The Internet Society and the African Union Commission has unveiled a new set of Guidelines that highlight how privacy protection and the responsible use of personal data are critical factors in building greater trust online and in advancing the digital economy in Africa.
The Personal Data Protection Guidelines for Africa launched at the Africa Internet Summit in Dakar, Senegal, were jointly developed by the Internet Society and the African Union Commission. The aim is to facilitate the implementation of the AU’s Convention on Cyber Security and Data Protection (known as the Malabo Convention), adopted in 2014.
The Guidelines recommend a range of actions for governments, policymakers, citizens and other stakeholders to take at the regional, national, organizational and individual level. Among the key recommendations for governments is that they should respect and protect individuals’ rights to privacy online and offline.
“Recent global events have showed us that the lack of appropriate protection for personal data can have a profound impact not just on individuals but also on society at large, to the point of endangering democratic systems,” said Dawit Bekele, African Regional Bureau Director for the Internet Society. “These Guidelines explain how people can take a more active role in the protection of their own data as well as the role that other stakeholders, including governments and legislators, have in ensuring the proper use of data.”
Two key principles of the Guidelines urge all AU Member States to: recognize privacy as a foundation for trust in the digital environment and prioritize the sustainable and responsible use of personal data in the digital economy.
In addition, there are recommendations for citizens who are concerned about their data and privacy including using the Internet and other sources to inform themselves about the risks and benefits of the digital economy or their online activities. This includes being aware of agreements they make when they sign up for “free” services or use social media platforms that may profit off their data. Others include understanding and exercising their rights, and act, when needed. There is a corresponding role for governments to empower individuals to do so by ensuring citizens know how to exercise their rights under privacy and personal data protection laws.
Additionally, citizens were urged to develop their capabilities to protect their interests online. Supervisory authorities and governments should also take steps to ensure that service-providers and product vendors are transparent about their business models and product capabilities, so consumers can make informed choices about the privacy implications of products and services.
“The Malabo Convention is the first step towards developing national legislative frameworks for cybersecurity and data protection in Africa. The guidelines launched today provide a path forward for the member states that have signed the convention, and hopefully encourage more countries to join,” says Moctar Yedaly, Head of Information Society Division, African Union Commission.