The Office of the Privacy Commissioner for Bermuda has joined as the newest member of the ID2020 Alliance. Commissioner White will also serve on ID2020’s Ethics and Risk Advisory Committee.
ID2020 is a public-private partnership that brings together nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions. Their most recent work includes development of the Good Health Pass Collaborative, an effort to create the blueprint for interoperable digital health pass systems to restore international travel and restart the global economy.
As a public sector partner, PrivCom staff will participate in working groups to guide the development of privacy-protective standards for cutting-edge uses of personal information. The office's involvement does not include a financial commitment of public funds.
Commissioner White said about the decision to engage with ID2020: “Digital identity solutions, if designed the right way, have the potential to place individuals in even greater control over how their personal information is used. Such ethical, privacy-protective, and interoperable approaches will help build a more inclusive world and enable safer online experiences. ID2020 has long advocated for user control over personal data – a core belief that we share. Bermudians will benefit from the development of digital identity solutions and standards that promote privacy protections, and we look forward to collaborating with the ID2020 team to achieve our shared objectives.”
ID2020’s Head of Public Sector Partnerships, Meredith Kravitz, added: “Over the past several years, Bermuda has positioned itself as a leader in the fintech space, harnessing digital technology for the benefit of its citizens and the development of its economy. In establishing the Office of the Privacy Commissioner for Bermuda, the government recognized that data protection, inclusion, and user-centricity are critical to the full realization of these benefits. We are delighted to welcome the Office of the Privacy Commissioner for Bermuda to the Alliance and Commissioner White to his new role as a member of the ID2020 Ethics and Risk Advisory Committee.”
About ID2020
ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions.
By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing programs, and advocating for the ethical implantation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment and to protecting user privacy and ensuring that data is not commoditized.
About the Office of the Privacy Commissioner for Bermuda
The Office of the Privacy Commissioner for Bermuda (PrivCom) is an independent supervisory authority established in accordance with the Personal Information Protection Act 2016 (PIPA) with a mandate to regulate the use of personal information by organisations in a manner which recognizes both the need to protect the rights of individuals and the need for organisations to use personal information for legitimate purposes.
The Privacy Commissioner's powers and responsibilities include supervising the processing of personal information by both private- and public-sector organisations, investigating compliance with PIPA, issuing guidance and recommendations, liaising with other enforcement agencies, and advising on policies and legislation that affect privacy. PrivCom also works to raise awareness and educate the public about privacy risks, and to protect individuals’ rights and freedoms when their personal data is used.
Alexander White has served as the first Privacy Commissioner for Bermuda since January 2020.
To reach out to the Office of the Privacy Commissioner, please visit our Contact Us page.
Press Background:
Rights and responsibilities relating to data privacy are set out in the Personal Information Protection Act 2016 (PIPA). Bermuda's PIPA received Royal Assent on 27 July 2016. Sections relating to the appointment of the Privacy Commissioner were enacted on 2 December 2016, including the creation of the Office as well as those duties and powers relevant to its operation in the period leading up to the implementation of the whole Act. The Commissioner works to facilitate the advancement of consequential amendments to other Acts in order to harmonise them with PIPA.
The Office of the Privacy Commissioner for Bermuda (PrivCom) is an independent supervisory authority established in accordance with the Personal Information Protection Act 2016 (PIPA).
The mandate of the Privacy Commissioner is to regulate the use of personal information by organisations in a manner which recognizes both the need to protect the rights of individuals in relation to their personal information and the need for organisations to use personal information for legitimate purposes, among other duties.
The Privacy Commissioner's powers and responsibilities include monitoring the processing of personal information by both private- and public-sector organisations, investigating compliance with PIPA, issue guidance and recommendations, liaise with other enforcement agencies, and advise on policies and legislation that affect privacy. PrivCom also works to raise awareness and educate the public about privacy risks, and to protect people’s rights and freedoms when their personal data is used. The general powers of the Privacy Commissioner are outlined in Article 29 of PIPA.
Alexander White (Privacy Commissioner) was appointed by Excellency the Governor, after consultation with the Premier and Opposition Leader, to take office on 20 January 2020.
Privacy is the right of an individual to be left alone and in control of information about oneself. In addition to the protections in PIPA, the right to privacy or private life is enshrined in the United Nations' Universal Declaration of Human Rights (Article 12) and the European Convention of Human Rights (Article 8).
"Personal information" or data is a defined term in PIPA that means any information about an an identified or identifiable individual. Examples include names, dates of birth, photographs, video footage, email addresses and telephone numbers. "Sensitive personal information" is a defined term in PIPA that includes information relating to such aspects as place of origin, race, colour, sex, sexual life, health, disabilities, religious beliefs, and biometric and genetic information. (Note: This is not a complete list.)
"Use" of personal information is a defined term in PIPA that means "carrying out any operation on personal information, including collecting, obtaining, recording, holding, storing, organising, adapting, altering, retrieving, transferring, consulting, disclosing, disseminating or otherwise making available, combining, blocking, erasing or destroying it."