Poor data protection places Tunisia’s citizens at risk says report
Data protection experts at digital rights organisation AccessNow say there have been no significant improvements to data protection systems in North Africa, particularly in Tunisia.
The situation is exacerbated by COVID-19 and the use of technology to gather personal and private information in efforts to contain the pandemic.
A report Exposed and Exploited: Data Protection in the Middle East and North Africa released by AccessNow suggests that with lax legal frameworks in place to protect data, there is a high risk of exploitation.
“The current extraordinary circumstances of the global health crisis could serve as cover for the Tunisian government to prioritise and pass legislation that lacks transparency and openness, as in the case of the National Unique Identifier Decree,” reads an excerpt from the report.
Tunisia issued this decree in May 2020 through the Prime Minister’s office in tandem with the Communications Ministry as well as the Ministry of Local Affairs as a priority framework to deal with COVID-19.
The directive seeks to consolidate personal information and data held under various administrative services into one central platform.
AccessNow is concerned that the policy framework for this platform “does not include specific details to show whether the government will use a centralised database to collect and store personal data” of Tunisian citizens.
Impact International said in October that “internet service providers in Tunisia fail to protect customers' privacy, leaving political and human rights activists at significant risk of being identified and targeted for their online” and offline activity.
Another concern raised is the use of robots fixed with thermal imaging cameras to monitor citizens' compliance with social distancing measures.
In 2020 Tunisian company, Enova Robotics signed an agreement with the Ministry of Interior to operate the surveillance robots called ‘PGuard’.
The AccessNow report continues: “The personal data of millions of citizens is left subject to continuous exploitation by private companies for profit, and by governments for surveillance and suppression of free speech and political dissent in the name of fighting terrorism and crime or preserving national security.”
It concludes that although regional MENA countries such as Tunisia, Lebanon, and Morocco have adopted national data protection laws, the legislative frameworks remain “outdated and face serious challenges in enforcing and implementing” effective protection.