1 / 22

HIPSSA Project

HIPSSA Project. Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Tanzanian ICT Ministry. PRESENTATION ON DATA PROTECTION BILL Pria Chetty, International Legal Expert on Data Protection 07.03.12. Why enact Data Protection Law?

vesna
Download Presentation

HIPSSA Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Tanzanian ICT Ministry PRESENTATION ON DATA PROTECTION BILL Pria Chetty, International Legal Expert on Data Protection 07.03.12

  2. Why enact Data Protection Law? • Data Protection Model Law Development Process • Key Provisions for Data Protection Law • Key Frames of Inquiry for Transposition of the Model Law • Key Provisions of the Data Protection Bill • Part I, II, III, IV, V, VI, VIII • Discussion Overview of Session

  3. Harmonised approaches Give effect to right to privacy ICT technology developments impacts right to the protection of personal data in commercial activities and electronic government (eGov) activities Illegitimate and unlawful use of individual’s information Automated decision making Direct marketing practices Data protection regulation - ensure that the benefits of using information and communication technologies is not met with weakened protection of personal data Why Enact Data Protection Law?

  4. Model Law Development

  5. Give effect to principles of data protection • Place limitations on the processing of personal data • Provide for the rights of the data subject • Describe the responsibilities of the Data Controller • Establishment of the Data Protection Authority • Combat violations of privacy likely to arise from the collection, processing, transmission, storage and use of personal dataactivities Provisions of SADC Model Law

  6. International and regional frameworks establish the primary themes, intent and functional requirements for data protection regulation. Within Tanzania, enquire: Designated national data protection legislation Prevalence of regulation that has a bearing on the right to privacy and protection of personal information in Tanzania. Transposition Frames of Inquiry

  7. Tanzania data protection bill

  8. Part One 1 Short Title 2 Commencement 3 Object of the Act 4 Interpretation 5 Savings

  9. Object of the Act to promote the protection of personal information processed by public and private bodies; to introduce information protection principles so as to establish minimum requirements for the processing of personal information; and to provide for matters connected therewith

  10. Personal Information Processing Data Subject Data Processor Data Protection Officer Commissioner Interpretation

  11. “data controller” or “controller” refers to any natural person, legal person or public body which alone or jointly with others determines the purpose and means of processing of personal information. Where the purpose and means of processing are determined by or by virtue of an act, decree or ordinance, the controller is the natural person, legal person or public body has been designated as such by or by virtue of that act, decree or ordinance. Data Controller

  12. Defining Personal Information

  13. processing: refers to any operation or set of operations which is performed upon personal information, whether or not by automated means, such as obtaining, recording or holding the data or carrying out any operation or set of operations on data, including – (a) organization, adaptation or alteration of the data; (b) retrieval, consultation or use of the data; or (c) alignment, combination, blocking, erasure or destruction of the data Processing of Personal Information

  14. (1)This Act shall not affect the operation of any law that makes provision with respect to the collection, holding, use, correction or disclosure of personal information and is capable of operating concurrently with this Act. If any other legislation provides for safeguards for the protection of personal information that are more extensive than those set out in the information protection principles, the extensive safeguards prevail. (2)This Act shall not restrict the ways of processing and production of information which are legally sanctioned under this Act, including such processing and procedures set out in Schedule One. Savings

  15. De-identified information Government departments – national security, defence, prosecution of offences, journalistic purposes, judicial processes, powers of judiciary Does apply to partial automated processing Territorial clarity Data Controller may appoint a representative Savings

  16. Part II

  17. Part II (cntd…)

  18. Part VI

  19. Part VII

  20. CONCLUSION/ POINTS FOR INCLUSION IN DISCUSSION

  21. Schedule of Exemptions for Consultation Process and Regulations Prescription of Court Duty of Correction of Personal Information (Public Bodies only) Promotion of Access to Information Act Discussion

  22. Questions? PriaChetty ITU International Expert: Data Protection Mobile: 083 384 4543 Email: pria.chetty@gmail.com Thank You

More Related