Secretary-General of the Commonwealth Telecommunications Organisation, Shola Taylor, urged Commonwealth countries to co-develop a model data protection framework, during a speech at the opening ceremony of the Commonwealth Data Forum on February 21-22, 2018.
Held in Gibraltar, the forum examined the challenges of implementing the General Data Protection Regulation (GDPR) and its implications on the Commonwealth, as well as ways to combat the issues facing the group once Britain leaves the European Union.
The GDPR is intended to unify and strengthen data protection for citizens within the European Union, giving control back to residents over their personal data and simplifying regulations for international business by unifying EU regulations.
It also addresses the export of personal data outside of the EU and has an implementation date of May 25, 2018 following a two-year transition period.
Participants at the forum formed an agreement to view the GDPR as an evolution rather than revolution that would not be burdensome if Commonwealth regulators and governments ensure they had good data protection laws and practices.
Delegates heard about data protection laws and regulations from countries across the Commonwealth and beyond, including the UK, EU, India, Gibraltar and Nigeria.
They reached key agreements during discussions, including that developing uniform international data protection legislation is necessary to protect the human right to privacy.
A safe flow of data also needed to be provided by over-the-top services working with telecommunication services, and Commonwealth regions should collaborate on data protection as there are currently no centralized global regulations or laws to protect the individual.
Finally, a framework should be developed to allow collaboration between Commonwealth countries on ensuring data flow is continuous and safe, supported by legal processes.
David Espadas, Digital Service Director for Customers at Ericsson, called for GDPR to have data protection officers to ensure data is controlled accurately, and for chief data officer roles at large companies to be updated to ensure data access is managed correctly.
Supervisor at European Data Protection Giovanni Buttarelli urged governments and companies to take more responsibility for data protection and impose privacy by design within new models once GDPR comes into force.
Alain Kapper, a Senior Policy Officer from the UK Information Commissioner’s Office, said more training was needed on IT security and data protection, with a two-level focus on service delivery and the enabler.
Secretary-General Taylor said: “Commonwealth countries need to take more responsibility on data protection and possibly develop a model that works specifically for the Commonwealth.
“The Commonwealth must allow companies to have a proactive approach to collecting data, but so do the regulators.
“Regulators need to develop new regulations and responsibilities and update laws to reflect GDPR.
“Data flow remains global, irrespective of the UK leaving the EU.”
Gilbraltar’s Minister of Economic Development and Telecommunications, Sir Joseph Bossano, said: “The Commonwealth has a global reach like no other and we need to work together to develop our data protection laws.
“Data was always there, however we now need to develop new ways of mining and using it in a safe and responsible way, to derive value and improve quality of life of our people.”
Read More: Shola Taylor, Secretary-General of the Commonwealth Telecommunications Organisation, believes the internet is the solution to more inclusive growth in the Commonwealth, and considers the challenges to universal internet access, finance and security