Companies struggling with consumer data protection – Eurasia Review


Many companies operating in Uganda and other African countries do not properly protect data, putting consumers at risk of identity theft and social harm, according to a report.

The report, which is based on analysis of 32 organizations that work in Uganda and operate in other African countries including Burkina Faso, Ghana, Kenya, Malawi, Nigeria and South Africa, identifies lack of consistency between countries and of accountability in collecting consumer data.

“All companies have performed poorly on transparency when it comes to disclosing information about sharing data with third parties such as government agencies and law enforcement agencies,” said Allan Sempala Kigozi, program manager for Unwanted Witness, a civil society organization that published the report earlier. this month. “The health services and social security recorded the weakest performance for robust data security, risking the lives of users. “

The researchers analyzed the data protection issues of 32 organizations working in Uganda across seven sectors – social security, e-commerce, finance, insurance, telecommunications, government and health – and compared their practices in other African countries.

According to the Privacy Scorecard report, the overall performance index score was only 35 percent, with 66 percent of organizations practicing strong data security, 54 percent complying with privacy best practices, and only 19 percent mentioning third parties with whom the data is shared.

“Social Security and businesses in the retail or e-commerce industries adhere to the highest data protection standards. Finance and telecommunications have fair data protection practices, although the extent of the practice is less than expected, ”the report explains. “Government agencies and insurance companies are at the forefront of vulnerability, while healthcare facilities exhibit the worst levels of vulnerability in compliance with data protection standards. “

The study revealed inconsistencies in privacy policies in African countries, adds Kigozi. For example, MTN South Africa has a detailed privacy policy, mentioning seven rights of data subjects, but the same company has a privacy policy in Uganda with only two rights mentioned.

Many of the reviewed organizations have trackers on their websites that send data to businesses involved in online advertising.

“Privacy standards and best practices that protect consumers’ personal data are important and businesses and organizations should state the reasons for using consumers’ personal data, ”says Kigozi.

Kigozi calls on businesses and organizations to seek consumer consent before collecting, storing and processing personal data, adding that in the event of a personal data breach, consumers should be notified without undue delay.

“Consumer protection not only protects the data privacy rights and dignity of users, but builds trust which is essential to the growth of any business,” said Kigozi. SciDev.Net.

According to the report, most African countries with data protection laws do not have independent data protection authorities who are supposed to enforce the law. This, coupled with low awareness of data privacy among African citizens, is exploited by private companies for profit and governments for power and control, Kigozi says.

“The Privacy Scorecard report provides a basis for citizens and privacy advocates in Africa to demand legal guarantees from various data collectors, ensuring that the continent is not a testing ground for surveillance technologies and data brokers. explains Kigozi.

Data protection regulators across Africa must give critical attention to the report’s findings because of their key role in enforcing compliance and protecting individuals.

Joshua Patrick Ogembo, CEO of Mirror Ethics East Africa, said weak regulators fueled data breaches in Africa.
“The technical know-how of the developers of these data collection tools outweighs the literacy level of most citizens to question any violation,” Ogembo said. SciDev.Net.

The cost of maintaining this aggregate data seems unmanageable for most struggling countries that also have weak surveillance systems, creating opportunities for hackers and cybersecurity breaches, he explains.

“Data protection laws are well framed. However, the challenge comes with the implementation in case of data abuse, ”says Ogembo. “The momentum around technological advancements by tech giant companies will require equally dynamic monitoring tools from governments to tackle data abuse. “

* Dan Eldon Opiyo is a hardworking and creative man with a keen interest in science journalism. He is a Kenyan journalist who contributes to the English Sub-Saharan Africa edition of SciDev.Net and who ventured into journalism in November 2016.

This article was produced by the English Sub-Saharan Africa office of SciDev.Net.


Comments are closed.