Stakeholder’s consultative workshop on developing a compliance pack for MSMEs organized by the Personal Data Protection Office (PDPO)








The Timetable and Setup 


The venue of choice was great. Friends have been there before. Weddings, ICT Events and Workshops similar to this one. The ICT event was much broader and had quite a number of breakout rooms. The topics that was featured were myriad as were the speakers. The technology employed at this same was state of the art as were the lovely ladies that served as hosts to guide us to and from the different stations. 



Time 

Item 

Responsible Person/Speaker

8-9AM

Prayer and National Anthem

Mr. Jordan Magala

9-9:10AM

Opening Remarks 

National Personal Data Protection Director Ms. Stella Alibateese

9:10-9:30AM

Remarks from FSDU

FSD Uganda

9:50-10:30AM

Overview of the Data Protection and Privact Act

Manager Compliance and Investigations PDPO Mr. Baker Birikujja

10:30-10:45AM

Break

All

10:45-11:15AM

Overview of the development of the compliance assignment

Ms. Teki Akuntteh

11:15-12:15PM

Breakout Exercise by Participants 

All

12:15-12:25PM

Final Remarks by consultant

Ms. Teki Akunteh

12:25-12:30PM

Final Remarks by PDPO

National Personal Data Protection Director, Ms. Stella Alibateese

12:30-1:30PM

Lunch and Departure

All


Breakfast: Hit or Miss 


Eh as for the meal that i was expecting having dashed from the house early and neglected to get something quick, i guess you got me on that one :). The breakfast that was promised was “cancelled”. I really hope the amazing hosts Mestil Hotel and Residences did not fox the sponsors of this event given they probably paid for meals to cover breakfast, lunch and something for the break. Ah maybe i just happened to have entered the wrong room so correct me if i am wrong but we missed BF. 

Which reminds me. A few years ago…2011 possibly the first half of the year my colleagues and i had invested heavily in a mental health event at Hotel Africana. When we were done, our outreach lead requested that the meal we had paid for be packed for us but this was promptly declined. Note to Venues…that is a boo boo! 


The Data Protection and Privacy Ecosystem 


A quick search online reveals that the Data Protection and Privacy Act of 2019 in Uganda aims to safeguard the privacy and security of individuals' personal data. It sets out regulations for the collection, processing, storage, and sharing of personal information to ensure transparency and accountability in handling data. The act also establishes rights for individuals to access, correct, and delete their data, as well as provisions for data breach notifications and penalties for non-compliance.


To have a greater sense of appreciation for the event, one needs to have more knowledge about those who put the event together. Two major groups come up in this regard. PDPO, FSD and ICTAU. The most natural thing to do these days is to visit the socials of your NGO to find out ifthey have a presense. 









Data shmata 


One of the things that i appreciate now that i could not have understood back then was the importance of data in decision making. After a great class hosted by OutBox Hub and organized by Data Science Nigeria and a list of trainers and experts from Uganda much appreciation has now been gained for data collection, sorting, cleaning, interpretation and representation. Which brings me to the FSD Uganda page. What an Impressive Dataset page! A place where you can request all sorts of useful information and obtain in all in a simple to use format. 






Conversation with the PDPO Manager of Compliance and Investigations


Lessons on Youtube from PDPO 


Data Life Cycle image is given below. 





The discussion about data protection and privacy as seen in a historical book- the bible. 








History of Data Protection and Security Law from The Garden of Eden to the present day. Principles of the law

Registration with PDPO and Privacy Compliance Program, Penalties for violating the law and a great example of a case where a company was sued for misuse of an image. Nalubega Vs. Stabex International Ltd. Pump Attendant


The Regulators (Some Profiles from Linkedin or Company Websites).


Teki Akutteh


I am a Senior Partner at Nsiah Akuetteh & Co. a law firm based in Accra, Ghana that specializes in information technology and telecommunication law in Africa. I am also a privacy and data protection consultant and have previously worked for the Government of Ghana in the development of key legislations for the ICT sector including the National Communications Act, 2008 (Act 769), Electronic Communications Act, 2008 (Act 775) Electronic Transactions Act, 2012 (Act 772) and the Data Protection Act, 2012 (Act 843). I was appointed the first Executive Director of the Data Protection Commission to facilitate the implementation of Ghana’s Data Protection Act and successfully set up the institution from a legal instrument to an internationally recognized body. Additionally, I worked in various capacities with regional bodies such as ECOWAS. 

Currently, I am the Founder & Executive Director of Africa Digital Rights Hub (an NGO that promotes digital rights issues across Africa); Executive Chairperson for AIM Solutions Ltd. (a business and compliance solutions software development company in Ghana); a member of the UN Global Pulse Privacy Advisory Group, and a member of the UN Special Rapporteur on Privacy (UN SRP) Task Force on Privacy and Medical Data.


