Jersey Data Protection Authority appoints New Authority Members

Pictured left to right: Elizabeth Denham CBE, Paul Breitbarth and Stephen Bolinger.

The Jersey Data Protection Authority (JDPA) are pleased to announce the appointment of three new Authority Members who bring with them in depth, exceptional and international expertise in the field of data protection and privacy regulation.

The appointments have been made due to two of the current members of the Authority, stepping down. Clarisse Girot stepped down in August 2022 as her role at the Organisation for Economic Co-operation and Development (OECD) does not permit her to serve, concurrently, as a voting member of an independent data protection authority. David Smith is due to retire. A third new Authority member was appointed to reinforce the Authority’s expertise in the field of technology and the commercial sector.

Elizabeth Denham CBE, Paul Breitbarth and Stephen Bolinger were appointed following an extensive recruitment and selection process undertaken earlier this year in which the JDPA sought to identify experienced candidates with expert knowledge of:

• Global data protection regulatory frameworks
• The European General Data Protection Regulation (GDPR)
• The Data Protection Act 2018 (UK GDPR)
• Data Protection (Jersey) Law 2018 (the DPJL)
• The impact of emerging technologies on privacy and data protection laws

Following the recruitment process, the JDPA identified the three successful candidates that possessed the requisite skills, knowledge and behaviours required, and who have been appointed as voting members of the Jersey Data Protection Authority for a term of four years each.

About the new Jersey Data Protection Authority Members

Elizabeth Denham CBE
Elizabeth brings significant experience spanning 15 years as a data protection regulator, notably as Information & Privacy Commissioner for British Columbia, and later as the UK Information Commissioner, for which she was awarded a CBE in the Queen’s 2019 Honours list for Protecting the Data of UK Citizens. During her role as Information Commissioner for the UK, Elizabeth oversaw the introduction of the GDPR and the UK Data Protection Act (2018). She is committed to making digital technologies and data work for the benefit of society and has demonstrated a focus on the essential role data protection can play in innovation. Presently Elizabeth is an International Advisor to Baker McKenzie’s Data and Tech practice and serves on the Board of 5Rights - a non-profit advocating for children’s privacy and safety online.

Paul Breitbarth
Paul has in depth knowledge and experience of GDPR, having been a civil servant with the Dutch Data Protection Authority when this was first proposed, and thereafter being heavily involved in the implementation, from a local and international law enforcement perspective. In addition, within the Article 29 Working Party he was coordinator on the subgroup on Borders, Travel & Law Enforcement and was secretary of what is now the Global Privacy Assembly. Paul currently works as Data Protection Lead at Catawiki, a Dutch online marketplace for special objects. He is also a Senior Visiting Fellow at Maastricht University’s European Centre on Privacy and Cybersecurity, lecturing on a range of topics from the fundamentals of privacy and data protection law to accountability, international data transfers and ePrivacy.

Stephen Bolinger
Stephen is a qualified lawyer with extensive experience in data protection in technology, financial services, and medical devices. Stephen brings a wealth of commercial and private sector experience, gained across the United Kingdom, United States of America and Australia, developing and implementing privacy strategies and programs and embedding a culture of ethical data use into practical operations in major global organisations as well as start-up environments. Additionally, from 2019 to 2022, Stephen served as the Country Leader for Australia for the International Association of Privacy Professionals. He is currently the Chief Privacy Officer for UK-based events and media company, Informa.

It is the Data Protection Authority (Jersey) Law 2018 that enables Jersey’s Minister for Economic Development, Tourism, Sport and Culture to appoint voting members to the Jersey Data Protection Authority, following recommendation from the JDPA Chair and in accordance with obligations under Article 3 of the Data Protection Authority (Jersey) Law 2018.

The Minister signed the recommendation which was formally presented to the States Assembly on 20 March 2023.

Each new Authority member will start their term of office on 1 May 2023.