Liquid Intelligent Technologies held a ‘Data protection for the public sector’ event. Indeed, representatives from the IT departments of various public sector organisations were in attendance. And data protection was discussed.
In a few hours, the Data Protection Act of 2021 was unpacked, an overview of data protection was given and data protection solutions for the public sector were discussed.
Presentations were made by the Regional Head for Legal and Regulatory – Central Africa, a Presales and Complex Solutions Specialist and a Managed Services executive.
The Liquid guys could not go into the entire Data Protection Act in the little time available. They instead focused on a few areas, including:
- General rules on processing data
- Duties and obligations of data controller/ data processor and rights of the data subject
- Data breaches
- And the fun one – Offences and penalties
It is always sobering to remember that any data controller, representative, agent or assignee who violates certain sections of the Act may be fined US$1000, imprisoned for 7 years, or both. So, understanding the Act is critical if you don’t want that.
I think some of us out here are data controllers but don’t consider ourselves to be. That won’t hold up in court, unfortunately.
You may want to revisit the brilliant citizen’s guide to the Data Protection Act that the Media Institute of Southern Africa (MISA) Zimbabwe released some months ago:
Do note that Cyber and Data Protections Regulations (Licensing of Data Controllers and Appointment of Data Protection Officers (DPOs) are still a work in progress. When they come out we shall know exactly what enforcement of the Act will look like.
Data protection for the public sector
Liquid first reminded us that cyber crimes are on the rise across the world. Unfortunately, there isn’t any concrete data on the cyber attacks in Zimbabwe. However, estimates say 82% of Zimbabwean businesses have experienced cyber threats and attacks.
The Internet Society of Zimbabwe has given a similar figure before. They say organisations do not report these attacks to save face but they have been targeted a lot lately.
Liquid then went into the value of data and how government data is siloed, reducing its utility.
Naturally, they went on to their own data protection solutions. Talking about how you wouldn’t need to worry about compliance issues (remember 7 years in prison awaits) if you went with Liquid, among other things.
I believe that was the whole point of the event but I don’t think we can fault Liquid for it. It is good business.
Even if some parastatals do not go with Liquid’s solutions, but still take security seriously because of the event, that’s still a win for us all, including Liquid.
Under no circumstances should a Zimbabwean government department be using free Gmail accounts. It was only recently that that conversation was had on Twitter when someone shared some govt agency proudly using Gmail.
So, if Liquid’s initiative leads to less and less of that, that counts as public service in my book.
I should let you know that it was encouraging to find out that some govt departments and parastatals are indeed taking data security seriously. No Gmail users were in attendance.