News

Our Work on Deceptive Design

August 08 2022.

————————————————————————————————————————-

At Tech Hive Advisory, we believe that people should have access to a safer digital environment where digital rights and ethical design are priortised over deceptive design. We believe we can achieve this through awareness creation, advocacy, research, and public action to engage regulators and designers to shape the policy landscape. 

Read more…

Introducing the State of Tech Policy Report

January 17 2022.

————————————————————————————————————————-

 

Tech Hive Advisory, a tech policy advisory and research organisation with competencies that cut across law, technology, and business, is set to release a new report titled, ‘State of Tech Policy in Nigeria: Report on Legislations, Regulations, Directives, Orders, Policies, Strategies, and Announcements Impacting the Information Technology Ecosystem’. This was done in collaboration with Ikigai Innovation Initiative, a research and advocacy non-profit focused on tech policy. The Report provides a series of snapshots about events that have defined the development of the Nigerian tech ecosystem from Q1 2020 – Q4 2021 

Read more…

A Review of the Nigerian E-Government Masterplan

January 7 2022.

————————————————————————————————————————-

 

The Nigeria E-Government Masterplan (referred to as ‘the Plan’) is a product of the Federal Ministry of Communications & Digital Economy. The Plan defines e-government as a socio-technical system consisting of technical subsystems (electronic) and social subsystems (government), which are interwoven. It also introduces a full-scale plan implementation of e-government, involving 25 initiatives, starting with a presidential committee on ICT/e-government, leading to expanding 

Read more

A Review of the Online Pharmacy Regulations 2021

January 7 2022.

————————————————————————————————————————-

 

The Online Pharmacy Regulation 2021 constitutes Nigeria’s first attempt at directly legislating in respect of telemedicine, with a focus on pharmaceutical service providers who leverage the internet to deliver their services.

 

Read more

A REVIEW OF THE SON GUIDELINES FOR E-COMMERCE (ONLINE MARKETING) 2020

January 7, 2022

———————————————————————————————————————–On 12th January 2021, the Data Protection Commissioner’s office in Kenya invited public comments on its Draft Guideline on Access to Personal Data During COVID-19 Pandemic.

The Draft Guideline aims to tackle the effects of Covid-19 pandemic on individuals; enhance the quality of lives and ensure continuity of jobs, business and learning; ensure the provision of universal and affordable health care, amongst others, there has been the need for innovative interventions whether ICT based or otherwise. In furtherance of these aspirations, access to personal data (health data and geo-location data) may be required from private or government entities.

Read more….

 

TECH HIVE ADVISORY SET TO RELEASE A NEW REPORT ON THE INTERSECTION OF FREEDOM OF EXPRESSION ONLINE AND PROTECTION OF PERSONAL INFORMATION

August 30th, 2021

———————————————————————————————————————Tech Hive Advisory, a leading technology policy advisory and research organization with support from Omidyar Network is set to release a new report titled “The intersection of the right to freedom of expression online and protection of personal information in Botswana, Ethiopia, Kenya, and Nigeria.” The report which will be released on 1 September 2021 focuses on the relationship between two basic digital rights: the right to freedom of expression online and protection of personal information within the African context.

Read more…

KENYA DATA PROTECTION COMMISSION RELEASES DRAFT GUIDELINE ON ACCESS TO PERSONAL DATA DURING COVID-19 PANDEMIC - 8th March, 2021

On 12th January 2021, the Data Protection Commissioner’s office in Kenya invited public comments on its Draft Guideline on Access to Personal Data During COVID-19 Pandemic.

The Draft Guideline aims to tackle the effects of Covid-19 pandemic on individuals; enhance the quality of lives and ensure continuity of jobs, business and learning; ensure the provision of universal and affordable health care, amongst others, there has been the need for innovative interventions whether ICT based or otherwise. In furtherance of these aspirations, access to personal data (health data and geo-location data) may be required from private or government entities.

Objectives

The Guideline aims to give effect to the right to privacy of individuals related to the protection of personal information and ensure compliance with the Data Protection Act of 2019.

Key Provisions

  1. Principles of Data Protection

The Guideline emphasises data protections’ fundamental principles such as accountability, security, purpose limitation, accuracy, adequacy, confidentiality, data minimisation, and storage limitation.

It also requires that personal data kept for a more extended period should be kept in an anonymised format such that the data subject cannot be re-identified. Also, any person who has access to personal data must protect them and adequately demonstrate that it does and comply with the Data Protection Act of 2019 and may be called by the Data Protection Commissioner to do so. It further expects that access to personal data is only limited to those who need it to address or respond to the covid-19 pandemic.

  1. Consent

The Guideline provides that personal data shall be collected directly from individuals subject to their express consent using a data request form annexed to the Guideline.
Where personal data is to be sold to third parties or transferred outside of Kenya, the data subject’s express consent must be sought.

  1. Data Sharing Contracts

Where personal data is shared between parties, there has to be a signed agreement covering non-disclosure, confidentiality, data destruction techniques, safeguard, data protection impact and so on. It must be approved by the Office of the Data Protection Commissioner. This also applies to data requests.

  1. Privacy Notice

Every application that requests personal data must publish a privacy notice on what information is being collected and with whom the information may be shared.

  1.  International Transfer

Where personal data is to be transferred outside of Kenya, there has to be sufficient proof that appropriate safeguards concerning the security and protection of the personal data.

  1.  Request for Personal Data

For personal data requests from public entities, the requests shall be channelled appropriately. For instance, health data shall be requested from the Ministry of Health while telecommunications data from the Communications Authority of Kenya.

A copy of the data request form is available here.

Conclusion

Albeit late, Kenya joins host of other African countries like Cape VerdeSouth AfricaMauritiusSenegalBurkina FasoMaliMorocco, and Tunisia that issued Guidance on Covid-19 and data protection.

A copy of the Draft Guideline is available here.

By Tojola Yusuf and Ridwan Oloyede