IGF 2022 WS #269 Data privacy gap: the Global South youth perspective

Time
Tuesday, 29th November, 2022 (14:30 UTC) - Tuesday, 29th November, 2022 (15:30 UTC)
Room
Banquet Hall A

Organizer 1: Shadrach Ankrah, Ghana Youth IGF
Organizer 2: Theorose Elikplim Dzineku, Ghana Institute of Journalism
Organizer 3: Nicolas Fiumarelli, Youth IGF Uruguay

Speaker 1: Emanuella Ribeiro, Civil Society, Latin American and Caribbean Group (GRULAC)
Speaker 2: Daniel Opio, Private Sector, African Group
Speaker 3: ABRAHAM SELBY, Technical Community, African Group
Speaker 4: Karla Giovanna Braga, Civil Society, Latin American and Caribbean Group (GRULAC)
Speaker 5: Shradha Pandey, Civil Society, Asia-Pacific Group

Moderator

Theorose Elikplim Dzineku, Civil Society, African Group

Online Moderator

Shadrach Ankrah, Technical Community, African Group

Rapporteur

Nicolas Fiumarelli, Civil Society, Latin American and Caribbean Group (GRULAC)

Format

Round Table - U-shape - 60 Min

Policy Question(s)
  1. Data Privacy Authorities: How do data protection agencies ensure all data controllers abide by the data privacy act? How do data subjects reach out to Data Protection Authorities about their privacy violations and data breach?
  2. Data Controllers: Do data controllers and data processors have data protection principles that guide their data subjects?
  3. All stakeholders: How do we create awareness for the local communities who do not know about data privacy and protection, and the agencies to whom they can report a breach of their data privacy? What are some of the measures to ensure the safety of children and young ones' online privacy?

Connection with previous Messages:

The proposed session builds on the IGF 2021 thematic area on Emerging Regulation: Market Structure, Content Data, and Consumer Rights and Protection. The session looks at how advancement in technology in the global south has increased digitally-enabled markets and electronic platforms which has led to an increase in personal data collection. It shed light on the loopholes that have resulted from the large volume of that collected by data controllers. This is in alignment with this IGF 2021 message “The complex interplay between the market and society is being reshaped by online platforms. Online platforms continue to gain power in the digital world, generating high impact throughout the globe, especially in the Global South. There is no one-size fits all approach as impacts may be positive or negative, depending on the local reality”.

SDGs

4. Quality Education
16. Peace, Justice and Strong Institutions
Targets: SDG 4: This session takes a look at the data privacy regulations within the Global South, creates awareness, and builds the capacity of youth to know their data privacy rights to be able to defend them. The outcome of this session will produce an article and workshop presentations will educate the youth on their data privacy rights. SDG 16: This session also seeks to highlight the need to create an inclusive digital ecosystem for youth to harness the opportunity the Internet and other technologies provide. Protecting the privacy of youth to feel safe both online and offline.

Description:

The advancement in technology and the widespread use of smartphones have helped create many digitally-enabled markets in the world. The Covid-19 pandemic has also accelerated an increased number of electronic platforms for e-learning, health delivery, and financial and governmental services. This advancement has led to citizens wanting to use mobile applications for whatever reason. In doing so, users grant access to their data, including demographic, geolocation, and financial data. Organizations over the years have been overloaded with a lot of data generated as consumers try to use these services. This has resulted in some loopholes regarding data protection and privacy in many countries. It has also called for the need for regulatory frameworks governing the privacy and protection of personal data. Your data is you: when you ask for whatever service when you get targeted advertisement or even when you suffer a data breach - being that caused by a big enterprise or by your loss of information because your cellphone was violated.

Although a lot of common sense about Data Protection today comes from Europe, which is justified by the continent’s historical regulations on that matter, this session aims to bring to the table the common challenges and perspectives for the Global South on this matter. With different levels of digitalization and access to the Internet, the Global South has some common perspectives: new Data Privacy Authorities (PDAs) who are trying to adapt and regulate the rapid-changing technological market, facing the specific challenge of raising awareness among the population about the necessity of Data Protection on their day to day lives, creating more secure digital routines.

In this session, we are bringing together a group of Youth who are passionate about the topic to discuss different challenges and strategies to raise awareness of data protection among the general population. We hope to: a) raise different challenges faced by our countries to disseminate more broadly data protection strategies, in a way that is not overly focused on the individual responsibility of the population; b) survey the best practices and strategies we see in our countries to create mass awareness campaigns that are effective for communicating about fundamental rights such as privacy and data protection and c) identify the responsibility of different stakeholders on promoting a culture of data protection that is more in line with the needs of the everyday user of modern technology.

We have identified that although the topics of data protection and data privacy are more and more disseminated in the collective imaginary, a lot of the time the end-users are responsible to keep control of their data and personal information to prevent cybercrimes, loss of access to bank accounts or loss of personal information due to a breach caused by service-providers or even due to lack of security control on the repairing of faulty devices. For us to not be vulnerable to such attacks, we have two different challenges: a) one is that data protection becomes a best practice of the enterprises that provide us services and devices so that the full responsibility of the control of data is not on the end-user and b) that the end-user also cares about the use of their data and can update their settings to protect their personal information.

