Africa will be impacted by the European Union General Data Protection regulation (GDPR) that became law in May this next year. The regulation which was adopted in 2016 seeks to protect information and personal data of individuals inside and outside the European Union.
The processor of personal data must clearly disclose any data collection, declare the purpose and how long they plan to store the information.
Businesses must also report a data breach within 72 hours if they have an adverse effect on the user’s privacy.
Violators of the GDPR may be fined up to 20 million Euros or four percent of their annual worldwide turnover.
African businesses with EU clients will also be affected by this new regulation.
The EU is still coming to terms with the new data protection regulation. ICT experts say the regulation was created as a result of breach of confidential information stored by Facebook, Google and other international companies.
Speaking at the last day of the International Telecommunications Conference, ICT experts say the new regulation will be good for consumers.
It means companies will now be more cautious with how they store data and personal information of people. Vice President of Internet Corporation For Assigned Names and Numbers , Nigel Hickson says the new regulation will have an impact globally.
“Why should we be worried about something called the GDPR coming out of Europe. Well GDPR is European legislation but it has a global effect, registry and registrars, those organisations that sell domain names , so take dot. za, the South African registry here in South Africa. I suspect it has European people registered on its data base.
“Therefore it holds personal European data of people in Europe. Therefore it is also covered by the GDPR. So the GDPR has this global reach. And that personal information has been traditionally been put on this data base and now some of this information can ‘t be put on the data base because of the GDPR.”
Hickson believes the GDPR has raised the understanding of value of peoples data. The African Union says the new regulation will be a challenge to implement in Africa.
The AU says data protection is a challenge for the continent and 17 countries amongst the 55 African countries have adopted a national data protection law. Fewer countries have established institutional and legal framework for data protection.
Suhila Amazus is with the AU, “At continental level we developed a convention for protection where we highlighted principles for data protection and cross boarder data amongst African countries and we have also a sub- regional level made laws. In regards to GDPR we believe that the challenge for African businesses and institutions is how to comply with GDPR rules because in Africa many of the business are new businesses and they don’t have maturity in regards to data protection.”
The AU says they are liaising with the European Union to see how they can assist with the new regulation