Data protection needs to be a human right in the technological age, says Collen Weapond, advocate and full-time member of the Information Regulator.
Weapond was speaking yesterday during day one of the 2022 Data Protection Africa Summit in Illovo, Johannesburg, organised in partnership with the Information Regulator of SA.
Now in its fifth year, the annual summit aims to advance the cause of data protection and privacy in Africa.
This year, it takes place under theme “Developing data protection for Africa’s digital economy”, with the objective to build capacity, facilitate collaboration and explore the issue of data protection and privacy on the continent.
According to Weapond, the Cambridge Analytica scandal is one of the key examples that illustrates that cooperation among regulators on the continent is necessary when it comes to data protection.
“Some of the learnings from the Cambridge Analytica data breach include abuse of personal data, failure to ensure transparency, and processing personal data without considering the ethic codes thereof.
“This highlights the need for a higher level of transparency to gain trust between and among data controllers and data subjects. There should be transparency about how technology is used in one’s company.
“App developers, manufacturers, social media companies should engage and monitor all inappropriate data collection and use-practices, especially around online protection of children.
“Regulators should create an environment which seeks to promote co-existence of privacy by design and innovation by ensuring the legal frameworks are designed and responsive to violations.”
Drudeisha Madhub, data protection commissioner of Mauritius, pointed out that data protection is moving fast in the international arena.
Responding to what role data protection can play in facilitating an African digital economy, Madhub commented: “We all have to be digitalised in our offices, in our countries and we have to promote digitalisation values, privacy and cyber security considerations.
“The first project for any country, which is aiming towards a digital harmonised economy in Africa, is digitalisation. Without it, there cannot be a digital economy.
“We are not equipped in terms of critical information and infrastructure in our countries, so we have to be equipped with the right balance of data protection, and that is why data protection is important.
“Wherever you have technology, you need data protection and you need cyber security. We need to do that balance and we need to start working on this because it is going to make Africa’s digital economy.”
Emerging tech guidelines
Weapond indicated the 44th Global Privacy Assembly, held last month in Istanbul, Turkey, highlighted an approach of creating guidelines for emerging technologies like artificial intelligence (AI).
Considerations should be thought-out and studied by regulators to ensure technology is compliant from the outset, he stated.
“As programmes of deep learning and algorithms come into question, we need to understand and have basic knowledge of these technologies, in order to ensure the regulation level.
“We should be asking deep and probing questions in relation to our respective data protection policies – that’s where the focus of the regulator should be and the future of data protection is moving towards. These technologies are powerful and they continue to shape our daily lives, and will impact the way in which to process data.”
Weapond advised the regulator to learn from 20 years of under-regulation of the internet. “We should be asking if our current policies…are adequate, or should we look at additions. It seems like regulators and legislatures always have to do some catching up.
“Artificial intelligence is as good as its algorithm. Nothing prevents designs of algorithms to include privacy and innovation. The European Union is investing in a standard on privacy by design, which will be published soon.
“Harmonising laws and looking at convergence is key. Government’s role and core purpose when collecting data becomes extremely important, so research should be done in relation to AI, innovation and principles of privacy by design.
“The view on privacy by corporates will increase trust between companies and their clients, and trust will ultimately result in brand value and increase thereof. Bringing privacy by design into the operations can become a huge advantage for corporates, as their systems will be compliant from the outset without us having to do corrections or issue penalties for violations,” he concluded.
Share