Wednesday, February 22, 2006

data protection vs. access to information

As I may have mentioned some weeks ago, we have had lessons on data protection, and the Spanish legislation is quite extensive in this regard, with a particular emphasis on the user/citizen having the right to be informed of the intended use(s) of his/her information, and having the right to access, modify, or cancel his/her record in a database. The overt emphasis then is the licit gathering and use of data of a personal character, and that the end-user/client is always aware and has expressly consented to the data being stored in a database. Turning to the South African scenario, we do not have extensive data protection legislation analogous to the Spanish example. For one, we have some protection outlined in the Electronic Communications and Transactions Act (2002) http://www.acts.co.za/ect_act/(articles 42 to 51) regarding Consumer protection for transactions in the electronic environment and the protection of personal information, with a greater emphasis on access to information held by public and private entities as detailed in the PROATIA (Promotion of Access to Information Act 2000) http://www.acts.co.za/prom_of_access_to_info/index.htm

The emphasis in South Africa is access to information as a human right, so as to promote democracy and greater transparency in society (and of the government). The latter is also signalled by the mere act of the responsible person for overseeing the implementation of the PROATIA law being based at the Human Rights Commission in South Africa (www.sahrc.org.za/). The Spanish emphasis seems oriented more to the citizen having a right and appropriate recourse to not being exploited in the use of his/her personal information. And so a special agency (the Spanish Data Protection Agency (Agencia Española de Protección de Datos https://www.agpd.es/)) has been established to achieve this end. It is interesting to note the difference in the raison d´être in this regard between the two countries. Of course they are (1) based in entirely different legal systems; (2) Spain being part of the EU, the law in this regard is spearheaded by supra-national legislation. And yet, the question is why even now, does South Africa not have specific and extensive data protection legislation?

posted by Jennifer A. DeBeer @ 17:25

0 Comments:

Post a Comment

<< Home