ST. GEORGE’S, Grenada, Mar 13, CMC – The main opposition New National Party (NNP), Monday called on the government to withdraw the proposed Data Protection legislation urging it to hold consultations with “all sections of the Grenadian population” before it is introduced to ParliamentParliament.
“The NNP believes that adequate protection of personal data and the implementation of measures relating to data security are vital in any modern democratic society. While Data Protection legislation is desirable and necessary, a draft Bill that does not consider and take into account important aspects is likely to cause harm rather than achieve its objectives,” the party said in a statement.
It said that the lack of consultation and the failure to allow key stakeholder groups, including the business community, “to provide input on the Data Protection Bill 2023, has left the New National Party no option but to object to its tabling in Parliament”.
The bill is set to go before Parliament on Tuesday, which requires any person on a premise to explain any document or other material found on a belief that may constitute a violation of the legislation.
According to the explanatory notes, the 2023 Data Protection Bill seeks to establish a new framework for managing the processing of personal data in Grenada.
According to the proposed legislation, if a magistrate is satisfied by information on oath supplied by an authorized officer that there are reasonable grounds for suspecting that an offense under this Act has been or is being committed and that evidence of the Commission of the crime is to be found on any premises specified by the authorized officer, the magistrate may issue a warrant authorizing the official officer to enter and search the premises.
The search warrant provides for the authorized officer to inspect, examine, operate, and test any equipment found on the premises and which is used, or intended to be used, for the processing of personal data and to inspect and seize any documents or other material found on the premises and which may constitute evidence of the Commission of the offense.
It will also “require any person on the premises to explain any document or other material found on the premises, and to require any person to provide other information as may reasonably be required to determine whether the data user has committed the offense.”
The law provides for establishing a new statutory board to be called the Information Commission. Its functions will include monitoring compliance by public and private bodies with the provisions of the legislation, including issuing notices; advising public and private bodies of their obligations under the Act.
It will also receive and investigate complaints about alleged violations of the data protection principles of data subjects and, in respect thereof, make reports to complainants.
Any person who obstructs the Commission or any authorized officer in the conduct of their duties and functions commits an offense and is liable on summary conviction to a fine of EC$5,000 (One Ec dollar=US$0.37 cents) or imprisonment for a term of six months.
The legislation also provides that a person who commits an offense under the Act for which a penalty is not expressly provided is liable, upon summary conviction, to a fine of EC$50,000 or imprisonment for three years.
There is also a provision for conviction on indictment to a fine of EC$100,000 or imprisonment for five years or both.
The former attorney general and constitutional expert, Dr. Francis Alexis, speaking on a television program here over the weekend, called for some bill clauses to be revisited.
“The chief executive officer or the Commission may delegate any power or function under this Act to an authorized officer. We don’t know who might be an authorized officer, meaning there are no criteria set out in the Act for a person being an authorized officer.
“It is too open-ended. The idea that the chief executive officer may delegate any power or function under this Act to an authorized officer must be an abuse of power by ParliamentParliament. That clause needs surgery, if not elimination,” he warned.
The NNP, which until June last year, formed the government here. It said it urged the Dickon Mitchell administration “to withdraw the proposed Data Protection legislation and not attempt to re-introduce it until consultation with all sectors of the Grenadian population is held about its provisions.”
The party noted that the Organisation of Eastern Caribbean States (OECS) had circulated the initial draft legislation on the premise that member states would hold a consultation process.
“The far-reaching nature of the Data Protection Bill, which will govern the protection, access to, and use of personal data, and sensitive personal data such as medical information, means that individual’s rights must be carefully safeguarded.
“The adequate safeguarding of personal data affects how information is held by most institutions – our banks, hotels, medical institutions, schools- and extends to micro and small business operators. Authorizing the access and use of this data must NOT be potentially open to politicians or be otherwise subject to abuse,” the NNP said.
It said it anticipates holding these consultations and is “committed to participating along with other stakeholders and have already committed the resources necessary to do so.”.
and then 