SA govt wants to be co-owner of all data generated locally
The South African government − through the proposed data policy, the Draft National Policy on Data and Cloud − wants to be the co-owner of all data generated in the country.
This is according to law firm Cliffe Dekker Hofmeyr, which says the policy has already attracted widespread debate among commentators, with many saying it raises issues around privacy and has the potential to scare off much-needed investment in the sector.
On 1 April, the minister of communications and digital technologies published a Draft National Data and Cloud Policy, together with an invitation for interested parties to submit written submissions to the department within 30 business days of publication of the draft policy, by 18 May.
However, the deadline has now been extended to 1 June.
Heather Irvine, partner at Bowmans, says the draft policy aims to transform SA’s economy into a digital economy that is both data-intensive and data-driven.
In particular, she says, the draft policy acknowledges the need to realise the socio-economic value of data through policy and law and to ensure open data, which is defined in the draft policy as “…data that is made freely available for use, re-use and republishing as [a party wishes], subject to ensuring protection of privacy, confidentiality and security in line with the Constitution”.
The draft policy proposes to develop a state digital infrastructure company and high-performance computing and data processing centre.
It also aims to consolidate excess capacity of publicly-funded data centres and deliver processing, data facilities and cloud computing capacity. Government also plans to develop ICT special economic zones, hubs and transformation centres.
In its draft policy, the department states: “South Africa’s effective response to these challenges will depend significantly on the extent to which it exploits opportunities presented by the digital economy, through the development of policy frameworks that harness the economic and social potential of data and cloud computing.
“Such policy frameworks should be citizen-centric and support already existing government initiatives of universal access and affordability of services. Most importantly, the frameworks should ensure challenges associated with lack of access to digital infrastructure, devices, software, applications and digital skills are addressed.”
Thabo Mashegoane, president of the Institute of IT Professionals South Africa (IITPSA), says the draft policy indicates government is considering the gravity of the fourth industrial revolution (4IR) and taking a progressive stand on digital development.
“This is an indication that government is moving to try to overcome challenges that have hampered its digital progress in the past – such as concerns about security when storing and moving data of national importance,” he says.
“At the same time, it indicates a willingness to address issues such as SMME access to digital technologies, a lack of digital skills in the country, and the barriers to entry preventing millions of South Africans from benefiting from the 4IR.”
However, IITPSA board member Moira de Roche notes the draft raises questions around why government would create a new platform and state-owned company to focus on data and networking, particularly since the primary purpose of government should be to set, implement and monitor policy.
She says the private sector is well-placed to partner with government on the implementation of a high-performance computing and data processing centre.
“While a Centre for High-Performance Computing exists in Cape Town, run by the CSIR [Council for Scientific and Industrial Research], there is an opportunity to expand the scope of these centres. If the private sector is brought in, and they can run the centre in a way that affords small and medium businesses access to cloud computing at a reasonable price, then it could be very beneficial.”
Informed policy development
Law firm Michalsons points out that the policy “seeks to strengthen the capacity of the state to deliver services to its citizens; ensure informed policy development based on data analytics; as well as promote South Africa’s data sovereignty and the security thereof”.
It adds this policy seeks to enable South Africans to realise the socio-economic value of data through the alignment of existing policies, legislation and regulations.
The policy further seeks to put in place a conducive and enabling environment for the data ecosystem to thrive, Michalsons notes.
The Department of Communications and Digital Technologies states the lack of proper policy guidelines with regard to data generation and storage could pose a threat to national security.
Commenting on this possibility, Christoff Pienaar, director and national head of the technology, media and telecommunications practice at Cliffe Dekker Hofmeyr, says data has always been a very important part of the national security concept.
“Inadequate data protection legislation could be a threat to national security, especially economic security. The reason for this is that countries with weak data protection legislation are perceived as unsafe destinations for data sharing and storage, and this in turn has economic consequences for such countries' ICT sector,” he says.