The importance of data and data analytics as projected by global economies, are beginning to unfold in Africa, writes Emma Okonji
In 2017, The Economist had declared that the world’s most valuable resource was no longer oil but data. Since that declaration in 2017, global economies are finding new ways to make the best use of data generation and data analytics in making informed decisions that will propel economies and businesses, in line with emerging technologies that are evolving.
Africans are beginning to see the importance of data generation and data analytics, even though research has shown that so much of untapped data sit on the African continent that needs to be harnessed for the proper use for various decision making. Data protection and privacy regulation in most, or even all, African countries are often less mature – particularly when compared to the European Union (EU’s) General Data Protection (GDPR) regime. As such, economies on the continent present both risks and opportunities when it comes to data.
At the recent Africa Technology Summit in Kigali, Rwanda, tagged” ‘Africa Tech Summit Kigali, Rwanda, focus was on data protection and privacy regulations, as well as digital transformation in Africa.
At that summit, one of the delegates stated that data was, in fact, Africa’s “new blood” rather than the “new oil.”
The summit recognised data as the lifeblood for Africa’s pursuit for competitive advantage, as panel discussions were centred around how best to generate data, analyse data, use data, and protect data, having declared that data is Africa’s ‘new blood’ as against the old narrative that data is the ‘new oil’ for Africans.
In one of the panel sessions at the summit, the Director, Business Development in charge of Middle East and Africa at Microsoft, Mark Ihimoyan, discussed how Microsoft had in 2019, opened its first data centres on the continent through new cloud regions in Cape Town and Johannesburg. According to him, “Microsoft’s goal is to accelerate global investment in Africa and create greater economic opportunities for businesses based in Africa.”
Also, the Chief Communications and Public Affairs Officer for GE Africa, Patricia Obozuwa, shared insights from the GE Lagos Garage, a hub for advanced manufacturing skills development focused on building the next generation of Nigerian entrepreneurs. Interventions like this are playing a critical role in building the capacity of human capital on the continent.
The CEO and Founder at ARED, a renewable energy startup, Henri Nyakarundi, spoke about some of the challenges that entrepreneurs and investors face in Africa. These include the process of accessing capital. ARED has sought funding to help it scale out of Rwanda into Ethiopia, Senegal and the Ivory coast this year with it planning to do so through the flexibility and agility offered by a licensing model. Fintech players like OPay and Flutterwave, who attended the summit from Nigeria, reflected on open banking regulations coming to Africa.
Data as new blood
According to a senior marketing and business development professional and member of the board at the African Foundation for Development, Boko Inyundo, the wider industry conversation around Africa and tech was summed up by a delegate’s observation that data is Africa’s “new blood,” particularly in relation to inherent risks around big data.
The delegates noted that organisations leveraging large consumer data sets could be seen by those same consumers as effectively taking their blood, only to sell it right back to them through tools designed to exploit their data at scale.
Africa’s “new blood” does run the risk of being ‘contaminated.’
Global cybersecurity firm Dark Trace presented a keynote with case studies showing how the company’s‘Enterprise Immune System’ and ‘Antigena’ technologies have detected and responded to previously unidentified threats against enterprise clients operating in Africa.
Cyber risk repeatedly came up as a critical issue. Partner at IKM Advocates from the office of DLA Piper Africa in Kenya, William Maema, noted that many African countries have no specific cyber legislation. For the few jurisdictions where cyber laws exist, there is a general lack of awareness about the importance of investing in cyber resilience through preventive measures, incident response and post-incident remediation.
The result, according to the summit, “is a conducive environment for cybercrime in Africa.” The summit, however, advised that corporates, governments and investors must, as a matter of urgency, should design and implement governance structures to protect them and their directors; deploy tools to assess risk and comply with evolving regulatory requirements; refine sound corporate policies and strategies to create and maintain a culture of security; and implement responsible supply-chain and vendor risk-management techniques and contract support.
The African market, no doubt, is witnessing a maturation of data analytics into an independent, intuitive technology. It is becoming integral to the way people work, moving away from the predominant use by only a select few, towards a tool that is utilised across the entire organisation.
According to Managing Director of Softworx, Jane Thomson, in the future, a greater embedding of analytics is expected, integrating its value into the rest of the enterprise applications, instead of running it as a separate function.
“This embedding will be fostered with increased movement to the cloud, as organisations that have not yet invested in data analytics infrastructure can now do so without incurring the traditional start-up costs. Over the last five years, data analytics processes have greatly evolved. The processes themselves have gone from clunky and non-intuitive tools, driven only by the IT department, to a truly modern era of self-service. This self-service approach to data analytics is starting to bear fruit. It does, however, come with some challenges,” Thomson said.
“For data analytics, truly to be part of the work, it must be made available to the entire business. To this end, tools are becoming available to greater parts of the enterprise. This results in more discussion about the data itself, not only the analytical tools, both around the boardroom, and the water-cooler. Data is the source, it is the element that is most important,” Thomson added.
Reports on data analytics
Historically, enterprises in the region have relied on reporting tools as the basis for taking business decisions. These tools assess historical data and produce summaries in standard views and standard formats. The next phase was to move reporting summaries into dashboards using graphical coloured tools to highlight alerts, trends, summaries for business. Another historical trend, a decade ago, was for enterprises in all industries, to roll in a financial accounting package as a one-stop solution for all business requirements.
With the arrival of cloud technologies and the increasingly larger scale of data aggregations, the requirements of end-users are changing. Going through standard reports and legacy tools is no longer an option for regional enterprise end-users, according to the views of the Regional Vice President Sales, Africa and Middle East at Epicor, Mr. Monzer Tohme.
According to him, endusers want dashboards that give them an instant view of their company position from all different angles.
From collection to sales, to product performance, per region, per sales person. They need that sort of analysis on the spot, and at any time. This is where mobility now plays a big part in making data analytics available. But in all of these, there is need for data safety and protection.
Nigeria’s data protection and regulation
In order to be at par with developed economies of the world, coupled with the need to protect data of Nigerian citizens, the National Information Technology Development Agency (NITDA), had in January last year, issued the Nigeria Data Protection Regulation (NDPR), which seeks to safeguard the rights of natural persons in Nigeria with respect to the processing of their personal data.
NITDA subsequently issued the NDPR Draft Implementation Framework in July 2019, with the objectives to safeguard the rights of natural persons to data privacy; foster safe conduct for transactions involving the exchange of personal data; prevent manipulation of personal data; and to ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a just and equitable legal regulatory framework on data protection and which is in tune with best practice.
The regulation defines “Personal data” to mean any information relating to an identified or identifiable natural person, which could include one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This according to NITDA, would include a name, an identification number, address, a photograph, an email address, bank details, posts on social networking websites, medical information, IP address, among others.
NITDA insisted that the NDPR would apply to natural persons residing in Nigeria or residing outside Nigeria but of Nigerian descent.
The NDPR comes with fines on breaches, which include up to two per cent of annual gross revenue or N10 million for data controller with over 10,000 subjects; up to one per cent of annual gross revenue or N2 million with data controller with less than 10,000 subjects.
According to NITDA’s framework, the NDPR would apply whenever media organisations collect, use or keep any information about a living person , even if it’s not ‘private’. The NDPR specifically tasks the media practitioners to uphold accountability and foster the objectives of the NDPR.
Although the NITDA Data Protection Regulation (NDPR), which is modeled after the European Union Data Protection Law, seeks to protect data collection, processing and administration in order to foster safe conduct for transactions involving the exchange of personal data, among other objectives, some Nigerians have criticized the NITDA’s NDPR, insisting that what Nigeria needs is data protection law and not data protection regulation document.