A legal perspective regarding internet freedom and privacy in Namibia
by
Ndangi Amunyela
201714101
A proposal submitted in partial fulfilment of the requirements for the LLB Research
Project
LLB Honors Degree
in the
FACULTY OF LAW
at the
UNIVERSITY OF NAMIBIA
Supervisor: Dr Tapiwa V Warikandwa
Abstract
This research paper analyses internet privacy and internet freedom in Namibia. The
amount of privacy protection an individual enjoys while connected to the Internet is
referred to as Internet privacy. It refers to the level of internet security for personal
and financial information, conversations, and preferences. It explains the
development of privacy from its inception to the modern day. This paper also looks at
various legislation regarding internet privacy such as the European GDPR and the
South African POPIA and compare it to existing and seek to compare it with
Namibian legislation. This paper addresses the evolution of the internet through
social media and the advent of social networking. Finally, this paper looks at internet
freedom and access to the internet in Namibia. It also looks at the various attacks on
the principles of internet by the Namibian legislature and gives policy
recommendations.
Acknowledgments
First and foremost, I'd want to express my gratitude to my supervisor, Dr Tapiwa
Warikandwa, whose guidance was vital in developing the research questions and
methodology. Your informative remarks encouraged me to improve my thoughts and
raise the quality of my work.
In addition, I'd want to express my gratitude to my parents, Peneyambeko Amunyela
and Usko Amunyela, who provided sound advice and intriguing talks as well as
sympathetic ear. You are always willing to help me.
Declaration
I, the undersigned, hereby declare that this study is a true reflection of my own
research and that this work, or part thereof, has not been submitted for a degree in
any other institution of higher education. No part of this thesis may be reproduced,
stored in any retrieval system, or transmitted in any form, or by any means (e.g.,
electronic, mechanical, photocopying, recording or otherwise) without the prior
permission of the author, or the University of Namibia, in that behalf. I, the
undersigned, grant the University of Namibia the right to reproduce this thesis in
whole or in part, in any manner or format, which the University may deem fit, for any
person or institution requiring it for study and research; provided that the University
of Namibia shall waive this right if the whole thesis has been or is being published in
a manner satisfactory to the University.
Amunyela
Ndangi Amunyela
08 November 2021
Date
Supervisor’s certificate
I, Doctor Tapiwa Warikandwa hereby certify that the research and writing of this
study was carried out under my supervision.
____________________
_______________________
Doctor Tapiwa Warikandwa
Date
Dedication
I am dedicating this paper to my late Father Usko Amunyela who passed away this
year on 1 July 2021. He was one of my greatest inspirations in my life and even
though he will not be able to see me graduate I would like to honour him with this
thesis study.
Table of Contents
................................................................................................................................................................ 1
Abstract ................................................................................................................................................... 2
Acknowledgments................................................................................................................................... 3
DECLARATION ......................................................................................................................................... 4
Supervisor’s certificate ........................................................................................................................... 5
Dedication ............................................................................................................................................... 6
Table of Contents .................................................................................................................................... 7
Chapter 1................................................................................................................................................. 9
1
Introduction and Background to the study ................................................................................. 9
1.1
Introduction ........................................................................................................................ 9
1.2
Statement of Problem ....................................................................................................... 10
1.3
Significance of Research.................................................................................................... 13
1.4
Research questions ........................................................................................................... 13
1.5
Hypothesis......................................................................................................................... 14
1.6
Theoretical Framework ..................................................................................................... 14
1.7
Literature Review .............................................................................................................. 15
1.8
Research Methodology ..................................................................................................... 17
1.9
Limitations of study........................................................................................................... 17
1.10
Chapter outline ................................................................................................................. 17
1.11
Ethical Considerations....................................................................................................... 18
Chapter 2............................................................................................................................................... 19
2
The development of the right to privacy .................................................................................. 19
2.1
Introduction ...................................................................................................................... 19
2.2
Historical development of Privacy Law ............................................................................. 20
2.3
Conventions and Declarations on the right to Privacy and Data Protection .................... 24
2.4
Conclusion ......................................................................................................................... 29
Chapter 3............................................................................................................................................... 29
3
Comparison of Namibian Privacy law legislation with other Jurisdictions ............................... 29
3.1
Introduction ...................................................................................................................... 29
3.2
Data Protection Laws in the Republic of South Africa ...................................................... 30
3.3
European Data protection Laws........................................................................................ 34
3.4
Namibian Laws regarding data Privacy ............................................................................. 37
3.5
Comparison of the different data Privacy Laws ................................................................ 38
3.6
Conclusion ......................................................................................................................... 39
Chapter 4............................................................................................................................................... 41
4 Evolution of the internet as through the advent of social media and the impact of the
collection of user data ...................................................................................................................... 41
4.1
Introduction ...................................................................................................................... 41
4.2
Evolution of the internet................................................................................................... 41
4.3
Impact of Data Collection.................................................................................................. 43
4.4
Payment for user data ...................................................................................................... 47
4.5
Conclusion ......................................................................................................................... 50
Chapter 5............................................................................................................................................... 52
5
Internet Freedom and Policy Recommendations ..................................................................... 52
5.1
Internet freedom in Namibia ............................................................................................ 52
5.2
Attacks on Internet Freedom and information ................................................................. 53
5.3
Internet access in Namibia ................................................................................................ 55
5.4
Right to privacy in Namibia ............................................................................................... 56
5.5
Conclusion ......................................................................................................................... 57
References ............................................................................................................................................ 59
6.1
Legislation ......................................................................................................................... 59
6.2
International Treaties........................................................................................................ 59
6.3
Books ................................................................................................................................. 59
6.4
Case Law............................................................................................................................ 60
6.5
Internet Sources ................................................................................................................ 60
Chapter 1
1 Introduction and Background to the study
1.1 Introduction
The internet has been the revolutionary technology that is having a tremendous
impact on the 21st century.1 In this research paper two aspects of the internet will be
analyzed, namely Internet Freedom2 and Internet Privacy.3
Internet privacy refers to a vast range of technologies, protocols and concepts
related to giving individual users or other parties more privacy protections in their use
of the global Internet.4 This may take the form mandatory privacy statements on
websites, data sharing controls and data transparency initiatives.5 When examining
internet privacy data is what is key is the regulation of handling user data.
6
User
data is defined as all data, information, and other content of any type and in any
format, medium or form, whether audio, visual, digital, screen, GUI or other, that is
input, uploaded to, placed into, or collected, stored, processed, generated, or output
by any device, system introduced the GDPR (General Data Protection Regulation) in
an attempt to protect the privacy and user data of its citizens. This raises the
question: does Namibia need a similar law to protect the privacy of its citizens
online?
Secondly is the related and equally important subject of internet freedom. Internet
freedom is defined as an umbrella term that encompasses digital rights, freedom of
information, the right to Internet access, freedom from Internet censorship, and net
neutrality.7 Many people in Namibia take for granted the free and open internet which
we use but for many this is not a reality. In countries such as China, Myanmar,
Uganda, and Iran, just to mention a few, the internet is routinely blocked and cut off.
In the case of China, the internet is completely cut off from the rest of the world due
to the great firewall which blocks most of the global internet and basically leaves
1 Yamin, M.2019. Information technologies of the 21st century and their impact on society. International
Journal of Information Technology. Volume 11. pp 759–766
2 B. Altman. 2008. A Coming Chill Over Internet Freedom? Time.p1
3 L.Mineo. 2017.On internet privacy, be very afraid. Harvard Gazette.p1
4 Techopidia. 2020.Internet Privacy. Available at https://www.techopedia.com/definition/24954/internetprivacy Last Accessed 15 May 2021
5 Techopidia.2020: p1
6Techopidia .2020.
7 B. Altman.2008: p1
Chinese people in a bubble unto themselves which is routinely censored against
anything negative about their one-party system, The Chinese Communist Party.8
1.2 Statement of Problem
On January 15, 2021 WhatsApp users around the world received an update stating a
change in the privacy policy which changed data sharing practice of the application
and expanded its user information sharing with its parent company Facebook. 9 What
was truly upsetting to many users was that this policy was non-optional, and users
could not opt out, this created a stir in Namibia as before this not much attention was
paid to the data that was being collected by technology companies when using their
services.10
When discussing internet privacy, we must look at privacy in general. Privacy is a
fundamental human right, enshrined in numerous international human rights
instruments. It is central to the protection of human dignity and forms the basis of
any democratic society. It also supports and reinforces other rights, such as freedom
of expression, information, and association.11 As such, activities that restrict the right
to privacy, such as surveillance and censorship, can only be justified when they are
prescribed by law, necessary to achieve a legitimate aim, and proportionate to the
aim pursued.12
The Namibian constitution guarantees the protection and respect of the rights to
privacy under Article 13 “(1) No persons shall be subject to interference with the
privacy of their homes, correspondence or communications save as in accordance
with law and as is necessary in a democratic society in the interests of national
security, public safety or the economic well-being of the country, for the protection of
health or morals, for the prevention of disorder or crime or for the protection of the
8
E, Economy. 2018.The great firewall of China: Xi Jinping’s internet shutdown. The Guardian.p1
N, Statt. 2021.WhatsApp to delay new privacy policy amid mass confusion about Facebook data sharing. The
Verge.p1
10
N, Statt.2021: p1
11
Universal Declaration of Human Rights Article 12, United Nations Convention on Migrant Workers Article 14,
UN.
12
Universal Declaration of Human Rights Article 29; General Comment No. 27, Adopted by The Human Rights
Committee Under Article 40, Paragraph 4, Of the International Covenant on Civil and Political Rights,
CCPR/C/21/Rev.1/Add.9, November 2, 1999
9
rights or freedoms of others.13” As stated, the right to privacy is clearly enshrined in
our constitution, but as of late there has been no legislation specifically addressing
the data privacy of Namibian citizens.
Regarding internet privacy Namibian legislators have drafted and authorized several
problematic bills and acts that have sought to increase the surveillance power of the
state without proper oversight and consideration from judicial authority. These are
the Electronic Transactions and Cybercrime Bill and Communications Act 8 of 2009
particularly part 6 section 70(9) of the Act14 which has not yet come into force which
directly threatens the respect and protection of privacy rights as it seeks to grant
broad powers to the government to monitor telephone calls, e-mail, and internet
usage without a warrant.
The Electronic Transactions and Cyber Crime Bill. This Bill was tabled in 2017 and
had serious flaws and terrible implications to privacy in Namibia. It intended to allow
CRAN (Communications Regulatory Authority of Namibia) to conduct warrantless
search and seizure operations, while also allowing state agents through chapter 5
sections 43(2) and 43(3) to enable unauthorized access and access without
notification by CRAN to the affected party to their computer systems which should be
considered government hacking. Furthermore, in chapter 7 section 61(6-8) would
allow a computer security inspector to access computer systems without seeking
legal authorization from the courts or without notification to the affected party. At the
same time, sections of chapter 8, in sections 70 (2) and all of section 72, allow for a
system of secret warrants while vaguely defining the conditions under which such
secret warrants can be sought. These provisions open the door to pervasive
communications surveillance and interception
without
appropriate oversight
mechanisms to monitor the conduct of those carrying out such surveillance or
interception activities.15
The areas of concern within the Communications Act 8 of 2009 include its wording
referring to staff members as first stated in article 70(2) which places no restriction
13
The Namibian constitution Article 13
Any staff member employed in an interception centre may do anything necessary in order to perform the
interception or monitoring concerned (as well as any decoding or decryption necessary to make the
information in question intelligible) and must forward all information obtained from these activities to the
person who made the request referred to in subsection
15
Draft provisions of the electronic transactions and cybercrime bill (2017) Frederico Links, Graham Hopwood
14
on who may conduct the interception or impose the requirement that it must be
conducted by someone with a certain level of standing.16
Under article 70(9) the act seeks to provide broad powers as to the ways and means
by which the surveillance is to occur as it empowers any staff member employed to
do anything that is necessary to perform the interception and monitoring. 17
The only guidance the act grants it under article 70(11) which gives the sole power to
the Director general on how information obtained by interception must be handled,
which persons may handle information obtained by means of interception, which
persons may perform any action relating to interception and any other technical or
procedural matter relating to interception that is necessary or expedient in order to
ensure that information obtained by means of interception is only used for its
intended purpose and that the objects of this Part are fulfilled. 18 The Director general
referred to in the act is the Director-General of the Namibia Central Intelligence
Service.19
The Act under article 71(1) also requires licensees and other providers of
telecommunications services to provide a telecommunications service in such a
manner that it is capable of being intercepted. To store such information relating to
the originator, destination, contents of, and other information relating to the
telecommunications concerned as may be prescribed under subsection 71(2) and
acquire at its own cost whether by purchasing or leasing the facilities and capabilities
necessary to comply with the duties referred to in subsection (1) and (2).
Article 73(1) of the communications act also requires telecommunications service
providers to ensure that information prescribed is obtained for all customers and that
the information stated in the article must be sufficient to determine which telephone
number or other identification has been issued to a specific customer to make it
possible to intercept the telecommunications of that customer.
This act would seek to place an unconstitutional burden on telecommunications
companies to share their user data which would be in clear violation of the
constitution as it would constitute mass surveillance by the government over the
16
No 8 of 2008, Communications Act, No. 4378, Part 6, Para. 70(2)
No 8 of 2008, Communications Act, No. 4378, Part 6, Para. 70(9)
18
No 8 of 2008, Communications Act, No. 4378, Part 6, Para. 70(11)
19
No 10 of 1997, Namibia Central Intelligence Service Act
17
citizenry which goes against the principles of democratic society. This mass
surveillance would also threaten the security, integrity, and privacy of millions of
innocent citizens. As such this law does not respect the principle of legality,
necessity, and proportionality.
