Botswana Digital Innovation Hub (BDIH) has put out a call to the country’s business community to proactively participate in taking control of the country’s cyber security. Acting Chief Executive Officer of BDIH, Tshepo Tsheko said the private sector together with innovators need to be in charge of cyber security, as opposed to outsourcing to innovators outside the country’s borders.

“We are a sovereign state, our cyber security agenda has to be led by our own. We need to be certain that our people’s data is safe,” said Tsheko. Tsheko shared the sentiments at the Memorandum of Understanding (MoU) signing ceremony between BDIH and Business Botswana expected to promote collaboration of research, innovation and digitalization by connecting the private sector with innovators.

He said collaboration of the two organisation is a long overdue engagement, as the two organisations share more than what they can appreciate. “In mature economies, the link between business organisations and innovators is strong,” said Tsheko, adding that the business community needs to help develop capacity of the country’s innovators. Tsheko is optimistic that through BB networks, local, regional and international, BDIH will be exposed to organisations that will help up skill innovators.

He added that requisite skills is required to safe guard the country’s data. “Our innovators have talent that need to be up skilled and also help them develop their talent into businesses,” said Tsheko. Commenting on the MoU, BB Chief Executive Officer, Norman Moleele said the collaboration is a significant milestone to deepen partnership between the business community and innovators. Meanwhile, newly-appointed Information and Data Commissioner, Kepaletswe Somolekae said there are 'serious gaps' in the Data Protection Act, introduced in October 2021, and it is critical that these are addressed before the law is fully implemented in the next four months.

Established under the 2018 Data Protection Act, the new amended legislation was introduced to govern data management and the protection of personal information. However, Somolekae has pointed out glaring gaps, including that the legislation does not cover the processing of personal data, “in the course of a purely personal or household activity” and lacks detail regarding the processing of data for national security, defence or public safety including “for the prevention of and investigation into/ or proof of offences.”

The Commissioner added that the Act makes no provision for processing of data for prosecution of offenders or the execution of sentences or security measures, or for economic or financial interest, including monetary, budgetary and taxation matters. In an effort to address the gaps, Somolekae confirmed the Commission is currently engaging stakeholders to secure the necessary input and the legislation will be amended before the end of the year.

“We will have the Bill ready for the November sitting,” said Somelekae. “We are only filling in the gaps, I don’t see the amendments upsetting what data controllers will have sought to put in place.” Botswana’s data protection legislation applies directly to data controllers, data processors and other stakeholders involved in processing personal data. The Act's transition period will end on 15 October 2022, after which all stakeholders must be compliant.