The Center for Media Studies and Peacebuilding, with support from Small Media Foundation based in the United Kingdom, on Tuesday, March 8, 2022, convened a one-day engaging roundtable at I-CAMPUS, Snapper Hill, Monrovia.
“Liberia is working on a data protection law, and from our own standpoint as civil society we are keen about creating the space for civic input into the draft instrument, and this is what this forum is geared towards,” remarked Malcolm Joseph, Executive Director of CEMESP in a welcome address. He added that the project entails meeting with other stakeholders, including the media, and undertaking a series of talk shows.
CEMESP Program Assistant, Ruth Gbatoe, provided a detailed overview of the project, saying it stems from the Universal Periodic Review recommendations that noted, among other things, that Liberia lags behind in the enactment of the data protection legislation. She said this represents a serious concern for them at CEMESP, indicating that it has emerged that the draft data protection instrument lacks a data protection clause. She impressed the stakeholders that the essence of the roundtable was for them to review what is available from the lead entity, the Ministry of Post and Telecommunications.
Gbatoe indicated that the process underway is intended to build synergy with other critical sectors, including state actors like the Liberia National Police (LNP). She recalled that the UPR review process was supported by the state, and must be sustained to address specific issues of weak data processing and storage mechanism. She disclosed that in the coming weeks CEMESP will engage the lawmakers to secure their buy-in and convey the concerns emanating from the stakeholder’s consultations for an effective data protection law in Liberia.
Program Associate of CEMESP, Wremongar Joe, also dilated on the importance of safety issues tied to cyberspace. He referred to the 2018 Ministry of Post and Telecommunications meeting that provided a baseline on the policy direction for cyber-security in Liberia. He stated that a continental scan indicates that a few countries have enacted cybercrime laws, but data protection still remains a challenge for countries such as Chad, Namibia, Kenya, Zimbabwe, Uganda, Senegal, among others. He underscored the issue of cyber-surveillance and third-party encroachment of personal data, which calls for safeguard from apps such as Google, TikTok. He argued that, while there is a trend toward the enactment of news, they are not sufficient to protect personal data, and Liberia must learn from these scenarios in privacy protection and confidentiality. He was specific on the replication of personal data each time citizens apply for national identity cards and passports.
It emerged from a conversation that globally 66% of countries have data protection, and in OGP countries Liberia and Sierra Leone are yet to have the law.
Prefacing his PowerPoint presentation of excerpts of the draft supplementary data protection law, Nalon Kaine, Director of the cyber-security at the Ministry of Post and Telecommunications, expressed delight over CEMESP’s initiative to stimulate conversation around the draft instrument, now at the level of the National Legislature. He said they have been trying to engage stakeholders on the draft, but it has been difficult to get their cooperation. He disclosed that the data protection instrument will be an addendum to the Telecommunications 2007 Act for there cannot be two legal instruments on the same thing to create an aberration.
Stakeholders were drilled through the draft instrument and discussions revolved around issues of definition of key terms and discussion of sensitive provisions. Among other things, the discussions revolved around data protection agency, recipient of personal data, consent of data subject, sensitive data, health data, data processor, media print, and audiovisual application of the law.
The meeting reached a phase when a suggestion was made by Lawrence Yealue of Accountability Lab to discuss the provisions rather than just going through the definitions. He also recommended that the draft law be shared among stakeholders to read thoroughly and make meaningful input therein.
Another stakeholder moved that the conversation be restricted to the scope of the document, which was adopted.
The roundtable also discussed issues of exception to the law about data that must or must not be collected, processed or stored.
By and large, the roundtable was engaging and useful suggestions were flagged and recorded about issues of sustainability of the data protection agency, fraudulent data protection, the principle of legality and fairness, the principle of accuracy, the principle of choice data processor, the principle of transparency, the gender dimension of the provisions, criminal prosecution implication of certain provisions to be made specific, lest it creates a duality of laws to create ambiguity.
