NITA-U has launched the data protection office to promote awareness of the new office and its mandate, and at the same time, raise awareness of the various stakeholders about the Data Protection Act 2019. At the same event, NITA-U has announced the collaboration with UNCDF to develop a Data Protection Portal.
Data is an essential aspect of digital transformation. For public and private institutions to develop solutions and provide services that improve people’s quality of life, it is inevitable for them to collect personal data. However, the increasing data security breaches present a significant challenge for organizations and governmental institutions to protect personal data. This has also increasingly become a concern for individuals providing their personal data to the government and individuals.
To protect citizens’ privacy and personal data, the Government of Uganda enacted the Data Protection and Privacy Act into law in 2019. The law regulates the collection and processing of personal information. The law also provides for the rights of the person whose data is collected and processed and the obligations of data controllers and data processors to regulate the use of that data. To ensure the successful implementation of this regulation, the National Information Technology Authority of Uganda (NITA-U) has established a Data Protection Office.
“The Personal Data Protection Office is now fully operational with a competent and experienced team up to the task. I, therefore, urge all organisations that collect, process and/or control personal data to start registering with the office. The door is also open for data subjects to raise complaints.”Ms. Stella Alibateese, National Director Personal Data Protection Office
To support the operationalization of this Data Protection Act 2019 and the operations of the Data Protection Office, the United Nations Capital Development Fund is collaborating with NITA-U to develop a platform that will make it easy and convenient to identify personal data breaches and misuse of data. The data protection portal will provide a quick, convenient and easy access channel to report issues related to data protection and seek redress. The service will include SMS/USSD functionality for access and usage by ordinary citizens.
The incredible power of digitalization in improving people’s lives and livelihoods, creating quality jobs, and fostering greater inclusion is undisputable. However, digital economies are not inherently inclusive. Without deliberate digital inclusion strategies, digitalization can exacerbate already existing inequalities, fuel tensions, and alter the course of entire societies.
The UNCDF strategy, ‘Leaving no-one behind in the digital era’, aims to empower millions of people to use services daily that leverage innovation and technology and contribute to the SDGs.
UNCDF focuses on accelerating the development of digital economies at the country level with the government, the private sector, and academia, with specific attention given to developing the right services to reduce the digital divide and empower key customer segments. UNCDF is driving universal access to secure, affordable, and trusted digital systems, a key prerequisite for the growth of a digital economy. UNCDF recognizes that people’s trust in digital technology will increase their use of the internet and thus contribute to SDG 1 of No Poverty and SDG 8 of Economic Growth.
Consequently, UNCDF is collaborating with NITA-U to develop a data protection portal to achieve the following objectives
- Offer electronic seamless registration for data collectors, data processors and data controllers
- Give a platform for data subjects to easily file a complaint with the Personal Data Protection Office
- Act as a platform to promote knowledge about personal data protection and privacy best practices, guidelines, and tips
- Provide a central point for reporting, processing and resolving data privacy complaints and breaches in real-time
- Improve accountability for data controllers and processors responsible
- Improve compliance with the Data Protection and Privacy Act (2019)
- Provide a one-stop centre for information and guidance related to the Data Protection and Privacy Law
- Promote awareness of data subjects’ rights amongst the citizens
The increased digitalization of services and the need to work remotely presents numerous challenges for organizations and consequently the need to be more vigilant towards personal data protection. These include data theft, data extortion, data alteration, and destruction among other threats. Most of this data will include large volumes of personal data because most services require valid identification and therefore must collect one’s particulars before they can provide the appropriate service. Before and after they collect that personal data, it is incumbent upon the organizations to comply with the Data Protection and Privacy Act 2019 and other relevant laws.
In conclusion, I would like to pose a question. Are you scared of handing over your personal data to companies offering you services? Do you know your rights as a data subject? Let us know via Twitter @Dignited.