Data privacy: Why you must care about who has your information

That “data is the new oil” is simply to say, information is the new frontier of power and influence globally. One way or the other, we submit personal information – to known sometimes unknown collectors – for different reasons daily. There are the mandatory cases of submission through to the temporal instances. Applying for national or voter identification cards, for passports and even mobile phone SIMs fall in the former category.

Whiles in the latter, logging in to social media is one of the simplest means of submitting your identity and location to global multinational giants like Google, Facebook, Twitter, Instagram, WhatsApp, LinkedIn etc. A recent media report disclosed how China – made mobile phones popular across Africa had preinstalled malware that was ‘stealing’ money of its users. But long since mobile phones arrived on the continent, an area of concern has been data security and privacy of users.

Jamii Forum’s Maxence Melo shares perspectives

Years on, there is a growing push for governments to do right by their citizens in the area of data privacy be it internally or externally. A strong activist in the area of data privacy is famed Tanzanian journalist Maxence Melo – a co-founder of the Jamii Forums platform. In an August 2020 interview with members of this year’s Paradigm Initiative Digital Rights Fellows, he stresses that politicians – for their own ends – and the populace – due to lack of knowledge – are at the heart of failure to better protect personal data. “People do not know their rights,” he said whiles adding that for governments, this aloofness on the part of the population serves their interests in the area of surveillance and (mis) use of data for instance for political reasons.

He warns that despite a lull in push for a data protection law in his country, if activists do not police the process well enough, Tanzania will potentially wind up with a good bad law. He avers that social media companies are “too powerful” in the area of data ‘harvesting’ and it is all due to lack of policy.

Asked about the example of a subscriber’s implied acceptance of “terms and conditions” once they buy a SIM, Maxence explains that the very contents of T&Cs need be scrutinized especially vis-à-vis privacy and data protection. He stresses that there is the need for African governments to step in with legislation and regulatory measures to protect consumers.

He argues further that there is the need for stringent laws on who gathers data on people and for what purposes they can keep, process and to who they can transmit same and under what circumstances.

Why you need to be worried about personal data merchants

In the light of transnational security challenges bordering on terrorism, cybercrime and money laundering among others, there is the need for collection of data by relevant authorities. Whiles most activists agree, they stress the need for privacy and data protection alongside. The global digital rights outfit, Internet Society, ISOC; quotes a definition of online privacy as: “the right to determine when, how, and to what extent personal data can be shared with others.”

Its October 2015 policy brief on privacy on the internet states: “Personal data has become a profitable commodity. Every day, users are sharing more personal data online, often unknowingly and the internet of Things will increase this dramatically.” The push for responsible collection of data rests on among others: collection limitation, data quality, consent of subject, purpose specification, security safeguards and openness.

Protections will for example bar a data collector / analyst from selling data collected for one purpose to be repurposed for an unrelated one. That data is collected at say a medical facility but retrofitted as list of political party supporters. ISOC stresses that “Privacy helps reinforce user trust in online services,” and also that “personal data has monetary and strategic value to others,” in the midst of this, robust national laws should look to protect citizens as best as possible.

Africa and the 2018 Cambridge Analytica exposé

In 2018, Africa was hit with one of its biggest cases of data manipulation when it emerged that Kenya’s 2017 presidential campaigns had been tampered with by a company, Cambridge Analytica. It meddled in the Kenya polls and earlier in Nigeria’s elections according to an exposé. It targeted people with campaign advertisements due to illicitly obtained data from social media giant, Facebook. Facebook is also on record to have confirmed that the company had improperly accessed data of about 50 million users in 2016 relative to the polls that brought Trump to power. Undoubtedly, a testament of data misuse at the pinnacle of global tech hub.

The growing penetration of internet use across Africa, the world’s continent, means that more needs to be done by governments – and fast. After a decade in the ‘works’ Nigeria has finally produced a draft data protection bill. Civil society groups like Paradigm Initiative and allies are reviewing it whiles encouraging the populace to take a seat at the table in an area that has affected their lives for long and will continue to in the future.

 

Some facts about data privacy in Africa – as of 2018

Over 123 million – number of people using Facebook in sub-Saharan Africa

2013 – South Africa drew up first data protection law on the continent

54 African countries – Over half of them have no laws on data protection

17 countries – Have enacted comprehensive data privacy laws, Bloomberg, 2016

10 years – duration for Nigeria to put together draft data protection law

2014 – ‘Convention on Cybersecurity and Personal Data Protection’ a.k.a Malabo Convention passed by African Union

The writer Abdur Rahman Shaban Alfa is a 2020 Paradigm Initiative digital rights fellow and a former web journalist with Africanews.

fr_FRFrench
en_USEnglish fr_FRFrench