Description

PREAMBLE

As part of the full package e of e-government laws, the Data Protection Bill is provided as a complement to the Electronic Transactions Bill. The Data Protection Bill aims to ensure that personal information in the custody or control of an organization, whether public or private, shall not be disclosed, processed or used other than the purpose for which it was collected, except with the consent of the individual and where exemptions are clearly defined.

The Data Protection Bill thus creates binding obligations with respect to the collection, use and disclosure of personal information as well as setting access rights.

Just as electronic transactions has been taking place for several years in [Member State] and, without the legal frameworks setting out default provisions and protections, so too large amounts of personal data is being collected, by the private sector and Government.

The practice of holding or using personal data is certainly not new, but when this is combined with current technology, including electronic and online transactions, it has become very easy to collect and store vast amounts of personal information.  Government is undoubtedly the largest custodian of personal information. The private sector, including financial and medical institutions, is also custodian of a large amount of personal information. 

The Data Protection Bill seeks to protect individuals by requiring organizations to notify persons as to the purpose for collecting their personal information and to follow certain policies and practices for sharing such information.