Stella Alibateese


I have been a practicing advocate for over 22 years with experience in a number of areas the bulk of which is on policy and regulatory matters in the public sector. 


Currently serving as the Director, Regulation and Legal Services, National Information Technology Authority, Uganda (NITA-U) which role enables me to provide in house legal counsel, corporate secretarial services and regulatory oversight in the IT sector. 


As part of my regulatory role, am also in charge of developing laws to support the IT sector including laws related to cyber security in Uganda and the enforcement /compliance with the said laws. My recent work was to lead the development of the recently enacted Data Protection and Privacy Act, 2019, Uganda. 


At NITA-U, i have led teams in the development of laws, legal instruments /regulations to support the ICT sector with a focus on the development of e Government in Uganda and provided legal input for various ICT sector policies and strategies. I regularly provide training and speak at conferences on matters related to ICT related laws and legal issues in the Information Technology field. 


Sarah Yvonne 


Sarah is a seasoned banker with over 10 years of senior and organisational leadership experience in the financial services sector. She has a wealth of expertise in organisational governance, banking, business analytics, strategic project planning, and management.

She brings on board over 15 years of financial services experience gained from working for Barclays Bank (now ABSA), and Stanbic Bank, where she held different leadership roles in consumer, small and medium enterprises, and business banking. Most recently, she worked as the Deputy Director in charge of Business Operations at a CDC funded project that focuses on quality management systems.

She holds a Master of Business Administration degree from the University of South Wales Prifysgol De Cymms, ACCA Certificate, and a Bachelor’s Degree in Social Sciences majoring in Economics from Makerere University.


Baker Birikujja 


As the Manager Compliance and Investigations at the PDPO, I oversee the enforcement of the Data Protection and Privacy Act, 2019, and the investigation of data breaches and complaints. I also monitor compliance with the Act in both public and private sectors. Additionally, I provide legal and regulatory guidance to stakeholders on data protection and privacy matters. I am a member of international and continental task force committees addressing data protection and emerging technologies at the African Union, East African Community and Africa-Asia AI Policymakers Body.


I am a Fellow of Information Privacy, certified in both European data protection (CIPP/E) and as a Manager (CIPM), with a Bachelor of Laws degree from Uganda Christian University and a Post Graduate Diploma in Legal Practice from Law Development Centre. I have over nine years of experience in data protection and privacy, technology regulatory compliance, digital transformation contracting, and project management. 


I am skilled in regulatory compliance, legal advisory, investigations, and data security standards.


Work Plan and activities-conversations with the consultant Ms Teki Akutteh


Notes from consultants who were assigned the task of creating a toolkit that is responsive to the needs of Uganda’s ecosystem. 

MSMEs and Fintechs as principle areas of focus. 


Why organizations prioritize data protection compliance. 


Legal Obligations

Risk Management

Consumer Expectations

Reputation and Trust

Ethical and Corporate Social Responsibility

Market Access and Business Opportunities


Findings So Far


Broad MSME and Fintechs (payment, insurance, services, marketing, logistics, tourism)


Compliance, Regulation, Lack of Knowledge regarding compliance, Cost of Compliance, Multiple Platforms and Regulators e.g BOU, URA, UCC, Lack of Training on Capacity, PDPO resource challenges, Information Sharing around Third Parties, Consent Issues. 


UIA Uganda Investment Authority 30k businesses plus but only 30 plus registered


DPO Data Protection Officer (few only managing small number of staff).


Regulation in Uganda a list with functions (From a question i asked AI tool on Opera Aria). 



Certainly! Here is a list of regulatory agencies in Uganda along with brief descriptions of their functions:


1. **Bank of Uganda (BoU)**

   - **Functions:** The central bank of Uganda, responsible for monetary policy, issuing currency, regulating financial institutions, and ensuring financial stability.


2. **Uganda Communications Commission (UCC)**

   - **Functions:** Regulates the communications sector, including telecommunications, broadcasting, and postal services. Ensures compliance with regulations, promotes competition, and protects consumer interests.


3. **National Environment Management Authority (NEMA)**

   - **Functions:** Oversees environmental management and protection. Implements environmental policies, laws, and standards. Conducts environmental impact assessments and audits.


4. **Uganda Revenue Authority (URA)**

   - **Functions:** Administers tax laws and collects revenue on behalf of the government. Ensures compliance with tax regulations and combats tax evasion.


5. **Electricity Regulatory Authority (ERA)**

   - **Functions:** Regulates the electricity sector. Sets tariffs, licenses operators, monitors performance, and ensures the provision of reliable and affordable electricity.


