Joint Statement on the Data Protection (Jersey) Law 2018 (Data Protection Law 2018)

The Data Protection Law 2018 comes into effect on 25 May 2018. This important piece of legislation will strengthen Jersey’s protection of privacy and security of personal data. The Data Protection Law 2018 will be regulated and enforced in Jersey by the Office of the Information Commissioner (OIC).

Some financial services firms which are regulated by the Jersey Financial Services Commission (JFSC) have queried their ability to comply with both the Data Protection Law 2018 and regulatory requirements imposed by the JFSC.

We do not consider that the Data Protection Law imposes requirements which are incompatible with the JFSC’s regulatory requirements. In fact, some of the requirements in the Data Protection Law 2018 are similar to the JFSC’s regulatory requirements.

For example, statutory obligations under the Data Protection Law that personal data is processed in a manner that ensures appropriate security of the data are consistent with requirements under the JFSC’s Codes of Practice that a firm organises and controls its affairs effectively.

While the OIC will regulate the Data Protection Law 2018, we will both continue to work together to support its introduction over the coming months.