The European Union's GDPR law. This is one of the strongest data protection laws
in the world. The aim of the law is to protect the user data of the citizens of the EU
this data includes basic identity information such as name, address and ID numbers,
web data such as location, IP address, cookie data and RFID tags, health and
genetic data, biometric data, racial or ethnic data, political opinions, and Sexual
orientation. These cover wide gambit of user data as it is meant to protect individuals
from discrimination they experience. An example of this is an individual’s health data,
health insurance companies would be more reluctant to take an individual if they had
access to their medical history and found that the individual was more susceptible to
a genetic disease.20
This has become more of a concern as more private companies are coming to
control billions of individuals user data and the lack of trust that the public has with
these companies as seen with the recent change of the privacy policies with by
WhatsApp which intern is controlled by Facebook who business model is to sell its
users data for advertising purposes. The question then arises with the dangers
associated with user data does Namibia not need similar legislation to protect its own
citizens from this.
1.3 Significance of Research
This research seeks to inform the public on how the government and private
companies are increasingly trying to extract and surveille citizens in blatant breach of
the constitution about the importance of individual privacy especially in the modern
age of social media and big data as this data could be harvested and impact your life
in unforeseen circumstances.
1.4 Research questions
• Will Namibia benefit from creating its own updated data protection law?
•
20
Should private companies pay individuals for their user data?
M. Nadeau ,2020, General Data Protection Regulation (GDPR): What you need to know to stay compliant ,
Available at https://www.csoonline.com/article/3202771/general-data-protection-regulation-gdprrequirements-deadlines-and-facts.html last accessed 12/02/2021.
•
Should an online user data fall under the protection of section 13 of the
Namibian Constitution?
1.5 Hypothesis
A more robust data protection law would benefit the public as it would protect against
and give transparency to what user data is being collected and how it is used,
however if the requirements are too stringent it could result in companies refusing to
operate in Namibia at all.
1.6 Theoretical Framework
The basis of this study centers on the right to privacy, Privacy is a fundamental
human right, enshrined in numerous international human rights instruments. It is
central to the protection of human dignity and forms the basis of any democratic
society. It also supports and reinforces other rights, such as freedom of expression,
information, and association. Activities that restrict the right to privacy, such as
surveillance and censorship, can they be justified, unless necessary to achieve a
legitimate aim, and proportionate to the aim pursued as prescribed by law. Another
important issue is whether private companies should explicitly consent to use and
sell our data, whether they must develop reasonable data security practices, notify
users when breaches of their data happen and notify users about the collection, use,
and sharing of their personal information.
In the EU where a data protection law was implemented it has provided numerous
benefits such as increased consumer confidence, better data protection for user data
and greater decision making when it comes to the tracking of individuals across the
internet.21 This however could also have come at a great cost as the that legislation
could have had a major impact on user generated content as it required companies
that acted as platforms such as YouTube, Instagram etc. to pay fines if copyrighted
music were uploaded which would have severely damaged their business model
forcing them to leave the EU market entirely or face these stiff fines. 22 That section
21
Open Access Government. 2018. The five key business benefits of GDPR, Available at
https://www.openaccessgovernment.org/the-five-key-business-benefits-of-gdpr/44554/ last accessed
12/02/2021
22
L.Feiner,2019, YouTube and its users face an existential threat from the EU’s new copyright directive,
Available at https://www.cnbc.com/2019/05/10/youtube-faces-existential-threat-from-the-eus-newcopyright-directive.html last accessed 12/02/2021
was however eventually changed. Secondly as user data becomes more important
there have been calls in regard to who benefits from an individual’s user data as
many companies generate profit from selling their user data to advertising agencies
or use it for the development of artificial intelligence without benefiting the creator of
that data.
1.7 Literature Review
When looking at privacy a familiar name is Edward Snowden, an American dissident
who exposed the massive surveillance which his government was undertaking and
how it violated their right to privacy. His book Permanent Record is a detailed
description of the dangers of allowing government surveillance and abuse of privacy
rights to go unchecked.
The book The Great Firewall of China: How to Build and Control an Alternative
Version of the Internet by James Griffiths is an important book regarding internet
freedom. It discusses how the Chinese have managed to censor and cut off their
population from the world web.
An important source of information for my research is Universal Periodic Review
Stakeholder Report: 24th Session, Namibia the Right to Privacy in Namibia. This
report analyzes and summarizes the current situation regarding privacy in Namibia.
Another report of significant importance is the Namibia internet Governance Forum
report. This report engages with local stakeholders and evaluates the internet from
the benefits it can provide to women for their economic development to the
importance of cybersecurity and the threats posed by it.
The book Customer Data and Privacy explains the use and generation of user data
by large tech-companies and the dangers which comes with the loss of privacy it
entails.
The submission of by Federico Links and Graham Lockwood to the Institute for
Public Policy Research provides an in-depth review on the proposed Electronic
Transactions and Cybercrime Bill and provides an in-depth critique on the Bill.
Everything you wanted to know about GDPR but were afraid to ask is a book that
summarizes all the key facts and requirements of the GDPR. It was a collaborative
book led by the Cyber Management Alliance to help businesses adapt to the new
laws regarding data privacy.
The Net Delusion: The Dark Side of Internet Freedom is a book that examines the
how governments such as Iran and China have used the internet to stifle and
repress freedom of speech around the world
Data Privacy in the Information age is a book by Jacqueline Klosek that analyzes
legal mechanisms passed by various governments to examine privacy in the 21st
century.
The Internet, Warts and All: Free Speech, Privacy and Truth is a book by Paul
Bernal which seeks to address why government digital policies seem so out of touch
and are counterproductive.
The Privacy and data protection in E-commerce: The effectiveness of a government
regulation approach in developing nations is a report aimed at discussing the various
issues developing nations may face in protecting their citizens user data and privacy
on E-commerce platforms in developing nations.
The Internet Freedom and Human Rights report by Joyce Danial investigates
whether, in addition to freedom of expression, the Internet has become so important
for the supply of and access to information, as well as the establishment of political
communities and related concerns of participation, that it deserves additional human
rights protection.
The study by Jason Gainous, Kevin Wagner, Tricia Gray is a very interesting review
on how internet freedom affects political attitudes in Latin America. The objective of
this study is to argue that more internet exposure might encourage individuals to be
more skeptical of political situations in their nations since utilizing social media
increases the chances of being exposed to dissident material.
The article by Kirsty Hughes This article builds a theory of the right to privacy based
on social interaction, which represents how privacy is perceived. According to this
idea, the right to privacy is a right to respect for barriers, and a breach of a privacy
barrier is a breach of that barrier.
1.8 Research Methodology
This research paper will use a descriptive and applied research method as in my
study. This paper will seek to lay out the facts and describe the current state of
privacy in Namibia and compare its position with other nations tackling the same
issue. This research proposal will be qualitative as it seeks the idea of internet
freedom and privacy in depth and by doing so my research seeks to determine the
best cause of action the government should take regarding data protection and find a
way to balance the privacy considerations of individuals and data requirements for
online businesses and security concerns of the Namibian government.
1.9 Limitations of study
A foreseeable limitation is that the interpretations are limited. Personal experience
and knowledge influence observations and conclusions that will be reached.
Qualitative research is also labor intensive as it requires obtaining answers from a
large group of people about their opinions on internet privacy and freedom.
Qualitative research requires thoughtful planning to ensure the obtained results are
accurate. There is no way to analyze qualitative data mathematically. This type of
research is based more on opinion and judgment rather than results. Because all
qualitative studies are unique, they are difficult to replicate.
1.10
Chapter outline
The chapter outline of the dissertation will be as follows:
Chapter 1: Chapter one introduces the proposal. This will consist of the introduction,
problem
statement,
research
questions,
objectives,
hypothesis,
theoretical
framework, literature review, research methodology and limitation of study, in
addition to the chapter outline there will also be the ethical consideration and
reference list.
Chapter 2: In the second chapter will be looking at the history and development of
privacy laws and will look at the various international covenants and declarations
which outline the right to privacy and those pertaining to internet freedom.
Chapter 3: This chapter will seek to analyze Namibian law regarding matters of
privacy and internet freedom and seek to compare and contrast it with legislation of
similar nations.
Chapter 4:
This chapter will be looking at how the internet has evolved
communication through the advent of social media and the impact that the vast
collection of user data has. It will also analyze how government censorship has
evolved in various ways with the advent of the internet.
Chapter 5: This chapter will be my conclusion regarding privacy and internet freedom
in Namibia it will also entail my personal opinion on the subject and
recommendation.
1.11
Ethical Considerations
This work is purely a desk top research in which all primary and secondary sources
used will be referenced. As such no individual or group interviews/questionnaires will
be used as instruments of research with the objective of holding discussions
concerning any topics or issues that might be sensitive, embarrassing or upsetting.
No criminal or other disclosures requiring legal action and having potential adverse
effects, risk or hazards for research participants will be made during the study. There
is therefore no need for arrangements to be made in respect of insurance and/or
indemnity to meet the potential legal liability of the University of Namibia for harm to
participants arising from the conduct of the research.
Chapter 2
2 The development of the right to privacy
2.1 Introduction
When discussing internet privacy, we must first look at its bedrock, the right to
privacy itself. This right can be found under article 12 of the Universal declaration of
human right, as well as article 17 of International Covenant on Civil and Political
Rights. The Namibian constitution also guarantees this right under article 13 of the
bill of rights. This right which is a fundamental human right exists to protect human
dignity and it is paramount as it forms the basis of a modern democratic society.23
Privacy enables us to make barriers and manage boundaries to guard ourselves
from unwarranted interference in our lives, which allows us to trade who we are and
the way we would like to interact with the world around us.24 Privacy helps us
establish boundaries to limit who has access to our bodies, places, and things, as
well as our communications and our information.25
The rules that protect privacy give us the power to claim our rights within the face of
great power imbalances.26 As a result, privacy is an important way we seek to guard
ourselves and society against arbitrary and unjustified use of power, by reducing
what may be known about us and done to us, while protecting us from others who
might need to exert control.27 Privacy is crucial to who we are as people, and we
make decisions about it every single day. It gives us an area to be ourselves without
23
E. Soken-Huberty.2021. 10 Reasons Why Privacy Rights are Important. Available at:
https://www.humanrightscareers.com/issues/reasons-why-privacy-rights-are-important/ last accessed 15
August 2021
24
E. Soken-Huberty.2021.
25
Privacy International. 2021.What is Privacy? Available at:
https://privacyinternational.org/explainer/56/what-privacy last accessed 16 June 2021
26
E. Soken-Huberty.2021.
27
E. Soken-Huberty.2021.
judgement, allows us to think freely without discrimination, and is a crucial element of
giving us control over who knows what about us. 28
The question then arises why does this matter? In countries such as China the
government has sweeping control of all online activity in which they monitor every
individual's communication, private or public in their messaging applications such as
WeChat, their alternative to WhatsApp.
29
In modern democracies, the deliberation
around privacy has become a debate about modern freedoms. As we consider how
we establish and protect the boundaries that surround an individual, and therefore
the ability of the individual to possess a say in what happens to him or her, we are
equally trying to decide: the ethics of modern life, the rules governing the conduct of
commerce and, the restraints we place upon control and reach of the state.30
Technology has always been intertwined with this right. As an example, our
capabilities to guard privacy are greater today than ever before, yet the capabilities
that now exist for surveillance are without precedent. That is why it is an imperative
that we begin formulating concrete privacy laws.
2.2 Historical development of Privacy Law
In early America there was limited legal protection for the right of privacy. It came in
the form of a law which protected against eavesdropping, which was defined as the
act of listening under walls or windows, or the eaves of a house, to hearken after
discourse, and thereupon to frame slanderous and mischievous tales. 31
This later developed in the period of the American Revolution which emanated from
the issue of government intrusion. The leaders of the American Revolution detested
the use of general warrants and writs of assistance. Writs of assistance being
28
Privacy international. 2021.p1
29
J, Yang. 2020.WeChat Becomes a Powerful Surveillance Tool Everywhere in China. Wall street journal. p 1
30
31
Privacy international. 2021.p1
D, Solove. 2006. A Brief History of Information Privacy Law. Washington. George Washington University Law
School. p4
authorized sweeping searches and seizures without any evidentiary basis32 and
general warrants which resulted in ransacking and seizure of the personal papers of
political dissenters, authors, and printers of seditious libel33.
The leaders of the revolution's distaste for excessive government power to invade
the privacy of the people was forged into the Bill of Rights in the Third, Fourth, and
Fifth Amendments. The Third Amendment protects the privacy of the home by
preventing the government from requiring soldiers to reside in people’s houses: 34
“No Soldier shall, in time of peace be quartered in any house, without the consent of
the Owner, nor in time of war, but in a manner to be prescribed by law” 35
In the 18th century mail was starting to be widely used and as such the concerns on
the privacy of the messages delivered was increasingly an issue. As such, the
congress of the United States of America passed legislation in 1782 that forbade
individuals from opening mail not addressed to them. However, this failed to abate
concerns about the privacy of mail and in 1825 this was further reinforced with
legislation stating36:
“Whoever takes any letter, postal card, or package out of any post office or any
authorized depository for mail matter, or from any letter or mail carrier, before it has
been delivered to the person to whom it was directed, with design to obstruct the
correspondence, or to pry into the business or secrets of another, or opens,
embezzles, or destroys the same, shall be fined . . . or imprisoned.” 37
Later in the year 1877 the courts further reinforced this premise in the case Ex parte
Jackson38 where the court extended the fourth amendment of U.S.A constitution to
32
Silas J. Wasserstrom & Louis Michael Seidman.1998. The Fourth Amendment as Constitutional Theory, 77
GEO. L.J. 19, 82
33
M, David.1979. PRIVACY LAW AND PUBLIC POLICY 38; see also
W Stuntz.1995. The Substantive Origins of Criminal Procedure, 105 YALE L.J. pp393, 406
34
D, Solove. 2006.p5
35
U.S.A Constitution. amendment. III
36
D, Solove. pp 6-7
37
Obstruction of correspondence 42 U.S.C. § 1702.
