Why open data?

Data is currently the big talk on everyone’s mind. Words like ‘big data and ‘open data’ are in the air. In the United States alone, the word “data” receives about 60,500 searches every month on average. Data volumes are exploding and researchers believe by the year 2020, about 1.7 megabytes of new information will be created every second for every human being on the planet.

With increasing data comes an increasing demand for it. Companies are continuously looking for this data with hopes of extracting meaningful information that they can use to leverage decision-making. This demand for data is so high that some are resorting to stealing it. In 2013, the world experienced its largest-ever data breach when 3 billion Yahoo user accounts were hacked and information on phone numbers, birth dates, security questions, and other PII was taken.

Users went ahead and initiated class-suits, claiming a wide variety of violations, misconducts, and damages. This growing demand for data is perhaps where the growing need for open data comes in.

What is open data?

Open data is data that anyone can access, use and share. Data is open if anyone can access, use and share it or even redistribute it commercially without any restrictions. For data to be open, it needs to be in a format and structure that can be easily understood by anyone and everyone. And there shouldn’t be any limitations against using the data in any particular way.

Open data is defined by law and is that data that concerns public and private players in the context of a public service mission. In Uganda, the government is moving to make all government data open to the public. The ICT Ministry released the first draft of the country’s new open data policy, where all data surrounding all research done by publicly-funded institutions must be openly available on the internet. This policy is yet to be put in place. But how will this new open data culture be useful to ordinary Ugandans?

Open data can help in making governments more transparent. This is done by providing evidence that public money is being well spent to confirm that policies are being implemented. When governments inject money into policies without any form of monitoring in place, this encourages corruption and mismanagement of public funds. Transparency, participation, impact measurement of these policies help reduce corruption and mismanagement. New knowledge obtained from data improves the efficiency and effectiveness of government services.

Open data just like any form of data helps inform decision-making. Ugandan farmers depend on the natural patterns of rainfall and weather, but climate change has made these much more erratic. Many farmers are now unable to rely on their historical knowledge for the best time or best crops to plant and face long months of famine. As climatic patterns continue to change, Uganda’s farmers will need the data and tools to adapt. With climatic data openly available, farmers can use this to predict rainfall and weather and determine which times are appropriate to grow and harvest their crops. New knowledge from combined data sources and patterns in large data volumes allows governments, citizens, academia, and the private sector find new answers to solve societal problems using openly accessible data. New techniques for solving societal problems are initiated.

Open data creates an opportunity for new and improved products and services. With open data comes a reduction in duplication and it promotes reuse of existing resources. This leads to the creation of new opportunities for economic growth, new businesses, and jobs. Companies can rely on open data to exploit gaps across markets and identify business opportunities such as finding a market niche to focus on. Common types of open data that can be relied on include transport data, demographic data, geospatial data, and environment data.

Open data improves communication between a government and its community. Two-way communication is the key to achieving municipal goals. Governments have a great deal of information they would like citizens to have, from details about how services are provided to explanations of how they are meeting existing challenges. This helps build a feedback platform from the public which governments rely on. It also acts as a channel promoting timely information about new problems in society. Releasing data through open data programs creates a different kind of information flow different from relying on social media online public meetings and open public meetings. While all these techniques increase public awareness and build public commentary, open data does it better by inviting data users to derive both anticipated and unanticipated insights from government data.

Open data promotes evidence-based policy development process through the use and application of data for financial and evidenced-based policy decisions; strategic and targeted cross-agency collaboration; and the development of innovative solutions, services, and tools where there is an identified policy or community need.

Open data culture is a move in the right direction for Uganda. Open data builds a link between a government and its people and improves efficiency, communication, etc.

However, open data also stands at a risk of violating people’s privacy, possible misuse, and misinterpretation of data. There is a closed data culture in Africa and many countries lack open data policies and initiatives at the national level. Another challenge open data faces come with its reliance on internet access which for countries like Uganda is still a challenge. Internet penetration had grown to 47% but the introduction of social media tax reduced this to 35%. Open data still has a long way to go in Uganda but with civic tech firms fueling it, what lies ahead for open data is Uganda is still uncertain.

