Law: Act of May 17, 2010 Containing Rules on the Protection of Personal Data of Bonaire, Sint Eustatius and Saba (BES Data Protection Act) (only available in Dutch here) (Wbp BES)

Regulator: Commission for the Supervision of Data Protection BES (CBP BES)

Summary: The BES Islands are classified as overseas territories of the EU. As part of the transition that established the BES Islands from the Netherlands Antilles, on October 10, 2010, the Dutch Constitution (only available in Dutch here) and the operations of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (the Convention 108) and the Additional Protocol to Convention 108 were extended to the BES Islands. It is to be noted that Article 10 of the Dutch Constitution states that every individual has the right of respect with regards to their privacy and that law shall provide protection to safeguard such privacy in connection to registration and distribution of personal data. As a result of the above, the Act of May 17, 2010, Containing Rules on the Protection of Personal Data of Bonaire, Sint Eustatius and Saba (BES Data Protection Act) (only available in Dutch here) (Wbp BES) went into effect on October 10, 2010, with the aim of complying with this constitutional protection. Notably, the Wbp BES is modeled on the Dutch GDPR Implementation Act and, as such, provides for data subject rights and data protection principles akin to those under the GDPR.

As privacy and data protection is a relatively new concept on the BES Islands, the Commission for the Supervision of Data Protection BES (CBP BES) emphasized publishing guidance for organizations as a means of setting a standard on the implementation of the Wbp BES.