• OIC to move offices

    The Office of the Information Commissioner (OIC) will move to temporary serviced offices on Wednesday 1st August.

    The OIC’s new address will be:

    Office of the Information Commissioner
    One Liberty Place,
    Liberty Wharf,
    La Route De La Liberation,
    St Helier,
    Jersey JE2 3NY

    There will be some disruption to Internet, email and telephone services, which will be kept to an absolute minimum, during the office move. As such, the office will be closed for one day (Wednesday 1st August) during the move. Full service will resume on Thursday 2nd August.

    The OIC’s email address, website and telephone number will remain the same: / / 01534 716530.

    The OIC has grown out of its premises at Brunel House, where the Commissioner’s office has been based for four years.

    ‘The OIC’s new structure came into effect in May, reflecting the change in data protection laws and the increased remit of the OIC. Liberty Place is an interim measure while we secure long-term office space to accommodate our growing team. We hope to move into permanent office space towards the end of 2018 or early 2019, by which time we will already have increased from seven to nine staff.

    ‘The move to new premises is vital as it will enable the OIC to fulfil its role as an efficient and effective regulator, with the capacity to grow as we recruit more specialist employees to meet the extra workload that the General Data Protection Regulation (GDPR) has created.

    ‘We are looking forward to working with the public and businesses to ensure they are aware of their data protection rights and responsibilities,’ Information Commissioner Jay Fedorak affirmed.








    Read more >
  • New Information Commissioner for Jersey announced

    Information Commissioner appointed

    The Office of the Information Commissioner has announced the appointment of Dr Jay Fedorak as Information Commissioner. He will take up the post on 2 July 2018.

    Dr Fedorak will be responsible for regulating compliance with Jersey’s data protection and freedom of information laws. He will also represent the Island internationally on these matters.

    Dr Fedorak has 25 years’ experience in administering freedom of information and data protection legislation in the public and private sectors. He brings a wealth of international experience to the post, having served as Deputy Commissioner of the Office of the Information and Privacy Commissioner in British Columbia, Canada, since 2012.

    His appointment strengthens the OIC’s existing leadership team. He will work closely with the Chair, Jacob Kohnstamm, as well as with the Deputy Information Commissioner, Paul Vane, who has served as Acting Information Commissioner since February 2018.

    Mr. Kohnstamm said: “I am very happy with the new team of Commissioner and Deputy Commissioner. We have the best of both worlds in Jay and Paul leading the OIC and we will be able to fulfil our tasks with confidence.”

    The Chief Executive of the States, Charlie Parker, said: “Dr Fedorak brings significant expertise to this important role. I look forward to working with him, as well as with the broader leadership team, to ensure that Jersey remains at the forefront of data protection.

    “I would also like to thank Mr Vane, who has ably led the Office of the Information Commissioner for the last six months and has been instrumental in ensuring that the Office of the Information Commissioner, and the Island in general, has been well prepared for our new data protection regime.”

    Dr Fedorak added: “I am honoured to undertake this extraordinary opportunity at an important juncture for Jersey. I look forward to assisting all organisations in implementing the highest standards of data protection for the people of Jersey in ways that sustain the Island’s economic interests. I also thank Chair Kohnstamm and Mr Vane for their continuing exemplary leadership.”


    Read more >
  • Joint statement from the Jersey Financial Services Commission and the Office of the Information Commissioner

    The Jersey Financial Services Commission and the Office of the Information Commissioner have released a joint statement regarding the implications for financial services businesses in Jersey following the introduction of the new Data Protection (Jersey) Law 2018, which comes into effect today.

    The purpose of the statement is to reassure financial services businesses that the new rules are compatible with the JFSC’s regulatory requirements, particularly in relation to the security of personal data. The statement also reaffirms the intention of the JFSC and the OIC to work together in supporting organisations moving forward.

    To read the statement in full, please click here.

    Read more >
  • Acting Information Commissioner calls on business owners to face up to their data responsibilities as GDPR and the Jersey laws come into effect

    The Office of the Information Commissioner’s (OIC) new structure, the new Jersey Data Protection Laws and the General Data Protection Regulation (GDPR) all come into effect today, 25th May 2018.

