The Isle of Man’s data protection legislation now consists of the following, plus further regulations concerning fees:

Data Protection Act 2018 (Act)

Data Protection (Application of GDPR) Order 2018 (SD2018/0143) (GDPR Order)

Data Protection (Application of LED) Order 2018 (SD2018/0144) (LED Order)

GDPR and LED Implementing Regulations 2018 (SD2018/0145) (Implementing Regulations)

The Act, the GDPR Order and the LED Order were approved by Tynwald (the Isle of Man’s parliament) in May 2018.  However, because of a number of material comments received regarding the Implementing Regulations, these were not put before the May sitting of Tynwald and were instead subject to further revision.

When laid before the June sitting of Tynwald, the Implementing Regulations were rejected by the upper house following considered criticism from Member of the House of Keys Lawrie Hooper, stating that ‘they are onerous, they are bureaucratic, they are expensive and they are inadequate’ and calling them ‘obtuse’, ‘difficult to follow’ and ‘unnecessarily complex and bureaucratic’.

The government were able to pass the Implementing Regulations in the July sitting of Tynwald, with an implementation date of 1 August so all of the above Orders and Regulations are now in force.  However this should not be seen as the end of the story of the Isle of Man’s implementation of GDPR, instead changes to the Implementing Regulations are expected to be laid before Tynwald this Autumn to address additional concerns.  We also understand that a Bill to replace the Information Commissioner with a statutory board is anticipated in early 2019.  The responsible Minister has also repeatedly indicated that this legislation is an interim way of implementing GDPR in the Isle of Man and may well be overhauled again in the not-too-distant future with new primary legislation.

The Data Protection Act 2002 was repealed on 1 August, although provisions relating to maintaining a notification of processing with the Information Commissioner remain in force for a transitional period until 1 February 2019.  During this period renewals can be made under either the old or the new legislation, but new entries must be under the new legislation.

There are further transitional provisions, giving until 25 May 2019 to provide the transparency information required under GDPR (as applied to the Isle of Man by the GDPR Order) to data subjects and allowing consent given in compliance with the Data Protection Act 2002 to be used as the lawful ground for processing personal data until 25 May 2019, even if it does not comply with the requirements of GDPR (as applied to the Isle of Man by the GDPR Order).  These transitional provisions will not apply where GDPR itself applies (for example where the data subject is in the European Union).

We are pleased to note that exemptions with regard to trusts have been included in the Implementing Regulations and there are now exemptions, in certain circumstances, from the requirement to provide notice to a data subject that you are processing their data and from the rights of a data subject to make a subject access request.  Unfortunately similar exemptions have not been included for beneficiaries of life policies, so we hope this will be picked up in the further revisions to the Implementing Regulations.

Twitter LinkedIn Email Save as PDF
More Publications
9 Oct 2019 |

Transparency and the Crown Dependencies

Transparency of beneficial ownership information has been a political issue since June 2013 when Bri...

18 Sep 2019 |

Offshore listing Vehicles to benefit from the Shanghai - London stock connect

Offshore listing Vehicles to benefit from the Shanghai - London stock connect

Contributors: Huiyan Liew
22 Jul 2019 |

Update on the Isle of Man Personal Injury Discount Rate

The Lord Chancellor has this week announced the long-awaited revision of the Discount Rate in Englan...

26 Jun 2019 |

Regulatory Headwinds

Faced with increased scrutiny from regulators on both global and jurisdictional levels, businesses m...

Contributors: David Dorgan
24 Jun 2019 |

Reflections on the AIJA – INSOL Europe Joint Insolvency Conference

Claire Corkish attended the AIJA - INSOL Europe Young Members Insolvency Seminar in Mallorca on 13-1...

Contributors: Caren Pegg
19 Jun 2019 |

Beneficial Ownership Update: Crown Dependencies

The Crown Dependencies (Jersey, Guernsey and the Isle of Man) have announced a joint policy commitme...

Contributors: Alison MacKrill, Caren Pegg
11 Jun 2019 |

Appleby champions workplace diversity and boardroom representation with its Female Leaders Network

Appleby announced its Female Leaders Network on International Women’s Day on 8 March 2019, an init...

Contributors: Caren Pegg, Claire Milne WS
31 May 2019 |

GDPR One Year On: End of Transitional Provisions and Likely Future Developments in the Isle of Man

Saturday 25 May marked one year of the General Data Protection Regulation (GDPR) being fully enforce...

Contributors: Claire Milne WS
24 May 2019 |

Reflections on the Transcontinental Trusts Conference 2019

Fraser Robertson, Partner in Dispute Resolution in Jersey, Esmond Brown, Senior Associate in the PC&...