Privacy and Data Protection in the Developing World

Privacy and Data Protection
in the Developing World
Drudeisha Madhub
Data Protection Commissioner (Mauritius)
: [email protected]
: +230 2013604
Helpdesk : +230 2039076
: +230 2013976
Website :
Present Landscape
• We are living a pivotal moment for the right to
privacy in developing countries and emerging
• With new technologies empowering people around
the world, and altering our relationships with
governments and the corporate sector, strong legal
frameworks are required to ensure that rights are
adequately protected.
Data Protection in developing countries
• The complex process of negotiating privacy within
this context is especially fraught in developing
• It is here that technologies have the potential to
be at their most transformative, by giving
individuals the ability to access to information,
express themselves, and participate in local and
global discussions in unprecedented ways.
• However, even as new technologies and capabilities
flood into developing countries, the technical
knowledge necessary to design legislative
frameworks remains in short supply.
• At the same time, international regulatory
consensus has yet to emerge around issues of data
protection, and regional agreements remain in flux,
depriving policy makers in developing countries of
strong guidance and best practice upon which to
base their own regulatory frameworks.
Risks to Privacy in developing countries
• Consequently, developing countries are emerging as
some of the world’s worst privacy violators: spying on
their citizens, conducting extensive surveillance
without a legal basis, actively censoring the internet,
and failing to protect the privacy of personal data and
digital communications.
• Such practices persistently violate the right to privacy
while also threatening the enjoyment of other human
• As the right to privacy becomes more and more
embattled across the developing world, there is
an urgent need to educate citizens and policymakers about fortifying legal protections.
Privacy Invasive Technologies
• Some of the world’s most invasive surveillance
systems are being deployed in countries where
individuals are most at risk.
• Developing countries are considered growth
markets for biometric systems, health
informatics, visual surveillance and expansive
communications surveillance technologies, and
citizens of these countries tend to lack the legal
and technical means to defend themselves.
The right to privacy
• It has been argued that privacy is a Western luxury, and
even a potential impediment to progress.
• Yet privacy is a universal human right, and our experiences
in developing countries have shown us that, despite cultural
differences, there is a deep common interest in information
privacy and personal data protection amongst citizens and
consumers in every economy.
• Privacy helps create a sense of human autonomy and
dignity, and is therefore in many ways synonymous with
Position of authorities
• Those advocating for privacy in developing countries often
uncomprehending courts.
• There is comparatively little understanding of the
nuanced relationships between privacy, security and
development, or of the complex technologies involved.
• The default position of the authorities is often to collect
as much information on as many people as possible, and
human rights are rarely taken into account.
The tug-of-war
• Privacy is internationally recognised as a
fundamental right.
• Yet the confines of the right to privacy are
subject to never-ending games of tug-of-war
between individuals, governments and
• These games are rarely fair – individuals are often
under-informed and lack the capacity to assert and
protect their privacy, while those who seek to erode it
are increasingly overbearing and secretive.
• This is particularly the case in developing countries,
where the absence of adequate legal and institutional
frameworks and safeguards facilitates unhindered
corporate intrusion into privacy.
Position of Government
• Governments also collect and share excessive amounts of
personal data in the name of development, security and the
modernisation of public administration.
• In many developing countries, though constitutional
provisions may already exist, privacy is still being entrenched,
and the capacity of human rights organisations to educate and
advocate is still growing.
• But in the meantime, governments are spying on their citizens,
corporations are buying and selling personal data, and
individuals are consistently losing the tug-of-war.
Review of legal framework and procedures
• It is clear that the challenges of data protection continue
to manifest themselves in developing countries despite
the current mechanisms of alleviating them.
• Technology will continue advancing and this is why
governments of developing countries need to review
existing laws on data protection to suit new technologies.
• Similarly, enforcement procedures need to be reviewed.
• Law enforcement agents need to be trained on
dealing with more sophisticated data crimes.
• Computer ethics education and training needs to be
intensified by reviewing existing curricula and
organising refresher courses for practicing computing
professionals. Service providers in computing
businesses should be trained on how to deal with
unethical customers. Regulatory bodies should be
established to censor the service providers.