Data Protection and Data Privacy

We’ve heard it time and again: “Data is the new oil”

This phase considers data to have the potential to unlock opportunities such as reducing costs, easing decision making and many more. In service delivery, big data provides a more customized user experience, targeted campaigns, and better optimization models. In production, more customized products tailored towards a specific market can be produced after understanding the needs of customers with the help of consumer data. But once this data is collected, questions such as where is this data stored, who can access it, can it be used in any harmful way and many more start to come up. People start to wonder whether all the information collected can be exploited and used to harm them, especially vulnerable individuals and communities such as journalists, activists, human rights defenders, and members of oppressed and marginalized groups.

This is the point at which data protection and data privacy come in.

But what do data protection and data privacy really mean?

Data protection simply refers to the practices, safeguards, and rules set out to protect people’s personal information and ensure that it remains in their control. In more simplified words, data protection means you the individual get to decide which of your information to put out there and who you allow access to. It can also be defined as the law designed to protect your personal information, which is collected, processed and stored by “automated” means or intended to be part of a filing system.

Data protection is often confused with data privacy. The latter, also referred to as information privacy is a branch of data security concerned with the proper handling of data. It considers areas like consent, notice, and regulatory obligations. Data Security and data privacy are often used interchangeably, but these two do differ in a way that data security protects data from compromise by external attackers and malicious insiders while data privacy governs how data is collected, shared, and used. Data privacy cannot exist without data protection, but you can have data protection without data privacy and this is why every country needs to have data protection laws governing data users.

In February 2019, the President of Uganda assented to a data privacy and protection act to protect the privacy of all individuals by regulating the collection and processing of their personal data. This Act applies to all persons or organizations collecting, processing, holding or using personal data within and outside Uganda if data being used relates to Ugandan citizens. The act aims to protect the rights of the persons whose data is collected, stipulate the obligations of data collectors, data processors, and data controllers, and regulate the use or disclosure of personal information; and any related matters. This law is based on a number of basic principles. Briefly, these principles require that:

1. A data collector, data processor or data controller or any person who collects, processes, holds, or uses personal data shall;

  • be accountable to the data subject for data collected, processed held, or used;
  • collect and process data fairly and lawfully;
  • collect, process, use or hold adequate, relevant, and not excessive or unnecessary personal data;
  • retain personal data for the period authorized by law or for which the data is required;
  • ensure the quality of information collected, processed, used, or held;
  • ensure transparency and participation of the data subject in the collection, processing, use, and holding of the personal data; and
  • observe security safeguards in respect of the data.

2. The Authority shall ensure that every data collector, the data controller, data processor, or any other person collecting or processing data complies with the principles of data protection and this Act.

These data protection laws are necessary because self and co-regulation mechanisms have failed and this only leaves room for such binding frameworks. To illustrate the need for data protection laws further, we can take an example of the recently leaked CCTV footage of the Kira Road accident in Kampala. Questions such as who leaked the video, what laws have been put in place to govern CCTV cameras, who has access to the footage, and many more arise.

While data protection laws exist in Uganda and many other countries, there is still a great need for stronger legal safeguards which can restore citizen’s confidence in how their data is handled by both the government and independent companies. In order for data protection rules to be properly enforced, a country should have a regulator or authority independent from the government that has been specifically put in place for data protection. It can have powers such as the ability to conduct investigations, act on complaints and impose fines when they discover an organization has broken the law. Just like anti-corruption bodies exist.

Away from enforcement through regulatory means, technologies too can play a crucial role in ensuring data protection. Technology can be used to limit data collection, mathematically restrict further data processing, and can also be used to limit unnecessary access to the data. In this case, laws come in to influence and enforce the already set technological measures which altogether provides a better measure for data protection. This provides protection because at times laws alone aren’t sufficient and they tend to lag behind technological advancement.

Written by Arthur Kakande, Communication Lead @ Pollicy