Say no more: Whatever “it” is, we’re against it.
The complexity of the proposed Data Protection Bill, as examined by Mr. Austin-Smith’s commission, constitutes only one reason for our opposition to the legislation. In addition to being inscrutable, it is burdensome to businesses, likely impossible to enforce and, if that weren’t enough, potentially threatening to civil liberties such as freedom of speech.
The current draft of the bill is so complicated that it is beyond the ready comprehension of most ordinary folks expected to comply with it. Those who do wish to understand it, particularly Cayman business owners, will purchase that knowledge through fees for lawyers, costs of changing internal office practices, increased risks of prosecution for inadvertent errors and, for many, higher payroll expenses associated with the new mandated position of data controller. (If you think the National Conservation Law is bad, at least it doesn’t force every company to employ a conservation officer.)
The less scrupulous members of the business community, who either do not care about or will not pay for complying with this opaque law, will simply add “data protection” to their lists of things to ignore, alongside pensions, healthcare and licensing requirements — their unchecked disregard of onerous regulations giving them a practical competitive edge over their law-abiding competitors.
The soundest rationale we’ve heard for instituting data protection legislation in Cayman is to comply with European directives and international standards, in order to make our financial services industry more attractive. By itself, however, that is not sound enough to warrant passage of this bill (or any law, for that matter) that has such a disproportionately negative impact on the country as a whole, for the sake of one specific sector, in the absence of significant, obvious and demonstrable need — accompanied by a detailed cost-benefit analysis that quantifies, and justifies, the associated expenses.
Summarizing some of the complaints about the data protection legislation (and its predecessor) that have been made by the Human Rights Commission and others, including the Chamber of Commerce, passing the bill into law would result in the following:
Increased compliance costs for all businesses
Potentially lead to government’s determination of who is, and who isn’t, an “official” journalist or artist
Place a heavy evidentiary and financial burden on those merely accused by the Information Commissioner of breaking the law
Create an entirely new layer of government bureaucracy at a time when our focus should be on reducing the size and expense of the public sector.
But because Cayman’s draft bill is based on European and U.K. legislation that dates back to the 1990s (the relative Stone Age of the Internet), passing it into law will likely not put Cayman into compliance with the relevant European and international standards at all, anyway.
Rather than following their plan of shoehorning this bad bill through the Legislative Assembly within the year, the Progressives-led government would be wise to wait to proceed until the EU begins to enforce its new, updated directives on data protection legislation, perhaps sometime in 2015.
They might be wiser still to drop the whole scheme altogether.