Foreign Investment, New Data Privacy Law in Saint Lucia

Foreign Investment, New Data Privacy Law in Saint Lucia

Saint Lucia’s Data Protection (Amendment) Act 2014, also known as the Amendment Act for short is a data protection law that was passed in Saint Lucia in 2014. The Amendment Act was passed for the purposes of updating Saint Lucia’s Data Protection Act 2011 that had been passed three years prior. One of the primary means for the Amendment of the Data Protection Act 2011 was to encourage foreign investment into the offshore banking and tourism industries of Saint Lucia, as these industries represent a significant part of the island nation’s economy. To this point, the Amendment Act sets forth the legal basis for which personal data may be collected or processed within the country, in a manner similar to that of the European Unions General Data Protection Regulation or GDPR.

How are data controllers and processors defined under Saint Lucia’s Amendment Act?

Under the Amendment Act, a data controller is defined as “a person who, either alone or with others, processes data or determines how personal data is processed or processes personal data”. Alternatively, the law does not provide a specific definition for the term “data processor”, and instead defines the act of processing “in relation to information or data, means obtaining, recording, or holding the information or data or carrying out any operation or set of operations on the information or data, including organization, adaptation or alteration of personal data, retrieval, consultation or use of the information or data, etc”. Moreover, personal data is defined as “information about a data subject that is recorded in any form including their name, address, fingerprints, etc”.

What are the responsibilities of data controllers under Saint Lucia’s Amendment Act?

Saint Lucia’s Amendment Act establishes a number of data protection principles that data controllers operating within the country must adhere to when collecting or processing personal data. These principles include the following:

What are the rights of Saint Lucian citizens under the Amendment Act?

Under the Amendment Act, Saint Lucian citizens are afforded the following rights in terms of the protection of their personal data:

In terms of penalties with respect to non-compliance with the law, Saint Lucia’s Amendment Act is enforced by the Commissioner. To this end, the Commissioner has the authority to impose the following penalties against data controllers who fail to comply with the provisions set out in the law:

With the passing of the Amendment Act in 2014, Saint Lucia has joined the ranks of many other Caribbean countries that have passed comprehensive data privacy laws in recent years, such as Jamaica’s Data Protection Act 2020 and Trinidad’s Data Protection Act 2011. As Saint Lucia is looking to encourage foreign investment into the various industries that exist on the island, passing a law concerning personal data protection makes things easier for said investors. More importantly, however, the law ensures that the personal data of Saint Lucian citizens will remain secure at all times.

Related Reads