Data protection and privacy regulation in most, or even all, African countries are often less mature – particularly when compared to the EU’s General Data Protection (GDPR) regime. As such, economies on the continent present both risks and opportunities when it comes to data.
At the recent Africa Tech Summit Kigali 2020, we ran a workshop on data protection and privacy regulations, and a panel discussion on digital transformation in Africa. As such it was, for us at least, a poignant moment when, during this major global tech industry gathering, one of the delegates stated that data was, in fact, Africa’s “new blood” rather than the “new oil”, with this delegate clearly recalling when, in 2017, the Economist memorably declared that the world’s most valuable resource was no longer oil but data!
Below are some insights from those sessions an integrated team from DLA Piper’s Kigali, Lagos, Nairobi, Casablanca and London offices hosted, and from the summit as a whole.
The panel we led recognised data as the lifeblood for Africa’s pursuit for competitive advantage. Mark Ihimoyan, director of business development (Middle East and Africa) at Microsoft, discussed how this tech giant has, in 2019, opened its first data centres on the continent through new cloud regions in Cape Town and Johannesburg. Microsoft’s goal is to accelerate global investment in Africa and create greater economic opportunities for businesses based there.
Patricia Obozuwa, chief communications and public affairs officer for GE Africa, shared insights from the GE Lagos Garage, a hub for advanced manufacturing skills development focused on building the next generation of Nigerian entrepreneurs. Interventions like this are playing a critical role in building the capacity of human capital on the continent.
And Henri Nyakarundi – CEO and founder at ARED, a renewable energy start-up – spoke about some of the challenges that entrepreneurs and investors face in Africa. These include the process of accessing capital. ARED has sought funding to help it scale out of Rwanda into Ethiopia, Senegal and the Ivory coast this year with it planning to do so through the flexibility and agility offered by a licensing model.
Key trends from summit sessions
Fintech players OPay and Flutterwave reflected on open banking regulations coming to Africa. Mehdi Kettani, Partner in our Casablanca office in Morocco, highlights how these are set to oblige banks and telcos to share their customers’ data – with permission – with authorised providers of app-based services.
Moses Kiiza, Partner at Equity Juris Chambers (DLA Piper Africa, Rwanda), noted how agritech companies like Twiga Foods are leading the structural transformation of Africa’s food retail markets and, therefore, successfully addressing food insecurity on the continent by connecting farmers with retailers and consumers.
Sandra Oyewole, Partner at Olajide Oyewole LLP (DLA Piper Africa, Nigeria), noted how e-commerce businesses such as Sokowatch are revolutionising access to goods and services, with their rapid pan-African growth fuelled by macro-environmental forces like the recently agreed African Continental Free Trade Area (AfCFTA) agreement. When implemented, this should widen the scope for regional strategies.
The “new blood”
Over the two-day summit, the wider industry conversation around Africa and tech was summed up by a delegate’s observation that data is Africa’s “new blood,” particularly in relation to inherent risks around big data. The delegate noted that organisations leveraging large consumer data sets could be seen by those same consumers as effectively taking their blood, only to sell it right back to them through tools designed to exploit their data at scale.
Africa’s “new blood” does run the risk of being ‘contaminated’. Global cybersecurity firm Dark Trace presented a keynote with case studies showing how the company’s ‘Enterprise Immune System’ and ‘Antigena’ technologies have detected and responded to previously unidentified threats against enterprise clients operating in Africa.
Cyber risk repeatedly came up as a critical issue. William Maema, partner at IKM Advocates (DLA Piper Africa, Kenya), noted that many African countries have no specific cyber legislation. For the few jurisdictions where cyber laws exist, there is a general lack of awareness about the importance of investing in cyber resilience through preventive measures, incident response and post-incident remediation.
The result is a conducive environment for cybercrime in Africa. Between them, corporates, governments and investors must:
- design and implement governance structures to protect them and their directors;
- deploy tools to assess risk and comply with evolving regulatory requirements;
- refine sound corporate policies and strategies to create and maintain a culture of security; and
- implement responsible supply-chain and vendor risk-management techniques and contract support.
DLA Piper’s position in the wider industrial ecosystem lets us appreciate the inherent risks and barriers to the adoption of technology, including in under-regulated economies in Africa.
After all, in today’s ‘big data’ reality, and as Africa’s infrastructure and connectivity continues to improve, we can anticipate the volume and complexity of data flows into and across Africa to rise exponentially. This then reinforces how apposite the aforementioned delegate’s observation that data is Africa’s “new blood” rather than its “new oil” was, noting that some criticised the comparison of data to oil given what some believe is the finite availability of the latter, in contrast to this age of data abundance.
For now, our thanks to Andrew Fassnidge and his team for putting together a fantastic event in Kigali. In the meantime, we look forward to continuing this conversation when we connect again with international tech leaders and investors at its sister event, the fifth annual Africa Tech Summit London 2020 to be held on 22 May at the London Stock Exchange.
Some of our relevant tools and resources
We provide a range of products and services for clients and the wider market, including:
- Data Protection Laws of the World, a comparative guide;
- Data Privacy Scorebox, enabling organisations to assess their level of data protection maturity; and
- our cybersecurity services.
Also our latest GDPR Data Breach Survey revealed that data protection regulators have imposed EUR114 million (USD126 million / GBP97 million) in fines under GDPR regime for a wide range of infringements – not just data breaches.
This article was submitted by Boko Inyundo, a senior marketing and business development professional aligned to the international Technology Sector team at global business law firm DLA Piper. He is also a council member at the Royal African Society, a member of the board at the African Foundation for Development, and a non-executive advisor to the Africa and tech-focused consultancy De Charles.