Agrégateur de contenus

Analyses et Arguments

Emerging issues for Data Protection Authorities in Southern Africa

Continuing and emerging issues for Data Protection Authorities in the Southern African Development Community

Data protection has gained global importance, for various reasons. Data has been viewed as the new oil, though it is not oil, as it is non-rivalrous, and replenished unlike oil. Data has been seen as driver of economic growth, with its economic value estimated in billions, causing countries to rush towards a digital economy. Data has again been viewed as part of a fundamental right to privacy, though it is not the same as the right to privacy and albeit deserving protection as violations of personal data results in economic, social, emotional and discriminatory harms. This report does not debate or distinguish the value or importance of data but focuses on the increased efforts to protect data privacy within the Southern African Development Community (SADC) region, as a political and economic bloc. This report contributes to the growing literature on data protection authorities (DPA) in Africa, focusing on countries in the Southern African Development Community (SADC). For purpose of this report only Eswatini, Zimbabwe, Botswana, Zambia, Lesotho, South Africa and Mauritius are referenced and reviewed. As technology evolves, new challenges emerge, that data protection authorities are not sufficiently designed to resolve or address, and therefore their independence becomes irrelevant or insufficient, as the pressing matters are not entirely about independence, but technical, political and administrative. There are several challenges for data protection, and data protection authorities; these are automated data processing; cross border data transfers; handling of sensitive data including health related data from COVID-19; surveillance and smart cities; and data breaches. The report highlights some of the pressing needs for DPAs including financial support, administrative issues, and enforcement of decisions. The enforcement of data protection laws is dependent on the existence of a functioning data protection authority whether as a single institution or several institutions that might have shared mandates. While the absence of independent data protection authorities capable of enforcing data protection is usually the main issue of concern, there are other emerging aspects weakening the capacities of data protection authorities to advance data privacy and data protection as a fundamental right. This report makes further assertions that while independence of the data protection authority is essential, it cannot be the only issue undermining the effective protection of data privacy in the SADC region. The report makes specific recommendations to data protection authorities; legislature and civil society.

Agrégateur de contenus

Interlocuteur

Tafadzwa Mupandira

Portrait

Administration Assistant

tafadzwa.mupandira@kas.de +263 24 2744602 /
+263 24 2745395

comment-portlet

Agrégateur de contenus

À propos de cette série

Cette série informe de manière concentrée sur les positions importantes de la Fondation Konrad-Adenauer sur les questions d'actualité. Les différents numéros présentent les principales conclusions et recommandations, offrent de brèves analyses, expliquent les projets futurs de la Fondation et désignent les personnes de contact du KAS.

Informations de commande

Éditeur

Otto Saki

verlag

MISA and Konrad Adenauer Foundation

erscheinungsort

Harare

Dr. Kristin Wesemann

Dr

Leiterin Strategie und Planung

kristin.wesemann@kas.de +49 30 26996-3803

Sophie Steybe

Referentin Publikationen

sophie.steybe@kas.de +49 30 26996-3726