Statement Delivered By The RAIC Chairman Information Commissioner, Dr. Ibrahim Seaga Shaw on the Data Protection Policy / Law at stakeholders meeting held at the National Civil Registration Authority on 8th October 2019
Mr. Director-General of the National Civil Registration Authority, representatives of relevant Ministries, Departments and Agencies, and development partners, all protocols observed, let me use this occasion to thank all those that came up with the brilliant idea to put together a dedicated instrument that will guide the protection of data in the country. Let me also extend my profound appreciation to the Law Officers Department in this regard.
The importance of any data protection law is to control how sensitive information is used by organizations, businesses or the government. Everyone responsible for sensitive data has to follow strict rules called ‘data protection principles. Data should be used lawfully, transparently and fairly for specified purposes. It should be handled in a way that ensures appropriate security, including protection against unlawful processing, access, loss, damage. If there is no stronger legal protection for more sensitive information such as national security and defense, economic interest, investigations and law enforcement, biometrics, health, etc, the data will surely fall in the hands of the wrong people, and there is a recipe for havoc.
This meeting today is very crucial for the future of Sierra Leone insofar as access to information and data protection is concerned because if the right consultations and engagements are not made we would end up enacting a law that would seriously conflict with existing law. At the end of the day, we would go back to the drawing board and begin things all over again. While access to information thrives on democracy and open government, data protection is predicated on protecting individual personal information, privacy, information that would threaten, or undermine national security and national commercial interest, among others. Access to information is primarily a means of increasing transparency in official decision-making and procedures and enabling citizens to hold government to account. Although the underlying aim of the Act is greater transparency in government, there is clearly a range of information that should not be released because of the adverse consequences of doing so.
The 2013 Right to Access Information Act legally empowers citizens to demand information from any public or private authority if that information is required for the protection, or enforcement, of any right. The same Access to Information law makes provision for data protection. In section 12, the Act exempts information to be requested in the interest of national security and defense, economic interest, investigation, law enforcement, audit, etc. The Act in section 12 again provides that information shall not be exempt where the public interest in accessing the information outweighs the harm which the exemption seeks to protect. Article 19 of the Universal Declaration of Human Rights makes provision for promotion of access to information and protection of data. These two regulatory functions cannot be efficiently handled by two separate bodies without a room for endless conflicts hence they are implemented by a single body in many international jurisdictions. It is because of the provisions of the older act we should look critically and understand exactly the path we should tread as a nation.
The RAIC law is struggling to come to terms today with older laws because of the mistakes of the past. A repetition of the same mistakes would bring us aback and question our credibility in the global realm.
In the UK and South Africa, both access to information and data protection laws are implemented under one body to prevent conflict of interest. In Mexico, there is a body responsible for Transparency, Access to Information and the Protection of Personal Data. In my capacity as Chairman/ Information Commissioner of RAIC, I met with representatives of such bodies at the recent International Conference of Information Commissioners in Johannesburg and the UN’s High-Level Political Forum (HLPF) meeting on SDG 16.10 organized by UNESCO. Data Protection falls within the remit of RAIC according to best practice.
The Commission has adopted a multi-sectoral approach in establishing an Open Data Council in a bid to strengthen national institutional coordination around open data. It has also gone ahead to establish three committees namely: the Ministerial Committee, National Steering Committee, and Technical Advisory Committee. Five Key ministers sit at the Ministerial Committee level with the Minister of Information and Communications sitting as Chairman while the RAIC chairs the Open Data Council. Also in trying to create an enabling environment in the implementation of the RAI law, the Commission in its Strategic Plan prioritized Access to Information and Data Protection. I would like to close by suggesting an adoption of a similar multi-sectoral approach in establishing a Data Protection Council in a bid to strengthen national institutional coordination around data protection
I thank you all and look forward to an effective and sustainable collaboration.
Credit: RAIC media team
