Note to readers: EL PAÍS offers the Future Planet section for its daily and global information contribution on the 2030 Agenda. If you want to support our journalism, subscribe here.
“Of the 55 states on the African continent, only 28 have passed data protection laws and of those, only 15 have created independent authorities to enforce those laws. I believe that Sub-Saharan Africa is at an incipient stage in the development of data protection policies ”. So x-ray Koliwe Majama the situation of the struggle to guarantee respect for personal information in the digital environment on the African continent. Obviously, Majama formulates this general conclusion recalling the need to establish innumerable nuances, as many as the diversity of the situations in which each of the States finds itself.
This Zimbabwean journalist who is an expert in media, information, communications and technology recalls that on the African continent we find ourselves in three different phases: “There are countries with data protection laws, others with some partial regulations in this field, and others that do not have any. law or policy on this issue ”. Majama is responsible for the program to ensure human rights online in Africa through the African Declaration on Internet Rights and Freedoms (AfDec) and the African School of Internet Governance (AfriSIG). In addition, she has been one of the coordinators of the report on Privacy and personal data protection in Africa driven by Association for Progressive Communications (APC), one of the most solid and veteran networks of organizations that work for peace, human rights, development and the protection of the environment, through the strategic use of information and communication technologies (ICT).
Analysis in eight countries
The recent report has taken an in-depth look at the personal data protection situation in eight African countries to outline the challenges facing the continent. The initiative responds to the feeling of the APC and other organizations that have participated in the investigation that the defense of privacy is at a key moment in Africa. This is so, due to the confluence of social and political factors, but also because the puzzle of the defense of privacy on the internet has many pieces in national administrations.
“In recent times, interest in the right to privacy and the importance of data protection policies has increased in the continent. This is due, in part, to concerns about an apparent increase in surveillance and abuses in the use of citizens’ personal information by both governments and private companies, ”explains Majama. The expert also mentions as factors of the increase in interest a “greater attention in digital economies” as a result of the signing of the Africa Continental Free Trade Agreement (AfCFTA, for its acronym in English), and the requirement of compliance with the European General Data Protection Regulation (GDPR) in most French-speaking countries.
Sub-Saharan Africa is at an incipient stage in the development of data protection policies
Koliwe Majama, Zimbabwean information and technology journalist
On the other hand, both Majama and the report itself on the situation on the continent warn of the complexity of the panorama of defense of privacy. Usually, the approval of data protection legislation appears as a thermometer of the state of the situation, but it is not enough. The political will to apply them or the independence of the data protection authorities must also be taken into account. Other elements that condition it are democratic health itself and the interference of other laws, from cybercrime to health, or freedom of the press, for example. The puzzle has many pieces and the fit is complex. A lack of conviction that, as experts point out, some governments that are not determined to guarantee the freedoms of their citizens or some private companies that take advantage of unethical, if not fraudulent, management of personal data take advantage of.
All these elements draw different scenarios of the situation of each country. And that is why the analyzes carried out in the report Privacy and personal data protection in Africa They demonstrate the diversity and nuances of adopting a decisive policy to preserve information that has become a raw material and grows with the expansion of the digital universe also in Africa.
For example, the report notes that “South Africa was the first to pass a personal information protection law (in 2013), but has not yet implemented the necessary regulations to put the law into practice.” However, in South African legislation it emphasizes that it “considers necessary the defense against collective ‘data damage’” and refers to the requirement to guarantee these rights for “marginal communities as a whole”, thus incorporating a particularity in the approach of that protection.
South Africa was the first country to pass a data protection law, in 2013, but has not yet implemented the necessary regulations to put it into practice
Meanwhile, in Kenya “the right to communicate online anonymously is not guaranteed in its entirety because ‘competing legislation […] dilutes it ‘”and the lack of a broad participation process in the approval of the Data Protection Law that saw the interests of all the affected parties represented“ gave rise to gaps in the legislation, such as the preservation of the personal data of the children”.
Some of these laws seem more sensitive to limiting illegal surveillance by the State, as is the case of Namibia, which addresses the right to online privacy by protecting it by default and establishing specific cases in which exemptions can be applied, thus limiting the circumstances in which a citizen’s communication can be intercepted, monitored or otherwise processed, ”according to the report.
Meanwhile, the project that is being worked on in Ethiopia, for example, mentions that possible surveillance, but according to the report “it falls short in terms of due process in legal surveillance, including the ability to challenge it, to hinder illegal surveillance. and to notify the individual that they have been surveilled ”. And in Togo, the experts recall that, “recently, new evidence of illegal surveillance of religious and political leaders has appeared” for which they warn that it is necessary to “strengthen the mechanisms of supervision and independent judicial authorization of surveillance.”
In other cases, the report highlights the state’s lack of interest in regulating this area. “Of the countries studied,” notes the text of this radiograph, “Tanzania appears to be the least committed to the active development of a comprehensive privacy and data protection law, despite the fact that, for example, telecommunications providers have legislated collecting fingerprints for SIM card registration. These factors, including the fact that, as in Kenya, the right to communicate online anonymously is not protected, leave Tanzania “a long way” from complying with the Principle 8 of the African Declaration on Internet Rights and Freedoms (AfDec)“, Which is the one that establishes that” everyone has the right to privacy online “, to the protection of personal data or to communicate anonymously on the internet.
Despite all the negative evaluations, Majama is hopeful about this growing interest in the protection of personal data that she has found, although she acknowledges that in the African continent, the processes of formulation, adoption and application of policies do not take place “in overnight ”and highlights that there are three obstacles to advancing in the defense of these rights. The first is that the institutions do not perceive it as an urgent need, which is why it is sometimes delayed due to changes in the legislature and others, because there is no consensus in the administration to approve a bill. The second is that the regulation of technology and human rights is a relatively new policy area and in some cases there is a lack of knowledge in the legislature for a comprehensive regulation.
And finally, it recognizes the “inactivity of citizenship”: “Although privacy is as old as creation”, he comments, “it was not recognized as a right for citizenship in the African Charter of Human Rights. Only now, with the revision in 2019 of the Declaration of the African Commission on Human and Peoples’ Rights on the Principles of Access to Information and Freedom of Expression, has it been incorporated. Thus, the awareness that it is a right is weak ”.
For this reason, Koliwe Majama demands the work of civil society in the defense of data protection and privacy on the internet. “In most cases, [la sociedad civil] is seen as an adversary. Although they are growing in number, it is still essential that organizations work together in national or regional coalitions, to speak with one voice. We are seeing this importance in the presentation of cases to human rights defense organizations, to national and regional courts and to the respective governments ”.
Eddie is an Australian news reporter with over 9 years in the industry and has published on Forbes and tech crunch.