38
Ex parte Jackson, 96 U.S. 727 (1877).
the mail and thereby prohibiting government officials from opening an individual's
mail without a warrant. The court stated, “The constitutional guarantee of the right of
the people to be secure in their papers against unreasonable searches and seizures
extends to their papers, thus closed against inspection, wherever they may be.”
These events laid the foundation of privacy law and inspired the writings of Samuel
D. Warren and Louis Brandeis who wrote the article: The right to Privacy 39 which
was one the most profound developments of Privacy laws, which many jurists such
as Harry Kalven, Jr and Roscoe Pound stated that the article did nothing less than
add a new chapter to the law and that it was one of the most influential law review
articles of all.40 The article's purpose as stated by its authors was “It is our purpose
to consider whether the existing law affords a principle which can properly be
invoked to protect the privacy of the individual; and, if it does, what the nature and
extent of such protection is.” They did so by discussing the “right to be alone”. They
explain that by using the case of Prince Albert v. Strange41.
Both Victoria and Prince Albert created a variety of etchings within the 1840s as a
hobby. The copper plates for these were entrusted to a printer in Windsor called
John Brown to make copies that the couple showed to friends or gave away. The
plates and therefore the good copies were returned by Brown. However, a number of
additional copies had been created by an employee of Brown's, called Middleton.
Middleton sold a group of 63 different prints for the sum of £5 to Jasper Tomsett
Judge, a writer who in 1848 had published a book Sketches of Her Majesty's
Household. Prince Albert filed suit for the surrender of the etchings, for the
prohibition of the exhibition, and for prevention of publication of the etchings. His
plea was granted.
In this case the court stated that its decision was based on the protection of property,
but the authors argued that a close examination of the reasoning reveals the
existence of other unspecified rights, that is, the right to be let alone. They stated
39
S, Warren. L Brandeis.1890. The Right to Privacy. Massachusetts. Harvard Law Review. P 10
40
D, Solove. p 10
41
Prince Albert v Strange (1849) 47 ER 1302
that "where protection has been afforded against wrongful publication, the
jurisdiction has been asserted, not on the ground of property, or at least not wholly
on that ground, but upon the ground of an alleged breach of an implied contract or of
a trust or confidence."42
After the authors devised the new right of privacy they thought of limitations and
remedies for their new right. These were:43
•
The right to privacy does not prohibit any publication of matter which is of
public or general interest.
•
The right to privacy does not prohibit the communication of any matter, though
in its nature private, when the publication is made under circumstances which
would render it a privileged communication according to the law of slander
and libel.
•
The law would probably not grant any redress for the invasion of privacy by
oral publication in the absence of special damage.
•
The right to privacy ceases upon the publication of the facts by the individual,
or with his consent.
•
The truth of the matter published does not afford a defense.
•
The absence of "malice" in the publisher does not afford a defense.
For remedies to the violation of this right they argued that a plaintiff may institute an
action for tort damages as compensation for injury or, alternatively, request an
injunction.
As seen from historical development of modern society, privacy has always been an
important aspect of human development. It is therefore crucial for us in Namibian
society to learn about its importance and be vigilant against those who would try to
restrict it, in the name of security.
42
Prince Albert v Strange (1849) 47 ER 1302
43
S, Warren et al.1890. p14
2.3 Conventions and Declarations on the right to Privacy and Data
Protection
2.3.1 The Universal Declaration of Human Rights
On 10 December 1948 after the atrocities of World War 2 which left 11 million dead
due to the Holocaust committed by Nazi Germany44 and over 14 million dead who
were killed by Imperial Japan45 the world adopted The Universal Declaration of
Human Rights (UDHR)46 which was a document that represented a global road map
to freedom and equity for all people everywhere in the world. It was the first-time
countries agreed on the freedoms and rights that deserve universal protection for
every individual to live their lives freely, equally and in dignity.47 It was adopted by
the United Nations, and it recognized human rights to be the foundation for freedom,
justice, and peace.48
The UDHR was drafted with the help of various nations and consisted of
representatives from China, Australia, Chile, France, the Soviet Union, USA,
Lebanon, and the United Kingdom.49 The declaration gave an outline of 30 different
rights and freedoms that we are unitedly born with as humans and that could not be
taken away. It is a living document which has become one of the most translated
texts in the world. The 30 rights and freedoms started out within the UDHR include
the right to be free from torture, the right to freedom of expression, the right to
education and the right to search for asylum. It includes civil and political rights, like
the rights to life, liberty, and privacy. The right to privacy which was set out under
article 12 states:50
44
The Illinois Holocaust Museum and Education Centre. 2021.Holocaust misconceptions. Available from:
https://www.ilholocaustmuseum.org/holocaust-misconceptions/ last accessed 15 August 2021
45
M. Todd. 2013. China lost 14 million people in World War II. Why is this forgotten? Available from:
https://psmag.com/news/china-lost-14-million-people-world-war-ii-forgotten-66482 last accessed 15
August 2021
46
The Universal Declaration of Human Rights 1948
47
Amnesty International. 2021. Universal declaration of Human rights. Available from
https://www.amnesty.org/en/what-we-do/universal-declaration-of-human-rights/ last accessed 15 August
2021
48
Amnesty international. 2021.What is the universal declaration of human rights and why was it created?
Available at: https://www.amnesty.orgen/what-we-do/universal-declaration-of-human-rights/ last accessed
16 June 2021
49
Research Guides. 2020.Universal Declaration of Human Rights. Available at:
https://libraryresources.unog.ch/c.php?g=462664&p=3163021 last Accessed 15 August 2021
50
United Nations. 2021.Universal Declaration of Human Rights Available at: https://www.un.org/en/ab/outus/universal-declaration-of-human-rights last accessed 16 June 2021
No one shall be subjected to arbitrary interference with his privacy, family, home, or
correspondence, nor to attacks upon his honor and reputation. Everyone has the
right to the protection of the law against such interference or attacks.
2.3.2 Convention for the Protection of Individuals with regard to
Automatic Processing of Personal Data51
This Convention is the first binding international instrument which protects the
individual against abuses which can accompany the gathering and processing of
private data. It seeks to manage at an equivalent time the trans frontier flow of
private data. In addition to providing guarantees in reference to the gathering and
processing of private data, it outlaws the processing of "sensitive" data on an
individual's race, politics, health, religion, sexual life, criminal record, etc., within the
absence of proper legal safeguards. The Convention also enshrines the individual's
right to understand that information is stored on him or her and, if necessary, to have
it corrected.52 Restriction on the rights laid down within the Convention is only
possible when overriding interests (e.g., State security, defense, etc.) are at stake.
The Convention also imposes some restrictions on transborder flows of private data
to States where legal regulation doesn't provide equivalent protection.53
2.3.3 Charter of Human Rights & Principles for the Internet
This charter was written by the United Nations governance forum in collaboration
with the Internet Rights & Principles Dynamic Coalition which is an international body
made up of organizations and individuals working to uphold human rights on the
internet.54 The purpose of the charter is:55
51
Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data ETS
No.108 1985
52
P. Fowler.2017. Data Privacy Day? Yeah, it’s a Thing. Available from: https://www.swlaw.com/blog/datasecurity/2017/01/27/data-privacy-day-yep-its-a-thing/ last accessed 15 August 2021
53
Council of Europe. 2021.Convention for the Protection of Individuals with regard to Automatic Processing of
Personal Data. Available at: https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/108
last accessed 16 June 2021
54
UN Human rights office of the High commissioner. 2011. The charter of human rights and principles for the
internet. Available at:
https://www.ohchr.org/Documents/Issues/Opinion/Communications/InternetPrinciplesAndRightsCoalition
.pdf last accessed 16 June 2021
55
UN Human rights office of the High commissioner. 2011. p4
●
a reference point for dialogue and cooperation between different stakeholder
priorities for the internet’s design, access, and use around the world.
●
an authoritative document that can frame policy decisions and emerging
rights-based norms for the local, national, and global dimensions of internet
governance.
●
a policymaking and advocacy tool for governments, businesses, and civil
society groups committed to developing rights-based principles for the internet.
The charter seeks to create a rights-based internet society and with that purpose it
has outlined 20 important internet principles and rights.56 Two of these rights are of
particular importance to my writings, those being Freedom of expression and
information on the internet that states: Everyone has the right to seek, receive, and
impart information freely on the Internet without censorship or other interference.
Everyone also has the right to associate freely through and on the Internet, for
social, political, cultural, or other purposes57 . The second being Privacy and Data
protection which states that Everyone has the right to privacy online. This includes
freedom from surveillance, the right to use encryption, and the right to online
anonymity. Everyone also has the right to data protection, including control over
personal data collection, retention, processing, disposal, and disclosure.58
Other rights and freedoms under the charter are the right to access the internet, the
right to non-discrimination in internet access, use and governance, the right to liberty
security on the internet, freedom of belief and religion on the internet, freedom of
assembly and association, right to education on and about the internet, right to
culture and access to knowledge on the internet, rights of children on the internet,
right of work and the internet, right to online participation in public affairs, right to
consumer protection on the internet, right to legal remedy and fair trails for actions
on the internet, right to appropriate social and international order on the internet and
finally the duties and responsibilities on the internet.59
56
UN Human rights office of the High commissioner. 2011. p11
57
UN Human rights office of the High commissioner. 2011. p16-17
58
UN Human rights office of the High commissioner. 2011. p18-19
59
UN Human rights office of the High commissioner. 2011. p12-13
2.3.4 African declaration on Internet rights and freedoms
This declaration is a pan-African initiative that seeks to push human rights standards
and principles of openness in internet policy formulation and implementation on the
continent. It does this through the articulation and promotion of 13 principles which it
views as necessary for upholding human and people’s rights on the web.60
The African Commission on Human and Peoples’ Rights adopted Resolution 362
(LIX) on the right to Freedom of information and Expression on the internet in
Africa.61
The resolution acknowledged the worth of the African Declaration in its elaboration of
the principles necessary to uphold human and people’s rights online and in
cultivating an online environment which will best meet Africa’s social and economic
development needs and goals.
This declaration outlines 13 key principles, these being:62
•
Openness: The Internet should have an open and distributed architecture
and should continue to be based on open standards and application
interfaces and guarantee interoperability to enable a common exchange of
information and knowledge.
•
Internet Access and affordability: Access to the Internet should be
available and affordable to all persons in Africa without discrimination on any
ground such as race, colour, sex, language, religion, political or other opinion,
national or social origin, property, birth, or other status.
•
Freedom of Expression: Everyone has the right to hold opinions without
interference.
•
Right to information: Everyone has the right to access information on the
Internet.
•
Freedom of assembly and association on the internet: Everyone has the
right to use the Internet and digital technologies in relation to freedom of
assembly and association, including through social networks and platforms.
60
Association of progressive communications. 2019. African Declaration on Internet Rights and Freedoms
Coalition: Promotion of freedom of expression a priority for Southern Africa Available at
https://www.apc.org/en/news/african-declaration-internet-rights-and-freedoms-coalition-promotionfreedom-expression last accessed 16 June 2021
61
62
Association of progressive communications. 2019.p1
African declaration on internet rights and freedom. 2014.The charter of human rights and principles for the
internet. Available at: https://africaninternetrights.org/ Last accessed 16 June 2021
•
Cultural and linguistic diversity: Individuals and communities have
the right to use their own language or any language of their choice to
create, share and disseminate information and knowledge through the
Internet.
•
Right to development and Access to knowledge: Individuals and
communities have the right to development, and the Internet has a vital
role to play in helping to achieve the full realisation of nationally and
internationally agreed sustainable development goals.
•
Privacy and Data protection: Everyone has the right to privacy
online, including the right to the protection of personal data concerning
him or her. Everyone has the right to communicate anonymously on
the Internet, and to use appropriate technology to ensure secure,
private, and anonymous communication.
•
Security, stability, and resilience of the internet: Everyone has the
right to benefit from security, stability, and resilience of the Internet. As
a universal global public resource, the Internet should be a secure,
stable,
resilient,
reliable,
and
trustworthy
network.
Different
stakeholders should continue to cooperate in order to ensure
effectiveness in addressing risks and threats to security and stability of
the Internet.
•
Marginilised groups and groups at risk: The rights of all people,
without discrimination of any kind, to use the Internet as a vehicle for
the exercise and enjoyment of their human rights, and for participation
in social and cultural life, should be respected and protected.
•
Right to due process:
Everyone has the right to due process in
relation to any legal claims or violations of the law regarding the
Internet.
•
Democratic multistakeholder internet governance: Everyone has
the right to participate in the governance of the Internet.
•
Gender Equity: To help ensure the elimination of all forms of
discrimination on the basis of gender, women and men should have
equal access to learn about, define, access, use and shape the
Internet.
2.4 Conclusion
In this chapter has explained and discussed the importance of privacy, the different
international treaties and covenants that protect the right to privacy and how privacy
laws and internet freedoms and the historical development of privacy law. In an era
where digital corporations such as Facebook, Amazon, Google, and others acquire
and keep personal data, privacy rights that restrict them from utilizing the data for
their own purposes are critical. Groups cannot take your data without your
knowledge or approval and use it for their own purposes. You should have control
over your data if it is yours. Your data can only be used in ways that you consent to,
and you have access to any information about yourself. You would feel powerless if
you didn't have this control. It would also make you extremely vulnerable to society's
more strong influences, and therefore your privacy rights put you in control of your
own life.
