What are the Implications of South Africa’s Proposed National Data and Cloud Policy?

The Draft National Data and Cloud Policy is a welcomed effort in response to the digitization and subsequent datafication of South African industries and society. However it has been criticised for its potential effect on local innovation, foreign investment in data centres, inconsistency with prevailing data governance norms, and how the policy may affect the practise of data utilisation in South Africa.  

Research ICT Africa held a webinar with a panel of experts to discuss the potential implications of the Draft Policy recently published by the Minister of Communications and Digital Technologies for public consultation. The panel, which was moderated by RIA’s executive director Dr Alison Gillwald, comprised of: Torbjörn Fredriksson (UNCTAD), Prof Jonathan Klaaren (Wits Institute for Social and Economic Research), Gabriella Razzano (RIA), Amazouz Souhila (African Union Commission) and Andrea Campbell (Microsoft South Africa). 

While it is hard to quantify, it is largely understood that the value of data is contingent on capacity, accessibility and efficient data flows, among other things. However, use of data  require strict measures to safeguard data privacy whilst ensuring an extra financial burden is not placed on local businesses. Panellists shared their concerns for the policy’s ambiguous approach to state data governance particularly as it pertains to data ownership and cross-border data flows (in its modes of localisation). Given the multidimensional nature of data, concerns were also raised on whether it is possible to address all the relevant issues in one policy, as well as whether it is within the remit of the Minister of Communications and Digital Technologies to do so. 

RIA’s Senior Research Fellow, Gabriella Razzano, highlighted how important certain acknowledgements in the policy were: harnessing the benefits of technology are identified as contingent on infrastructure; the need to support local innovation communities is well-raised;  the need for public data practices and capacities to be a priority is vital; and the central role that open data ecosystems (and underlying data structure norms) play in deriving digital benefits. However she stressed, these acknowledgements do not  resonate sufficiently strongly in the proposed policy interventions and this may be due to the focus placed on data in the policy, which positions it as the infrastructure for production, rather than a factor of production which requires infrastructure. This view of data as infrastructure she says, “leads to a focus on solutions, which hinge on excludability through ownership rather than the real benefit of data which is through its flows, transfers and other utilities”. 

Torbjörn Fredriksson echoed Razzano’s sentiments on the policy’s focus on data ownership; elaborating that raw data carries very little value and only gains value when it is processed in a way that generates digital intelligence. When asked to comment on what a good policy on data looks like, he explained that approaches to data regulation depend on the nations position in the global data value chain, the general readiness of the country’s data and digital infrastructure, which often reflects  governments priorities. He cautioned, however, on the strict approach in the proposed policy  to data localisation and its low emphasis on cross-border data flows. “You want to be able to adopt national restrictions on data flows to achieve legitimate public objectives but do not want to do it in a way, which harms the proper functioning of the internet or adds tremendous extra costs to small or even large businesses.” 

Professor Jonathan Klaaren is in favour of a strong rights of data portability focused policy, which promotes fair competition whilst protecting data subjects. Like other panellists he also drew attention to the challenging task of data ownership, particularly how it conflicts with existing intellectual property legislation. Commenting on the policy’s potential to redress inequality and go beyond compliance to support data justice, he called for and hopes for the revision of the Protection of Personal Information Act as a rights related statue. 

The African Union Commissions’ Amazouz Souhil took the opportunity to reflect on the Commissions own efforts to create a harmonised digital environment among member states through The Digital Transformation Strategy for Africa (2020-2030). According to the strategy, digital infrastructure, akin to data infrastructure, includes data centres. She further advised that the continent is in need of data governance frameworks, which enable data flows to create data ecosystems that can avail data for the development of industries, research and data analytics and enable evidence-based policy making.

Andrea Campbell echoed that the policy potentially places commercial limitations on the operations of multinational companies in South Africa; particularly concerning the custodianship of data. 

In line with RIA’s mission to accelerate digital equality in Africa, executive Director Alison Gillwald expressed the need for policies, which support data justice – premised on the recognition of the African context, and specifically the lack of institutional endowments faced by many African countries. But in parallel, policy should hold countries to international rights standards. While this is not an easy task, she warned no matter how good the policy is, if we don’t have the capacity to implement it, it can do more harm than good.

** Download Gabriella Razzano’s presentation below, which summarises key issues that South Africa’s Draft National Data and Cloud Policy engages with.

You might also be interested in