Prof Pius Owolawi, HoD at the Department of Computer Systems Engineering, Faculty of Information and Communication Technology.
On 1 April 2021, the Department published a draft Data and Cloud Policy for public comments. To enrich these discussions, the Department has called the colloquium to engage further with industry stakeholders. After submitting his comments, Prof Pius was notified that he would form part of the group of panellists to speak at the online colloquium, led by Minister Stella Ndabeni-Abrahams.
The purpose of the Data and Cloud Policy is to enable South Africans to realise the socio-economic value of data through the alignment of current policies, legislation and regulations. The policy seeks to put in place a helpful and enabling environment for the data ecosystem to thrive. In addition. It aims to strengthen the capacity of the State to deliver services to its citizens, ensure informed policy development based on data analytics, as well as promote South Africa’s data sovereignty and its security.
During the opening of the colloquium, Minister Ndabeni Abrahams mentioned that the government’s vision is towards a data intensive and data-driven South Africa.
In his address, Prof Pius outlined the following risks and reasons why South Africa must get it right when it comes to the Data and Cloud Policy:
- 21st Century is referred to as the “Information Age”, “Data Transaction Age”, “Data driven innovation age”, or “silicon age”. Thus, this regulation must strike a balance between investor’s expectations and National interests.
- Data booming: by 2025, the amount of data generated will be four times more compared to 2019 (40 Zettabytes in 2019 and an expected 163 zettabytes by 2025)
- Heavy penalties imposed for non-compliance/breaches: GDPR fines -$5 billion, Facebook’s Cambridge analytical fine (largest fine levied against US company), £183,000,000 British Airway, £99,000,000 Marriot Hotel, £50 Million Google, £220 000 Poland’s UODO, £460,000 Haga Hospital, £27,000 Vodafone.
The extreme regulation may drift investors to regions where the regulation may resonate with their business models.
- Global data policies: Understanding of various data policies will allow this regulation to converge and seamlessly fit into global data policy framework.
These policies include the GDPR, CCPA, POPIA, PIPEDA, LGPD, Data Protection Act of 2018 in the UK, various privacy laws in Australia.