HI PSSA Project Support for Harm onization of the I CT Policies in - - PowerPoint PPT Presentation

hi pssa project
SMART_READER_LITE
LIVE PREVIEW

HI PSSA Project Support for Harm onization of the I CT Policies in - - PowerPoint PPT Presentation

Jul 27, 2023 241 likes •442 views

HI PSSA Project Support for Harm onization of the I CT Policies in Sub-Sahara Africa, Meeting w ith the Zim babw e I CT Ministry and Data Protection Stakeholders PRESENTATI ON ON SADC DATA PROTECTI ON MODEL LAW Pria Chetty, International

slide-1
SLIDE 1

International Telecommunication Union

HI PSSA Project

Support for Harm onization of the I CT Policies in Sub-Sahara Africa, Meeting w ith the Zim babw e I CT Ministry and Data Protection Stakeholders

PRESENTATI ON ON SADC DATA PROTECTI ON MODEL LAW

Pria Chetty,

International Legal Expert on Data Protection

slide-2
SLIDE 2

Sum m ary of the Content

  • Purpose of Data Protection Law
  • Objectives of Data Protection Model Law
  • Provisions of the Data Protection Model Law
  • Key Fram es of I nquiry for Transposition of the Model

Law

  • Questionnaire – Revisit research and analysis for new

developm ents and deeper analysis

slide-3
SLIDE 3

Purpose of Data Protection Law

  • Harm onised approaches
  • Give effect to right to privacy
  • I CT technology developm ents im pacts right to the

protection of personal data in com m ercial activities as w ell as in electronic governm ent ( eGov) activities

  • I llegitim ate and unlaw ful m onitoring of individuals
  • Autom ated decision m aking
  • Data protection regulation - ensure that the benefits
  • f using inform ation and com m unication

technologies is not concurrent w ith w eakened protection of personal data

slide-4
SLIDE 4

Overview of the SADC Model Law

slide-5
SLIDE 5

Objectives of Model Law

  • Give effect to principles of data protection
  • Place lim itations on the processing of personal

data

  • Provide for the rights of the data subject
  • Describe the responsibilities of the Data

Controller

  • Establishm ent of the Data Protection Authority
  • Com bat violations of privacy likely to arise from

the collection, processing, transm ission, storage and use of personal dataactivities

slide-6
SLIDE 6

Definitions

  • Data
  • Data subject
  • Data Controller
  • Data Protection Authority
  • Personal data
  • Sensitive Data
  • Processing
slide-7
SLIDE 7
  • = Processing of personal data perform w holly or partly

by autom ated m eans, and to the processing of personal data otherw ise than by autom ated m eans of personal data w hich form s part of a filing system or is intended to form part of a filing system

  • ≠ Processing of personal data by a natural person in the

course of purely personal or household activities

  • Cannot restrict: the w ays of production of inform ation

w hich are available according to a national law or as perm itted in the rules that govern legal proceedings; and the pow er of the judiciary to constrain a w itness to testify or to produce evidence

Scope

slide-8
SLIDE 8
  • Processing of personal data carried out in the context of

the effective and actual activities of any controller perm anently established on [ given country] territory or in a place w here [ given country] law applies by virtue of international public law ;

  • Processing of personal data by a controller w ho is not

perm anently established on [ given country] territory, if the m eans used, w hich can be autom atic or other m eans located on [ given country] territory, are not the sam e as the m eans used for processing personal data only for the purposes of transit of personal data through [ given country] territory

Scope of Application

slide-9
SLIDE 9
  • Adequate, relevant and not excessive to the purpose
  • Accurate and up-to-date
  • Etc.

Quality of the Data Law fulness of Processing

  • Generality - the processing of personal data is

necessary and that the personal data is processed fairly and law fully

  • Purpose - specified, explicit and legitim ate
  • Sensitive data processing w ith consent
  • Etc.
slide-10
SLIDE 10
  • I nform the data subject of the purpose of collection
  • Confidentiality
  • Security safeguards
  • Notification to the Protection Authority
  • Transparency of the processing
  • Accountability

Duties of the Data Controller:

slide-11
SLIDE 11
  • Right of access
  • Right of rectification, deletion, tem porary lim itation
  • f access
  • Restrictions on autom ated decision m aking

Rights of the Data Subject:

slide-12
SLIDE 12
  • I ndependent and adm inistrative authority
  • Role, Status and com position
  • Com petencies
  • Financing ( Parliam ent Grant)
  • Liability of the Data Controller
  • Sanctions, W arnings, Notices, Fines
  • Preserve Data subject’s recourse through the judicial

authority

  • Preserve Data subject’s access to the judicial

authority

Protection Authority and Judicial Authority

slide-13
SLIDE 13
  • National Security
  • Journalism

Lim itations:

  • Mem ber States of SADC – Establish necessity of

transfer

  • Non m em ber States of SADC - Personal data shall
  • nly be transferred to recipients, other than Mem ber

States of the SADC, w hich are not subject to national law adopted pursuant to this m odel law , if an adequate level of protection is ensured in the country

  • f the recipient or w ithin the recipient international
  • rganization and the data is transferred solely to

allow tasks covered by the com petence of the controller to be carried out

Transborder Flow s:

slide-14
SLIDE 14

Transposition of the Model Law

slide-15
SLIDE 15

Transposition Fram es of I nquiry

I nternational and regional fram ew orks establish the prim ary them es, intent and functional requirem ents for data protection regulation. W ithin Zim babw e, enquire:

1 . Designated national data protection legislation

2 . Prevalence of regulation that has a bearing on the

right to privacy and protection of personal

inform ation in Zim babw e.

slide-16
SLIDE 16

Transposition Fram es of I nquiry

Definitions of personal inform ation and sensitive inform ation, Principles of data protection

Nature and functions of the Data Protection Regulator Regulation of Transborder flow s of personal inform ation Nature of the Constitutional right to privacy Privacy in Consum er Protection Privacy in Electronic Com m unications Rights of Access To I nform ation versus the right to privacy

slide-17
SLIDE 17

Transposition Fram es of I nquiry

Special Considerations:

W histleblow ing inform ation, Health Records, Labour Law s, Medical Ethics, Credit I nform ation Regulations Lim itations on Privacy: Crim inal Procedure, national security legislation Status and am endm ents: ICT Policy Constitutional right to privacy Communications regulation Consumer Protection regulation

slide-18
SLIDE 18

Thank You

Questions?

Pria Chetty I TU I nternational Expert: Data Protection Mirirai Svotw a Ministry of Transport, Com m unications and I nfrastructural Developm ent) National Expert: Data Protection