By Gloria Nwafor
Nigeria and other African nations have developed a framework that would harmonise laws on data protection and digital economy across the continent.
Lead, Regulations, Monitoring and Compliance, National Information Technology Development Agency (NITDA), Olufemi Daniel, revealed this during the Investigations, Compliance, and Ethics (ICE) September final series by Udo Udoma and Belo-Osagie Law Chambers.
He said a framework that is currently being tested in five countries has been created.
He maintained that one of the propositions Nigeria is to make Africa a single market.
He explained that if someone is transferring data to any African country
that has met with the Malabo Convention for Cyber Security and Data
Protection, it means the person is sure of a national law that
recognises the principles in Convention 108+.
He said: “The implication is that any data centre could be hosted in
any African country. It also enables multinationals to choose a country
in Africa they can invest in and any transfer of data would be linked to
Africa.
“With 1.3 billion Africans, you have a stronger argument rather than
going ahead individually. This will give investors more confidence to do
business in Africa.
“We are keeping an eye on the principles as they are developing and
shaping our laws, particularly the National Parliamentary Data Act
coming up soon.”
Global Privacy Counsel, Google, Peter Fleischer, noted that as a
multinational company, it is hard to build dozens of services to comply
with the laws of various countries.
“But if you build a single standard for Africa, that is a lot more
effective and efficient for protecting user privacy and proliferation of
user’s privacy around the world,” he said
As Africa continues to develop standards across the continent, he said:
“I hope we will be part of the conversation on how to make it real and
the takeoff.”
She noted that data protection guidelines, which came into existence about two years ago, advised companies outside of the EU to pay a lot more attention to the regulations.
She maintained that it was important for businesses globally to understand where the GDPR applied, and where it does not, and some of the grey areas and ambiguity that might be helpful in some circumstances.
“Current legislation does not have extraterritorial effect. If you are using personal data to send market emails to people in the EU, you have to comply with the GDPR and you have to comply with the electronic marketing rules. New rules will have extraterritorial effects as they tend to apply very soon in the future.
“It is important to consider the application of the GDPR and the UK GDPR next year when doing anything with individuals in the EU or UK. You can work out what the implications are. Don’t be scared, it is a principle-based regime and necessary. There is a need to get advice at every point in time to know whether you are going to be caught by regulations or not,” she said.
No comments :
Post a Comment