Data Protection Act in full operation

By Matthew Vella
The much-awaited Data Protection Act (DPA), a formal safeguard from the abuse of privacy through individuals’ personal details, became fully operational yesterday after having been unanimously approved in Parliament in December 2001.
Data Protection Commissioner John Mamo, the first Commissioner appointed in March 2002, addressed a press conference in the small offices of the Commission in Valletta yesterday, along with CEO Joe Spiteri Bailey and special Technical Adviser Saviour Cachia.
The law sets out provisions for the protection of individuals against abuses of their privacy through the processing of personal data.
Prof John Mamo told journalists present the implementation of the law, which is part if the EU acquis being adopted in Malta, was not an easy mission to carry out:
"The hardest and most complicated part of this job was to provide a culturally and intellectually apt climate which would accommodate these new legal operatives. The difficulty lied in the fact that law tackles a problematic aspect within the modern society, in all its facets, be it commercial, political, religious, health or law and order.
"Despite the apparent difficulties, the principle underpinning this law has been recognised for a great score of years by our Law Courts, even by our 1964 Constitution in terms of fundamental human rights – the individual right to privacy."
The counterbalance for a private society is the need for processing peoples’ information in today’s society. Such a law, Mamo contended, would strike a balance between the need for information and the safeguarding against any abusive invasion of citizens’ rights to their privacy.

Mamo said the DPA was based on and conformed to EU directive 95/46, which to date has inspired many similar laws operational in the rest of Europe and the world. Talks with the Malta Bankers Association, the Malta Insurance Association and public departments were carried out in preparation for the full implementation of the DPA.
"The law is now fully operative and the rights of the data subject, that is the citizen, have to be observed immediately."
The Commission for Data Protection, housed within the MIC premises in Valletta, has been in operation for the past 16 months, and is now in the process of becoming an accredited member of the International Conference for Commissioners for Data Protection.
Other accomplishments have included the Telecommunications Regulations, based on EU Directive 2002/58, which regulates telecommunications operators. This was carried out with the help of the Malta Communications Authority.
The Commission has also participated in the Article 29 Working Party, which is an autonomous group within the EU and an influential body within the realm of personal data processing. The office also attends as an observer at the Joint Supervisory Body on the Europol conventions, Shengen and customs.
Currently, a twinning agreement is being finalised with one of the EU’s founding members. The agreement is designed to support the running of the Commission and offer guidance for the implementation of the new law within the shortest time possible. The agreement has been substantially financed by the EU.