Regional data protection experts have recommended the need for umbrella legislation to govern the evolution of data protection laws across the Caribbean. The call was echoed by participants of Cloud Carib’s virtual webinar held on the expectations and realities of regional data protection laws. More than 130 virtual attendees from The Bahamas, Barbados, Jamaica, Trinidad & Tobago, Guyana, and the United States participated in the Data Protection Act webinar. While acknowledging the rate of progress surrounding data protection legislation, Cloud Carib Director of Public Sector Eamonn Sheehy and Data Protection Advisor Rishi Maharaj both insisted that a greater push was needed for the establishment of CARICOM-sanctioned umbrella legislation that could effectively create a standard operating procedure for all its members.
“I truly think we have the opportunity to create real legislative synergy by establishing a standard operating procedure to govern all organizations operating within the region much like the General Data Protection Regulations (GDPR) covers the UK and European Union,” noted Maharaj, who himself has had previous experience in crafting the 2011 legislation enacted by the government of Trinidad & Tobago.
Prior to 2010, only four Caribbean and Latin American territories implemented comprehensive data protection laws with The Bahamas and Trinidad & Tobago leading the way in that regard. Over the past decade, however, that list has grown to include countries like Barbados, Jamaica, and 13 other territories –each iteration of which uses the EU’s GDPR as a model.
Latin America’s focus on data protection has come partially in response to international reports of sophisticated cyberattacks which have targeted Caribbean-based companies. In the past two months alone, regionally-based companies like the Massy Group and Aeropost have fallen victim to breaches that resulted in the leak of sensitive customer data. According to Maharaj, this trend is likely to continue making it even more important for organizations across the Caribbean to take their data protection strategies more seriously.
“The onset of the global pandemic has really changed the way businesses relate to each other and to their customers” he noted, “the increase of remote work has increased the risk of data being targeted both in transit and at rest – so more must be done to protect data at those various points.”
Jamaican TV host and finance author Kalilah Reynolds hosted the free educational webinar, which was the latest in a series of events hosted by the company this year focused on issues ranging from common misconceptions to regional compliance with data protection laws and the possible future implications for companies looking to do business in the Caribbean.
According to Sheehy, those implications are likely to have an immediate impact on digital transformation efforts around the Caribbean.
“Many of the services which we access now for remote work whether it be virtual classrooms, virtual meetings, or just other cloud services in general are likely all based outside of Caribbean territories, and so it raises the question about how these contracts and agreements may need to be reviewed or renewed for regional organizations to be compliant with the laws that govern their specific jurisdictions. So, there’s definitely a bit of catch-up that needs to happen,” he noted.
As the Caribbean continues to develop in technological maturity, data protection will continue to be at the forefront of the conversation. “It is our hope that educational events like this will help the security posture of island nations,” said Cloud Carib Marketing Director Olivia Dorsett. To learn more, a recording of the event is available on the company’s YouTube Channel, or visit our social media pages.