Skip Ribbon Commands
Skip to main content




​​​Data Protection Act 2017​​

Act 20 - The Data Protection Act 2017 ​(download)​​
​​​Data Protection is a fundamental component of today’s society and the development of good data protection practices contributes to fostering public trust. Though we are living in an era of rapid technological and social change, we must ensure that our privacy rights and entitlements are properly protected.
​The demands of public security, efficient administration, economic development and the ever rapid growth of new communications devices which integrate information and communications technologies must not jeopardize our privacy rights. Data Protection, which strikes the right balance between the concerns of Government and businesses, whilst respecting the fundamental rights of people, is the guiding principle of the Data Protection Office.
The key principle underpinning data protection is to ensure that people know to control how personal information about them is used or, at the very least, to know how others use that information. Data controllers are people or organisations holding information about individuals and they must comply with the data protection principles in handling personal data, and “data subjects” are individuals who have corresponding rights.
The object of the DPA is to provide for the protection of the privacy rights of individuals in view of the developments in the techniques used to capture, transmit, manipulate, record or store data relating to individuals.​
​​​​The Data Protection Act 2017 has come into force on 15 January 2018.