Chapter 3
3 Comparison of Namibian Privacy law legislation with other Jurisdictions
3.1 Introduction
This chapter will be looking at the laws and regulations in different jurisdictions that
enforce privacy laws. It will be reviewing laws passed in South Africa and the
European Union and comparing it to Namibian legislation on the matter. In the
context of privacy, it is concerned with ensuring that sensitive data processed,
stored, or sent by a company is consumed in a compliant manner and with the
permission of the person who owns that sensitive data. To do so, it is necessary to
tell people up front about the kinds of data that will be gathered, why it will be
collected, and with whom it will be shared. A person must consent to the conditions
of use and once this transparency is given, enabling the organization that has
collected the data to use it in accordance with its stated objectives after this
agreement has been reached.63
Unlike in South Africa and the European Union, Namibia has yet to implement its
own data privacy laws, however Namibian lawmakers have written and approved a
63
D. Phillips. 2020.Data Privacy vs. Data Security: What is the Core Difference? Available from:
https://www.tokenex.com/blog/data-privacy-vs-security last accessed 10 September 2021
number of controversial laws and acts that have attempted to expand the state's
surveillance powers without receiving appropriate scrutiny and approval from the
judiciary. Among these are the Electronic Transactions and Cybercrime Bill and the
Communications Act64, particularly part 6 of the act, which has not yet come into
effect, but which directly threatens the protection of privacy rights by granting the
government broad powers to monitor telephone calls, e-mail, and internet usage
without the need for a court order.65
When looking at data privacy an inevitability that comes along is data security, as
with the progression of collection that comes with social media and digitisation of
important personal information such as your health records and financial information.
Data breaches to this important information which is in most circumstances held by
private companies can have serious consequences to an individual. This may be
identity theft or blackmail which can have serious financial ramifications.66
3.2 Data Protection Laws in the Republic of South Africa
To ensure the security of data and personal information, the Republic of South Africa
has made considerable efforts to establish laws and regulations that are now in
force. The COVID-19 epidemic has brought attention to the necessity for legislation
to govern the explosion of data and personal information that has arisen from the
use of digital technologies, particularly in developing countries. The Republic of
South Africa is witnessing its first national data protection legislation coming into
force on 1 July 2021, in this digital era of the fourth industrial revolution, it has joined
the rest of the world to safeguard the right to privacy.67 Companies in today's market
are incentivized to collect and analyse as much data as possible in order to get a
competitive edge. Taking this attitude to business is, more often than not, detrimental
64
Act 8 of 2009
65
Privacy International. 2015.The Right to Privacy in Namibia. Available from:
https://privacyinternational.org/sites/default/files/2017-12/Namibia%20UPR_PI_submission_FINAL.pdf last
accessed 16 September
66
D. Harrington. 2021.Data Security: Importance, Types, and Solutions. Available from:
https://www.varonis.com/blog/data-security/ last accessed 13 September 2021
67
P. Bhagattjee. 2021.South Africa - Data Protection Overview. Available from:
https://www.dataguidance.com/notes/south-africa-data-protection-overview last accessed 16 September
2021
to the customer. Giving financial services firms unrestricted access to personal data
may result in intrusive advertising, identity theft, and fraud, among other things.68
Following the President's signing, the Protection of Personal Information Act 69, 2013
('POPIA') was promulgated into law on November 26, 2013. POPIA has a broad
scope of applicability and effect, and it applies to all individuals who handle personal
information, subject to specific exceptions specified in the Act. POPIA will not
become completely operational until the first day of July 2021; nevertheless, the bulk
of its provisions have already begun to be implemented in preparation of that day.70
The personal information protection act (POPIA) relates to the processing of
personal information pertaining to an identifiable, living natural person, or, where
appropriate, an identified, existing juristic person, in the course of their business. In
addition to responsible parties domiciled in South Africa, POPIA will apply to
responsible parties located outside of South Africa who employ methods to process
user data in South Africa, as defined by the Act (unless such means are only used to
forward the information through South Africa). POPIA relates to the processing of
personal information by a responsible party, which is broadly defined by the Act to
include the collecting, recording, organizing, compiling, distributing, altering, storing,
utilizing, and deletion of personal information71 (being a public or private body or any
other person which alone or together with others determines the purpose and means
for processing of special information72).
POPIA regulates the collection, use, and disclosure of personal information. POPIA,
on the other hand, is not applicable to the processing of personal information:73
68
T. Warikandwa T.2021. "Personal Data Security in South Africa's Financial Services Market: The Protection of
Personal Information Act 4 of 2013 and the European Union General Data Protection Regulation Compared"
PER / PELJ 2021(24). Available from: https://perjournal.co.za/article/view/10727 last accessed 16 September
2021
69
Act 4 of 2013
70
P. Bhagattjee. 2021.
71
P. Bhagattjee. 2021.
72
POPIA provides for a separate category of information called 'special personal information' which includes
all information relating to a person's religious or philosophical beliefs, race or ethnic origin, trade union
membership, political persuasion, health or sex life, biometric information, or criminal behaviour. POPIA also
specifically regulates personal information (of a child).
73
P. Bhagattjee. 2021.
● in which the activity is entirely personal or domestic in nature
● In cases where it concerns national security or the aim of the investigation is
to prevent or identify illegal actions (given that alternative legislation
applicable to such activities allows for measures to protect personal
information), by or on behalf of a public body
● by the Cabinet and its committees or the Executive Council of a province
● related to a court's judicial functions
● that has been created purely for the sake of journalistic, literary, or aesthetic
expression
A fully independent supervisory body, the Information Regulator, is introduced and
created under POPIA for the aim of data protection. A complaint to the Information
Regulator may be submitted either verbally or in writing (although oral contributions
must be converted to written submissions as soon as reasonably possible). A
complaint can be submitted in the case of suspected interference by anybody. In
accordance with POPIA, upon receipt of a complaint, the Information Regulator is
required to examine the complaint, serve as a conciliator when appropriate, and take
any further action that is envisaged by the Act.74 Working in collaboration with
information officers, the Information Regulator is charged with developing standards
of conduct for those involved in the collecting and processing of personal
information. A second duty assigned to the Information Regulator is to give
responsible parties prior authorization to engage in planned processing activities
before they may begin such operations. In addition, provisions are provided for
establishing standards for direct marketing, directories, and automated decisionmaking systems.75
Furthermore, the POPIA provides provisions for the movement of information across
international borders. Under the provisions of Section 100-109 of the POPIA,
administrative fines, offenses, and penalties are provided for, among other things.
Sections 100-106 of the POPIA deal with situations in which parties would be
74
T. Warikandwa T.2021.p 11
75
P. Bhagattjee. 2021.
deemed to be guilty of an offence if they did not cooperate. 76 Any person who
interferes with, obstructs, or unlawfully influences the Information Regulator; a
responsible party that fails to comply with an enforcement notice, such as lying under
oath or failing to appear at hearings; unlawful acts committed by a responsible party
in connection with account numbers; and unlawful acts committed in connection with
third parties are examples of such instances.77
Section 107 of the POPIA specifies the penalties that may be imposed for certain
offenses. For severe offenses, a fine of ten million Rands or imprisonment for a term
not exceeding ten years, or a combination of a fine and such imprisonment, shall be
imposed. The punishment for less severe offenses, such as interfering with an
official's execution of a search and seizure warrant, is a maximum of twelve months
imprisonment, or both a fine and the maximum sentence of twelve months
imprisonment.78
In view of the fact that POPIA is not yet completely operational and that the bulk of
its operative provisions just recently became effective on 1 July 2020, there has not
yet been any recorded case law in which a litigant has relied on POPIA to support a
claim in court. Although the operational provisions of POPIA impose onerous duties
on responsible parties, it is expected that a large body of case law will emerge
quickly now that the active provisions of POPIA have come into effect. 79
When the Facebook-owned messaging network WhatsApp notified customers in
January 2021 that it was developing an updated privacy policy, the company said
that under the new policy, it will be able to share some user data with Facebook as
well as other companies like Instagram and Messenger.80 In response to this, on
March 3, 2021, the Regulator released a statement about WhatsApp's planned
76
P. Bhagattjee. 2021.
77
P. Bhagattjee. 2021.
78
T. Warikandwa. 2021.p 12
79
P. Bhagattjee. 2021.
80
N, Statt. 2021.WhatsApp to delay new privacy policy amid mass confusion about Facebook data sharing. The
Verge. Available at: https://www.theverge.com/2021/1/15/22233257/whatsapp-privacy-policy-updatedelayed-three-months last accessed 16 September 2021
amendments to its privacy policy, in which it questioned the company's compliance
with the Privacy and Electronic Communications Act (POPIA).Among the concerns
raised by the Information Regulator with regard to the revised WhatsApp policy and
its application to South Africa were the following: "it is the Information Regulator's
opinion that the processing of cell phone numbers as accessed on the user's contact
list for a purpose other than the one for which the number was specifically intended
at collection, with the aim of linking the number to another person, is contrary to the
provisions of the Privacy Act.".81
3.3 European Data protection Laws
The (GDPR) is an EU legislation that establishes obligatory standards for how
organizations and businesses must handle personal data in an integrity-preserving
manner. Personal data refers to any information that may be used to identify a live
person, either directly or indirectly. Personal data such as a person's name, phone
number, and address are textbook examples. Interests, information about previous
purchases, health information, and online behaviour are all considered personal data
since they may be used to identify a specific individual. Data processing includes the
collection, structuring, organization, use, storage, sharing, disclosure, erasure, and
destruction of data, among other things. Any business that processes personal data
(which includes every firm with workers and customers) is responsible for ensuring
that the personal data it uses complies with the standards of the (GDPR).82
The General Data Protection Regulation (GDPR) came into force in 2018. It took the
place of the Data Protection Directive 95/46/EC (DPD) as the main piece of
legislation governing the protection of personal data by European Union-registered
businesses. The General Data Protection Regulation (GDPR) applies to all
businesses registered in all member states of the European Union (EU). The
rationale for taking such a broad approach is that it will result in the establishment of
a uniform consumer and personal data protection legislative framework across the
EU.83
81
P. Bhagattjee. 2021.
82
T. Warikandwa. 2021.p 1
83
T. Warikandwa. 2021.p 14
The main requirements of the GDPR can be explained as followers:84
● Use of personal data must be legal. The GDPR sets out six alternatives to the
legal basis (for example consent or contract). If your processing is not based
on any of those, it is not lawful. It might be necessary to process personal
data for the performance of a contract. It could also be necessary to use
personal data to prevent fraud and perform marketing.
● Personal data must be handled with honesty. Processing, for example, must
have a purpose. So, you can't gather personal data "just in case". Honesty,
openness, and transparency in data usage That is, people have a right to
know how their data is used and must be consulted. Personal data must only
be kept for as long as required. Processing must also be safe and secure.
Organisations must have and maintain paperwork proving regulatory
compliance.
● Personal data use must respect people' rights. The GDPR gives everyone
rights over their personal data. They are entitled to view their personal data.
Right to know how data is used.
● Data breaches must be notified within 72 hours under GDPR. You must act if
personal data is exposed, accessed, altered, or stolen. Even if the incident
occurred at a supplier. If no personal data was at risk, the incident generally
does not need to be reported. Whenever sensitive data like health or financial
data is lost, the authorities and each affected person must be notified within
72 hours.
● Brand-new to GDPR is responsibility for suppliers. The new legislation
requires controllers to legally obligate their providers to safeguard personal
data. If the provider compromises data, the controller is liable.
● The GDPR's penalties are large. Violations of the legislation may result in
fines of up to 4% of annual worldwide sales or € 20 million.
The GDPR gives data subjects considerable control over automatically processed
personal data, which is an essential aspect. The right to portability is granted to data
84
GDPR Summary. 2021.GDPR Summary. Available at: https://www.gdprsummary.com/gdpr-summary/ last
accessed 21 September 2021
subjects as a result of this. The right to portability means that individuals may move
their personal data without the involvement of other parties (as long as the operating
software systems are secure). Such data subjects will also have the right to erasure,
which enables them to request that their personal data be erased if they so choose.
