{"id":374,"date":"2024-06-25T17:31:49","date_gmt":"2024-06-25T16:31:49","guid":{"rendered":"https:\/\/www.mediadefence.org\/ereader\/?post_type=publication&#038;p=374"},"modified":"2024-06-25T17:31:51","modified_gmt":"2024-06-25T16:31:51","slug":"data-protection","status":"publish","type":"publication","link":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/","title":{"rendered":"Data Protection"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Data protection is one of the primary ways through which the right to privacy is given effect. At least 36 African states have so far enacted data protection laws, and more are in the process of doing so.[footnote]See https:\/\/dataprotection.africa\/ for more information.[\/footnote] In addition to giving effect to the right to privacy, data protection legislation also facilitates trade among states, as many data protection laws restrict cross-border data transfers in circumstances where the state receiving the information does not provide an adequate level of data protection. Framed more positively, data protection laws enable the regulated transfer of personal information across borders where both jurisdictions have put in place adequate data protection laws and procedures to protect data subjects\u2019 rights.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Key data protection principles<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Data protection laws are aimed at protecting and safeguarding the processing of personal information (also sometimes called personal data). Personal information is typically defined as any information relating to an identified or identifiable natural person \u2014 i.e. the data subject \u2014 by which the data subject can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural, or social identity. A data controller, also sometimes called the responsible party, can typically be either a public or private body and is the person or entity responsible for processing personal information about the data subject.<\/p>\n\n\n\n<div class=\"wp-block-group highlight\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<h3 class=\"wp-block-heading has-text-align-center\">Key data protection principles<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Most comprehensive data protection laws in Africa make provision for a core set of principles which can be summarised as follows:[footnote]Information Commissioner\u2019s Office, \u2018A guide to the data protection principles\u2019 (accessible at https:\/\/ico.org.uk\/for-organisations\/guide-to-data-protection\/data-protection-principles\/).[\/footnote]<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Personal information must be processed fairly and lawfully and must not be processed unless the stipulated conditions are met.<\/li>\n\n\n\n<li>Personal information must be obtained for a specified purpose (or purposes) and must not be further processed in any manner incompatible with that purpose.<\/li>\n\n\n\n<li>Personal data must be adequate, relevant, and not excessive in relation to the purpose (or purposes) for which it was collected.<\/li>\n\n\n\n<li>Personal information must be accurate and, where necessary, kept up to date.<\/li>\n\n\n\n<li>Personal information must not be kept for longer than is necessary for the purpose.<\/li>\n\n\n\n<li>Personal information must be processed in accordance with the rights of data subjects provided for under the data protection law.<\/li>\n\n\n\n<li>The data controller must take appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.<\/li>\n\n\n\n<li>Personal data must not be transferred to another country that does not ensure an adequate level of protection for the rights and freedoms of data subjects.<\/li>\n<\/ul>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">In addition, most data protection laws establish a regulatory body to monitor and enforce the provisions of the law: this type of regulatory body is often referred to as a data protection authority (DPA).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">International law standards<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The United Nations Special Rapporteur (UNSR) on the Right to Privacy released a report in 2022 providing an in-depth analysis of the principles of legality, lawfulness and legitimacy, consent, transparency, purpose, fairness, proportionality, minimisation, quality, responsibility, and security in the context of data protection legislation, which serves as a seminal guide for the development and harmonisation of data protection regulations around the world.[footnote]UNSR on Privacy, \u2018Promotion and protection of human rights: human rights questions, including alternative approaches for improving the effective enjoyment of human rights and fundamental freedoms\u2019 (2022) (accessible at https:\/\/documents.un.org\/doc\/undoc\/gen\/n22\/594\/48\/pdf\/n2259448.pdf?token=u1h0GXrW9xSVX7VFHW&amp;fe=true).