Rwanda Working on a Personal Data Protection Law

Rwanda is currently drafting law that will protect citizen’s personal data from any kind of manipulation at a time when the country is having a surge of foreign investments that use data for business.

The revelation comes as a response to Global System for Mobile Communications (GSMA) officials who said despite Rwanda’s lead and progress in creating a smart Africa initiative the country needed to work on its data protection.

Rwanda has taken a leadership role in East Africa and Africa at large, promoting the Smart Africa Strategic vision and adopting its own Smart Rwanda strategy, GSMA officials said in a statement.

“If Rwanda wants to seize the opportunities arising from digital transformation, it should establish a comprehensive approach to data privacy that is not subsumed within an ICT Law, but applies generally regardless of sector or technology,” said Jean-Francois Le Bihan, Public Policy Director, GSMA Sub-Saharan Africa.

Bihan made the remarks during the 1st Africa Data Protection and Privacy Conference that took place from June 24th – June 27th 2019 in Accra, Ghana.

“To be successful, Rwanda must protect individuals while allowing organisations the freedom to innovate and secure positive outcomes for society. Data privacy laws should put the responsibility on organisations to identify and mitigate risks while remaining flexible, technology- and sector-neutral and allowing data to move across borders easily.

Victor Muvunyi, the Electronic Transfer and Data revolution specialist in the Ministry of ICT and Innovation said that the move is in line with the Malabo convention and demand for data in Rwanda.

“We sensed influx in foreign private companies coming in and could use personal data for many reasons, that is why we are rushing the draft law which we started working on since June 17th,”  Muvunyi said during an exclusive phone interview this Tuesday.

Muvunyi added that after cabinet, June 24, 2019, approved the ratification of the Malabo convention- on Cyber Security and Personal Data Protection, Rwanda will focus on tailored personal data protection law to cover needs of using the data for incomes, job creation, research or governance.

“For example in way that personal data consent is taken into consideration from the user and that if the data is used for other research purposes the identity of the individual is concealed,” said Muvunyi.

In Rwanda, like the rest of Africa internet access has witnessed digital transformation improve access to quality services, including finance, healthcare, education and agriculture, which involve collecting personal data for business, research and governance.

For example giant telecoms in Rwanda use personal financial behavior data to determine user behaviors.

However, countries across Africa are at varying points on their journeys towards enacting Data Protection and Privacy laws. Less than 15 out of 54 countries in the region have passed a Data Protection Law as of today.

GSMA warned that without adhering to these guiding principles, poor data privacy enforcement could put at risk the US$ 214 billion mobile economy Africa has the potential to reach by 2020.

“Rwanda has the opportunity to harness the digital economy as a driver of growth and innovation. If it fails to seize the opportunities, it runs the risk of economic isolation and stagnation,” Bihan said.

To support countries and other stakeholders move forward as they consider data protection and privacy, the GSMA released its new ‘Guiding Principles for Smart Data Privacy Laws’ at the Africa International Data Protection and Privacy Conference.

 




Leave a Comment