    Acting Information Commissioner, Paul Vane, has called on all business owners in Jersey to ensure they are aware of their data responsibilities and to lean on the OIC for support. GDPR is the first update to the EU’s data laws since 1995 and it reflects the way that our data is used in today’s world. The local Laws reflect the GDPR principles in requiring greater accountability and transparency of data controllers and providing enhanced rights for individuals in respect of how their personal information is handled.

    ‘GDPR is a transformative piece of legislation and businesses must ensure they comply from today. Monumental changes have happened in the worlds of digital and data over the last 20 years or so and we live in a very different world. This is a turning point for data protection laws. With so many digital channels and technological advances, we provide and create more data than ever before and it’s vital this data is treated with respect.

    ‘The protection of our data and ensuring businesses are using our information in a responsible manner is a huge issue that affects businesses large and small. In particular, we need to ensure that individuals understand that their data is a valuable asset and should not be abused by the organisations they entrust that information with. We also need to ensure that all businesses understand that the information they hold belongs to their customers and they have responsibilities to uphold.

    ‘We acknowledge that many local companies will not be fully prepared for the changes that come into effect today. But what is crucial is that these companies have a robust road map and action plan to meet compliance. This is the start of a new beginning and an opportunity to foster a ‘right first time’ approach with the customer as the focus,’’ said Mr Vane.

    The structure of the OIC has changed to reflect the new data protection laws, forging greater independence for the Commissioner and affording greater powers. As part of the new set up, the Data Protection Authority has also now come into effect. Chaired by Jacob Kohnstamm, the Authority will serve as the interface between the Office of the Information Commissioner and government. This structure creates a clear distinction between the Office and government, and underscores the importance of the independence of the OIC.

    Mr Vane said, ‘The new structure enables the Office of the Information Commissioner to operate with uncompromised independence. This will allow for greater accountability and transparency, and ensure the Commissioner is an effective and efficient regulator. This is vital in being able to successfully conduct our role.

    ‘As part of its significant structural transformation and increased remit, the Office of the Information Commissioner has the power to investigate and, where appropriate, fine businesses for abuse of data. Any fines collected will be reinvested back into the public accounts and we hope, where possible, will be used to improve education and awareness in data protection and the island’s digital development.’

    The new data regulation means that the Office of the Information Commissioner will be busier than ever.

    ‘To ensure we can meet the demands of the new legislation and the extra enforcement and educational aspects of our work, the Office of the Information Commissioner will be increasing in size. This will enable us to take a more proactive stance and increase our capabilities both in terms of education and enforcement,’ added Mr Vane.

    To find out more visit the office website at or call 01534 716530.

    Read more >
  • Breach reporting facility added

    Friday 25th May is fast approaching, and in advance of the implementation of the Data Protection (Jersey) Law 2018, the OIC has added a new section on the website home page specifically for breach reporting.

    The online form can be used to submit a breach report, and any follow up information can be sent to us using the email address.

    To view the form and relevant guidance on breach reporting, please click here.


    Read more >
  • UPDATE: Guidance and resources added to OIC website

    As part of its programme of transition to the new GDPR era, the Office of the Information Commissioner has today added the first tranche of guidance, resources, and useful links to its website, together with all the new legislation applicable from 25th May this year.

    We will of course be adding to this page over the coming months, so please keep an eye on any changes. in the meantime you can find the new materials here.

    Read more >
  • Notice of change of website and email addresses


    Please be advised that with effect from Monday 9th April 2018, the website address for the Office of the Information Commissioner will change to

    In addition, the contact email addresses will be changing. These are detailed as follows:

    General enquiries:      

    Breach reporting:        


    Staff emails (Example):

    Please be advised that any emails received at the addresses will not be automatically forwarded. Instead you will be asked to re-send your email to the new address.

    All telephone numbers for the OIC will remain unchanged.

    We apologise for any inconvenience caused and respectfully request that you amend your contact list to reflect the above changes.

