The Government is not paying its “fair share” in funding the Jersey Data Protection Authority, according to its Chair.
The independent statutory body says a balance must be struck between being sufficiently separate from the Government and receiving fee income for regulating the public, as well as private, sectors.
However, it believes that the Government’s current method of funding is unfair.
In his foreword to the 2020 annual report of the JDPA, Chair Jacob Kohnstamm says: “In my message in the annual report for 2019, I described our efforts to develop a new registration model that would provide the majority of the new funding for the JDPA.
“I noted that the goal was to reduce Government funding from 85% to 33% of our revenue. This was to provide us with sufficient independence from Government, while ensuring that Government continued to pay a fair share.”
Pictured: Jersey Data Protection Authority chair Jacob Kohnstamm.
He continues: “Fortunately, the new registration model generated revenue that exceeded our target by a modest amount. This combined with spending reductions resulting from the pandemic resulted in a small budget surplus. As a result, the government reduced its grant. This meant that the business community increased its share of the costs of regulation from 67% to 85%.
“While this did not cause the JDPA economic hardship, we feel that there is an important matter of principle at stake. We believe there are compelling reasons for Government to pay a fair share, rather than just top up the fee revenue received from businesses.
“We are involved in continuing with Government to re-evaluate the current fee model, with a view to an arrangement that is just and therefore fairer for everyone”.
Mr Kohnstamm added: “Currently, the Government is exempt from paying registration fees and any regulatory penalties but the authority believes the taxpayer should provide a grant of at least a third of total funding instead of just topping up any shortfall.
“In common with most jurisdictions around the world, Jersey is experiencing a significant increase in workload relating to investigating and monitoring data breaches and other types of regulation involving the public sector.
“This work often involves extremely sensitive personal data... It would not be fair for businesses to be subsidising the costs incurred from the Jersey Office of the Information Commissioner providing services to Government.”
Express contacted the Government for comment on the matter last week and is still awaiting a reply.
In 2020, JOIC registered 7,780 businesses that hold personal data, it handled 486 cases, up from 2019’s 384. This included 229 self-reported data breaches and 140 complaints about information processing and use.
Of those complaints, 60 were deemed to have broken Jersey’s Data Protection Law. Two of them resulted in the JDPA issuing public statements following lengthy investigations.
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.