HIPSSA Project PRESENTATION ON SADC DATA PROTECTION MODEL LAW

Slides:



Advertisements
Similar presentations
Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
Advertisements

HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa Meeting with Data Protection Law Stakeholders 02 April 2013 PRESENTATION.
HIPSSAPROJECT Support for Harmonization of the ICT Policies in Sub-Sahara Africa Meeting with Data Protection Law Stakeholders 28/29 th August, 2013 PRESENTATION.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Tanzanian ICT.
Convention for the protection of individual with regard to automatic processing of personal data “The purpose of this convention is to secure in the territory.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry.
The Data Protection (Jersey) Law 2005.
The European Union legal framework for clinical data access: The European Union legal framework for clinical data access: potential challenges and opportunities.
EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.
Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.
A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
IAEA International Atomic Energy Agency Overview of legal framework Regional Workshop - School for Drafting Regulations 3-14 November 2014 Abdelmadjid.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
Data Protection and research Rachael Maguire Records Manager.
DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
The EU General Data Protection Regulation Frank Rankin.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Hallgrímur Snorrason Management seminar on global assessment Session 6: Institutional and legal framework of the national statistical system Yalta
General Data Protection Regulation (EU 2016/679)
Data Protection Officer’s Overview of the GDPR
HIPSSA Project TRAINING /DATA PROTECTION LAW Pria Chetty,
Learning objective Understand how to safeguard children in relation to legislation, frameworks, policies and procedures. Identify current.
Dispute Resolution Between ICT Service Providers in Saudi Arabia
Nuclear and Treaty Law Section Office of Legal Affairs
THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,
Issues of personal data protection in scientific research
Data Protection: EU & International
Support for Harmonization of the ICT Policies in Sub-Sahara Africa,
Overview of the WTO SPS Agreement and the role of
Principles of Administrative Law <Instructor Name>
Data Protection The Current Regime
General Data Protection Regulation
Nuclear and Treaty Law Section Office of Legal Affairs
Convention108 in a snapshot
International Regulatory Trends
Museums + Heritage webinar, 30 November 2017
Data Protection Legislation
EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.
GDPR Road map to Compliance.
Data Protection & Freedom of Information- An Introduction
Bob Siegel President Privacy Ref, Inc.
GENERAL DATA PROTECTION REGULATION (GDPR)
The General Data Protection Regulation (GDPR)
New Data Protection Legislation
G.D.P.R General Data Protection Regulations
Communication and Consultation with Interested Parties by the RB
General Data Protection Regulation
Data Protection principles
HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry and Data Protection Stakeholders.
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
The activity of Art. 29. Working Party György Halmos
Importance of Law and Policies in the Environmental Management System
Overview of the main novelties in the new EU General Data Protection Regulation and summary of the main contradictions in the existing Ukrainian data protection.
The General Data Protection Regulation: Are You Ready?
Government Data Practices & Open Meeting Law Overview
Themes for training on data protection
General Data Protection regulation (GDPR)
Data Protection in Law Enforcement Area Chapter 9a of the draft law
Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.
Dr Elizabeth Lomas The General Data Protection Regulation (GDPR): Changing the data protection landscape Dr Elizabeth Lomas
Government Data Practices & Open Meeting Law Overview
Data Protection What can I do? GDPR Principles General Data Protection
General Data Protection Regulation Community Councils
Presentation transcript:

HIPSSA Project PRESENTATION ON SADC DATA PROTECTION MODEL LAW Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Tanzanian ICT Ministry PRESENTATION ON SADC DATA PROTECTION MODEL LAW Pria Chetty, International Legal Expert on Data Protection .

