BVI tables cyber laws

Credit: Alan Copson/Getty Images

The Government of the British Virgin Islands has tabled a number of bills in its parliament aimed at enhancing the digital economy. The suite of proposed legislation covers data privacy, the facilitation of electronic filings via government institutions, electronic commerce (electronic transactions, documents and signatures) and digital payments.

Public comments were invited in the first quarter of 2020, as a precursor to a final reading of the bills in the House of Assembly. It is unclear when the bills will be passed into law.

You can review a copy of the proposed laws below:

  • Data Protection Act, 2019 bill (link, mirror)
  • Electronic Filing Act, 2019 bill (link, mirror)
  • Electronic Transactions Act, 2019 bill (link, mirror)
  • Electronic Transfer of Funds Act, 2019 bill (link, mirror)

List of E-Commerce Laws in the Caribbean

Caribbean Map. Credit: Active Caribbean

I was recently interviewed for an article in the Barbados Business Authority. The article touched on the value of executing contracts electronically in the midst of the COVID-19 pandemic and the legal framework supporting e-contracting in Barbados.

After issuing my comments for that article, I was curious about the state of play across the wider Caribbean. I, therefore, researched which countries in the region have e-commerce laws and the results are listed below:

JurisdictionName of e-Commerce Law
AnguillaElectronic Transactions Act, Revised Statutes of Anguilla, Chapter E38
Antigua and BarbudaElectronic Transactions Act, No 24 of 2013
Bahamas (Commonwelath of)The Electronic Communications and Transactions Act, 2003
BarbadosElectronic Transactions Act, 2001;
BelizeElectronic Transactions Act, Chapter 290:01
BermudaElectronic Transactions Act 1999
British Virgin IslandsElectronic Transactions Act, 2001 (No 5 of 2001)
Cayman IslandsElectronic Transactions Law (2003 Revision)
CubaNo law
DominicaElectronic Transactions Act, 2013
Dominican RepublicLey de Comercio Electrónico, Documentos y Firmas Digitales No. 126-02
French GuianaFrench Civil Code
GrenadaElectronic Transactions Act, 2013
GuyanaNo law
GuadeloupeFrench Civil Code
HaitiDécret portant sur la signature électronique (Decree on Electronic Transactions)
JamaicaElectronic Transactions Act, 2006
MartiniqueFrench Civil Code
MontserratElectronic Transactions Act 2009, No 7 of 2009
Netherland AntillesLandsverordening overeenkomsten langs elektronische weg (P.B. 2000, 186)
Puerto RicoLey de Firmas Electronicas de Puerto Rico, Ley numero 359 de Septiembre 16, 2004
Saint Kitts and NevisElectronic Transactions Act 2011, No 9 of 2011
Saint LuciaElectronic Transactions Act, 2011 (not yet in force)
Saint Vincent and the GrenadinesElectronic Transactions Act 2015, No 6 of 2015 (repealing and replacing Electronic Transactions Act, Cap 145)
SurinameWET van 24 september 2017, houdende regels inzake het rechtsverkeer langs elektronische weg (Wet Elektronisch Rechtsverkeer) [LAW of September 24, 2017, containing rules on legal transactions by electronic means (Electronic Traffic Act)]
Trinidad and TobagoElectronic Transactions Act, 2011
Turks and CaicosElectronic Transactions Ordinance 2000, Cap 2.14
As at April 10, 2020, 27 Caribbean jurisdictions surveyed.

A few notes on the list:

  • In preparing the list, it was apparent that there was a significant level of disparity in the scope of rights and obligations in the different statutes. In future updates, I’ll be looking at some of the more important areas of nuance that exist in the e-commerce frameworks across the region.
  • For the purpose of this list, ‘Caribbean’ jurisdictions were defined as: i) all the island-states in (or in the direct vicinity) of the Caribbean Sea as well as ii) those jurisdictions on the South or Central American mainland with sufficiently strong and continuing cultural, historical, economic and/or political commonalities with island states in the Caribbean Sea.
  • Only 2 of the 24 jurisdictions surveyed appear to be without laws targeted at e-commerce: Cuba and Guyana (as of April 2020).
  • If you’ve spotted an error or are aware of an update to any of the jurisdictions listed above, please let me know: contact {at} .

