All protections and remedies flowing from the Data Protection Act must be fully operational prior to NIDS rollout
The Data Protection Act contains important protections for people’s sensitive personal data and remedies for any issues that arise, but it is not yet in force. NIDS willl be the most significant data collection enterprise that Jamaica has embarked on, and any individual enrolling in NIDS should be able to rest assured that they have the full protection of the Data Protection Act, including oversight from a functioning Data Protection Authority. The Act needs to be fully operationalized and applicable to NIDS before NIDS is rolled out.
These are examples of what the NIDS Bill allows. These examples may not necessarily reflect the intention of the Bill, but are possible based on how the Bill was worded when it was tabled in 2020.
The current NIRA Bill acknowledges how central the protections in the Data Protection Act are to NIDS’ guiding framework. Yet, these acknowledgements mean little if the Act is not fully in force and operationalized with detailed processes, procedures, and remedies, before NIDS is rolled out. The Data Protection Act includes a two-year adjustment period in which the NIRA would not yet have to comply with the provisions in the Act. It is not clear how NIRA will ensure appropriate data protection and transparency mechanisms in the intervening period. Since NIRA will be overseeing one of Jamaica’s largest data collection exercises to date, involving highly sensitive personal data, this accountability gap must formally be closed before NIDS can be rolled out.
Watch this space! We will provide an update once the Joint Select Committee has made a decision on this issue.
Last updated 2021-05-27
If this issue matters to you, talk about it. Share this page (and your questions or suggestions) with friends or government representatives.
Is there something we overlooked with this issue?
Have questions? Let us know!