The Privacy Scorecard report is a tool used to assess and evaluate the privacy practices of organizations and companies.
It provides a comprehensive overview of how organizations handle personal data and how they protect the privacy of individuals. The purpose of the Privacy Scorecard report is to give consumers and stakeholder’s information to make informed decisions about the privacy and security of their personal information.
The scope of the report typically covers an organization’s privacy policies, data collection and use practices, and security measures. The privacy scorecard utilizes objective, quantifiable parameters for analyzing the policies and practices of the selected data collectors.
In the relentless pursuit of comprehensive data protection assessment and advocacy, the 4th edition of the Privacy Scorecard report marks yet another milestone. Embarking on a journey across six diverse nations – Rwanda, Tanzania, Mauritius, Zimbabwe, Kenya, and Uganda – this edition signifies a quantum leap in its global impact and reach. Each country under scrutiny will undergo meticulous evaluation against the backdrop of its unique local Data Protection Laws.
The overarching objective remains steadfast: to galvanize data collectors and processors towards the adoption of best practices in data protection while concurrently empowering citizens across all six nations to assertively demand transparency regarding the collection, utilization, and dissemination of their personal data. The Privacy Scorecard stands as a beacon of accountability, illuminating pathways towards a future where privacy rights are upheld, and trust in data handlers is earned through adherence to lawful and ethical standards.
.
2023
PRIVACY SCORECARD REPORT
Over the last decade, trends at the global scene indicate growing interest and commitment to enactment/adoption and strengthening of data protection laws. This has largely been motivated by wide spread social media complaints and scrutiny of violations, abuses and breaches and the general interest for countries to comply with internationally recognised laws and standards. By 2020, it was projected that about 137 new countries globally would enact data protection laws in addition to the 50 countries that strengthened their laws in this area in the last decade alone.
This great ray of hope transcends to the African continent. By February 2023, 36 out of 54 African countries are for example said to have adopted data protection and privacy laws with 16 signing onto ‘the African Union Convention on Cyber Security and Personal Data Protection adopted on 27 June 2014 (“Malabo Convention”) and thirteen countries have ratified it. As a result, 2022 was projected to be a year of more robust enforcement of this newly adopted framework. The 2023 privacy score card to a large extent aims at establishing how this prediction played out in selected countries of Zimbabwe, Uganda, Kenya and Mauritius.
2022
PRIVACY SCORECARD REPORT
The 2022 Privacy Scorecard report develops onto the 2021 one and expands the scope to include Kenya. The methodology adopted in the 2022 report is deeper with focus on only three sectors of telecommunication, financial services and the e-commerce sectors. The 2022 report is made possible by a collaboration between Unwanted Witness and the Centre for Intellectual Property and Information Technology Law (CIPIT).
The main objective of the 2022 report is to generate research that could be used to empower data collectors/processors to adopt data protection best practices; and citizens to demand for accountability in the area of personal data protection. The report could also inform legal and policy reform for the between management of personal data of data subjects by especially non state actors.
2021
PRIVACY SCORECARD REPORT
The 2021 Scorecard report focuses on the law, corporate policies and practices. It will turn a spotlight on how the policies of private and public sectors either advance or hinder the privacy rights of users and it will recognize those companies or government agencies that buttress and ensure data protection and privacy best practices. The idea is to protect data privacy rights of individuals by ensuring that data collector/processors bring more.
Data collectors/processors are required to be transparent about access to and use of personal data, and to respect our right to privacy and dignity at all times as stipulated in the data protection law. And some companies are increasingly meeting those expectations, but there are still many companies that lag behind, fail to enact best practices around transparency, or don’t prioritize user privacy and dignity.