The government is fast-tracking the signing and ratification of the African Union Convention on Cybersecurity and Personal Data Protection, Cabinet Secretary, Ministry of Information, Communications, and The Digital Economy Eliud Owalo has said.
He added that through the Office of the Data Protection Commissioner, discussions are also underway for an Adequacy Decision with the European Union and United Emirates to promote cross-border data transfer.
Speaking when he officially opened the Network of Africa Data Protection Authorities (NADPA) Conference, the CS said Africa is experiencing rapid growth in the development of intermediate digital infrastructure, including digital identification systems, digital payment systems, and wider e-governance systems.
‘Kenya, through the Ministry, is currently reviewing the legal, policy, and regulatory framework with a view to proposing reforms and new policies, including the adoption of emerging technologies, to align with the Bottom-Up-Economic Transformation Agenda,
‘ he said.
The CS emphasised the need for Africa to keep on coping in the face of global digitalisation, even as it ensures that it is not overexposing itself to cyber execution.
‘We are not going to stop digitising records and digitalising services because of cyber insecurity. But we need to come up with a very robust mitigation framework within the digital space so that, as we embark on digitalisation, we are not exposing ourselves to loopholes,’ he said.
Owalo further said that there was a need to strengthen data privacy and security, but cautioned African countries against digitising everything, instead ensuring they also strengthened the risk mitigation framework to ensure a robust policy, legal, and regulatory framework on the basis of which data storage can be anchored to facilitate data privacy on the one hand and data security on the other.
He noted that the conference could not come at a better time, and that it will be a platform for leaders in the field of space to look back on the subject as
an African continent, recognise the minds of those who are aware of the best of data governance, and take stock of the challenges that it has faced, as well as in the face of rapid digital transformation.
‘This platform will enable us to analyse areas where we have gaps and what we need to do to close those gaps from a continental perspective to strengthen the data governance framework. And at the same time, we will also have the opportunity to recognise the lessons that we have learned in history and the past and how those lessons can inform what we are going to do moving forward in the same regard,’ CS Owalo said.
Africa, he said, should be able to come up with a very clear roadmap that clearly articulates the critical process partners with respect to data governance as a continent, the structures that are needed, and the ability to strengthen data governance authorities. An action plan with very clear responsibility centres, timeframes, expected outputs, and output indicators.
‘What do we need to do as
an African continent to ensure that we move together in tandem from the perspective of data governance and data security so that no countries are left behind? How do we come up with policies, laws, and regulations that are in tandem with each other?’ Owalo said
The CS said that in order not to waste resources, countries need to be in sync, and if one country has already set up a data centre as part and parcel of their clouding cluster, they should ensure that data centres attain optimal capacity utilisation levels while leveraging on the demand of Africa as a market for Africa, avoiding duplicity, and having adequate upkeep of the data infrastructure.
‘We are operating in an environment where factors keep changing. We have a lot of emerging issues in our cyberspace. We are dealing with issues like artificial intelligence and the internet of things; how do we tackle these issues when we bring together as an African continent?’ he said, noting that this means all have to be proactive so that they are ahead of
change.
Chief Justice, Martha Koome, who graced the occasion, said that we are in an era where we are pursuing data-informed and evidence-based decision-making, and therefore the collection and usage of data present incredible opportunities to improve governance, service delivery, and overall quality of life.
However, she noted that every time individuals engage in online activities, they leave behind a digital footprint-a trail of personal data that, if mishandled, can result in identity theft and erosion of trust in digital services.
‘Balancing the imperative of providing secure services with the protection of individuals’ privacy rights is a complex and multifaceted endeavour that requires careful consideration of the trade-offs between security measures and privacy safeguard decisions that ultimately have profound implications for our democratic values and human rights,’ she said .
The Supreme Court President added that the importance of data protection lies not just in compliance with laws, but in up
holding the trust and confidence that citizens place in public institutions.
‘Our responsibility as regulators and protectors of privacy is to ensure that data collection adheres to stringent data privacy principles, but data protection authorities must also invest in public education initiatives, raising awareness about data privacy rights and the dangers of data exploitation.
As Africa embarks on its digital transformation, the Chief Justice noted that the appetite for data on the continent is growing exponentially, and with the proliferation of digital technologies, there is an increasing risk of exploitation by entities that seek to mine data for their own gain. Therefore, the onus is on us to safeguard the interests of our populations.
The German Ambassador to Kenya, Sebastian Groth, said the digital economy and data protection are playing a very important role in unlocking the potential of economic growth.
He said that Data breaches and privacy violations have become more common in our increasingly
digital world and that there are a lot of issues right now globally with these risks, which not only impact individuals but even democracies and political systems.
‘Data protection is not just a technical issue; it is a fundamental issue to build trust and sustain trust in society. To enable the digital economy and to realise the socio-economic potential of the data revolution, we firmly believe that strong data protection frameworks are essential for unlocking the economic potential of data-driven industries.
He said Germany has partnered with the Office of the Data Protection Commissioner (ODPC) in Kenya through the Digital Transformation Centre and has supported capacity building for ODPC staff, enabling the team to develop world-class expertise in data protection law enforcement.
‘We believe that the economic advantages that come from robust data flows and adequacy agreements between the EU and other countries are enormous. There’s enormous economic potential in it,’ Amb. Groth said.
The European Unio
n Deputy Ambassador of the EU delegation to Kenya, Ondrej Simek, acknowledged the importance of data privacy, saying Data is clearly reshaping societies.
He said that collaboration between data protection authorities around the world is needed to advance the regional and global organisation of legal and regulatory frameworks.
‘One area of specific importance is that of safe cross-border data flows. The first step is ensuring that data protection laws are in place. The second one is to always personalise them effectively,’ he said.
Despite digitalization’s potential, Amb. Simek said this also comes with its own risks, and as our societies go digital, a lot of massive amounts of personal and sensitive data are being generated, collected, and processed every day. And with the introduction and increased use of artificial intelligence, this trend is increasing as well.
‘Citizens around the world, both here in Africa and in Europe, are therefore not only benefiting, but they are also encountering the diverse ch
allenges that breaches, cyber-attacks, cyber stalking, identity fraud, and all of this are the result of unauthorised use of personal information,’ he added.
The EU representative confirmed, though, that new data protection laws are being put in place and that the role of independent supervisory authorities is growing while more and more countries are choosing a safe digital future that is stable and predictable, a framework that protects citizens’ rights and offers business certainty as a basis for innovation.
It is expected that by the end of the two-day conference, a common position on all matters under discussion will be developed before being forwarded for consideration by the AU Council of Ministers.
Source: Kenya News Agency