Way forward
• Our recommendation to developing countries is that,
they should strengthen the current legislation and
enforcement procedures on data protection. They
should emphasize ethics education for all computing
professionals and organise in-service courses for
practicing computing professionals. All these will
eliminate the challenges and make the culture of
data access and data protection ethical in developing
Bridging the digital gap
• Developing countries need to adopt and enforce privacy and
data protection laws as they attempt to bridge the "digital
divide" widened by the advent of new technologies like
cloud computing, according to a new report.
• The Information Economy Report 2013 by Unctad, the UN
trade and development body, warns that the global shift
towards cloud computing, which allows users to store and
access data remotely, brings a range of legal as well as
technological and infrastructure challenges for poor
Privacy Risks of cloud computing
• “Cloud computing has the potential to offer users in
developing countries access to unprecedented resources of
computing power and storage," says the report, noting
how cloud services can help cut costs on hardware and
software, provide greater flexibility and mobility, and
enable worldwide collaboration.
• However, it warns that as services offered via the internet
become more complex, unreliable and expensive
broadband access in many developing countries, together
with power outages and a lack of IT skills risk widening the
digital divide.
• With all of the potential that cloud computing
holds, it also poses some serious risks to the
protection of a user's personal information. This is
especially true in developing countries, where an
absence of strong data protection and privacy
laws, coupled with weak accountability
mechanisms, means that information stored in the
cloud is vulnerable to a variety of threats, from
hacking to corporate exploitation to a snooping
Shift towards quality access
• We've had the tendency to look at the digital
divide in terms of whether you have access
or not to technologies, and so some think the
digital divide is closing because more people
have access to mobile phones. But it's
important not only to have access but to
have quality access,“ quoted from the report.
Report Findings
• During an average minute in 2012, Google received
2m search requests, Facebook users shared around
700,000 content items and Twitter sent out
200,000 tweets, notes the report. However, an
estimated 60% of such cloud traffic came from
Europe and North America, followed by the AsiaPacific region (33%). Latin America, the Middle
East and Africa together accounted for only 5%.
• Broadband prices remain high in many poor
countries. While in 2011 the average monthly
price for fixed broadband was estimated at less
than 2% of per capita income in developed
countries, in developing countries that figure
was 40%. The cost of mobile broadband in poor
countries is between 20% and 30% of per
capita income.
Growing privacy concern
• Data security and privacy concerns – which have
intensified worldwide following the revelations in
programmes and reports on access by lawenforcement agencies to data hosted by cloud
service providers – are among the most
important issues facing developing countries,
says Unctad.
Need for Awareness
• Some cloud applications, particularly consumerfocused services like webmail, are already being
used in many developing countries despite the
lack of data protection laws.
Adequate laws and regulations
• As of 2013, 101 countries had data privacy laws or
bills in place. Only 40 developing economies have
such laws or bills.
• "For governments of developing countries, it is
essential that appropriate laws and regulations are
adopted and enforced in these areas," says the report.
• Cloud services today are dominated by a few very
large service providers, almost all with headquarters
in the US.
Concern over data
• The NSA revelations have caused people worldwide to
doubt the wisdom of entrusting their data to cloud
services operated by American companies, and some US
firms have said they risk losing billions of dollars as
customers become increasingly wary of using their
• "The debate that has been sparked is very useful in that
governments and other users are forced to think through
the implications of uploading data to the cloud. This does
not only relate to developed countries but to developing
countries too," said the report.
International Resolutions
• the UN recently adopted a resolution drafted by
Germany and Brazil reaffirming the "human
right to privacy in the digital age".
• The resolution was also sponsored by
Indonesia, Peru and Uruguay.
• The AU convention on cyber security and personal
data protection was adopted in June 2014 to bind all
member states of the African Union to abide to data
protection principles and to provide for the setting up
of independent data protection authorities. These
developments will considerably affect the developing
world privacy landscape in a positive way. The AU
convention is in consonance with international
principles and now should embark upon a serious
campaign of educating its members to convince them
to adhere to it. The EU Data Protection Reform
should also see light.

similar documents