Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law
The corona virus that caused the COVID-19 disease defied geographical boundaries, spreading faster than the measures to contain its transmission. The processing of personal health-related data became widespread as a measure to respond to the pandemic. This triggered new concerns about the possibili...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | Afrikaans |
| Published: |
North-West University
2024-12-01
|
| Series: | Potchefstroom Electronic Law Journal |
| Subjects: | |
| Online Access: | https://perjournal.co.za/article/view/17744 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850105340981411840 |
|---|---|
| author | Otto Saki |
| author_facet | Otto Saki |
| author_sort | Otto Saki |
| collection | DOAJ |
| description |
The corona virus that caused the COVID-19 disease defied geographical boundaries, spreading faster than the measures to contain its transmission. The processing of personal health-related data became widespread as a measure to respond to the pandemic. This triggered new concerns about the possibility of there being a data crisis. Individuals suspected to be infected by COVID-19 were forced to undertake mandatory testing that involved the collection of health-related data. To limit the spread of the disease, the collection of personal data extended to secondary contacts. Personal health-related data are very prone to abuse, and this data included secondary data inconsistent with initial collection purposes. Admittedly, such risks are not new. Prior to the pandemic, health-related data were processed through electronic health (e-health) platforms. The health-related data processing methods during the pandemic were insufficient to meet the data protection principles of consent, transparency, purpose and storage, potentially violating the right to privacy. Globally, expectations are that countries should have data protection laws informed by established principles regulating the processing of personal data. While, Zimbabwe had not enacted the Cyber and Data Protection Act (CDP Act), which lists some of the data principles, this paper relies on existing laws to determine whether Zimbabwe is still abiding by constitutional and international human rights standards in protecting personal data privacy. The paper examines the development of data principles and their application in Zimbabwe in respect of health-related data protection during the pandemic. The paper 1) analyses the existing laws and their protection of personal health-related data; 2) explores the incorporation of data principles in COVID-19-related responses including in national laws as informed by international laws; and 3) highlights the gaps in both law and practice as they relate to the handling of personal health-related data in Zimbabwe during the pandemic. The paper concludes that even if the existing laws on data privacy were not comprehensive and even if the CDP Act came too late, the global regulations, the sectoral laws and other guidance accessible to Zimbabwe in responding to the pandemic would have sufficed to avert a data pandemic during the health pandemic and allowed Zimbabwe to be compliant with international data protection standards.
|
| format | Article |
| id | doaj-art-61fd6f3ec8d541d4bcef4b1ac869cf55 |
| institution | OA Journals |
| issn | 1727-3781 |
| language | Afrikaans |
| publishDate | 2024-12-01 |
| publisher | North-West University |
| record_format | Article |
| series | Potchefstroom Electronic Law Journal |
| spelling | doaj-art-61fd6f3ec8d541d4bcef4b1ac869cf552025-08-20T02:39:08ZafrNorth-West UniversityPotchefstroom Electronic Law Journal1727-37812024-12-012710.17159/1727-3781/2024/v27i0a17744Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International LawOtto Saki0https://orcid.org/0009-0002-8924-9365University of the Western Cape The corona virus that caused the COVID-19 disease defied geographical boundaries, spreading faster than the measures to contain its transmission. The processing of personal health-related data became widespread as a measure to respond to the pandemic. This triggered new concerns about the possibility of there being a data crisis. Individuals suspected to be infected by COVID-19 were forced to undertake mandatory testing that involved the collection of health-related data. To limit the spread of the disease, the collection of personal data extended to secondary contacts. Personal health-related data are very prone to abuse, and this data included secondary data inconsistent with initial collection purposes. Admittedly, such risks are not new. Prior to the pandemic, health-related data were processed through electronic health (e-health) platforms. The health-related data processing methods during the pandemic were insufficient to meet the data protection principles of consent, transparency, purpose and storage, potentially violating the right to privacy. Globally, expectations are that countries should have data protection laws informed by established principles regulating the processing of personal data. While, Zimbabwe had not enacted the Cyber and Data Protection Act (CDP Act), which lists some of the data principles, this paper relies on existing laws to determine whether Zimbabwe is still abiding by constitutional and international human rights standards in protecting personal data privacy. The paper examines the development of data principles and their application in Zimbabwe in respect of health-related data protection during the pandemic. The paper 1) analyses the existing laws and their protection of personal health-related data; 2) explores the incorporation of data principles in COVID-19-related responses including in national laws as informed by international laws; and 3) highlights the gaps in both law and practice as they relate to the handling of personal health-related data in Zimbabwe during the pandemic. The paper concludes that even if the existing laws on data privacy were not comprehensive and even if the CDP Act came too late, the global regulations, the sectoral laws and other guidance accessible to Zimbabwe in responding to the pandemic would have sufficed to avert a data pandemic during the health pandemic and allowed Zimbabwe to be compliant with international data protection standards. https://perjournal.co.za/article/view/17744COVID-19pandemicprocessing data subjectprivacysensitive personal data |
| spellingShingle | Otto Saki Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law Potchefstroom Electronic Law Journal COVID-19 pandemic processing data subject privacy sensitive personal data |
| title | Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law |
| title_full | Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law |
| title_fullStr | Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law |
| title_full_unstemmed | Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law |
| title_short | Data Protection in Zimbabwe with Reference to the Covid-19 Pandemic and International Law |
| title_sort | data protection in zimbabwe with reference to the covid 19 pandemic and international law |
| topic | COVID-19 pandemic processing data subject privacy sensitive personal data |
| url | https://perjournal.co.za/article/view/17744 |
| work_keys_str_mv | AT ottosaki dataprotectioninzimbabwewithreferencetothecovid19pandemicandinternationallaw |