The Office of the Ombudsman, the Cayman Islands’ supervisory authority for data protection, has announced that the Data Protection Law 2017, which was supposed to take effect earlier this year, is not to come into force until September.

The office has released its Guide to Data Protection Law 2017 for Data Controllers, which it has based on the British Guide to the General Data Protection Regulation, released by the Information Commissioner’s Office’s in London. The GDPR is a statute of the European Union, a governmental club from which the UK is finding it difficult to escape.

The guide aims to explain how the Office of the Ombudsman will probably interpret certain provisions of the law and is not binding.

It will be illegal for a data controller to transfer personal data to a country unless that country protects the rights and freedoms of data subjects adequately in relation to the processing of personal data. Countries that qualify for this accolade are those dictated by the EU, namely every country in the European Economic Area (which includes the whole EU) and a decidedly Caucasian contingent of countries chosen by the EU, to wit Andorra, Argentina, Canada, the Faroe Islands, Guernsey, Israel, the Isle of Man, Jersey, New Zealand, Switzerland, Uruguay and (despite the European Court of Justice's denunciation in 2015 of the US Government's notorious law-breaking surveillance of its own citizens and those of other countries that came to light in the Snowden revelations) the United States of America.