IGF 2019 WS #372 Data governance in digital population registers and database

Organizer 1: Civil Society, African Group
Organizer 2: Civil Society, African Group
Organizer 3: Civil Society, African Group

Speaker 1: Esther Mwema, Civil Society, African Group
Speaker 2: Rebecca Ryakitimbo, Civil Society, African Group
Speaker 3: Bhredipta Cresti Socarana, Civil Society, Asia-Pacific Group
Speaker 4: Bolutife Oluyinka Adisa, Civil Society, African Group
Speaker 5: Élisson Diones Cazumbá , Civil Society, Latin American and Caribbean Group (GRULAC)

Policy Question(s): 

What are/should be the rights and responsibilities for individuals in determining the use of their personal data, and what right do individuals have to their personal data?
What is the gap between national security and human rights and how can we ensure one does not stifle the other?
How can we harmonize national policies and regional policies such as the GDPR even in countries that don't have data protection laws?
To what extent can the development of international norms and principles facilitate common approaches of data protection frameworks and also facilitate international trade and cooperation?

Relevance to Theme: In the cutting age of technology data is the new oil in every sense of the word,while nations are working towards decentralization of services and ensuring security in a globalized world.Data is key to improvement of services,growth and development as well as meeting the needs of the society. However, data if not properly governed, could lead to challenges such as data breaches, loss and misuse of personal data, unauthorised access by third parties and the like.With the emergence of GDPR and different countries enacting data protection laws,countries such as Kenya are deploying a nationwide digital population register while still lacking data protection laws,the same case applies for Rwanda that is proposing to have a national DNA database which will make it mandatory for all citizens DNA to be collected and documented in the name of national security,solving crimes and the like. On the other hand, several African countries have made it mandatory for citizens to register their sim cards by providing personal details including copies of their ID cards. In the wake of such cases the session feeds in to the theme by exploring the rights and responsibilities of individuals where their data is concerned while exploring the human rights aspect to mandatory country requirements on massive collection and storage of data. Best approaches and practices will be shared from different regions and recommendations explored on the development of human-centric data governance frameworks especially where data is collected, stored and managed for digital population databases.

Relevance to Internet Governance: Data as part and parcel of the internet it involves accessibility, relevance, integrity, and security thus engages different players. It requires arrangement of procedures, by the different partners who utilize internet technologies, to guarantee how crucial data is collected,stored,controlled and safety ensured in their different roles. Data governance as part of internet governance requires means to ensure that challenges and opportunities that data presents can equally be harnessed without affecting human rights.From the workshop title this involves governments who are working to enhance service provision through use of new technologies such as IoT and AI in digitization of processes to ensure inclusion and national security.This includes their role in policy making and implementation where data is concerned.The internet is a key player to the way digital population registers work the same applies for digital databases that carry massive data that ought to be protected while adhering to human rights such as right to privacy and echoing frameworks that allow for protection of rules and procedures that ensure data protection.

Format: 

Round Table - Circle - 60 Min

Description: This workshop will address data governance in digital population registers gathering from the experience of countries such as Kenya that are now implementing a nationwide population register, bearing data of all who reside in, as well as countries such as the UK who have a database that bears DNA records of criminals and had at one point been forced to revamp how its data is governed to adhere to the right to privacy of their citizens.Additionally explore opinions on the suggested DNA database in Rwanda and compliance of such nationwide initiatives in the age of digital cooperation and GDPR.The session will look at the challenges and opportunities in data governance while addressing the rights and responsibilities of individuals in determining the use of their personal data, and determining their own digital identity. Recommendations will be shared by the speakers and participants on how best we can optimize utilization of data while ensuring that the “right to privacy” is respected and individuals are allowed the right to consent for use of their data.In countries that lack data protection laws and policies, and yet implement or are opting to utilize data for service purposes or even security reasons, he session will identify what frameworks can they implement and the roadmap to ensuring that international norms and principles facilitate common approaches of data protection.The workshop will again explore case studies from different countries on what different stakeholders should do in the wake of data governance were digital population registers/databases are concerned.The role of the government in enacting relevant policies,guidelines and principles as well as the role of civil societies and other stakeholders to push for digital rights such as data privacy being protected and the technical aspects on security in data governance will be investigated.

Expected Outcomes: THe outcomes of the workshop included:
Shared case studies and roadmaps on data governance in digital population registers and databases.
Thoughts and ideas on ethical frameworks on data collection,storage and security.
Policy recommendations on common approaches of data protection in international cooperation.

Discussion Facilitation: 

The moderator will introduce the session and its objectives and then invite speakers to share case studies after which participants as well as speakers will engage in discussing the shared case studies as well as brainstorming on ideas and suggestions in reaching the outcomes of the session.The workshop will derive the discussion around the key policy questions that its trying to address and hence encourage participants to actively share their own case studies and recommendations in response to questions.

Online Participation: 

Will share widely with communities to follow online who cant attend as well as through the online moderator ensure participants online are engaged well and are part of the workshop.

Proposed Additional Tools: Social media

SDGs: 

GOAL 9: Industry, Innovation and Infrastructure
GOAL 16: Peace, Justice and Strong Institutions
GOAL 17: Partnerships for the Goals