Law: Data Protection Act, 2013 (No. 10 of 2013) ('the Act')

Regulator: The Information Commissioner

Summary: The Act creates obligations for public and private bodies by establishing certain principles regarding the use of information, which include the principles of notice and choice, disclosure, security, integrity and access, among others. It also provides various rights to data subjects, such as the right of access, the right to rectification of personal data and the right to not have their sensitive personal data processed unless certain conditions apply. Finally, the Act appoints the Information Commissioner, established under the Freedom of Information Act, 2004 as the authority relevant for carrying out and enforcing the protection of data pursuant to its provisions. Other relevant laws in Antigua and Barbuda include the Electronic Transactions Act, 2006, the Banking Act, 2015 and the Money Laundering (Prevention) Act, 1996.