Keynote Address at Data Privacy Day Conference

The Honourable Minister of ICT and National Guidance

Government Officials

Civil Society and Private Sector representatives

Colleagues from the UN system

Media practitioners

Ladies and Gentlemen

I bring warm greetings from the United Nations family in Uganda.  I am really honoured to be with you all today to collectively acknowledge and discuss the important matter of data protection and privacy.

On this day, the United Nations joins the rest of the world to celebrate the Data Privacy Day that happens annually on January 28. It is an international effort to empower individuals and encourage businesses to respect privacy, safeguard data and enable trust.

The commemoration is an opportunity to highlight progress made while reflecting on the key issues on data protection and privacy, the role of the Personal Data Protection Office, and the various resources the office has developed for individuals, businesses and government institutions to foster awareness of privacy rights and obligations. The Theme for this year’s conference is Your Privacy Matters.

From huge advances in predictive analytics in the healthcare sector to advances in autonomous vehicles that may soon transform our roadways, advances in modern technology are powered by data. As so much of our daily lives becomes more and more digital, the data that drives those digital technologies becomes increasingly important. In this age of a data revolution, each one of us, contributes data in form of ‘digital footprints’ knowingly or unknowingly, as we go about our daily activities, making phone calls, paying taxes on the URA e-tax portal, sending mobile money, searching the internet, registering for digital services, interacting with ATMs, and calling into radio stations to contribute to discussions.  

The volume of data created in Uganda will only increase as the digital transformation programme within the National Development Plan III is implemented. This includes plans to expand the coverage of mobile phone and internet connectivity, as well as those for the development of other e-government services beyond those that  already exist like e-passport, e-procurement,  and e-tax.

However, this digitization of our lives and the technological advances made to leverage the power of data, do not come without risk to our fundamental human rights, including the right to data privacy.

The Universal Declaration of Human Rights, the International Convention of Civil and Political Rights and many other international, regional, and national instruments recognize the right to privacy as a fundamental human right.

As early as 1990, the United Nations recognized the importance of adopting data protection and data privacy requirements at national levels as well as by International Organizations with the adoption of the UN General Assembly Guidelines for the Regulation of Computerized Personal Data Files in December 1990[1].

In Our Common Agenda published last year[2], the Secretary-General called for re-enforcing data privacy in the digital world as part of our shared values[3] and highlighted the importance of trust in securing a breakthrough scenario towards a better, more sustainable, peaceful future for our people and planet. In today's digital world, perhaps more than ever, data privacy plays a critical role in building trust, including trust in the data economy and digital innovation.

The message conveyed in Our Common Agenda echoes the call made by the Secretary-General in his Roadmap for Digital Cooperation, published in June 2020. In this Roadmap, the Secretary-General also emphasised on the importance of protecting the right to privacy in the digital space and called for effective personal data protection and the protection of the right to privacy in line with internationally agreed standards.

In particular, to address the use of data by both the private sector entities and national governments, the Secretary-General called for human rights-based domestic laws and practises for the protection of data privacy, including enforcement mechanisms such as access to judicial review, or fully independent and well-resourced data protection authorities[4].

Today, in this increasingly data-centric world, the State’s protection of the right to privacy is increasingly crucial to women, men, and children’s enjoyment and exercise of other human rights online and offline[5], as noted in the United Nations High Commission on Human Rights’ resolution on The Right to Privacy in the Digital Age.

The data privacy developments that have taken place in Uganda over the last years align with these UN commitments to data privacy.

The UN would like to congratulate the people and the Government of the Republic of Uganda for establishing the Personal Data Protection Office (PDPO) as an independent office under the National Information Technology Authority, Uganda (NITA-U) and responsible for overseeing the implementation and enforcement of the Data Protection and Privacy Act No. 9 of 2019. This is a significant milestone towards:

• Providing an enabling environment for privacy, respectful and ethical data sharing for social good.
• Implementing the digital transformation programme of the NDP III to improve the efficiency and effectiveness of service delivery,
• Realising recommendations in the National Fourth Industrial Revolution (4IR) Strategy

The establishment of the Personal Data Protection Office is not only symbolically significant, it demonstrates a tangible commitment to protecting the privacy rights of Ugandans as the Nation begins to seize its seemingly boundless potential in the 4th Industrial Revolution.

