DigiCert QuoVadis

News and Events

Bermuda Proposes Data Protection Legislation
10 Nov 2003

The Government of Bermuda has convened a committee from both the public and private sectors to explore updates to the island’s data protection regime.

Currently, data protection is addressed in the Standard for Electronic Transactions under Bermuda’s Electronic Transactions Act 1999.  The Standard applies certain codes of conduct for e-commerce service providers and other intermediaries operating on the island.

The proposed data protection legislation seeks to broaden the applicability of Bermuda’s privacy standards, and bring them into line with other dominant jurisdictions (such as the EU and Canada).

The Data Protection Core Group has published a public consultation paper to solicit input towards drafting the new legislation.  For this purpose, the paper is structured around the core principles used in EU Directive 95/46/EC and other national laws. 

Of particular interest, the paper describes a responsibility of organizations to provide adequate security safeguards to protect personal data against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.  Elsewhere, similar standards have driven increased use of technologies – such as digital certificates -- for user authentication, access control, privilege management, and encryption.