Summary of the Content Overview of the International and Regional Assessment Data Protection Model Law Development Process Overview of Data Protection Model Law Key Frames of Inquiry for Transposition of the Model Law Questionnaire – Revisit research and analysis for new developments and deeper analysis

Objectives of International and Regional Assessment Analysis of the key issues and common principles reflected in ICT regulatory and legislative frameworks relating to data protection in SADC Member States and other international best practice Review of policies, laws, directives, conventions etc. to identify relevant trends and key issues on data protection regulation Conduct Analysis to facilitate harmonisation of policies and laws Document Best Practice findings that may be used for the development of a Model Law for the Region

Model Law Development Data Protection Policy and Legal Analysis Scan of international and regional approaches to data protection Questionnaires to Member States Desktop Research Review Review of International and Regional Policies, Laws, Conventions Comparison of common and differentiated approaches Data Protection Policy and Legal Analysis Draft Model Law Deliberated at workshop with country representatives Incorporation of recommendations and requests for amendment Model Law adoption Data Protection Model Law

Purpose of Data Protection Law Harmonised approaches Give effect to right to privacy ICT technology developments impacts right to the protection of personal data in commercial activities as well as in electronic government (eGov) activities Illegitimate and unlawful monitoring of individuals Automated decision making Data protection regulation - ensure that the benefits of using information and communication technologies is not concurrent with weakened protection of personal data

Overview of the SADC Model Law

Objectives of Model Law Give effect to principles of data protection Place limitations on the processing of personal data Provide for the rights of the data subject Describe the responsibilities of the Data Controller Establishment of the Data Protection Authority Combat violations of privacy likely to arise from the collection, processing, transmission, storage and use of personal dataactivities

Definitions Data Data subject Data Controller Data Protection Authority Personal data Sensitive Data Processing

Scope = Processing of personal data perform wholly or partly by automated means, and to the processing of personal data otherwise than by automated means of personal data which forms part of a filing system or is intended to form part of a filing system ≠ Processing of personal data by a natural person in the course of purely personal or household activities Cannot restrict: the ways of production of information which are available according to a national law or as permitted in the rules that govern legal proceedings; and the power of the judiciary to constrain a witness to testify or to produce evidence

Scope of Application Processing of personal data carried out in the context of the effective and actual activities of any controller permanently established on [given country] territory or in a place where [given country] law applies by virtue of international public law; Processing of personal data by a controller who is not permanently established on [given country] territory, if the means used, which can be automatic or other means located on [given country] territory, are not the same as the means used for processing personal data only for the purposes of transit of personal data through [given country] territory

Lawfulness of Processing Quality of the Data Adequate, relevant and not excessive to the purpose Accurate and up-to-date Etc. Lawfulness of Processing Generality - the processing of personal data is necessary and that the personal data is processed fairly and lawfully Purpose - specified, explicit and legitimate Sensitive data processing with consent Etc.

Duties of the Data Controller: Inform the data subject of the purpose of collection Confidentiality Security safeguards Notification to the Protection Authority Transparency of the processing Accountability

Rights of the Data Subject: Right of access Right of rectification, deletion, temporary limitation of access Restrictions on automated decision making

Protection Authority and Judicial Authority Independent and administrative authority Role, Status and composition Competencies Financing (Parliament Grant) Liability of the Data Controller Sanctions, Warnings, Notices, Fines Preserve Data subject’s recourse to the judicial authority Preserve Data subject’s access to the judicial authority

Limitations: Transborder Flows: National Security Journalism Member States of SADC – Establish necessity of transfer Non member States of SADC - Personal data shall only be transferred to recipients, other than Member States of the SADC, which are not subject to national law adopted pursuant to this model law, if an adequate level of protection is ensured in the country of the recipient or within the recipient international organization and the data are transferred solely to allow tasks covered by the competence of the controller to be carried out

Transposition of the Model Law

Transposition Frames of Inquiry International and regional frameworks establish the primary themes, intent and functional requirements for data protection regulation. Within Tanzania, enquire: Designated national data protection legislation Prevalence of regulation that has a bearing on the right to privacy and protection of personal information in Tanzania.

Transposition Frames of Inquiry Definitions of personal information and sensitive information, Principles of data protection Nature and functions of the Data Protection Regulator Regulation of Transborder flows of personal information Nature of the Constitutional right to privacy Privacy in Consumer Protection Privacy in Electronic Communications Rights of Access To Information versus the right to privacy

Transposition Frames of Inquiry Special Considerations: Whistleblowing information, Health Records Limitations on Privacy: Criminal Procedure, national security legislation Status and amendments: ICT Policy Constitutional right to privacy Communications regulation Consumer Protection regulation

Thank You Questions? Pria Chetty ITU International Expert: Data Protection Mobile: 083 384 4543 Email: pria.chetty@gmail.com