I am delighted to mention that the UN Global Pulse, through Pulse Lab Kampala, has been collaborating with the Government of Uganda in exploring data protection and privacy related strategies and frameworks. These interventions will enable a safer and trustworthy use of data for the achievement of national development priorities. More specifically, Pulse Lab Kampala supported the formulation of the  Data Protection and Privacy Bill, 2014 by uncovering the international best practises to the ICT committee of Parliament through benchmarking visits to other countries, hosting international dialogues and contributing to the technical review of the bill.

Expanding upon this collaboration, the Pulse Lab Kampala is now supporting the Ministry of ICT and National Guidance of Uganda in exploring privacy preserving and ethical solutions to unlock access to quality, reliable and real-time data to support the achievement of the national priorities and SDGs. Specifically, UN Global Pulse has been supporting the Ministry to bring together experts working throughout Uganda’s data ecosystem, the region, and around the world to supply key insights to inform the development of a National Data Market Prototype and Ethical AI Framework. The National Data Market Prototype will include both a technical artitecture, to facilitate data sharing, and a governance framework to ensure sharing is done in a privacy preserving manner. The Ethical AI Framework consists of a compilation and analysis of key ethical principles applicable to the use of AI technology identified at the national, regional, and international level.  As part of the key steps forward for Uganda outlined in the 4IR Strategy, it is envisioned that this framework can then be used by public and private organisations and governing bodies to inform ethical AI governance strategies. As part of the development process of both critical deliverables, interviews of experts working throughout Uganda’s data ecosystem, the region, and around the world have been conducted in combination with an expert consultation that was organised last year as part of this initiative to establish a community of practice around this issue and discuss policy and technological solutions to achieve this objective.   

I am also happy to note that the United Nations Capital Development Fund (UNCDF) is collaborating with the Personal Data Protection Office to develop a web-based solution that will allow individuals and organisations to register, report data security breaches, and enable individuals to lodge complaints through convenient channels.

The UN in Uganda pledges continued cooperation and engagement around data privacy with the Government of Uganda and especially through the  Personal Data Protection Office to uphold today’s theme. 

Going forward, the UN system in Uganda has agreed to put in place a joint UN programme for data and statistics to be more effective in its support to the national data and statistical system. The joint programme is an opportunity to ensure adherence to the principles of data privacy, build the necessary capacities at all levels of the data ecosystem and explore the new and innovative approaches to data production, dissemination, and use.

As we end this dialogue, I wish to share two important reflections.

1. While we all acknowledge that digital technologies are a powerful tool for advancing human progress and the 2030 Agenda for Sustainable Development, it is critical to be mindful that they can also carry significant risks for peace, human rights and dignity of men, women and children. Hence, we must create proper safeguards against these risks in accordance with the internationally agreed protocols.
2. Crises, such as the 2008 Global Financial and the COVID19 pandemic caught the world unaware, and decision-makers worldwide continue to be challenged in grasping the rapidly changing realities and predicting their future impact. This creates a time lag in access to actionable information, including on groups that are most at risk of being affected or left behind. These experiences call for use of non-conventional data sources, for example big data and citizen generated data, to complement conventional data sources which may not be timely.

Ladies and gentlemen,

I wish to conclude by thanking the Personal Data Protection Office and Pulse Lab Kampala for organising this event that has brought together key stakeholders around this theme “Your Privacy Matters” . I also extend my appreciation to all the stakeholders who accepted the invitation to be part of this important occasion.

Thanks for your attention.

[1] UN General Assembly, Guidelines for the Regulation of Computerized Personal Data Files, 14 December 1990

[2] Our Common Agenda, Report of the United Nations Secretary-General (2021).

[3] See OCA, p. 33: “Consideration should, for instance, be given to updating or clarifying our application of human rights frameworks and standards to address frontier issues and prevent harms in the digital or technology spaces, including in relation to [...] privacy, the “right to be forgotten” [...]”, and OCA, p. 63, which calls for the adoption of a Global Digital Compact which “ would outline shared principles for an open, free and secure digital future for all,  [and address] Complex digital issues [including] providing people with options as to how their data is used]”

[4] Roadmap for Digital Cooperation, Report of the Secretary-General (2020).

[5] United Nations High Commission on Human Rights, The Right to Privacy in the Digital Age (Oct 2021), advance version.