HIPSSA Project - PowerPoint PPT Presentation

Hipssa project
1 / 22

  • Uploaded on
  • Presentation posted in: General

HIPSSA Project. Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Tanzanian ICT Ministry. PRESENTATION ON DATA PROTECTION BILL Pria Chetty, International Legal Expert on Data Protection 07.03.12. Why enact Data Protection Law?

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

HIPSSA Project

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Hipssa project

HIPSSA Project

Support for Harmonization of the ICT Policies in Sub-Sahara Africa,

Meeting with the Tanzanian ICT Ministry



Pria Chetty,

International Legal Expert on Data Protection


Overview of session

  • Why enact Data Protection Law?

  • Data Protection Model Law Development Process

  • Key Provisions for Data Protection Law

  • Key Frames of Inquiry for Transposition of the Model Law

  • Key Provisions of the Data Protection Bill

    • Part I, II, III, IV, V, VI, VIII

  • Discussion

Overview of Session

Why enact data protection law

Harmonised approaches

Give effect to right to privacy

ICT technology developments impacts right to the protection of personal data in commercial activities and electronic government (eGov) activities

Illegitimate and unlawful use of individual’s information

Automated decision making

Direct marketing practices

Data protection regulation - ensure that the benefits of using information and communication technologies is not met with weakened protection of personal data

Why Enact Data Protection Law?

Model law development

Model Law Development

Provisions of sadc model law

  • Give effect to principles of data protection

  • Place limitations on the processing of personal data

  • Provide for the rights of the data subject

  • Describe the responsibilities of the Data Controller

  • Establishment of the Data Protection Authority

    • Combat violations of privacy likely to arise from the collection, processing, transmission, storage and use of personal dataactivities

Provisions of SADC Model Law

Transposition frames of inquiry

International and regional frameworks establish the primary themes, intent and functional requirements for data protection regulation.

Within Tanzania, enquire:

Designated national data protection legislation

Prevalence of regulation that has a bearing on the right to privacy and protection of personal information in Tanzania.

Transposition Frames of Inquiry

Tanzania data protection bill

Tanzania data protection bill

Part one

Part One

1Short Title


3Object of the Act



Object of the act

Object of the Act

to promote the protection of personal information processed by public and private bodies; to introduce information protection principles so as to establish minimum

requirements for the processing of personal information; and to provide for

matters connected therewith


Personal Information


Data Subject

Data Processor

Data Protection Officer



Data controller

“data controller” or “controller” refers to any natural person, legal person or public body which alone or jointly with others determines the purpose and means of processing of personal information. Where the purpose and means of processing are determined by or by virtue of an act, decree or ordinance, the controller is the natural person, legal person or public body has been designated as such by or by virtue of that act, decree or ordinance.

Data Controller

Defining personal information

Defining Personal Information

Processing of personal information

processing: refers to any operation or set of operations which is performed upon personal information, whether or not by automated means, such as obtaining, recording or holding the data or carrying out any operation or set of operations on data, including –

(a) organization, adaptation or alteration of the data;

(b) retrieval, consultation or use of the data; or

(c) alignment, combination, blocking, erasure or destruction of the data

Processing of Personal Information


(1)This Act shall not affect the operation of any law that makes provision with respect to the collection, holding, use, correction or disclosure of personal information and is capable of operating concurrently with this Act. If any other legislation provides for safeguards for the protection of personal information that are more extensive than those set out in the information protection principles, the extensive safeguards prevail.

(2)This Act shall not restrict the ways of processing and production of information which are legally sanctioned under this Act, including such processing and procedures set out in Schedule One.



De-identified information

Government departments – national security, defence, prosecution of offences, journalistic purposes, judicial processes, powers of judiciary

Does apply to partial automated processing

Territorial clarity

Data Controller may appoint a representative


Part ii

Part II

Part ii cntd

Part II (cntd…)

Part vi

Part VI

Part vii

Part VII

Conclusion points for inclusion in discussion



Schedule of Exemptions for Consultation Process and Regulations

Prescription of Court

Duty of Correction of Personal Information (Public Bodies only)

Promotion of Access to Information Act


Thank you



ITU International Expert: Data Protection

Mobile: 083 384 4543

Email: pria.chetty@gmail.com

Thank You

  • Login