The long awaited bill on Personal Data Protection in Rwanda will this March be submitted to the Rwandan parliament for approval, KTPress can reliable report.
According to the line ministry of ICT and innovation, the bill is currently under review at the law reform commission and remaining with approval from the Prime Minister.
“We will submit the bill to parliament this March and ask the lawmakers to approve it as soon as possible because of the need to protect personal data,” Paula Ingabire, the Minister of ICT and innovation told KTPress exclusively on Wednesday.
Currently Rwanda guarantees one’s data security with the cyber-security and personal data protection policy and established cybercrime units from Rwanda National Police and Rwanda Defense Force respectively.
Ingabire explained that though other provisions for personal data protection exist, the law will come with detailed and extensive guidelines of how government and private sector is supposed to use and protect one’s data.
This will for example, apply to the newly launched IremboGov-online government services platform which announced Wednesday to start integrating personal data from government sources into their system to ease services application.
“As a private public partnership, the new bill will clearly guide and inform how this data is used and also limit them on how it can be used,” Ingabire said.
The law that has been underway since mid-2019 comes as a way of putting in place detailed strategies of managing personal data at a time when foreign and local investments are increasing in the country.
To ensure that foreign and local investments don’t abuse citizen’s personal data, Rwanda quickly went ahead in July 2019, to ratify the African Union’s Malabo treaty on cyber security and personal data protection which had been shelved.
Rwanda was among the few African countries that signed the Malabo treaty in Equatorial Guinea on 27th June 2014. This has seen 12 countries including Rwanda ratify the treaty.
In pushing for the passing of this bill Rwanda will have made a landmark step that will enable it to actually have a hand on its ambition of becoming an ICT hub in the region.
This will also be a response to expert who had earlier on warned on the need to come up with a comprehensive approach on data protection.
For example, Jean-Francois Le Bihan, Public Policy Director, GSMA Sub-Saharan Africa to Rwanda, said last year that if Rwanda wants to seize the opportunities arising from digital transformation, it should establish a comprehensive approach to data privacy that is not subsumed within an ICT law, but applies generally regardless of sector or technology.
“Rwanda has the opportunity to harness the digital economy as a driver of growth and innovation. If it fails to seize the opportunities, it runs the risk of economic isolation and stagnation,” Bihan said.
GSMA warned that without adhering to these guiding principles, poor data privacy enforcement could put at risk the $ 214 billion mobile economy Africa has the potential to reach by 2020.
Why personal data protection?
Data misuse is the inappropriate use of personal information as defined when the data was initially collected by your employer and a third-party contractors- such as hospital, bank, telecommunication and insurance companies, and internet based application based service providers.
Without a law, these can use ones data by selling it to another party, especially advertising goods and political propaganda or used against one or a country in security and intelligence operations and cyber-attacks.