... and the context in which it is held." Section 14 addresses breaches of security and reporting to PrivCom.
About Data Privacy Day: Celebrated worldwide on January 28th each year, Data Privacy Day (also called “Data Protection Day” in some places) marks the anniversary of a milestone treaty that enshrined privacy as a fundamental human right. In 1981, various countries in Europe came together and committed to respect their citizens’ privacy, in the treaty commonly known as the Council of Europe’s Convention 108. Since then, the European signatories have been joined by African and South American countries that also ratified the treaty. While more and more countries have domestic laws that protect privacy (like Bermuda’ Personal Information Protection Act), Convention 108 remains the only treaty that legally binds countries under the terms of international law. You can find more information and privacy resources at: https://staysafeonline.org/data-privacy-day/.