Session
Organizer 1: Jimson Olufuye, 🔒
Organizer 2: Rachael Shitanda, Computer Society of Kenya - CSK
Organizer 3: INYE KEMABONTA, 🔒
Organizer 4: Segun Omolosho, AfICTA - Africa ICT Alliance
Organizer 5: Kayode Oyeyemi, 🔒AfICTA - Africa ICT Alliance
Speaker 1: Ulandi Exner, Private Sector, African Group
Speaker 2: Kossi AMESSINOU, Government, African Group
Speaker 3: Melissa Sassi, Private Sector, Western European and Others Group (WEOG)
Speaker 4: Jane Coffin, Technical Community, Western European and Others Group (WEOG)
Speaker 5: Dr. Toshikazu Sakano, Director of ATR, Private Sector, Japan
Speaker 6: Dr. Martin Koyabe, Intergovernmental Organization (IGO)
Jimson Olufuye, Private Sector, African Group
Rachael Shitanda, Private Sector, African Group
INYE KEMABONTA, Private Sector, African Group
Roundtable
Duration (minutes): 90
Format description: We believe the roundtable setting is ideal for our session as it will help us fulfil our objective of deep engagement since it is free from distractions and encourages individuals to intimately participate and contribute to the topic of discussion. The session duration on the other hand is deemed necessary to accommodate the perspective of all the speakers regarding the topic, policy questions and ultimately allow questions from the audience.
1. In the light of most DLDCs lacking the capacity of hosting their huge data generated locally and considering the importance of digital sovereignty to the development and security of an economy a. Highlight the key challenges encountered by stakeholders in DLDCs in the implementation of local servers and the adoption of data localization policies. b. What practical solutions can you propose to address the challenges faced? 2. How can DLDCs balance the objectives of digital sovereignty with the benefits of cross-border data flows for economic growth and innovation, addressing the challenges of digital sovereignty and data localization effectively?
What will participants gain from attending this session? The proposal is an opportunity for stakeholders including the participants in attendance to 1. Have deeper insights into the complex dynamics of digital sovereignty and data localization in DLDCs. 2. Discuss the protection of their national interest and autonomy, 3. Assess to what degree digital sovereignty can foster innovation, spur economic growth, and promote responsible use of technology, 4. Examine the future opportunities accessible to the business community as the market remains vast, 5. Equip participants with information on the required skills and requisite knowledge to strategically position themselves for the job opportunities therein, 6. Address the Challenges of Digital Sovereignty and Data Localization, 7. Ensure the cost of data storage locally competes with what is obtainable in the foreign market, 8. Have access to practical strategies and case studies from experts and practitioners. Lastly, it would also delegate responsibilities (through its recommendations) to various stakeholder groups to propel action.
Description:
In today’s interconnected digital world, the concept of digital sovereignty and data localization has gained significant attention, particularly in Developing and Least Developed Countries, DLDCs. With an increase in the adoption of digitalization, heavy investment in digital infrastructure, and notable rapid technological advancement experienced in the DLDCs which brought about unprecedented big data generation that could be explored by either the good or bad actors, it becomes relatively essential to safeguard national interests in cyberspace, ensuring data privacy, security, and regulatory autonomy. Digital Sovereignty refers to a nation's ability to control its technology, data flows, digital infrastructure, and services without dependence on external entities. However, certain challenges are unique to DLDCs in the design, implementation, and adoption of mechanisms that form their Digital Sovereignty which must be addressed. According to a study by Finhai Munzara, CFO of Africa Data Centers, while Africa is 17% of the global population, its data centre market makes up only 1% of the global market. This shows that a huge amount of data generated on the continent is not residing in the continent. The above situation does not only ascertain the possibility of data breaches, data extortion, and unauthorised access to citizens' classified or personal data but also poses a great threat to the concerned economies' sovereignty and the possibility of survival when in conflict. In 2018 and 2023 significant data breaches occurred in South-Africa and Kenya respectively where personal information of millions of citizens was compromised. While that of Kenya was linked to Anonymous Sudan Hackers backed by Killnet, a pro-Russian hacking group, that of South-Africa was due to security vulnerabilities in a database managed by a third party. Perhaps adopting the Tanzanian perspective of digital sovereignty is crucial for DLDCs. Despite its sizable population, Tanzania has all its citizen’s local data stored in-country.
a. Increased understanding of the implications of digital sovereignty and data localization policies on DLDCs digital economies. b. Identification of best practices and policy recommendations to balance the benefits of digital sovereignty with the need for international data flows. c. Enhanced collaboration and knowledge sharing among stakeholders to address challenges and opportunities in digital governance. d. A workshop report with recommendations that target relevant stakeholders will be submitted to the IGF Secretariat
Hybrid Format: The workshop will be opened by our onsite moderator who will set the scene and then address each of the policy questions to the speakers and attendees (on-site and online). Each speaker will be given 3 minutes to present their intervention on the 3 policy questions, one policy question at a time, with the workshop participants being given 10 minutes (per policy question) to contribute to the dialogue. The workshop will be interactive with maximum audience participation. Remote participation would be supported and actively encouraged as the online moderator (host) would timely call the attention of the onsite moderator to questions and contributions from the remote speakers and participants. The speakers are sourced from different demographics and stakeholder groups. Furthermore, AfICTA would promote the session on our newsletter platform, and social media pages. Member institutions will promote and host remote hubs for the session from their respective countries.
Report
While cross-border trade is indispensable for collective prosperity, fostering economic growth, innovation, and cooperation among nations, digital sovereignty is imperative for ensuring national security, protection of citizens' data, and preserving sovereignty in the digital age
The incorporation of the African Union (AU) Data Policy Framework should be prioritized to promote seamless cross-border data flow, facilitate economic integration, and unlock the full potential of a prosperous digital Africa
The need for data localization and protection does not negate the importance of open data as a veritable resource for research, innovation (especially in the age of AI and GenAI), and sustainability. However, the cost of data localization is quite high (viz energy and skill costs), hence the need to categorise data so that the most sensitive are localised.
Countries yet to endorse the Malabo Convention for Cybersecurity & Personal Data Protection, Budapest Convention, & the draft Cybercrime Convention for confidence building in cross-border data governance, management & enforcement are encouraged to do so. They should also evolve smart laws & policies to prioritise critical data localization, such laws or policies should spur demand, increased commerce & job creation towards fulfilling the SDGs.
The issue of cross-border Data Abuse through breaches is a challenge against countries and responsible organisations and enterprise managing data are encouraged to continuously build their cybersecurity resilience through continuous assessment using frameworks such as the Tripod Cybersecurity Maturity Model - TCMM.