The Covid -19 pandemic has proved more than ever that data privacy is a global policy issue, and there is a need for Africa to redefine its stand on data protection laws. Uganda is one of just a handful on the African continent with data protection and privacy laws. At the East African level, Uganda became the first country in the region to enact a comprehensive data protection law in February 2019.
As a step towards creating a data sensitive and concerned generation, Unwanted Witness Uganda and other civil society actors have provided a platform in a three day Africa-focused symposium with over 30 speakers from across the continent, panel discussions and workshops to shape the practice of data safety, privacy and protection.
The Privacy Symposium is a platform to discuss data protection and privacy, to share knowledge and approaches on what should be done to enforce data protection laws. According to Unwanted Witness’ Head of Legal and Programs, Allan Sempala Kigozi, governments, private sector and citizens need to use this platform and learn how to incorporate technology in data protection law enforcement and implementation.
The event seeks to present original research results, data, policy and technology developments related to personal data protection and privacy, aiming at promoting discussions, collaboration and knowledge exchange on data protection and Privacy not only in Uganda but globally.
Unwanted Witness has organized such forums for the last two years and this year’s hybrid symposium will be the third under the theme “Data Protection in Africa: A New Dawn’’ https://privacysymposiumafrica.com/to that will virtually take place on the 3rd-4th November hosted at the Media Hub in Kabalagala and the Grand finale will physically be at Serena Hotel where several civil society actors join Unwanted Witness to launch The Privacy Scorecard Report.
Mr. Kigozi also says that Uganda’s Data protection policy has no compliance. The Privacy Report Score Card Report therefore will expound and explore this issue, providing solutions and recommendations for action on how compliance can be achieved in the country.
The Data Protection and Privacy Act 2019, reinforces Article 27 of the 1995 Ugandan constitution, which guarantees citizens’ right to privacy. After 24 years of promulgation of the national constitution to regulate data protection and 20 years for the drafting of the bill it placed various vulnerable communities at risk.
Our latest research on communication and personal data found that Telecom and ISP companies collect vast amounts of personal data from their users and yet there is no concrete assurance that this data cannot be stolen or the user is protected in case it happens.
For example in February 2021, a media report was published condemning Safe boda for sharing client’s data with third parties. This investigation mandated under the Data Protection and Privacy Act, 2019 (DPPA), by the National Information Technology Authority – Uganda (NITA-U) found that SafeBoda unlawfully shared clients’ data with third parties. This was after a complaint was made to NITA-U that SafeBoda, a platform that connects motorcycle taxi riders with passengers, was sharing users’ data with third-parties without the consent of users.
So, is the Data protection and Privacy Act protecting citizens against personal data breach and related issues or is it just a signed paper sealed and framed in the parliament chambers? For data enthusiasts, journalists, digital security experts and human rights defenders
“In the next three years, the value of data will increase, making it even more valuable than it is today. Everyone will see your personal information and data as a bundle of dollars. Are you safe? How about your Privacy? Do you know how to protect your personal data from theft? Join our table of knowledge and research on personal data protection and privacy this November.