[ad_1]
The Constitution of the United Republic of Tanzania of 1977 ("the Constitution") guarantees the right to privacy under Article 16. Confidentiality and data protection have become a matter of great concern as companies seek to capture customer data to meet their objective strategic needs, exposing individuals to the risk of potential abuse or even fatal consequences from outside forces.
It is therefore not surprising that Rwanda has adopted a law on data protection, the Information and Communication Technologies Act 2016; Uganda has enacted the 2019 Data Protection and Privacy Act; and Kenya drafted the 2018 Data Protection Bill. The European Union has also recently adopted the General Data Protection Regulation (EU) 2016/679 ("GDPR"), which concerns, inter alia, the export of personal data outside the EU.
Tanzania does not yet have a single and comprehensive privacy and data protection legislation. The government reportedly drafted a bill. However, we do not know when the bill will be published. In essence, Tanzania's legal requirements for confidentiality and data protection are dispersed in various pieces of legislation which are summarized below.
The Electronic and Postal Communications Act (EPOCA) of 2010 imposes an obligation of confidentiality of information on network licensees or operators, agents and customers and prohibits the disclosure of information without authorization (Articles 98 et seq. 99). In accordance with the EPOCA Regulation, the 2018 Electronic and Postal Communications (Consumer Protection) Regulation obliges the licensee to protect consumer information against undue or accidental disclosure (regulation 6).
The 2018 Electronic and Postal Communications (Online Content) Regulations also require anyone holding information about users not to disclose such information, except to a law enforcement agency, where 39, it is required to do so by regulation or by EPOCA (Regulation 11). These regulations are the subject of an important discussion.
Other pieces of legislation related to data protection and protection include the 2015 Cybercrime Act, which provides protection against the interference of illegal data (Article 7); the Law on the Registration and Identification of Persons, chap. 36, which prohibits the disclosure or supply of copies of photographs, fingerprints or information provided under the law without written authorization; the Records and Archives Management Act 2002, which provides for the destruction of documents or archives thirty years after their creation (Article 16); and the Access to Information Act, 2016, which provides for the non-disclosure of information in the public interest (Article 6 (1) (b)).
In addition, the much-discussed Statistical Act of 2015 imposes a restriction on the disclosure of information published under the law while permitting limited disclosure of certain details.
It is quite obvious that the current legal and regulatory regime for privacy and data protection in Tanzania is far from ideal. The absence of single and comprehensive legislation has left many gaps (in Latin: gaps) in privacy and data protection. For reasons of space, I will highlight only a few of the shortcomings.
The legislation summarized in this article lacks a clear provision (i) on the ownership of data and whether or not individuals have authority over the information they provide to third parties and that They are under the control of others; (ii) on the limitation of data transfer outside Tanzanian jurisdiction; and (iii) the right of an individual to require the deletion of his or her captured and recorded information even if that information has been lawfully seized and recorded.
Employee data security is governed by the policies and directives of the employer's company; The Tanzanian Telecommunications Regulatory Authority (TCRA) has the primary mandate of regulating the postal, broadcasting and electronic communications sectors. It does not regulate the data security of employees or companies engaged in commercial activities in the agricultural sector.
In addition, the current trend of disclosure of bank customer transactions under the binding effect of the law threatens bank secrecy, the cornerstone of the banker-client relationship.
If Tanzania wants to catch up on confidentiality and data protection, the need for reform is obvious. Ideally, the government can build on the GDPR and accelerate ongoing efforts to develop and introduce a Bill in Bunge that will pave the way for unique and comprehensive privacy and data protection legislation.
Source link