[\/footnote]<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In relation to the protection of personal information, General Comment No. 16 on Article 17 of the ICCPR (General Comment No. 16) provides as follows:[footnote]UNHCHR, \u2018CCPR General Comment No. 16: Article 17 (Right to Privacy)\u2019 (1988) (accessible at https:\/\/www.refworld.org\/legal\/general\/hrc\/1988\/en\/27539) at para 10.[\/footnote]<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cThe gathering and holding of personal information on computers, data banks and other devices, whether by public authorities or private individuals or bodies, must be regulated by law. Effective measures have to be taken by States to ensure that information concerning a person\u2019s private life does not reach the hands of persons who are not authorized by law to receive, process and use it, and is never used for purposes incompatible with the Covenant. In order to have the most effective protection of his private life, every individual should have the right to ascertain in an intelligible form, whether, and if so, what personal data is stored in automatic data files, and for what purposes. Every individual should also be able to ascertain which public authorities or private individuals or bodies control or may control their files. If such files contain incorrect personal data or have been collected or processed contrary to the provisions of the law, every individual should have the right to request rectification or elimination.\u201d<\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">In 2023, in response to the rapid and widespread collection of personal information ostensibly to combat the COVID-19 pandemic from 2020-2022, the UNSR on Privacy released a report elaborating on the implementation of the principles of purpose limitation, deletion of data and demonstrated or proactive accountability in the processing of personal data collected by public entities in the context of the pandemic.[footnote]UNSR on Privacy, \u2018A\/HRC\/52\/37: Implementation of the principles of purpose limitation, deletion of data and demonstrated or proactive accountability in the processing of personal data collected by public entities in the context of the COVID-19 pandemic &#8211; Report of the Special Rapporteur on the right to privacy\u2019 (2023) (accessible at https:\/\/www.ohchr.org\/en\/documents\/thematic-reports\/ahrc5237-implementation-principles-purpose-limitation-deletion-data-and).[\/footnote]<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Regional law standards<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">There are several African regional instruments that deal with data protection:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>The African Union (AU) Convention on Cyber Security and Personal Data Protection 2014<\/strong>[footnote]AU, \u2018African Union Convention on Cyber Security and Personal Data Protection\u2019 (2014 ) (accessible at https:\/\/au.int\/sites\/default\/files\/treaties\/29560-treaty-0048_-_african_union_convention_on_cyber_security_and_personal_data_protection_e.pdf).[\/footnote] (the <a href=\"https:\/\/au.int\/en\/treaties\/african-union-convention-cyber-security-and-personal-data-protection\">Malabo Convention<\/a>): This instrument, aimed at a continental level, includes provisions relating to data protection, e-transactions, cybercrimes and cybersecurity. The provisions relating to data protection are contained in Chapter II and contain the conditions for the lawful processing of personal information, as well as the rights afforded to data subjects. After finally receiving ratification from the required 15th state, the Malabo Convention came into force in 2023.[footnote]ALT Advisory, \u2018Africa: AU\u2019s Malabo Convention set to enter force after nine years\u2019 (2023) (accessible at https:\/\/altadvisory.africa\/2023\/05\/19\/malabo-convention-set-to-enter-force\/).[\/footnote]<\/li>\n\n\n\n<li><strong>EAC Legal Framework for Cyberlaws 2008<\/strong>[footnote]EAC, \u2018EAC Legal Framework for Cyberlaws\u2019 (20228) (accessible at http:\/\/repository.eac.int:8080\/bitstream\/handle\/11671\/1815\/EAC Framework for Cyberlaws.pdf?sequence=1&amp;isAllowed=y).[\/footnote] (<a href=\"http:\/\/repository.eac.int:8080\/bitstream\/handle\/11671\/1815\/EAC%20Framework%20for%20Cyberlaws.pdf?seq\">EAC Legal Framework<\/a>): This instrument covers topics relating to data protection, electronic commerce, data security and consumer protection. It is not intended to be a model law but instead provides guidance and recommendations to states to inform the development of their laws. Data protection is dealt with briefly in paragraph 2.5 of the EAC Legal Framework, as part of Phase I which was adopted by the EAC Council of Ministers in 2010.