Bailiwick confirmed as leading non-EU jurisdiction for safe and secure data following EU decision
The Bailiwick of Guernsey has achieved the significant milestone of being confirmed by the European Union has having proportionate, robust and well-implemented privacy laws for islanders and businesses.
Achieving 'EU data adequacy status' confirms that the Bailiwick of Guernsey is a leading jurisdiction for safe and secure data.
It means that EU Member States and institutions view the Bailiwick's legislative framework as ensuring an adequate level of protection - comparable to that of EU Member States - for the safe flow of data between the EU and the Bailiwick.
The Bailiwick is home to many global businesses which rely heavily on the flow of data to and from EU Member States, and this is particularly crucial for parts of the financial services sector. This decision enables the Bailiwick's business sectors to continue to transfer data unhindered. In addition to private sector requirements, the Bailiwick of Guernsey's public authorities also routinely share data in crucial areas such as policing and security, healthcare, and education.
A negative outcome would have resulted in additional safeguards being required before data could be shared between the Bailiwick and EU Member States, as required by the EU's General Data Protection Regulation (GDPR).
Therefore, achieving data adequacy is a significant achievement for the Bailiwick as a 'third country' to the EU, which as part of the assessment process had to demonstrate how we meet the higher data protection standards contained within the GDPR. The assessment process focussed on both the contents of the Bailiwick's legislation and its practical implementation across the jurisdiction.
Deputy Rob Prow, President of the Committee for Home Affairs, which oversaw the process for the Bailiwick, said:
'Our Committee is delighted to have been able to secure this significant achievement and I am very grateful for all of the work that has been undertaken by the public and private sectors in securing this data adequacy decision, led by the States of Guernsey's Data Protection team in collaboration with St James's Chambers. The importance of this outcome should not be understated, as it both allows our many businesses that work across the EU to continue sharing data seamlessly without any additional restrictions and reassures islanders that their personal data is protected in our robust, proportionate and well-implemented regime.'
Deputy Neil Inder, President of the Committee for Economic Development:
'We have many global businesses in the Bailiwick that need to be able to legitimately and appropriately share data. While this decision guarantees they can continue to do so across all EU Member States, it also acts as a significant marker for other regions we work in across the world that the Bailiwick is recognised as being a safe and secure place in which to do business.'
Deputy Jonathan Le Tocq, Policy & Resources Committee lead for External Relations, said:
'We introduced our Data Protection law in 2018 as a direct response to GDPR, recognising that we wanted to give all islanders the equivalent level of privacy rights as EU citizens while also ensuring the Bailiwick retained its pre-GDPR adequacy status. This is an important achievement and further highlights that Guernsey remains committed to meeting its international obligations and all reasonable standards.'
The report that supports the EU's decision has been published today at https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en