GDPR and LED Implementing Regulations 2018 and Data Protection (Application of GDPR) Order 2018 updates 2018

Closed 7 Nov 2018

Opened 10 Oct 2018

Feedback Updated 9 Jan 2019

We Asked

The Cabinet Office asked for feedback on proposed changes to the Isle of Man’s GDPR and LED Implementing Regulations 2018 (GLIR) and Data Protection (Application of GDPR) Order 2018 between 10 October and 7 November 2018. The proposed amendments to the GLIR and the Data Protection (Application of GDPR) Order 2018 were published with the consultation.

You Said

The consultation attracted over 15 responses in total, from a number of categories of respondent, including businesses, industry associations, and individuals in addition to Government Departments. The majority of responses supported the specific questions set out, and set out further comments on diverse areas from drafting and typographical issues, areas requiring clarification or further regulation, or specific issues such as modifications and exemptions.

We Did

The Cabinet Office has considered all of the comments and suggestions received. A paper providing full details of the consultation feedback, and the Cabinet Office’s responses has been published on the Isle of Man Government’s Consultation Hub.

The revised Implementing Regulations as amended are due to be laid before Tynwald at its January sitting.

Results Updated 15 Jan 2019

Files:

Overview

In July 2018, the GDPR and LED Implementing Regulations 2018 (“GLIR”) were approved by Tynwald. These regulations set out the provision for the implementation of the GDPR and the LED on the Isle of Man. 

In view of the responses to the consultation on the draft Regulations, when the GLIR were introduced, a commitment was given to further revise the GLIR to address and update issues such as enforcement powers, and further exemptions required.

Simultaneously work continues on development of policy as the new legal regime evolves, including review and updating of the enforcement powers of the Information Commissioner, and in the future, the creation of a new supervisory authority. A separate consultation is planned in the near future, to seek views on new areas of policy relating to the creation of that new supervisory authority, and new fees in respect of the funding of a new supervisory authority.      

Although the mechanism for the legislation will remain the same, until the new supervisory authority is introduced, policy needs to continue to be developed to inform changes to the existing regime. 

The proposed plan for developing the legislation is as follows:

Amending Regulations

New/revised exemptions

Technical amendments to existing GLIR
Updates to Tribunal Rules and UCR 2005

New Bill

Establishes new Supervisory Authority

Functions, powers, Tribunal and Registration

GDPR and LED Implementing Regs 2018

Part 6 and Part 7 GLIR in new Bill in context of new Supervisory Authority

Remaining parts to remain in Regulations

Why We Are Consulting

The consultation is to advise interested parties about changes planned to the Data Protection (Application of GDPR) Order 2018, and GLIR, and seeks views on the provisions of the proposed Amending Regulations, in relation to the proposed updates to the enforcement powers, exemptions, and processing conditions

Areas

  • All Areas

Audiences

  • Anyone from any background

Interests

  • Legislation
  • Access to information
  • Policies, strategies & plans