The Eastern Caribbean Central Bank has published a policy document setting out key considerations for developing data protection and privacy legislation in the Eastern Caribbean Currency Union (ECCU), with an emphasis on a harmonised regional approach aligned to international standards and best practices. The paper highlights governance and supervisory arrangements, including the establishment of a regional Data Protection Authority (DPA), and sets out core legislative building blocks such as transparency and accountability requirements for data processing, privacy-by-design principles, and rights for data subjects including access, rectification and data portability. It also covers obligations for data controllers and processors to ensure lawful and secure handling of personal data, alongside enforcement mechanisms intended to be effective, proportionate and dissuasive. Policymakers, businesses and the public are invited to review the document and contribute to ongoing discussions on strengthening data protection across the ECCU.
Eastern Caribbean Central Bank 2025-03-03
Eastern Caribbean Central Bank publishes policy considerations to guide harmonised data protection and privacy legislation across the ECCU
The Eastern Caribbean Central Bank's policy document outlines data protection and privacy legislation for the Eastern Caribbean Currency Union, emphasizing a harmonized regional approach aligned with international standards. It proposes a regional Data Protection Authority and includes legislative elements like transparency, accountability, and privacy-by-design principles, detailing obligations for data controllers and processors and enforcement mechanisms for lawful and secure data handling.