[footnote]UNCTAD, \u2018Harmonizing Cyberlaws and Regulations: The experience of the East African Community\u2019 (2012) (accessible at https:\/\/au.int\/sites\/default\/files\/newsevents\/workingdocuments\/27223-wd-harmonizing_cyberlaws_regulations_the_experience_of_eac1.pdf).[\/footnote]<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Supplementary Act on Personal Data Protection within ECOWAS 2010<\/strong>[footnote]ECOWAS, \u2018Supplementary Act A\/SA.1\/01\/10 on Personal Data Protection within ECOWS\u2019 (2010) (accessible at http:\/\/www.statewatch.org\/news\/2013\/mar\/ecowas-dp-act.pdf).[\/footnote] (<a href=\"https:\/\/www.statewatch.org\/media\/documents\/news\/2013\/mar\/ecowas-dp-act.pdf\">ECOWAS\u00a0Supplementary Act<\/a>): This instrument is designed to be directly transposed into a domestic context among West African states and provides in detail the conditions for the lawful processing of personal information and the rights of data subjects. Importantly, it is also legally binding on ECOWAS States. ECOWAS also adopted the <a href=\"https:\/\/www.tit.comm.ecowas.int\/wp-content\/uploads\/2015\/11\/SIGNED_Cybercrime_En.pdf\">Directive on Fighting Cyber Crime<\/a> in 2011 in an effort to harmonise member states\u2019 cybercrime legislation.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>SADC Data Protection Model Law 2013<\/strong>[footnote]HIPSSA, \u2018Data Protection: SADC Model Law\u2019 (2013) (accessible at https:\/\/www.itu.int\/en\/ITU-D\/Projects\/ITU-EC-ACP\/HIPSSA\/Documents\/FINAL DOCUMENTS\/FINAL DOCS ENGLISH\/sadc_model_law_data_protection.pdf).[\/footnote] (<a href=\"http:\/\/www.itu.int\/ITU-D\/projects\/ITU_EC_ACP\/hipssa\/docs\/SA4docs\/data%20protection.pdf\">SADC Model Law<\/a>): This is a model law that can be adapted into domestic contexts among southern African states. It seeks to ensure the harmonisation of information and communications technologies (ICT) policies and recognises that ICT developments impact the protection of personal data, including in government and commercial activities. It also deals with whistle-blowing, by providing that the data protection authority must establish rules to govern the whistleblowing system that preserve data protection principles, including the principles of fairness, lawfulness, purpose specification, proportionality, and openness.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">In addition to giving effect to the right to privacy, data protection laws also often further facilitate a right of access to information, by providing for data subjects to request, and be given access to, the information being held about them by a controller. This mechanism can enable data subjects to determine whether their personal information is being processed in line with applicable data protection laws and whether their rights are being upheld.<\/p>\n\n\n\n<div class=\"wp-block-group highlight\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<h3 class=\"wp-block-heading has-text-align-center\">Mapping the state of data protection in Africa<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Given the importance of data protection legislation in protecting the right to privacy in the digital age, as well as the rapid progression of legislation and regulation in this area, it can be hard to keep up to date with the state of data protection in Africa. <a href=\"https:\/\/dataprotection.africa\/\" target=\"_blank\" rel=\"noreferrer noopener\">Data Protection Africa<\/a> is an open, online resource that aims to provide a detailed analysis of the governance of data protection across the continent, mapping and analysing the legislation in place in all 55 member states of the African Union. As of February 2024, it notes that 36 out of the 55 AU-recognised states have passed data protection legislation, with three draft bills also being under consideration.<\/p>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Emerging challenges to data protection<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">As more states across the continent have passed data protection legislation, so too have the risks and challenges of regulating and protecting privacy in the digital age become more complex. Many states, particularly those in West Africa, passed their laws some time ago,[footnote]Data Protection Africa, \u2018Standing Alone: The Independence of African Data Protection Authorities\u2019 (2024) (accessible at https:\/\/dataprotection.africa\/standing-alone-the-independence-of-african-data-protection-authorities\/).[\/footnote] raising concerns that they may no longer be suited to the challenges of the modern age. In South Africa, for example, the Protection of Personal Information Act was passed in 2013 but only came into effect in July 2020 with a further grace period given for full compliance. This has raised concerns among critics that the Act already requires amendments to stay up to date with new issues such as AI.