Skip to main content
Data protection

Top Ugandan Data Collectors Can't Store it Safely - Report

posted onNovember 7, 2021

Major companies collecting people’s data in Uganda are not keeping it safe while others don’t have privacy policies which put people’s secrecy at risk, this is according to the Privacy Scorecard report released by Unwanted Witness.

The report which was launched on Friday at Serena Hotel during the 3rd Privacy Symposium Africa is the first of its kind and it revealed that despite the fact that people are in the era of unprecedented data collection and digital surveillance, big companies, organizations across Africa continue to struggle to keep citizens’ data safe putting Africans at risk of fraud, identity theft, discrimination and social and reputational harm.

In over 32 organizations where research was made across seven sectors, it was discovered that all the organizations lack legal compliance in Uganda, inconsistent practices across Africa and lack of transparency and accountability in collecting user data.

The report found out three main challenges that if not settled, Africa will face a great challenge of keeping citizens’ data safely. The first was that there is a significant lack of compliance with Uganda’s 2019 Data Protection and Privacy Act.

Inconsistent privacy policies across Africa leave African consumers vulnerable in countries without strong data protection policies. Lastly, the report revealed that there is a presence of location and profiling trackers across mobile and web applications that collect and sell data for commercial benefits without transparent policies.

Speaking during the launch, the Executive Director of Unwanted Witness, Dorothy Mukasa said that Scorecard was released to encourage data collectors and processors to adopt protection, best practices and to empower Ugandan citizens to demand information pertaining to the ways in which their personal data is being collected and used.

“While also recognizing those actors that are complying with laws and best practices. Every Ugandan has the right to freedom of expression through any media platform without interference. It is a right guaranteed by the constitution, and organizations should know that their responsibility is no longer just about robust service delivery but about protecting their customer confidentiality,”Ms Mukasa asserted.

“Therefore, it is imperative that this organization manage that data responsibly and ethically. Customers have the right to know whether and how their data is being stored, processed and utilized.”

Reacting to the findings of the report, the State Minister for National Guidance Godfrey Kabyanga Bakulu said; “I would like to thank Unwanted Witness for sharing about data privacy. It’s an internationally recognized right. Assuring data protection is proven day by day as a prerequisite for democracy. We going to use this report to exert pressure on companies that are don’t have privacy policies however this will after the parliament passes the draft of the Data Protection and Privacy Act.”

While presenting the findings the Head of Programs at Unwanted Witness, Allan Sempala Kigozi revealed that by providing an objective measurement for analyzing data-handling policies and practice, the Scorecard can act as a vital stopgap against the unfettered abuse of user data.

“We look forward to seeing changes to the policies of those organizations studied here so that Ugandans can be confident that their digital lives are not being subject to manipulation and their human right and dignity remain intact.”

Highlights of the report

The report shows that the average overall performance of the companies and agencies against Uganda’s 2019 Data Protection and Act is 35 percent, while 53 percent practice robust data security. E-commerce, financial and telecoms services register the highest compliance levels. Health service and social Security record the lowest performance.

On the issue of lack of consistent privacy policies, the policies of Stanbic Bank, one of Africa’s leading financial institutions, vary according to country. In South Africa, forexample its policy covers seven rights, wherein Tanzania covers only four yet in Malawi is does not cover any at all. This is similar to Airtel, MTN, Standard Bank. The report shows few companies with consistent privacy policies across the countries in which they operate these include; Jumia, Safeboda and KiKUU.

About Author

Kp Reporter - Chief editor

Join the conversation

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.