Success! You're on the list.

ITU publishes guidelines on national emergency telecommunications plans

In the midst of a global pandemic and a number of recent natural disasters affecting the region, an interesting conversation point has arisen in ICT and telecommunications spaces: how to best utilise telecoms infrastructure to assist in managing inevitable national disasters.

The International Telecommunications Union has recently published guidelines for national emergency telecommunications plans (NETPS).

Per the ITU:
“These guidelines​ assists national authorities and policymakers to develop a clear, flexible and user-friendly framework that guide countries on how to develop a strategic plan to support and enable the continued use of telecommunication and information and communication technology (ICT) networks and services in all four disaster management phases. It not only describes the main elements that an NETP should consider, but also highlights its potential benefits. It includes a step-by-step guide to the development of an NETP, it serves as a useful resource based on ITU recommendations and concepts, as well as expertise from other global bodies and organizations.”

Quote from the ITU website.

The NETPS Guidelines are fairly in-depth and covers all four phases of disaster management: mitigation, preparedness, response, and recovery.

The ITU has been instrumental in aiding several countries who have put national emergency telecommunication plans in place. This has included early warning systems, monitoring systems and emergency telecommunications equipment.

Link: ITU Guidelines on NETPS (pdf)

Success! You're on the list.

Majority of CARICOM states back controversial United Nations resolution on Cybercrime


A resolution at the United Nations – Countering the use of information and communications technologies for criminal purposes – was put to a vote and passed on November 18, 2019. The resolution is geared at creating an

“open-ended ad hoc intergovernmental committee of experts, representative of all regions, to elaborate a comprehensive international convention on countering the use of information and communications technologies for criminal purposes…”.

Draft Resolution – Agenda item 107 – Countering the use of information and communications technologies for criminal purposes (link)

In plain-speak: the resolution could result in an eventual UN convention on cybercrime.

How they voted

There were 88 votes for the resolution, 58 against and 30 abstentions.
According to the note of the votes, 14 of the 15 full CARICOM member countries voted on the Resolution. This is the breakdown of CARICOM votes on the resolution:

YES: Antigua & Barbuda, Dominica, Jamaica, Suriname, Saint Vincent, Saint Kitts and Saint Lucia

NO: Belize

ABSTAIN: Bahamas, Barbados, Grenada, Guyana, Haiti and Trinidad & Tobago

Why the Controversy?

The countries sponsoring the resolution were: Algeria, Angola, Azerbaijan, Belarus, Bolivia, Burundi, Cambodia, China, Cuba, North Korea, Egypt, Eritrea, Iran, Kazakhstan, Laos, Libya, Madagascar, Myanmar, Nicaragua, Russian Federation, Sudan, Suriname, Syria, Tajikistan, Uzbekistan, Venezuela and Zimbabwe.

A number of these countries are authoritarian regimes and/or enjoy a less than stellar reputation in respect of human rights violations.

The resolution has come in for criticism from the United States and the Europe Union as well as civil society bodies. The key points are:

  • The language of the resolution appears to be very vague and, per APC’s open letter to the UN, “opens the door to criminalizing ordinary online behaviour that is protected under international human rights law.”
  • There is already an existing, robust de-facto international convention on cybercrime – the Budapest Convention with just under 70 signatories.
  • In the blunt words of David Ignatious “[Russia], the country that hacked the 2016 U.S. presidential election and various European campaigns is now leading the process to write international rules about hacking.”

The underlying fear of many of the resolution’s critics is that this proposed convention is an attempt to use an international law instrument to legitimize the repression of free speech online. Naturally, the question becomes: if this is the case, have the majority of CARICOM states unwittingly helped lay the foundation for the erosion of fundamental human rights online?

Success! You're on the list.

[Panel discussion] The Barbados Data Protection Act – SMART Barbados Week 2019

I was honoured to be part of a panel discussion on the newly passed Barbados Data Protection Act at the inaugural Smart Barbados Week 2019.

The Smart Barbados Week was a 4-day symposium hosted by Barbados’ Ministry of Innovation, Science and Smart Technology (MIST). Its purpose was to engage the Barbadian public with the knowledge needed to support the country’s transition to ‘smart’ status.