Because it has extraterritorial applicability, the GDPR right to erasure of personal
data (the right to be forgotten) is critical in the financial markets.85
The GDPR has established a framework for cross-border data transfers. For internal
data transfer to take place, the European Commission (EC) must first assess and
approve the data-transfer legislative regimes of the countries to which the data would
be sent. Only eleven nations have had their legal systems approved by the
European Commission so far (Andorra, Argentina, Canada, Faeroe Islands,
Guernsey, Isle of Man, Israel, Jersey, New Zealand, Switzerland, and Uruguay). The
aforementioned permission is given only after lengthy discussions with the intended
data destination (the country) to bring its national data protection system up to par
with the EU's data protection standards. In the event that data is transferred to a
non-EU country without a legal regime adequacy determination, the relevant
organization must enter into a contractual agreement ensuring that it will comply with
the GDPR's specified level of data protection (this will include all material and
procedural safeguards). As a consequence, data transfers to non-EU institutions will
continue to be governed by the GDPR and will be subject to the same degree of
protection as data transfers inside the EU.86
The GDPR also mandates the appointment of a data protection officer, whose
primary responsibilities include verifying businesses' GDPR compliance and
reporting to data subjects and supervisory agencies. More importantly, the GDPR
broadens the scope of data protection to include multinational corporations, who
collect and handle personal data from EU persons. Such transnational cooperation
firms (for example, South African financial services firms) commercial dealings with
85
T. Warikandwa. 2021.p15
86
T. Warikandwa. 2021.p15
EU financial institutions) shall be subject to the same GDPR and penalties apply to
businesses located in the EU.87
The EU has been enforcing the GDPR as Google received a fine, imposed in 2019
and confirmed in March 2020 following a failed appeal, was the highest on record
until August 2021. The issue concerned how Google delivered privacy notices to its
users, as well as how the firm obtained their permission for customized advertising
and other kinds of data processing. What might have been done to prevent the fine:
In consent policies, Google could have offered more information to users and given
them more choice over how their personal data is handled.88
The GDPR is now recognized as the worldwide standard for safeguarding the rights
of every individual whose personal data enters the digital world. The GDPR's general
user rights are seen as a best practice tool, and since its introduction the GDPR has
substantially raised awareness of these rights. These basic rights should be the
benchmark against which businesses and organizations in Southern Africa and
throughout the African continent should strive. 89
3.4 Namibian Laws regarding data Privacy
The Constitution of the Republic of Namibia guarantees the protection and respect of
the rights to privacy under Article 13, which states that: (1) No persons shall be
subject to interference with the privacy of their homes, correspondence or
communications save as in accordance with law and as is necessary in a democratic
society in the interests of national security, public safety or the economic well-being
of the country, for the protection of health or morals, for the prevention of disorder or
crime or for the protection of the rights or freedoms of others. (2) Searches of the
person or the homes of individuals shall only be justified: (a) where these are
authorised by a competent judicial officer; (b) in cases where delay in obtaining such
judicial authority carries with it the danger of prejudicing the objects of the search or
87
T. Warikandwa. 2021.p 16
88
Tessian.202120 Biggest GDPR Fines of 2019, 2020, and 2021.Available at:
https://www.tessian.com/blog/biggest-gdpr-fines-2020/ last accessed 21 September 2021
89
T. Warikandwa. 2021.p 17
the public interest, and such procedures as are prescribed by Act of Parliament to
preclude abuse are properly satisfied.90
Although Namibia does not have any specific data protection bill there are various
sector-specific laws are in place to protect client information, including in the legal
and banking sectors (e.g., Financial Intelligence Act 13 of 2012; Industrial Property
Act 1 of 2012; Copyright and Neighbouring Rights Protection Act 6 of 1994). 91
Furthermore, there are various international agreements that emphasize the right to
privacy, such as the International Covenant on Civil and Political Rights (‘ICCPR'),
which states in Article 17 of the ICCPR, which reinforces Article 12 of the UDHR, that
“no one shall be subjected to arbitrary or unlawful interference with his privacy,
family, home, or correspondence, nor to unlawful attack. According to the Human
Rights Committee, governments parties to the ICCPR have a positive duty to “adopt
legislative and other measures to give effect to the ban against such interferences
and assaults, as well as to the preservation of this right to privacy.”92
In accordance with Article 144 of the Namibian Constitution “unless otherwise
provided by this Constitution or Act of Parliament, the general rules of public
international law and international agreements binding upon Namibia under this
Constitution shall form part of the law of Namibia.”
3.5 Comparison of the different data Privacy Laws
The POPIA governs the processing of personal data in South Africa that has been
recorded by or for a "responsible party." A responsible party is a public or private
entity or other legal subject that, alone or in collaboration with others, governs the
purpose and methods of processing personal data. The GDPR, on the other hand,
90
Namibian Constitution
91
Council of Europe.2020. Cybercrime policies/strategies. Available from:
https://www.coe.int/en/web/octopus/country-wiki-ap//asset_publisher/CmDb7M4RGb4Z/content/namibia/pop_up?_101_INSTANCE_CmDb7M4RGb4Z_viewMode=
print&_101_INSTANCE_CmDb7M4RGb4Z_languageId=en_GB last accessed 16 September 2021
92
General Comment No. 16 (1988), para1. Available from:
https://www.ifex.org/namibia/2008/11/25/new_bill_on_communication_interception/ last accessed 16
September 2021
applies as a privacy and security legislation to data "controllers" and "processors"
that are: established in the EU; and formed outside the EU but providing products or
services to data subjects in the EU or monitoring the behaviour of EU data subjects.
The POPIA and GDPR are expected to provide African countries with a benchmark
against which to assess the effectiveness of their data protection legislative regimes.
The GDPR, in particular, is expected to provide financial services businesses and
other organizations in Africa with an opportunity.93
Both the GDPR and the POPIA are intended to safeguard the data of living
individuals, and these protections are not extended to the data of the deceased.
They also both provide protection to natural people, with the South African POPIA
going a step further and providing protection to juristic persons in addition to
individuals. Personal data operators and data processors are defined in the same
way under both pieces of legislation, and they both include public organizations that
deal with personal data as part of their definition. Finally, both states make it plain
that this law applies to anybody who handles data about their respective citizens,
whether inside or outside of their respective countries' boundaries.94
3.6 Conclusion
The GDPR and the POPIA outline the importance of data privacy and security in the
modern era and outlines a clear need for similar legislation in Namibia. These laws
however go contrary to While other countries have taken the lead to improve the
data security of their citizens Namibian legislators have lagged behind and have
further sought to try and expand the surveillance power of the state into the digital
lives of the Namibian citizenry. To this day, Article 13 of Namibia's constitution, which
was drafted at the time of the country's independence in 1990, remains the sole form
of privacy guaranteed. Because of this absence of legal framework, the country has
been dubbed "a safe haven for cybercriminals," and many individuals have become
victims of online fraud due to the lack of a cybercrime legislation.95
93
T. Warikandwa. 2021.p 18
94
T. Warikandwa. 2021.pp 19-20
95
N, Gervasius.2021. Data protection and privacy in the absence of law: a Namibian exploration during covid19. Available from: https://openinternet.global/news/data-protection-and-privacy-absence-law-namibianexploration-during-covid-19 last accessed 17 September 2021
The COVID-19 epidemic underscored the necessity of enacting a comprehensive
data protection law. As the government fought to stop the virus from spreading, it
issued new guidelines on April 30, 2020, which included a requirement that
companies retain customer logs to help with contact tracking. Businesses and
governmental institutions across the country began collecting people's data
(including names, national ID numbers, and contact information) for contact tracing
and monitoring almost immediately after the rules were implemented. This
information was to be recorded into a client register at the front of each public
business, according to the standards. Unfortunately, without a data protection
legislation in effect, there were no rules for how this information should be
maintained, stored, and kept secret, issues that grew more serious as the epidemic
expanded.96
The media slammed the public registers almost soon after they went into effect. The
Windhoek Observer, one of the country's weekly newspapers, bemoaned the
decision, stating, "Namibia has neither the resources nor the ability for metadata
processing." The publication went on to say that the practise was invasive and
exposed people to identity theft in its criticism of the action. In the data gathering
mandated during COVID-19, many Namibians ranked identity theft as a major worry.
Women, in particular, are at greater danger as a result of the public data gathering
exercise. The Internet Society's Namibia branch investigated how a lack of
cybercrime and data protection legislation exposes women to violence and puts
them in vulnerable positions in cases of non-consensual picture sharing, online
blackmail, and sexualized hate speech. In early April, a young woman in the Oshana
area got an unwanted message after giving her details at a shop register. The event
became viral on social media, and a screenshot of it ended up on many people's
WhatsApp posts.97
While the COVID-19 Information Hub operated by the Namibian government does
not disclose personal information, the lack of regulation and training for firms doing
96
N, Gervasius.2021
97
N, Gervasius.2021
contact tracing has left individuals exposed to privacy abuses. Videos showing
consumer data have gone viral on TikTok and WhatsApp, revealing how simple it is
for people or corporations to gain access to and misuse personal information. There
are no industry norms or regulations for data protection, and it is simple to scan
through people's contact information on social media and in businesses. Even
though the Ministry of Information and Communication Technology is in the process
of formulating such regulations, COVID-19 has illustrated the urgent need to not only
expedite the bill's development, but also to ensure that it addresses new data privacy
and protection issues discovered during the pandemic. Any regulation must make
public education and understanding about how personal data is gathered, kept,
disseminated, and protected a top priority. A stronger data protection law in Namibia
would protect individuals from identity theft and data exploitation while also
improving COVID-19 contact tracing and keeping people safe.98
Chapter 4
4 Evolution of the internet as through the advent of social media and the
impact of the collection of user data
4.1 Introduction
The Internet's shared, universal protocols have allowed it to be easily modified and
extended into many other aspects of our life. The Internet influences everything, in
our daily lives, to the capacity to read newspapers from all over the globe, and the
way research and cooperation are carried out. The Internet has changed three
important aspects of communication, and these have resulted in profound changes
in the way we socially connect with one another: the speed of information, the
volume of information, and the “democratisation” of publishing, or the ability for
anybody to post their thoughts on the web.99
4.2 Evolution of the internet
The Internet itself has undergone a transformation. It was a static network meant to
transport a tiny packet of bytes or a short message between two terminals in its early
98
N, Gervasius.2021
99
Luman Canada. 2021. The Evolution of the Internet. Available from:
https://courses.lumenlearning.com/suny-massmedia/chapter/11-2-the-evolution-of-the-internet/ last
accessed 4 October 2021
days, which is still relatively recent in historical terms, and it was a storehouse of
information where material was produced and maintained solely by experienced
coders. However, now massive volumes of information are being posted and
downloaded via these digital behemoths such as Facebook, Twitter and YouTube,
and the content is very much our own, since we are all now commentators,
publishers, and producers.100 The Internet expanded its reach in the 1980s and
1990s to include the IT capabilities of universities and research institutes, and later,
governmental bodies, institutions, and commercial companies from across the world.
The Internet grew enormously; it was no longer a state-controlled project, but the
world's largest computer network, with over 50,000 sub-networks, 4 million systems,
and 70 million users.101 The advent of web 2.0102 in the first decade of the twentyfirst century was a revolution in the Internet's brief history, promoting the creation of
social media and other interactive, crowd-sourced communication tools. The Internet
was no longer just about exchanging information: it had evolved into a sophisticated
interdisciplinary tool that allowed people to create content, interact with one another,
and even escape reality. Today, we can transfer data from one end of the planet to
the other in seconds, make online presentations, and utilise images, video, music,
and text to communicate our true selves. Personal experiences are made public, and
local concerns are taken on a global scale.103
It's difficult to study social media without coming across the term "social networking."
As a result, both ideas are covered in this paper. According to Merriam-Webster,
social media are “forms of electronic communication (as Web sites for social
networking and blogging) in which users build online communities to share
information, ideas, personal messages, and other content (as videos).” Networking is
defined as “the interchange of information or services among individuals, groups, or
institutions; specifically: the cultivation of productive relationships for employment or
100
Z, Dentzel. 2014.Change: 19 Key Essays on How the Internet Is Changing Our Lives. Available from:
https://www.bbvaopenmind.com/en/articles/internet-changed-everyday-life/ last accessed 4 October 2021
101
Z, Dentzel.2014.
102
Web 2.0 websites stress user-generated content, simplicity of use, participatory culture, and end-user
interoperability. Darcy Di Nucci invented the phrase in 1999, and Tim O'Reilly and Dale Dougherty popularised
it at the first O'Reilly Media Web 2.0 Conference in late 2004.
103
Z, Dentzel.2014.
business” by the same source.104 One of the most significant and revolutionary
changes to the Internet has occurred as a result of social networking. We can now
see what all of our friends are doing in real time thanks to Twitter; we can consider
the opinions of complete strangers who may never write in traditional print thanks to
blogs; and we can find people we haven't talked to in decades through Facebook, all
without making a single awkward phone call. Although the term "social media" today
appears to be associated with websites like Facebook and Twitter, it is essential to
explore all of the ways a social media platform influences the Internet experience. 105
Humans are social animals; we thrive on, and even require, social connections to
live a healthy life and mind. Social media caters to these fundamental wants,
therefore it's no surprise that social media sites and applications are so popular
today. However, there's more to them than that. Social media applications provide
consumers with several useful functions:106
● They give a forum for people to meet new people and create friends from all
around the world.
● They enable users to join groups of people who share their interests and
hobbies.
● They are completely free to use (but as we all know "if there is no product to
buy you are the product").
● Specialized forums or platforms can connect you with a vast network of
people who can help you find a new career.
● Twitter, for example, has become a significant source of real-time (sometimes
genuine) news. This material is frequently seen 'raw,' with no typical media
bias or opinion added in.
4.3 Impact of Data Collection
In recent years, the gathering of private data has been a major subject in the press.
From Google's algorithms seemingly predicting what you'll search for even before
you start typing to Facebook's inadvertent selling of private user data to Cambridge
Analytica, more people than ever before are learning about the data that's gathered
104
Luman Canada. 2021.
105
Luman Canada. 2021.
106
C, McFadden. 2020.A Chronological History of social media. Available from:
https://interestingengineering.com/a-chronological-history-of-social-media Last accessed 4 October 2021
every day and how it's utilised. Data collection is here to stay, with all of its
advantages and pitfalls, whether it's a government collecting traffic data around the
city, a medical research business collecting information on paediatric patients, or a
for-profit company collecting consumer behaviour patterns.107
Collecting data from hundreds, if not millions, of individuals has advantages. Among
these advantages are:108
● Rapid Innovation, when you can collect a wide range of data, such as health
information on patients, you can create better, quicker inventions. Developers
may produce more customised, sophisticated technology that benefits bigger
groups of people by gathering as much information as feasible. The potential
of small pieces of information collected from millions of individuals might lead
to treatments for everything from cancer to the common cold in the future.
● Cost Savings, developing a new technique, method, or procedure used to
take a substantial amount of time and money. Individuals would have to be
recruited to do research or conduct interviews, compare data on paper, and
collect important information. All of the acquired data would then have to be
processed and interpreted, primarily by humans. Because of the high cost of
implementing new ideas using old processes, decision-making and genuine
change moved at a glacial pace. Because of the cost and time savings,
newer, better processes and goods have been able to reach the market more
quickly, driving change and innovation.
● Conserving resources, reducing natural resources and energy use used to be
a game of guessing. Is it really so important to dial down the thermostat a few
degrees at night? What about the solar electricity produced by a single solar
panel? However, because of digital data collecting, we now have more
reliable information than ever before on the magnitude of even little changes.
