|OVERVIEW||Malta, as a Member State of the European Union, enacted a comprehensive data protection law in 2001.|
|GENERAL PRIVACY LAWS||Malta Data Protection Act 2001|
|PERSONAL DATA PROTECTION LAWS AND REGULATIONS||
Malta Data Protection Act 2001. The Ministry for Information Technology and Investment is charged with enforcing data protection in Malta.
Article 29 et seq. mandates that data controllers must register data processing with the Commissioner prior to commencement of the processing. Section 29(3) lists the information that must be provided to the Commissioner before processing can take place.
|TYPE OF DATA PROTECTED||Personal Data.|
|WORKPLACE PRIVACY LAWS||The Data Commissioner promises to issue regulations and guidelines in this area but has not done so yet.|
|TRANSBORDER TRANSFERS||Article 27 et seq. requires registration of data transfers to third countries. Such third countries must provide adequate protection.|
|FINES AND SANCTIONS||Civil and criminal sanctions, including imprisonment.|
|OTHER PRIVACY LAWS AND REGULATIONS||
Guideline for the Promotion of Good Practice: The Banking Sector (2008), Malta Bankers’ Association and Malta Data Commissioner.
The Banking Act recognizes the obligation of professional secrecy when handling financial data.
The Financial Institutions Act limits the ability of financial institutions to provide information to regulators unless the request falls under one of the exceptions recognized by law.