[footnote]IT Web, \u2018POPIA principles must align with AI governance, say experts,\u2019 (2023) (accessible at https:\/\/www.itweb.co.za\/article\/popia-principles-must-align-with-ai-governance-say-experts\/RgeVDvPRrn8MKJN3).[\/footnote]<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition, the enforcement challenges of these many new data protection laws have become increasingly apparent. For example, research has found that 14 countries\u2019 laws provide for the data protection authority to be established within or to receive instructions from another public body, such as a government ministry, raising questions about regulatory independence.[footnote]See above n 17.[\/footnote] 11 countries were found not to have adequate protections in place to prevent the undue removal of members of the Authority for political or other reasons.[footnote]<em>Id<\/em>.[\/footnote]<\/p>\n\n\n\n<div class=\"wp-block-group highlight\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<h3 class=\"wp-block-heading has-text-align-center\"><strong>Enforcement challenges: example from Kenya<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Many data protection authorities across the content have struggled to meaningfully hold accountable violators of data protection legislation, particularly powerful multinational corporations. \u00a0 <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For example, in 2023, Tools for Humanity piloted a new cryptocurrency campaign called Worldcoin that paid people a small sum of money in the cryptocurrency to have their biometric data collected, resulting in thousands taking up the opportunity,[footnote]Njenga, Schmitz, \u2018Worldcoin: Thousands flock KICC to have eyeballs scanned for Ksh.7k\u2019 (2023) (accessible at https:\/\/www.citizen.digital\/news\/worlcoin-thousands-flock-kicc-to-have-eyeballs-scanned-for-ksh7k-n32464 3).[\/footnote] with very little information about how the data would be used. In May, <strong>Kenya\u2019s<\/strong> Office of the Data Protection Commissioner (OPDC) ordered the company to halt processing,[footnote]TechCrunch, \u2018Worldcoin ignored initial order to stop iris scans in Kenya, records show\u2019 (2023) (accessible at https:\/\/techcrunch.com\/2023\/08\/15\/worldcoin-in-kenya\/?guccounter=1).[\/footnote] an order which was reportedly ignored. The company finally stopped data collection only when, in August, the Ministry of the Interior ordered the suspension of Worldcoin\u2019s operations in the country, citing data protection concerns.[footnote]Kenya Ministry of Interior, \u2018Statement on Worldcoin\u2019 (2023) (accessible at https:\/\/twitter.com\/InteriorKE\/status\/1686709534075629568).[\/footnote] The OPDC subsequently launched litigation against Tools for Humanity in the High Court.[footnote]See above n 22.[\/footnote] \u00a0 <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This demonstrates the challenges data protection authorities face in holding these powerful international companies to account.<\/p>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Another barrier to the advancement of data protection on the continent is the limited scope of data protection laws, with many containing extensive national security or private sector exemptions that undermine their efficacy. In this regard, it is also important to note the track record on the continent of national security justifications being abused, as detailed in <a href=\"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-9-national-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Module 9 in this series<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Data protection is one of the primary ways through which the right to privacy is given effect. At least 36 African states have so far enacted data protection laws, and more are in the process of doing so.[footnote]See https:\/\/dataprotection.africa\/ for more information.[\/footnote] In addition to giving effect to the right to privacy, data protection legislation [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"parent":368,"menu_order":239,"template":"page-templates\/chapter.php","publication-category":[],"class_list":["post-374","publication","type-publication","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Data Protection | eReader<\/title>\n<meta name=\"description\" content=\"Data protection laws are aimed at protecting and safeguarding the processing of personal information (or personal data).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data Protection | eReader\" \/>\n<meta property=\"og:description\" content=\"Data protection laws are aimed at protecting and safeguarding the processing of personal information (or personal data).