This is a hard challenge: it involves not only an aspect of regulation and oversight of commercial practices but an important aspect of education and awareness of the general public about the importance of taking preemptive matters to protect their data from vulnerability. In that sense, we want to raise some questions: what are different and creative approaches we can get to raise awareness about this matter? What projects have been reinventing the data privacy and protection awareness perspectives in different countries in the Global South? And what are the Global South specific challenges, in the context of new DPAs, to enforce practices that consider the end-users well-being as a matter of utmost importance for building and regulating new technologies?

Expected Outcomes

The best practices and issues raised during the session will serve as a guide and create awareness for youth on their rights to data privacy and protection. It will also provide oversight to policy guidelines for Data Privacy Authorities to be proactive in ensuring data controllers comply with the regulations in their various countries.

  1. After the session, we propose to write a report and an article to highlight the outcomes that will come out of this session and present them in other data privacy and protection-related events.
  2. We will also share the outcomes on social media platforms to reach a wider audience.

Hybrid Format:

The session will take into consideration the online participation needs of both the organizing team members, speakers, and the audience. Close to the IGF, if a speaker or an organizing team member is not able to participate physically, the online moderator and the other members will ensure the smooth online participation of that person. The online participants will be able to participate in the session interactively.

The online moderator will be responsible for ensuring that online the audiences have an equal opportunity to contribute to the session discussions. The online moderator will be responsible for checking if the online audience has any issues, and whether there are questions or comments posted in the chat of the online meeting platform which need to be read aloud to the speakers and participants onsite. Also, remote hubs will be given priority to contribute to the session discussions. The rapporteur will capture all contributions made by both the online and onsite audience which will contribute to the final report of the session.

Discussion facilitation and agenda


This session’s format will be a Round Table - U-shape (60 minutes) which will gather together the speakers, moderator, and participants sitting at the table in a U-shape. The discussions will flow in a U-shaped format, moving from the moderator to the speakers and then to the participants. The session will begin with the moderator’s opening introductory speech that will highlight the topic, issues to be discussed, and possible solutions to data privacy and protection issues faced by youth in the global south. After that, the moderator will introduce the speakers.

The speakers’ discussions will focus on the issues that youth face in their countries concerning the gaps in data privacy and protection. The speakers will also recommend possible solutions to these issues and how the various stakeholders can collaborate to achieve them. The speakers who represent government, civil society, the technical community, and the youth perspective will touch on issues such as the best practices that data controllers that provide us services and devices should follow and end-users responsibility in ensuring their data privacy.

Participants who may represent other stakeholder groups will be allowed to contribute to the topic by sharing some of the data privacy and protection issues they face as youth within their communities and also some recommended solutions to these issues.

The moderator opens the session with an introduction and each speaker will be given 4 minutes to present their speeches (30 mins)

After that, the moderator will open the floor (Open Mic) for 25 minutes for the participants to ask the speakers some questions based on the inputs made by the speakers.

The proposed session’s agenda is listed below

Who speaks?

Theme

Time

Moderator

Introduces session and Panel format

  • Engage the audience
  • Tell people the Menti and how to access

5 minutes 

Question:

What are the main challenges faced for youth to exercise Data Protection and Privacy in your country/region? What is different from a global south perspective to understand about privacy issues?

What are opportunities and agendas for youth awareness about these topics?

Selby -

4 minutes

Karla -

4 minutes

Daniel -

4 minutes

Shradha (Online) - 

4 minutes

Manu (Online) - 

4 minutes

Total:

30 min

Moderator

Open Mic where people who are onsite can raise their hands.

25 min

Moderator

Closes the session with a small brief 

5 min

Total:

60 min

We will use Menti to engage the audience https://www.menti.com/alq4qb4sh1c7

Online Participation

Usage of IGF Official Tool.

Key Takeaways (* deadline 2 hours after session)

Leakage of personal information with the covid-19. Economic problems with natural places, violence in Brazil examples, affect data protection, for example in Amazonia, cut-outs.

It’s urgent to have training programmes that are contextual and sensitive on data privacy and data protection.

Session Report (* deadline 16 December) - click on the ? symbol for instructions

 

Data protection must be mandatory in school education, for the youth to understand the concept of protecting their privacy. Most African countries don't have data protection laws, or are not enforced. They have schools on internet governance, but it is not sufficient, so they need to bring these programs to the school level.

The issue of non-english languages was raised, also people don’t understand how big tech companies are handling their data. The concept of peer-to-peer education was also touched on, where recent research shows that when it comes to children and adolescents having problems on the internet,  they learn from each other.

Via games they could better understand the implications of privacy also, is a good approach of engagement for the children. When people download apps, they are not paying attention to the privacy issues, and they cannot easily understand if they are safe or not.

In the global south specifically,  The European region has more protection than the global south, that is a reality. Also in countries like Brazil. There is a compromise to take with Global south developers for them to provide applications and services when we can communicate properly and safely.