    Thank you.

    Read more >
  • Chair appointed for new Data Protection Authority

    Assistant Chief Minister, Senator Paul Routier MBE, has today announced his intention to appoint Mr. Jacob Kohnstamm as Chair of Jersey’s new Data Protection Authority.

    Mr. Kohnstamm will advise the Authority as it prepares to regulate the Island’s updated data protection framework. He will also play an integral role in helping the Authority to develop new governance structures and in ensuring that Jersey continues to provide the highest level of protection for personal data.

    Mr. Kohnstamm will act initially as Shadow Chair, and subsequently as Chair when Jersey’s new data protection laws come into effect on 25 May 2018. This is the same day that the General Data Protection Regulation comes into effect. Jersey’s new data protection laws will see the Office of the Information Commissioner replaced by the Data Protection Authority.

    Mr. Kohnstamm has extensive experience in the area of data protection. He chaired the Dutch Data Protection Authority from 2004 to 2016; from 2010-2014 he chaired the Article 29 Working Party, an advisory body comprising the data protection regulators of all EU Member States; and he chaired the International Data Protection and Privacy Commissioners Conference from 2011 to 2014.

    Senator Routier said: “We are delighted to have secured Mr. Kohnstamm to chair Jersey’s Authority. Mr. Kohnstamm has vast international experience at the highest levels of data protection regulation. His appointment reflects Jersey’s standing in this important field.”

    Mr. Kohnstamm commented: “It is a great honour for me to serve both Jersey and the area of data protection in this new role. It is crucial that jurisdictions meet the required standards of data protection, as this provides the trust that individuals, civil society, government and private companies need to innovate and make full use of modern technology.”

    The appointment of Mr. Kohnstamm is the latest step for Jersey’s data protection system, a key feature of which is the Island’s ‘adequacy’ with European Union standards. This status enables data to flow freely between Jersey and the European Union. At a recent meeting with the European Commission, officials re-confirmed that Jersey’s adequacy status would remain in force until 2020.

    Read more >
  • New data protection legislation registered

    Following Privy Council approval, the Royal Court today registered new data protection legislation that will strengthen individuals’ rights and enable Island businesses to continue accessing international markets.

    The Data Protection (Jersey) Law 2018 and Data Protection (Authority) Jersey Law 2018 will come into effect on 25 May 2018.

    The new Laws will enable data to continue moving freely between Jersey and the European Union, benefitting trade and helping law enforcement agencies cooperate with their counterparts in other jurisdictions.

    Earlier this year, the Laws were unanimously agreed by the States Assembly.

    The Assistant Chief Minister, Senator Paul Routier M.B.E., said “this is an important milestone for Jersey. The new data protection regime will bolster the rights of Islanders, ensure equivalence with the EU and further our standing as a trusted place to do business”

    Read more >
  • It’s Data Protection day!

    New consumer data protection law less than four months away

    STRONGER protection for consumers when it comes to their personal data is now less than four months away from coming into force in Jersey.

    With European Data Protection Day falling on Sunday 28th January, the Office of the Information Commissioner is urging people to become more familiar about their rights about how their data is handled when the new legislation comes into effect.

    ‘Jersey’s new Data Protection laws come into force on 25th May 2018, the same day as the new European General Data Protection Regulation (GDPR). They extend the rights of individuals, giving them more control over what happens to their personal information,’ said Deputy Information Commissioner Paul Vane.

    Under the new rules, business will have to provide individuals with more information when it comes to personal data handling – including stronger rules around how businesses ensure individuals have consented to the use of such information.

    ‘With European Data Protection Day, it’s the perfect time to highlight these new laws that will benefit consumers. As well as long-standing rights of access to, and correction of personal information in specific cases, the new laws allow for the erasure of personal information in some circumstances, and the right to data portability,’ added Mr Vane.

    GDPR, which also aims to harmonise compliance regulations for business, will be the biggest change to data protection across Europe in more than 20 years. More guidance for individuals and business will be added to the Commissioner’s website over the coming months. For more information, go to


    Read more >