Scientists can better grasp how much carbon is saved by moving from coalfired electricity to hydroelectric power by looking at data collected from
individual households all the way up to entire countries. People are more
107
Assist. 2019.Data Collection: The Good, the Bad, and the Value. Available from:
https://atassist.com/blog/data-collection-the-good-the-bad-and-the-value Last accessed 4 October 2021
108
Assist.2019.
likely to undertake resource-saving actions when they have access to this
information.
● Faster response times, People want to be alerted of changes or disturbances
to their routines immediately in today's fast-paced world. Instead, then waiting
for traditional techniques of modelling, such as weather patterns or traffic,
contemporary data gathering allows for real-time data collection and
modelling. If there is an accident at a major crossroads, for example, during
rush hour, traffic can be rapidly re-routed to minimise traffic congestion and
annoyance for commuters. The data collected from traffic signals, sensors,
and even individual mobile phones may be used to generate an accurate map
that prevents accidents and keeps traffic running smoothly.
● Improved Access, with broad data collecting from a number of sources comes
a plethora of information that companies, and organisations may find useful.
Less expensive, more comprehensive data collecting technologies have
prompted several organisations to provide free or low-cost access to their
data holdings. This has enabled businesses and government organisations
that would not have been able to collect data on their own to conduct research
and development. This has enabled humanitarian innovation, such as the
United Nations Global Pulse's initiative using phone data to study refugee
integration in Turkey. This enables organisations to make better use of their
budgets and resources.
On the other hand, and possibly more frequently reported, are the negative
consequences of data collecting, which include:109
● Decreased Privacy, when data is gathered by authorities and corporations,
the individuals who provide the data lose control over their personal
information. Big internet firms like Facebook and Google are renowned for
amassing massive amounts of personal data on its users and, in some
circumstances, selling that data. Everything from your birthdate to your
favourite ice cream flavour is available to the public if you put it out there. The
lack of privacy in data gathering has been extensively criticised, prompting
some to advocate for the split of the major companies as well as tougher rules
on what data can and cannot be gathered.
109
Assist.2019.
● Unauthorized Utilization of data, following the 2016 presidential election in the
United States, it was revealed that Cambridge Analytica had gained the data
of millions of Facebook users, which was utilised in campaign advertising.
This data leak has renewed public criticism of businesses' acquisition and
exploitation of personal data. Why couldn't other businesses obtain access to
so much data under false pretences if one organisation could?
● Security, storing massive amounts of data, particularly very personal
information such as bank account numbers and medical records, need
rigorous security. Unfortunately, hackers are constantly on the lookout for
methods to circumvent even the most stringent digital protections in order to
get access to your data. High-profile data breaches at Marriott, Target, and
other businesses have prompted calls for greater security. While no one
technique of safeguarding digital data will ever be perfect, data security
specialists are always inventing new methods to secure and preserve the
personal data collected by governments, businesses, and other institutions.
● Expensive, while having large-scale access to specific data sets might help
some smaller businesses save money, turning data into a commodity can also
make it extremely expensive. If a firm gathers critical health data on cancer
patients, for example, it might simply charge researchers a fee for access to
such data. This might render access to vital information that could lead to lifesaving breakthroughs out of reach for some businesses. Furthermore,
understanding and analysing data sets necessitates the use of competent,
educated data scientists and other experts, as well as sophisticated tools.
Because of these costs, lower-budget organisations may have access to
valuable data but are unable to do anything with it.
Data collection and analysis are likely to grow as technology develops and
individuals feel more comfortable granting corporations’ access to their deepest,
darkest secrets. It's feasible that the future may offer a situation in which
corporations know what you're going to buy before you ever start shopping for it,
owing to predictive analytics and all of the data that's already been collected on you.
However, the growth of data collecting is unlikely to go uncontrolled. We are likely to
see more governments join the demand for control of what data may be gathered by
private firms and what that data can be used for, and existing tech behemoths may
succumb.110
4.4 Payment for user data
Every day, people generate an astounding quantity of data, amounting to around 2.5
quintillion bytes. Google handles 40,000 searches every second, and Facebook
receives 1.4 billion logins per day. Every minute, 16 million text messages are
transmitted, 156 million emails are exchanged, and 600 new Wikipedia pages are
added. Needless to say, the amount of data created every day, including right now,
is enormous. However, the businesses and enterprises that will ultimately benefit
from this data are not grumbling; in fact, they are delighted. Data is a gear in
contemporary society's wheel. Given the importance of data as a driving element,
shouldn't the consumers who supply this data in the first place be compensated for
its usage by IT companies? This topic has gained traction in recent years, with
academics and important individuals voicing it.111
More data has been produced in recent years than in all of human history combined.
Despite this huge output of data, consumers don't actually gain any 'benefit' or 'value'
except than 'temporarily' free services like Facebook, which in actuality profits more.
The actual beneficiaries here are the tech titans, and it is believed that the unfettered
flow of data would lead to an ever more unequal society and further encourage
exclusive capitalism. Facebook and Google are two of the major online firms that rely
on digital advertising for revenue. Advertisers pay these firms for the attention,
engagement, or clicks of their users. The business model is such that it uses user
data to make predictions about their behaviour with the objective of serving them
advertising and content that is tailored to such behaviour in the future.112
We've all grown accustomed to expecting free internet services. We use free
applications for everything, from finding directions to the doctor to texting colleagues.
Google and Facebook, which provide the great majority of these services, are
110
Assist.2019.
111
S, Golad.2020. Should Companies Pay Users for Their Data? Available from:
https://analyticsindiamag.com/should-companies-pay-users-for-their-data/ last accessed 6 October 2021
112
S, Golad.2020.
ranked No. 4 and No. 6, respectively, on the list of the world's biggest enterprises by
market value. It is common knowledge that Google and Facebook profit from digital
advertising. Advertisers pay for user attention and engagement, often known as
clicks. This business model makes predictions about user behaviour based on user
data, with the objective of serving relevant information and advertising at the correct
moment. If you search for an ophthalmologist, for example, you're likely to see an ad
for an eyeglasses store in your neighbourhood over the following few days, even if
you don't schedule an appointment to see the doctor.113
This is a positive depiction of the “age of surveillance capitalism”, a term popularised
by Harvard University's professor Shoshana Zuboff, who outlines how major internet
firms have amassed enormous influence and money by collecting data on
consumers. This business model's holy grail is to "think the thought before you do or,
to put it another way, foresee your behaviour. The best way to accomplish this is to
gather and analyse all data about your demographic, internet searches, consumer
buying history, friends, address, video content patterns. Such in-depth knowledge,
when paired with non-personal data such as weather and driving habits, has aided in
the creation of profitable internet enterprises. Data is the lifeblood of IT behemoths
such as internet advertising, ride sharing, the gig economy, and ecommerce and
other factors that accurately define your online presence and identity.114Is our data
considered "raw material," and should we be compensated for it? After all, Facebook
earned an average of $30 per follower worldwide in 2019. Understanding the unique
nature of data and its worth, as well as allowing instruments for increased social
value generation, is the answer. The idea of data is unique. It's been likened to oil,
gold, coal, poison, and CO2. These comparisons attempt to determine if data is a
resource that can be used to create value (oil, gold) or that it may cause individual
and public harm (carbon dioxide, poison).115
113
S. Kumar. 2020.Should we be paid for our data? Available from:
https://www.livemint.com/news/business-of-life/should-we-be-paid-for-our-data-11597337028791.html
last accessed 6 October 2021
114
S. Kumar.2020
115
J, Laidler. 2019.High tech is watching you. Available from:
https://news.harvard.edu/gazette/story/2019/03/harvard-professor-says-surveillance-capitalism-isundermining-democracy/ last accessed 06 October 2021
There are four features of data and its value that make assigning costs and benefits
to it particularly difficult. 116
● To begin with, unlike other resources such as oil or coal, data does not
depreciate as it is utilised. Several organisations can make several copies of
the same data and utilise it at any moment.
● Secondly, data has externalities, which are advantages or costs placed on
third parties that are unrelated to the transaction. Some externalities are
advantageous. When anonymized and combined with demographic data, a
person's daily commute data can assist Google Maps improve traffic
forecasts. Data on individual members of a group may be aggregated to
discriminate against an entire community, as an example of damage.
● Thirdly, data's value may be multiplied by merging it with other data sets. At
the same time, liabilities are expected to rise dramatically. As a result,
understanding value will have to take into consideration all elements of
individual gains and damages, to society welfare, and company profits.
● Finally, there occurs a value exchange. At least five stakeholders are involved
in the value generation process: the technology firm, the government, the
community, gig-economy workers, and people. Data is collected and
processed, and value is realised through monetization. Individuals and
communities benefit economically from IT companies' services such as maps,
news, email, and networking. Governments get a portion of the tax income,
and gig workers get paid. However, it is becoming increasingly obvious that
the present data economy design favours profit concentration among
technological behemoths and does not facilitate the realisation of fair value for
individuals and society.
Three concepts for political and legislative activities that might move the data
economy toward equitable results for all stakeholders are being explored. First, a
progressive tax on data monetization can be used to extract some revenue for
redistribution purposes. The money earned by data monetization should be subject
to a progressive tax, according to Nobel Laureate economist Paul Romer, which may
help to disincentivize the gathering and monetization of user data. While the initial
116
S. Kumar.2020
idea aims to reduce monitoring, this technology can be further investigated to see
whether it might help with economic redistribution.117
Second, the concept of providing a "data dividend" to every citizen can be
investigated. There are various arguments for and against the notion of "data
dividends," which involves corporations sharing revenues earned from the usage of
personal data directly with the individuals who gave it. In theory, paying for the use of
our personal data may result in fewer monopolies, better privacy rights, new sources
of revenue, and the opening up of vast markets that are now unavailable due to
current arrangements. Data dividends, on the other hand, are difficult to execute, do
not address the basic challenges of permission and coercion at the base of today's
problems, may impede innovation, and may result in a new set of inequality
issues.118
Finally, catalysing larger social value creation, such as finding a cancer cure using
data, can have enormous societal worth. The European Union's data strategy report
and India's non-personal data committee report both stressed the need of providing
broader access to community data sets in order to unleash the potential of data for
society. Data stewardship through structures such as cooperatives, trusts,
exchanges, personal data repositories, and account aggregators will guarantee
appropriate safeguards and enable individuals to share their data more freely.
Individuals and groups may be willing to share health data for research purposes
without anticipating monetary remuneration if a secure method is provided that
prohibits exploitation.119
4.5 Conclusion
People in Namibia are increasingly using smartphones to access social networking
sites such as Facebook, LinkedIn, Tumblr, Instagram, Twitter, WhatsApp, and
others. The bulk of those who use these forums are aspiring young people who want
their alternative viewpoints to be acknowledged. Because bandwidth is more
117
S. Kumar.2020
118
T, Wadhwa. 2020.Economic Impact and Feasibility of Data Dividends. Available from:
https://datacatalyst.org/reports/gettin-paid-pros-and-cons-of-data-dividends/ last accessed 6 October 2021
119
S. Kumar.2020
affordable in Namibia, more individuals are using social media, with many people
leaving traditional short messaging services (SMS) in favour of WhatsApp, Facebook
Messenger, Telegram, and other free social media texting programmes (apps). In a
variety of ways, social media communication platforms have provided a great deal of
ease. For example, college and university students share research materials and
lectures via networks such as WhatsApp, Telegram, and others, making learning
simpler. With the majority of young people linked to and on these channels, their
capacity to exchange communication messages, including images, videos, and voice
recordings, made them fast favourites. Social media has revolutionised business
communications and human resource operations as a result of this much-needed
ease.120
As a result of the increased use of these apps the data they have acquired has been
expanding tremendously. Thus, resulting in these companies better optimizing their
algorithms to hook people on their content for longer periods of time which has led to
negative impacts on people especially minors. The introduction of social media has
also had a negative influence on the academic performance of high school students
and university students. Many examples of social media addiction have been
documented in various nations across the world, according to empirical data. In
certain situations, social media has been blamed for relationship failure and
breakdown, with some partners complaining that their spouses are addicted to their
phones and do not pay attention to them. Although these are unfortunate, regulating
and/or controlling social media is extremely difficult, if not impossible, because it is
available through the simple download of programmes that instantly link one to the
platforms. In fact, attempts to control social media might be seen as a violation of
people's personal liberties.121
In regard to payment for data in my opinion data catalysation would have a larger
impact on social value creation. Location data collected by social media firms has
potential, albeit it is still in its early stages of development. From measuring the size
120
T,Sam.2019.Social Media and its Impact on Communication Available from:
https://www.namibian.com.na/192332/archive-read/Social-Media-and-its-Impact-on-Communication last
accessed 6 October 2021
121
T, Sam.2019
of urban slums to tracking the ownership of rural farmland to disaster impacts and
response, location tracking through phones has the ability to produce accurate data,
especially as more people buy cheaper smartphones every year from a growing
number of countries and companies, lowering the cost of data acquisition and
increasing its accessibility.122
Chapter 5
5 Internet Freedom and Policy Recommendations
5.1 Internet freedom in Namibia
In Namibia, online human rights, particularly the right to privacy, freedom of speech,
opinion, and access to information, are major concerns. According to the most recent
data from the International Telecommunication Union (ITU), the percentage of
Namibians who use the internet was 36.8% in June 2018, up from 14.8 percent in
2014.123 In addition 35.5 people out of every 100 had a mobile broadband
subscription in 2014. The percentage has grown to 59.3 in every 100 in 2018 (the
most recent year for which ITU data is available). With the rise of digitalisation, it is
more vital than ever for Namibia to preserve basic freedoms both online and offline,
in accordance with Namibia's responsibilities under the International Covenant on
Civil and Political Rights (ICCPR), the African Charter, and Article 21 of the
Constitution.124
Article 21 of the Constitution of the Republic of Namibia protects "freedom of
expression, the press, and other media," however 21(2) allows for justifiable
limitations, such as "national security, public order, decency or morality, contempt of
court, defamation, or incitement to a crime." Namibia scored 23rd out of 180 nations
on the global press freedom rating in 2019-2020125, making it the highest-ranking
122
D, Runde. 2017.The Data Revolution in Developing Countries Has a Long Way to Go. Available from:
https://www.forbes.com/sites/danielrunde/2017/02/25/the-data-revolution-in-developing-countries-hasa-long-way-to-go/?sh=7b74ace21bfc last accessed 6 October 2021
123
ITU, ‘Measuring the Information Society Report .2015.