My panel was a useful moment to discuss aspects of the new legislation. It also created an opportunity to make the connection between enabling legislation, like privacy laws, and achieving larger technology-focused developmental outcomes like smart societies.


Success! You're on the list.

Number portability is now a reality in the Eastern Caribbean

In June, the Eastern Caribbean States witnessed a quiet revolution: the introduction of mobile number portability (“MNP”).

Number portability refers to the ability of a telephone network subscriber to retain use of their telephone number after switching networks. MNP is the cellular telephone-specific implementation of this concept.

MNP is revolutionary to the degree that it potentially opens up a significant degree of consumer choice for mobile subscribers in the EC. The availability of MNP means that a consumer who has maintained a long, valuable association with a particular telephone number, no longer has to be tethered to their mobile service provider in the face of either poor service from that provider or, a better deal from a competitor. The implementation of strategies like MNP by regulators ensure greater choice and, by extension, more competition among mobile service providers for a much more liberated customer-base.

The EC’s implementation of MNP is not without precedent in the Caribbean. Similar developments took place in Cayman in 2012, Jamaica, in 2015 and Trinidad in 2016.


  • The implementation of MNP will be island-specific: a Lime mobile subscriber in Grenada will not be able to port his number to Digicel’s network in Saint Lucia, for example.
  • The implementation is mobile-specific and so land line subscribers cannot benefit. ECTEL has indicated that fixed-line telephone porting will be allowed in the future when there is competition for this service.


  • There will be no cost to the mobile subscribers for porting. It is, however, possible that subscribers will have to cover the cost of unlocking phones for use on another network.
  • Both post and pre-paid customers in the EC will have access to MNP. Post-paid customers will have to settle their bills as a pre-cursor to switching networks.
  • Mobile subscribers will be able to request a reversal of the number porting within 14 days of the switch. Once this 14-day window has expired, subscribers will not be able to request a further switch for another 46 days.

Implementing number portability is a signal acknowledgment of the importance of a more consumer-centric regulatory framework. It may be seen as a move towards further enabling the ‘invisible hand’ of market forces to work in the various EC jurisdictions. Taken to its logical conclusion, this should result in greater competition among the different telecos operating in that region. Given the relatively small size of the EC markets, however, its left to be seen whether MNP’s impact will be more than negligible.

Success! You're on the list.

[Published] Article in the Business Authority on the Barbados Data Protection Bill*

credit "In 30 Minutes guides" :
Credit In 30 Minutes guides

The Business Authority newspaper (Barbados) published an article under my name. The article is based on my written submissions to the Barbados Parliament’s Joint Select Committee on the Data Protection Bill, 2019.

The article zooms in on my comments on the lack of protection offered to the Data Protection Commissioner’s office and the need for a staggered approach to implementation.

A copy of the Business Authority article can be found here (.pdf). For better context, my complete written submissions can be found here.

* Note: shortly after the publication of the article, the Bill was passed by both houses of Parliament.

Success! You're on the list.

[Quoted] Global Data Review article on the Eastern Caribbean States accessing Facebook’s disaster mapping technology

Global Data Review recently reached out for comments on a recently announced collaboration between the Organisation of Eastern Caribbean States and Facebook. Under the initiative, the OECS will have access to Facebook’s Disaster Maps feature in the event of natural disasters.


Jamaica’s Court declares freestanding constitutional right to informational privacy

Image result for constitution

The Jamaican Constitutional Court in a 3-judge panel decision recently struck down an entire statute. The act – the National Identification and Registration Act 2017 – was being implemented with a view to making registration in a national ID database mandatory.

The complainant in the case had argued that it breached his constitutional rights.

The case is made interesting as the Jamaican Constitution does not include an express broad-based right to privacy and, certainly not informational privacy. In striking down the act, the Court took a weaving path that required an assessment of the degree to which the Jamaican Constitution provided a basis for protecting the right to privacy, despite this.

The Constitutional Court, having reviewed prior case law from throughout the Commonwealth, concluded that given the necessity of the right to privacy as a precursor to the enjoyment of the other rights in the Jamaican Constitution, a general right to privacy must be read into the Jamaican Constitution.

A copy of the case can be found here.