Tanzania is among the latest countries in Africa to pursue the legislation of data management, storage and use after the country’s ICT Minister Nape Nnauye said recently that the Data Protection Bill will be tabled for the first time in an ongoing parliament meeting.

According to media reports, the Minister made an announcement at a recent connect-to-connect summit.

He is quoted as saying, “As more and more social and economic activities shift to online platforms, the importance of privacy and data protection is increasingly inevitable we need to make our sky safe.”

"We might look at ethics of Internet use to the extent that it is governable.”

Cybersecurity experts believe with the pace of digital transformation having increased, so has the cyber threat landscape.

Yusuph Kileo, a cybersecurity and digital forensics expert from Tanzania, said, “Data protection is expected to provide guidance and best practice rules for organisations and the government to follow in order to safeguard and protect data from different threats and under different circumstances.”

Countries including Ghana, Kenya, Madagascar, Mauritius, Nigeria, Rwanda, South Africa, Togo, Uganda and Zimbabwe have implemented new measures to protect data.

Kileo added, “We are not the first country to come up with Data Protection Act, in the course of the implementation of the Data Protection act, Tanzania is expected to address challenges associated with the law and involve stakeholders in order for the nation to have a well-accepted Law.”

Of equal concern is the collection, use and sharing of personal information to third parties without notice or consent of consumers.

Officials have also highlighted the use of technology to collect and analyse data, and the need to regulate the internet in so far as possible.

Back to the drawing board

In June this year, ITWeb Africa reported that Botswana’s newly-appointed Information and Data Commissioner Kepaletswe Somolekae said there are “serious gaps” in the Data Protection Act, introduced in October 2021, and it is critical that these are addressed before the law is fully implemented in the next four months.

Established under the 2018 Data Protection Act, the new amended legislation was introduced to govern data management and the protection of personal information.

However, Somolekae has pointed out glaring gaps, including that the legislation does not cover the processing of personal data “in the course of a purely personal or household activity” and lacks detail regarding the processing of data for national security, defence or public safety including “for the prevention of- and investigation into/ or proof of offences.”