Data Protection and Personal Privacy in Antigua and Barbuda

Data Protection and Personal Privacy in Antigua and Barbuda

Antigua and Barbuda’s Data Protection Act 2013 is a comprehensive data privacy law that was passed in 2013. The Data Protection Act 2013 was enacted for the purpose of promoting “the protection of personal data processed by public and private bodies and for incidental and connected purposes.” To this point, the law sets forth the legal requirements that data controllers and processors must abide by when collecting, processing, using, or disclosing personal data within the country. Moreover, the Data Protection Act 2013 also outlines the administrative and monetary penalties that individuals and organizations are subject to should they fail to comply with the law.

How is personal data defined under the Data Protection Act 2013?

In contrast to many other data protection laws, the Data Protection Act 2013 defined personal data broadly to mean   “any information in respect of commercial transactions, which is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose, is recorded with the intention that it should wholly or partly be processed by means of such equipment, or is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject.”

What are the requirements of data users under the law?

As opposed to the terms data controller or data processor, the Data Protection Act use the term data user, “defined as “a person who either alone or jointly or in common with other persons processes any personal data or has control over or authorizes the processing of any personal data, but does not include a data processor.” As such, the law mandates that data users operating within Antigua and Barbuda adhere to numerous data protection principles. These principles include:

What are the right of data subjects under the Data Protection Act 2013?

Under the Data Protection Act 2013, data subjects within Antigua and Barbuda have the following rights with respect to their personal data protection and privacy:

In terms of punishments regarding non-compliance with the law, the Data Protection Act 2013 is enforced through Antigua and Barbuda’s Information Commissioner, or the Commissioner for short. Subsequently, the Commissioner has the authority to impose the following sanctions against data users who violate the law:

Through the passing of Antigua and Barbuda’s Data Protection Act 2013, citizens of the country have been guaranteed data protection and privacy rights. As data protection has become increasingly more important due role that internet usage plays in modern-day society, data privacy laws are more pertinent than ever before. To this end, Antigua and Barbuda has joined the list of Caribbean nations that have passed data protection legislation within the past decade, including other laws such as the Barbadian Data Protection Act 2019 and Jamaica’s Data Protection Act 2020.

Related Reads