Southern African Development Community (SADC) Regulation Case Study
At an African level, the Malabo Convention and its implementing guidelines already provide a harmonized framework for data protection. Efforts should be placed in implementing that Convention at the regional and national level. At the SADC level, the Data Protection Model Law is compatible with the EU Directive and with the Malabo Convention, and therefore a different approach to data protection is not needed. Based on this analysis, we make recommendations on enhancements to the SADC Model Law on Data Protection to adapt to the evolving digital ecosystem and to the challenges of the 4IR. In addition, we suggest recommended options in the form of a checklist of actions, for the SADC Secretariat, countries with a data protection act or bill and countries who are in the process of legislating on data protection. Last but not least, considering that data protection regulation should not be pursued exclusively by government organisations and by law, we mention what role should private and civil society entities play to improve data protection.