Presentation on theme: "Privacy and Data Protection in the Developing World Drudeisha Madhub Data Protection Commissioner (Mauritius) Tel : +230 2013604."— Presentation transcript:
Privacy and Data Protection in the Developing World Drudeisha Madhub Data Protection Commissioner (Mauritius) Email : email@example.com Tel : +230 2013604 Helpdesk : +230 2039076 Fax : +230 2013976 Website : http://dataprotection.gov.mu
Present Landscape We are living a pivotal moment for the right to privacy in developing countries and emerging democracies. With new technologies empowering people around the world, and altering our relationships with governments and the corporate sector, strong legal frameworks are required to ensure that rights are adequately protected.
Data Protection in developing countries The complex process of negotiating privacy within this context is especially fraught in developing countries. It is here that technologies have the potential to be at their most transformative, by giving individuals the ability to access to information, express themselves, and participate in local and global discussions in unprecedented ways.
However, even as new technologies and capabilities flood into developing countries, the technical knowledge necessary to design legislative frameworks remains in short supply. At the same time, international regulatory consensus has yet to emerge around issues of data protection, and regional agreements remain in flux, depriving policy makers in developing countries of strong guidance and best practice upon which to base their own regulatory frameworks.
Risks to Privacy in developing countries Consequently, developing countries are emerging as some of the world’s worst privacy violators: spying on their citizens, conducting extensive surveillance without a legal basis, actively censoring the internet, and failing to protect the privacy of personal data and digital communications. Such practices persistently violate the right to privacy while also threatening the enjoyment of other human rights.
Challenge As the right to privacy becomes more and more embattled across the developing world, there is an urgent need to educate citizens and policy- makers about fortifying legal protections.
Privacy Invasive Technologies Some of the world’s most invasive surveillance systems are being deployed in countries where individuals are most at risk. Developing countries are considered growth markets for biometric systems, health informatics, visual surveillance and expansive communications surveillance technologies, and citizens of these countries tend to lack the legal and technical means to defend themselves.
The right to privacy It has been argued that privacy is a Western luxury, and even a potential impediment to progress. Yet privacy is a universal human right, and our experiences in developing countries have shown us that, despite cultural differences, there is a deep common interest in information privacy and personal data protection amongst citizens and consumers in every economy. Privacy helps create a sense of human autonomy and dignity, and is therefore in many ways synonymous with progress.
Position of authorities Those advocating for privacy in developing countries often struggle with uninterested governments and uncomprehending courts. There is comparatively little understanding of the nuanced relationships between privacy, security and development, or of the complex technologies involved. The default position of the authorities is often to collect as much information on as many people as possible, and human rights are rarely taken into account.
The tug-of-war Privacy is internationally recognised as a fundamental right. Yet the confines of the right to privacy are subject to never-ending games of tug-of-war between individuals, governments and corporations.
These games are rarely fair – individuals are often under-informed and lack the capacity to assert and protect their privacy, while those who seek to erode it are increasingly overbearing and secretive. This is particularly the case in developing countries, where the absence of adequate legal and institutional frameworks and safeguards facilitates unhindered corporate intrusion into privacy.
Position of Government Governments also collect and share excessive amounts of personal data in the name of development, security and the modernisation of public administration. In many developing countries, though constitutional provisions may already exist, privacy is still being entrenched, and the capacity of human rights organisations to educate and advocate is still growing. But in the meantime, governments are spying on their citizens, corporations are buying and selling personal data, and individuals are consistently losing the tug-of-war.
Review of legal framework and procedures It is clear that the challenges of data protection continue to manifest themselves in developing countries despite the current mechanisms of alleviating them. Technology will continue advancing and this is why governments of developing countries need to review existing laws on data protection to suit new technologies. Similarly, enforcement procedures need to be reviewed.
Training Law enforcement agents need to be trained on dealing with more sophisticated data crimes. Computer ethics education and training needs to be intensified by reviewing existing curricula and organising refresher courses for practicing computing professionals. Service providers in computing businesses should be trained on how to deal with unethical customers. Regulatory bodies should be established to censor the service providers.