6. **Uganda National Bureau of Standards (UNBS)**

   - **Functions:** Formulates and enforces standards to ensure the quality and safety of products. Conducts inspections, testing, and certification of products and services.


7. **Uganda Investment Authority (UIA)**

   - **Functions:** Promotes and facilitates investment in Uganda. Provides investment advice, information, and support to investors. Works to improve the investment climate.


8. **Capital Markets Authority (CMA)**

   - **Functions:** Regulates and promotes the development of the capital markets. Licenses market participants, ensures compliance, and protects investors.


9. **Insurance Regulatory Authority of Uganda (IRA)**

   - **Functions:** Regulates the insurance industry. Licenses insurers, brokers, and agents. Ensures compliance with insurance laws and protects policyholders.


10. **National Drug Authority (NDA)**

    - **Functions:** Regulates the manufacture, importation, and distribution of pharmaceuticals. Ensures the safety, efficacy, and quality of drugs and medical products.


11. **Public Procurement and Disposal of Public Assets Authority (PPDA)**

    - **Functions:** Regulates public procurement and disposal processes. Ensures transparency, accountability, and value for money in public sector procurement.


12. **Uganda Wildlife Authority (UWA)**

    - **Functions:** Manages and conserves wildlife and protected areas. Promotes tourism and wildlife conservation. Enforces wildlife protection laws.


13. **National Information Technology Authority Uganda (NITA-U)**

    - **Functions:** Regulates and promotes information technology development and usage. Implements IT policies, standards, and guidelines. Oversees e-government initiatives.


14. **Uganda Coffee Development Authority (UCDA)**

    - **Functions:** Regulates and promotes the coffee industry. Ensures quality control, supports coffee production and marketing, and promotes Ugandan coffee internationally.


15. **Petroleum Authority of Uganda (PAU)**

    - **Functions:** Regulates the petroleum industry. Oversees exploration, development, and production of petroleum resources. Ensures compliance with laws and environmental standards.


These agencies play crucial roles in their respective sectors, ensuring compliance with regulations, promoting development, and protecting public and consumer interests in Uganda.









Comments

Post a Comment

Popular posts from this blog

Q and A with Luke Sheehan an experienced Copywriter

Image
1.What are your names? Luke Christopher James Francis Sheehan. Why so many? Because a Catholic tradition (that we just about held on to) was that each parent could choose a middle name – and I chose an extra one at Confirmation. That was Francis. 2. Where did you go to school? Any amusing highlights from your Alma Mater? I went to Gonzaga College in Ranelagh and to Trinity College, Dublin, and University College Dublin. Trinity is extraordinary, located right in the centre of the city. It turned into a rich source of memories for me. I now write interviews for the TCD Alumni magazine, so I actually spend quite a lot of time encouraging other graduates to go over their own recollections of the place – I just interviewed the college Registrar while he was doing a 12-hour cycle marathon on a stationary bike. He was warm and funny. The place easily leaves a strong nostalgia in people. 3. What did you study? In Trinity and UCD, theology and philosophy, and history. Nothing to do with tech,
Read more

Interview With Jonathan Ntege Lubwama of Benue Capital

Image
This interview was conducted and contributed to TechCabal by  Luke Sheehan , chief editor and copywriter at  CrossFund , an investor collective focused on emerging markets. Jonathan Ntege Lubwama  is a young Ugandan with a challenging mission to build Ugandan startups to maturity. During a nine-month gap before starting university, and just a few years before the COVID crisis, he started reading about tech startups. Around the time he commenced his own studies, he founded a food delivery company for students. As with many first tries, it crashed after initial success, but he was not deterred. He moved on to his next idea: online real estate. That play received a grant but was impacted by the COVID lockdowns. He moved on from that, too, joining Kampala’s  Digest Africa  as a writer and editor. The journalism skills he developed in media would teach him how to carry out due diligence with founding teams. Lubwama’s focus now is building  Benue Capital , which launched on March 31 this yea
Read more

Conversation with Jimmy Ouni of TISA and TRUISM.

Image
 1. What are your names?  Jimmy Ouni 2. Where did you go to school? For my tertiary educations I took mainly distance education, Business Studies at University of Greenwich, then commerce and information systems at Ssikim Manipal University.  3. What did you study?  I studies commerce and information systems, & PMP.    Undertake a number of in agribusiness and management.  4. Tell us about what you do? I am an operation specialist, coordinating and optimizing various processes. My Current role at Truism, an agribusiness firm working with over 1000 smallholder farmers in the northern, west Nile and eastern regions of Uganda, we focus on the production and promoting consumption of dry pulses (legumes), the most undervalues super food, As the general Manager, this involves streamlining workflows, overseeing resource allocation, and implementing efficiency improvements to ensure smooth and effective business operations and profitability.  5. What are some of the major influen
Read more