https://www.itu.int/en/ITUD/Statistics/Documents/publications/misr2015/MISR2015-w5.pdf, Last Accessed 7
October 2021
124
CIPESA, Small Media, ISOC Namibia. 2020.Digital Rights in Namibia. Available at:
https://cipesa.org/?wpfb_dl=436 last accessed 9 October 2021.pp 1-2
125
Reporters Without Borders, 2020. Available at: https://rsf.org/en/namibia, Last Accessed 9 October 2021
African country. The courts have also maintained freedom of expression rights, as
seen by a historic April 2019 judgement dismissing an appeal by the Namibia Central
Intelligence Service (NCIS) to prevent the publishing of an article about corruption.126
Other laws, such as the Protection of Information Act127 and the Namibia Central
Intelligence Service Act128 (NCISA), restrict freedom of expression in Namibia, and
have been used by authorities to suppress the media. Meanwhile, the cabinet
approved a decree in 2016 providing state-owned media priority consideration in the
transmission of government information and ads.129 Officials from the state have
repeatedly criticised and even threatened the press's independence. Politicians have
threatened to censor social media engagements and conversations, endangering
freedom of expression online.130
5.2 Attacks on Internet Freedom and information
Namibian politicians have called for control of social media as a way to combat
disinformation and cybercrime, as it is increasingly being used to voice protest. In
mid-2019, a proposal to regulate social media was claimed to have split members of
parliament, but the Ministry of Information and Communication Technology
reaffirmed intentions to regulate it in February 2020. If such rules are drafted in a
hazy manner and approved without stakeholder participation, they may result in
unnecessarily restricting online expression. Politicians and government officials have
issued serious warnings131 and threats in recent years, saying that "irresponsible"
use of social media endangers lives132. Namibia prohibited the broadcasting of false
126
W, Menges.2019. Available at: https://allafrica.com/stories/201904130069.html, Last Accessed 12 October
2020
127
Act 84 of 1982
128
Act 10 of 1997
129
D, Kisting. 2016.Government prefers NBC, New Era. Available at:
https://www.namibian.com.na/157910/archive-read/Government-prefersNBC-New-Era, Last Accessed 9
October 2021
130
CIPESA, et al. 2020.Digital Rights in Namibia. pp 4-5
131
Quartz Africa,2018. ‘Colonial apartheid era laws southern African press freedom’, Available at:
https://qz.com/africa/1487311/colonial-apartheid-era-laws-hur-southern-africas-press-freedom/, Last
Accessed 9 October 2021
132
Namibian Sun, ‘Social media endangers lives’, Available at: https://www.namibiansun.com/news/socialmedia-endangerslives/, Last Accessed 9 October 2021
or misleading claims about the virus, including on social media, in April 2020 as part
of laws to combat the spread of COVID-19. The crime carries a fine of up to 2,000
Namibian Dollars (USD 134) or a six-month jail sentence. In June 2020, a man was
detained and punished for violating the restrictions.133
Despite the fact that there have been no cases of journalists being killed, imprisoned,
or reported missing13427, harassment, assault, and threats against journalists are
widespread. During the launch of a COVID-19 isolation facility in June 2020, two
journalists were assaulted13528 by a Presidential Security Unit. While the State
Department apologizes136, one of the journalists involved filed a charge of assault
against the security forces. Government leaders conducted verbal attacks against
the media during the 2019 elections. During this time, the government also issued a
public warning about cyberbullying137 .Despite its excellent standing in press
freedom rankings, Namibian journalists are said to be vulnerable to political pressure
and employer pressure, which limits their work in the public good. A Namibia Press
Agency journalist recently had a contentious meeting with President Hage
Geingob138, during which he openly and with permission raised questions that were
of public importance and required to be answered. As a result, the Namibia Press
Agency's administration issued a leaked statement distancing itself from the
journalist's actions. The media and an opposing political party both denounced this
instance.139
133
CIPESA, et al..2020. P 5
134
Committee to Protect Journalists (CPJ) Statistics Namibia’, Available at: https://cpj.org/africa/namibia/,
Last Accessed 9 October 2021
135
The Namibian, ‘Presidency security unit charged with assault’,
https://www.namibian.com.na/201403/archive-read/Presidency-security-unit-charged-with-assault, Last
Accessed 9 October 2021
136
All Africa, ‘Presidency Apologizes After Journalists Barred from Covering Launch of COVID-19 Facility’,
Available at: https://allafrica.com/stories/202006030808.html, Last Accessed 9 October 2021
137
The Namibian, ‘Govt warns against social media bullying’, Available at:
https://www.namibian.com.na/188284/archive-read/Govt-warns-against-social-media-bullying, Last Accessed
9 October 2021
138
Namibian Sun, ‘Journalist lands in trouble for fishrot question to Geingob’,
https://www.namibiansun.com/news/journalist-lands-in-trouble-for-fishrot-question-to-geingob2020-08-03,
Last Accessed 9 October 2021
139
CIPESA, et al. 2020.p 6
5.3 Internet access in Namibia
The Internet has now become one of the main methods by which persons exercise
their right to freedom of expression by receiving and transmitting information and
ideas, as well as providing essential tools for participation in activities and
discussions about political and public-interest issues. Furthermore, in light of its
accessibility and capacity to store and communicate vast amounts of information, the
Internet plays an important role in enhancing the public's access to news and
facilitating the dissemination of information in general. The Internet plays an
important role in enhancing the public's access to news and facilitating the
dissemination of information in general. On the Internet, user-generated expressive
activity gives an unprecedented platform for exercising freedom of speech.140
Namibia has one of the world's highest income inequality rates141. A lack of cheap
access and poor service quality are stifling the technology sector47. Namibia is
ranked 84th out of 100 nations in the 2020 Inclusive Internet Index, which evaluates
internet availability, affordability, content relevancy, and preparedness, while the
ITU's 2017 ICT Development Index puts it 118th out of 176 countries accessed. 142 A
National Broadband Policy (2020)143 was recently released with the goal of providing
everyone with dependable and affordable broadband access. While the policy is
vague in terms of target categories or areas, the five-year implementation action plan
aims to achieve 95 percent broadband penetration by 2024 and to put the Universal
Access and Service Fund into effect.144 Namibia receives a 29 percent rating on the
2020 Women's Rights Online Report Card, which evaluates internet access and
140
European Court of Human rights. 2021.Access to Internet and freedom to receive and impart information
and ideas. Available at: https://www.echr.coe.int/Documents/FS_Access_Internet_ENG.pdf last accessed 9
October 2021
141
The World Bank,2020. ‘Namibia Overview’, Available at:
https://www.worldbank.org/en/country/namibia/overview, Last Accessed 9 October 2021
142
ICT Development Index 2017, ‘internet availability, affordability, relevance of content and readiness ranks
143
Southern Time Africa’, Available at: https://southerntimesafrica.com/site/news/mict-namibia-launchesnational-broadbandpolicy, Last Accessed 9 October 2021
144
New Era, ‘Govt targets 95% broadband coverage by 2024’, Available at:
https://neweralive.na/posts/govt-targets-95-broadband-coverageby2024#:~:text=WINDHOEK%20%2D%20Government%20aims%20to%20achieve,Plan%20in%20the%20Nation
al%20Assembly, Last Accessed 9 October 2021
women's empowerment, relevance of content and services, online safety,
affordability, and digital skills and education. According to the report card, just 47%
of Namibian women have an internet connection, and there is no national strategy
that recognises technology as a tool for combating gender inequality. According to
the research, 1GB of data costs more than 8% of average monthly income145, putting
it out of reach for many Namibians.146
5.4 Right to privacy in Namibia
Data protection and privacy legislation does not exist in Namibia. There are,
however, some signs that things are moving in the right direction.147 A multistakeholder consultation on the data protection bill was held in February 2020,
reportedly attracting 85 participants from the offices of the President, Vice-President,
and Prime Minister; Parliament; the Ministry of ICT; criminal justice authorities;
ministries of education, gender equality, and child welfare; ministries of agriculture
and land reform; internet and telecommunications service providers; and civil society
organisations. In the absence of data protection legislation, data breaches have
been recorded at all levels, from corporate148 to individual. The Ministry of ICT, with
the help of the Council of Europe, undertook additional stakeholder consultations on
the Bill via online platforms from September to mid-October.
According to The Namibian newspaper in a thorough three-edition study, there is a
strong sense of state-sponsored monitoring among civil society and the media,
notably by the Central Intelligence Service.149 Civil society and the media think that
the government, notably the Central intelligence service, is heavily involved in
arbitrary interception and monitoring of individuals, violating their private rights.
145
Alliance for Affordable Internet, ‘2019 Affordability Report. Available at: https://a4ai.org/affordabilityreport/report/2019/, Last Accessed 9 October 2021
146
CIPESA, et al. 2020.p 7
147
GLACY+: Stakeholders’ Consultation Workshop on the Data Protection Bill in Namibia’, Available at:
https://www.coe.int/en/web/cybercrime/-/glacy-stakeholders-consultation-workshop-on-the-dataprotection-bill-innamibia, Last Accessed 9 October 2021
148
The Namibian, ‘SSC leak exposes personal info online’, Available at:
https://www.namibian.com.na/178310/archive-read/SSC-leak-exposes-personal-info-online, Last Accessed 9
October 2021
149
Action Access to Internet, ‘The rise of the Namibian surveillance state (Part I)’, Available at: https://actionnamibia.org/risenamibian-surveillance-state/, Last Accessed 9 October 2021
Online violence against women, on the other hand, continues to be a problem.150
According to a report by the World Web Foundation, Namibia's lack of cybercrime
and data protection legislation puts women at risk of violence and puts them in
vulnerable positions in cases of non-consensual image sharing (also known as
revenge pornography), online blackmail, and sexualized hate speech.151
5.5 Conclusion
In conclusion here are the recommendations to address the issues discussed in this
paper:
•
Reject unreasonable limitations on information availability and freedom of
expression. The Namibian government should promote and preserve internet
access, rather than prohibiting the use of social media and messaging
systems. While such services may raise legitimate societal and national
security concerns, bans are an arbitrary and excessive response that restricts
users cultural, social, and political expression unfairly. Rather than resorting to
national security orders and emergency measures, governments should
address any legitimate human rights or other risks posed by such services
through standard democratic mechanisms, such as legislation passed in
consultation with civil society experts and affected stakeholders.152 Thus the
government should amend the Namibia Central Intelligence Services Act 10,
1997, by repealing section 4 which blanketly prohibits persons from accessing
information on grounds of “national security”.153
•
Take steps to close the digital gap. With more employment and schools going
online, the consequences of uneven internet access are becoming more
severe. The government should cooperate with service providers to reduce
data restrictions and eliminate late payment fines in the near term, as well as
encourage community-based efforts to provide secure public access points
150
Oxford Human Rights Hub, ‘Addressing ‘Revenge Porn’ in Namibia’, Available at:
https://ohrh.law.ox.ac.uk/addressingrevenge-porn-in-namibia/, Last Accessed 9 October 2021
151
CIPESA, et al. 2020.p 10
152
Freedom House. 2021.Policy Recommendations: Internet Freedom. Available at:
https://freedomhouse.org/policy-recommendations/internet-freedom. Last accessed 9 October 2021
153
CIPESA, et al. 2020.p 10
and lend electronic devices to those who need them. Longer-term initiatives
might include increasing internet access and infrastructure for underprivileged
areas and people, ensuring that connection is accessible regardless of
economic level, and establishing strong legislative safeguards for user privacy
and net neutrality.154 The best way to do this is by Operationalising the
Universal Service Fund and the National Broadband Policy (2020) to promote
affordable, equal and equitable access to the internet and related
technologies among women and underserved communities.155
•
Pass strong data privacy regulations and safeguard encryption. Enact
Cybercrime, Data Protection and Privacy legislation in compliance with Article
21 of the Constitution and international human rights standards and
obligations.156 Persons should have control over their data, including the ability
to view, delete, and transfer it to third-party providers. The government should
only be able to access personal data in particular circumstances as defined by
law, with court approval and within a specific time period. Companies should
also be forced to explain how they utilise consumer data in nontechnical
language, as well as information about third parties that have access to the
data and how they are authorised to use it. If a customer's information is
stolen, companies should be compelled to tell them as soon as possible.157
154
Freedom House.2021.
155
CIPESA, et al. 2020.p 10
156
CIPESA, et al. 2020.p 10
157
Freedom House.2021.
6 References
6.1 Legislation
The Constitution of Namibia
Communications Act of 2008
Namibia Central Intelligence Service Act of 1997
Electronic Transactions and Cybercrime bill
General Data Protection Regulation (GDPR)
United States of America Constitution
Obstruction of correspondence 42 U.S.C. § 1702.