Way forward Our recommendation to developing countries is that, they should strengthen the current legislation and enforcement procedures on data protection. They should emphasize ethics education for all computing professionals and organise in-service courses for practicing computing professionals. All these will eliminate the challenges and make the culture of data access and data protection ethical in developing countries.
Bridging the digital gap Developing countries need to adopt and enforce privacy and data protection laws as they attempt to bridge the "digital divide" widened by the advent of new technologies like cloud computing, according to a new report. The Information Economy Report 2013 by Unctad, the UN trade and development body, warns that the global shift towards cloud computing, which allows users to store and access data remotely, brings a range of legal as well as technological and infrastructure challenges for poor countries.
Privacy Risks of cloud computing “Cloud computing has the potential to offer users in developing countries access to unprecedented resources of computing power and storage," says the report, noting how cloud services can help cut costs on hardware and software, provide greater flexibility and mobility, and enable worldwide collaboration. However, it warns that as services offered via the internet become more complex, unreliable and expensive broadband access in many developing countries, together with power outages and a lack of IT skills risk widening the digital divide.
With all of the potential that cloud computing holds, it also poses some serious risks to the protection of a user's personal information. This is especially true in developing countries, where an absence of strong data protection and privacy laws, coupled with weak accountability mechanisms, means that information stored in the cloud is vulnerable to a variety of threats, from hacking to corporate exploitation to a snooping government.
Shift towards quality access We've had the tendency to look at the digital divide in terms of whether you have access or not to technologies, and so some think the digital divide is closing because more people have access to mobile phones. But it's important not only to have access but to have quality access,“ quoted from the report.
Report Findings During an average minute in 2012, Google received 2m search requests, Facebook users shared around 700,000 content items and Twitter sent out 200,000 tweets, notes the report. However, an estimated 60% of such cloud traffic came from Europe and North America, followed by the Asia- Pacific region (33%). Latin America, the Middle East and Africa together accounted for only 5%.
Broadband prices remain high in many poor countries. While in 2011 the average monthly price for fixed broadband was estimated at less than 2% of per capita income in developed countries, in developing countries that figure was 40%. The cost of mobile broadband in poor countries is between 20% and 30% of per capita income.
Growing privacy concern Data security and privacy concerns – which have intensified worldwide following the revelations in 2013 about NSA national surveillance programmes and reports on access by law- enforcement agencies to data hosted by cloud service providers – are among the most important issues facing developing countries, says Unctad.
Need for Awareness Some cloud applications, particularly consumer- focused services like webmail, are already being used in many developing countries despite the lack of data protection laws.
Adequate laws and regulations As of 2013, 101 countries had data privacy laws or bills in place. Only 40 developing economies have such laws or bills. "For governments of developing countries, it is essential that appropriate laws and regulations are adopted and enforced in these areas," says the report. Cloud services today are dominated by a few very large service providers, almost all with headquarters in the US.
Concern over data The NSA revelations have caused people worldwide to doubt the wisdom of entrusting their data to cloud services operated by American companies, and some US firms have said they risk losing billions of dollars as customers become increasingly wary of using their services. "The debate that has been sparked is very useful in that governments and other users are forced to think through the implications of uploading data to the cloud. This does not only relate to developed countries but to developing countries too," said the report.
International Resolutions the UN recently adopted a resolution drafted by Germany and Brazil reaffirming the "human right to privacy in the digital age". The resolution was also sponsored by developing countries Bolivia, Ecuador, Indonesia, Peru and Uruguay.
The AU convention on cyber security and personal data protection was adopted in June 2014 to bind all member states of the African Union to abide to data protection principles and to provide for the setting up of independent data protection authorities. These developments will considerably affect the developing world privacy landscape in a positive way. The AU convention is in consonance with international principles and now should embark upon a serious campaign of educating its members to convince them to adhere to it. The EU Data Protection Reform should also see light.