Gibraltar: Privacy and Data Protection-related Laws

EU Privacy and Data Protection-Related Laws

  • As of May 25, 2018, the EU’s General Data Protection Regulation (GDPR) came into effect in Gibraltar, automatically replacing the existing Data Protection act of 2004. As a member of the EU, EU’s Privacy Laws apply to Gibraltar. Please refer to thie EU Privacy Section of our website.
  • Gibraltar privacy and data-protection law are now the same as other countries in the EU. Several articles have been written about the potential impact of the GDPR on blockchain including here, here, here and here as it is unknown how these new regulations will affect public blockchains

Current Gibraltar Privacy and Data Protection-Related Laws [1]

  • Data Protection Act 2004 was the law that governed how organisations (both private and public) should use information about individuals
    • This Data Protection Act 2004 can be found here and applies whenever an organisation processes (e.g. stores, collects, transmits, uses etc.) information that relates to a person such as a person’s name, DOB, their hobbies, comments about their performance, location, etc
    • This act nominates the Gibraltar Regulatory Authority is nominated as the Data Protection Commissioner
    • This act iterates a “right to privacy:” the right to respect for family, and private life, home and correspondence in accordance with Article 8 of the European Convention on Human Rights
    • Under the Data Protection Act 2004, every organisation that processes personal information is required to register in the Register of Data Controllers, unless they are exempt. Failure to do so is an offence. More information here
    • A description around the rules of transferring data out of Gibraltar can be found here
    • This act does not mention cryptocurrency or blockchain

[1] Data Protection
[2] General Protection Regulation

Previous Section Next Section

Have a comment, edit, or item to add? Share your thoughts by commenting below!

comments powered by Disqus