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/\" \/>\n<meta property=\"og:site_name\" content=\"eReader\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-25T16:31:51+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/module-4-data-privacy-and-data-protection\\\/data-protection\\\/\",\"url\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/module-4-data-privacy-and-data-protection\\\/data-protection\\\/\",\"name\":\"Data Protection | eReader\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/#website\"},\"datePublished\":\"2024-06-25T16:31:49+00:00\",\"dateModified\":\"2024-06-25T16:31:51+00:00\",\"description\":\"Data protection laws are aimed at protecting and safeguarding the processing of personal information (or personal data).\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/module-4-data-privacy-and-data-protection\\\/data-protection\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/module-4-data-privacy-and-data-protection\\\/data-protection\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/module-4-data-privacy-and-data-protection\\\/data-protection\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Publications\",\"item\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Summary Modules on Digital Rights and Freedom of Expression Online in sub-Saharan Africa\",\"item\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Module 4: Data Privacy and Data Protection\",\"item\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/publications\\\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\\\/module-4-data-privacy-and-data-protection\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Data Protection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/#website\",\"url\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/\",\"name\":\"eReader\",\"description\":\"Media Defence\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.mediadefence.org\\\/ereader\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data Protection | eReader","description":"Data protection laws are aimed at protecting and safeguarding the processing of personal information (or personal data).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/","og_locale":"en_US","og_type":"article","og_title":"Data Protection | eReader","og_description":"Data protection laws are aimed at protecting and safeguarding the processing of personal information (or personal data).","og_url":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/","og_site_name":"eReader","article_modified_time":"2024-06-25T16:31:51+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/","url":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/","name":"Data Protection | eReader","isPartOf":{"@id":"https:\/\/www.mediadefence.org\/ereader\/#website"},"datePublished":"2024-06-25T16:31:49+00:00","dateModified":"2024-06-25T16:31:51+00:00","description":"Data protection laws are aimed at protecting and safeguarding the processing of personal information (or personal data).","breadcrumb":{"@id":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/data-protection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.mediadefence.org\/ereader\/"},{"@type":"ListItem","position":2,"name":"Publications","item":"https:\/\/www.mediadefence.org\/ereader\/publications\/"},{"@type":"ListItem","position":3,"name":"Summary Modules on Digital Rights and Freedom of Expression Online in sub-Saharan Africa","item":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/"},{"@type":"ListItem","position":4,"name":"Module 4: Data Privacy and Data Protection","item":"https:\/\/www.mediadefence.org\/ereader\/publications\/introductory-modules-on-digital-rights-and-freedom-of-expression-online\/module-4-data-privacy-and-data-protection\/"},{"@type":"ListItem","position":5,"name":"Data Protection"}]},{"@type":"WebSite","@id":"https:\/\/www.mediadefence.org\/ereader\/#website","url":"https:\/\/www.mediadefence.org\/ereader\/","name":"eReader","description":"Media Defence","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mediadefence.org\/ereader\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/publication\/374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/publication"}],"about":[{"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/types\/publication"}],"author":[{"embeddable":true,"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/users\/4"}],"up":[{"embeddable":true,"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/publication\/368"}],"wp:attachment":[{"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/media?parent=374"}],"wp:term":[{"taxonomy":"publication-category","embeddable":true,"href":"https:\/\/www.mediadefence.org\/ereader\/wp-json\/wp\/v2\/publication-category?post=374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}