The Protection of Personal Information Act(POPIA)
6.2 International Treaties
Universal Declaration of Human Rights
United Nations Convention on Migrant Workers Article
International Covenant on Civil and Political Rights
6.3 Books
Edward Snowdan,2019. Permanent Record, Metropolitan Books
James Griffiths, 2019, The Great Firewall of China: How to Build and Control an
Alternative Version of the Internet, Zed Books
M Evgeny. 2012.The Net Delusion: The Dark Side of Internet Freedom. Public
Affairs
T. Morey. 2020.Customer Data and Privacy, Harvard Business Review
A. Singh, C. Embling, C. Payne et al.2019.Everything you wanted to know about
GDPR but were afraid to ask. Cyber Governance alliance.
P. Bernal. The Internet, Warts and All: Free Speech, Privacy and Truth. Cambridge
University Press.
D, Solove. 2006.A Brief History of Information Privacy Law. Washington. George
Washington University Law School
Silas J. Wasserstrom & Louis Michael Seidman.1998. The Fourth Amendment
as Constitutional Theory, 77 GEO. L.J. 19, 82
M, David.1979. Privacy law and public policy 38; see also
W Stuntz.1995. The Substantive Origins of Criminal Procedure, 105 YALE L.J.
6.4 Reports
J, Yang. 2020.WeChat Becomes a Powerful Surveillance Tool Everywhere in China.
Wall street journal.
Namibia internet Governance Forum report
Draft provisions of the electronic transactions and cybercrime bill Report by
Frederico Links and Graham Hopwood
Universal Periodic Review Stakeholder Report: 24th Session, Namibia the Right to
Privacy in Namibia
S, Warren. L Brandeis.1890. The Right to Privacy. Massachusetts. Harvard Law
Review.
T. Adelola, R. Dawson and F. Batmaz, "Privacy and data protection in E-commerce:
The effectiveness of a government regulation approach in developing nations, using
Nigeria as a case," The 9th International Conference for Internet Technology and
Secured Transactions (ICITST-2014), 2014, pp.234-239,
6.5 Case Law
Ex parte Jackson, 96 U.S. 727 (1877)
Prince Albert v Strange (1849) 47 ER 1302
6.6 Internet Sources
Techopedia. 2020.Internet Privacy. Available at:
https://www.techopedia.com/definition/24954/internet-privacy Last Accessed 15 May
2021
Law insider. 2020.Dictionary, Available at
https://www.lawinsider.com/dictionary/user-data last accessed 12 February 2021.
M. Nadeau ,2020, General Data Protection Regulation (GDPR): What you need to
know to stay compliant. Available at:
https://www.csoonline.com/article/3202771/general-data-protection-regulation-gdprrequirements-deadlines-and-facts.html.Last accessed 12 February 2021
Open Access Government. 2018. The five key business benefits of GDPR, Available
at https://www.openaccessgovernment.org/the-five-key-business-benefits-ofgdpr/44554/ last accessed 12 February 2021
L.Feiner,2019, YouTube and its users face an existential threat from the EU’s new
copyright directive. Available at https://www.cnbc.com/2019/05/10/youtube-facesexistential-threat-from-the-eus-new-copyright-directive.html last accessed 12
February 2021
Amnesty international. 2021.What is the universal declaration of human rights and
why was it created? Available at: https://www.amnesty.orgen/what-we-do/universaldeclaration-of-human-rights/ last accessed 16 June 2021
United Nations. 2021.Universal Declaration of Human Rights Available at:
https://www.un.org/en/ab/out-us/universal-declaration-of-human-rights last accessed
16 June 2021
Convention for the Protection of Individuals with regard to Automatic Processing of
Personal Data ETS No.108 1985
Council of Europe. 2021.Convention for the Protection of Individuals with regard to
Automatic Processing of Personal Data. Available at:
https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/108 last
accessed 16 June 2021
UN Human rights office of the High commissioner. 2011. The charter of human rights
and principles for the internet. Available at:
https://www.ohchr.org/Documents/Issues/Opinion/Communications/InternetPrinciple
sAndRightsCoalition.pdf last accessed 16 June 2021
Association of progressive communications. 2019. African Declaration on Internet
Rights and Freedoms Coalition: Promotion of freedom of expression a priority for
Southern Africa Available at https://www.apc.org/en/news/african-declarationinternet-rights-and-freedoms-coalition-promotion-freedom-expression last accessed
16 June 2021
African declaration on internet rights and freedom. 2014.The charter of human rights
and principles for the internet. Available at: https://africaninternetrights.org/ Last
accessed 16 June 2021
M. Todd. 2013. China lost 14 million people in World War II. Why is this forgotten?
Available from: https://psmag.com/news/china-lost-14-million-people-world-war-iiforgotten-66482 last accessed 15 August 2021
The Illinois Holocaust Museum and Education Center. 2021.Holocaust
misconceptions. Available from: https://www.ilholocaustmuseum.org/holocaustmisconceptions/ last accessed 15 August 2021
P. Fowler.2017. Data Privacy Day? Yeah, it’s a Thing. Available from:
https://www.swlaw.com/blog/data-security/2017/01/27/data-privacy-day-yep-its-athing/ last accessed 15 August 2021
Amnesty International. 2021. Universal declaration of Human rights. Available from
https://www.amnesty.org/en/what-we-do/universal-declaration-of-human-rights/ last
accessed 15 August 2021
Privacy International. 2021.What is Privacy? Available at:
https://privacyinternational.org/explainer/56/what-privacy last accessed 16 June
2021
D.Phillips. 2020.Data Privacy vs. Data Security: What is the Core Difference?
Available from: https://www.tokenex.com/blog/data-privacy-vs-security last accessed
10 September 2021
Privacy International. 2015.The Right to Privacy in Namibia. Available from:
https://privacyinternational.org/sites/default/files/201712/Namibia%20UPR_PI_submission_FINAL.pdf last accessed 16 September
D. Harrington. 2021.Data Security: Importance, Types, and Solutions. Available
from: https://www.varonis.com/blog/data-security/ last accessed 13 September 2021
P. Bhagattjee. 2021.South Africa - Data Protection Overview. Available from:
https://www.dataguidance.com/notes/south-africa-data-protection-overview last
accessed 16 September 2021
T. Warikandwa T.2021. "Personal Data Security in South Africa's Financial Services
Market: The Protection of Personal Information Act 4 of 2013 and the European
Union General Data Protection Regulation Compared" PER / PELJ 2021(24).
Available from: https://perjournal.co.za/article/view/10727 last accessed 16
September 2021
N, Statt. 2021.WhatsApp to delay new privacy policy amid mass confusion about
Facebook data sharing. The Verge. Available at:
https://www.theverge.com/2021/1/15/22233257/whatsapp-privacy-policy-updatedelayed-three-months last accessed 16 September 2021
Tessian.202120 Biggest GDPR Fines of 2019, 2020, and 2021.Available at:
https://www.tessian.com/blog/biggest-gdpr-fines-2020/ last accessed 21 September
2021
GDPR Summary. 2021.GDPR Summary. Available at:
https://www.gdprsummary.com/gdpr-summary/ last accessed 21 September 2021
Council of Europe.2020. Cybercrime policies/strategies. Available from:
https://www.coe.int/en/web/octopus/country-wiki-ap//asset_publisher/CmDb7M4RGb4Z/content/namibia/pop_up?_101_INSTANCE_Cm
Db7M4RGb4Z_viewMode=print&_101_INSTANCE_CmDb7M4RGb4Z_languageId=
en_GB last accessed 16 September 2021
General Comment No. 16 (1988), para1. Available from:
https://www.ifex.org/namibia/2008/11/25/new_bill_on_communication_interception/
last accessed 16 September 2021
N, Gervasius.2021. Data protection and privacy in the absence of law: a Namibian
exploration during covid-19. Available from: https://openinternet.global/news/dataprotection-and-privacy-absence-law-namibian-exploration-during-covid-19 last
accessed 17 September 2021
D, Runde. 2017.The Data Revolution in Developing Countries Has a Long Way to
Go. Available from: https://www.forbes.com/sites/danielrunde/2017/02/25/the-datarevolution-in-developing-countries-has-a-long-way-to-go/?sh=7b74ace21bfc last
accessed 6 October 2021
T, Sam.2019.social media and its Impact on Communication Available from:
https://www.namibian.com.na/192332/archive-read/Social-Media-and-its-Impact-onCommunication last accessed 6 October 2021
T, Wadhwa. 2020.Economic Impact and Feasibility of Data Dividends. Available
from: https://datacatalyst.org/reports/gettin-paid-pros-and-cons-of-data-dividends/
last accessed 6 October 2021
J, Laidler. 2019.High tech is watching you. Available from:
https://news.harvard.edu/gazette/story/2019/03/harvard-professor-says-surveillancecapitalism-is-undermining-democracy/ last accessed 06 October 2021
S. Kumar. 2020.Should we be paid for our data? Available from:
https://www.livemint.com/news/business-of-life/should-we-be-paid-for-our-data11597337028791.html last accessed 6 October 2021
S, Golad.2020. Should Companies Pay Users for Their Data? Available from:
https://analyticsindiamag.com/should-companies-pay-users-for-their-data/.last
accessed 6 October 2021
S, Herman. 2020. Should Tech Companies Be Paying Us for Our Data? Available
from: https://www.forbes.com/sites/forbestechcouncil/2020/10/30/should-techcompanies-be-paying-us-for-our-data/?sh=4528434e4147 last accessed 6 October
2021
Assist. 2019.Data Collection: The Good, the Bad, and the Value. Available from:
https://atassist.com/blog/data-collection-the-good-the-bad-and-the-value.last
accessed 4 October 2021
C, McFadden. 2020.A Chronological History of social media. Available from:
https://interestingengineering.com/a-chronological-history-of-social-media Last
accessed 4 October 2021
Z, Dentzel. 2014.Change: 19 Key Essays on How the Internet Is Changing Our
Lives. Available from: https://www.bbvaopenmind.com/en/articles/internet-changedeveryday-life/ last accessed 4 October 2021
Luman Canada. 2021. The Evolution of the Internet. Available from:
https://courses.lumenlearning.com/suny-massmedia/chapter/11-2-the-evolution-ofthe-internet/ last accessed 4 October 2021
ITU, Measuring the Information Society Report .2015. Available at:
https://www.itu.int/en/ITUD/Statistics/Documents/publications/misr2015/MISR2015w5.pdf, Last Accessed 7 October 2021
CIPESA, Small Media, ISOC Namibia. 2020.Digital Rights in Namibia. Available at:
https://cipesa.org/?wpfb_dl=436 last accessed 9 October 2021.
Reporters Without Borders, 2020. Available at: https://rsf.org/en/namibia, Last
Accessed 9 October 2021
W, Menges.2019. Available at: https://allafrica.com/stories/201904130069.html, Last
Accessed 12 October 2020
D, Kisting. 2016.Government prefers NBC, New Era. Available at:
https://www.namibian.com.na/157910/archive-read/Government-prefersNBC-NewEra, Last Accessed 9 October 2021
Quartz Africa. 2018.Colonial apartheid era laws southern African press freedom’,
Available at: https://qz.com/africa/1487311/colonial-apartheid-era-laws-hur-southernafricas-press-freedom/, Last Accessed 9 October 2021
Namibian Sun, ‘Social media endangers lives’, Available at:
https://www.namibiansun.com/news/social-media-endangerslives/, Last Accessed 9
October 2021
Committee to Protect Journalists (CPJ) Statistics Namibia’, Available at:
https://cpj.org/africa/namibia/, Last Accessed 9 October 2021
The Namibian, ‘Presidency security unit charged with assault’,
https://www.namibian.com.na/201403/archive-read/Presidency-security-unitcharged-with-assault, Last Accessed 9 October 2021
All Africa, ‘Presidency Apologizes After Journalists Barred from Covering Launch of
COVID-19 Facility’, Available at: https://allafrica.com/stories/202006030808.html,
Last Accessed 9 October 2021
The Namibian, ‘Govt warns against social media bullying’, Available at:
https://www.namibian.com.na/188284/archive-read/Govt-warns-against-socialmedia-bullying, Last Accessed 9 October 2021
Namibian Sun, ‘Journalist lands in trouble for fish rot question to Geingob’,
https://www.namibiansun.com/news/journalist-lands-in-trouble-for-fishrot-question-togeingob2020-08-03, Last Accessed 9 October 2021
European Court of Human rights. 2021.Access to Internet and freedom to receive
and impart information and ideas. Available at:
. https://www.echr.coe.int/Documents/FS_Access_Internet_ENG.pdf last accessed 9
October 20
TheWorldBank,2020. ‘Namibia Overview’, Available at:
https://www.worldbank.org/en/country/namibia/overview, Last Accessed 9 October
2021
ICT Development Index 2017, ‘internet availability, affordability, relevance of content
and readiness ranks
SouthernTimeAfrica’,2020Availableat:
https://southerntimesafrica.com/site/news/mict-namibia-launches-nationalbroadbandpolicy, Last Accessed 9 October 2021
New Era,2020. Govt targets 95% broadband coverage by 2024’, Available at:
https://neweralive.na/posts/govt-targets-95-broadband-coverageby2024#:~:text=WINDHOEK%20%2D%20Government%20aims%20to%20achieve,
Plan%20in%20the%20National%20Assembly, Last Accessed 9 October 2021
The Namibian, ‘SSC leak exposes personal info online’, Available at:
https://www.namibian.com.na/178310/archive-read/SSC-leak-exposes-personal-infoonline, Last Accessed 9 October 2021
Action Access to Internet, ‘The rise of the Namibian surveillance state (Part I)’,
Available at: https://action-namibia.org/risenamibian-surveillance-state/, Last
Accessed 9 October 2021
Freedom House. 2021.Policy Recommendations: Internet Freedom. Available at:
https://freedomhouse.org/policy-recommendations/internet-freedom. Last accessed
9 October 2021
Action Access to Internet, ‘The rise of the Namibian surveillance state (Part I)’,
Available at: https://action-namibia.org/risenamibian-surveillance-state/, Last
Accessed 9 October 2021