Online Reporter
Ivan Zhakata
Herald Correspondent
ZIMBABWE and South Africa have signed Sadc’s first bilateral memorandum of understanding on data protection, marking a significant milestone in regional efforts to safeguard personal information in the digital age.
The agreement, signed between the Postal and Telecommunications Regulatory Authority of Zimbabwe (Potraz) and South Africa’s Information Regulator, aims to establish joint mechanisms for handling cross-border data flows, improving regulatory capacity, and enhancing public trust in digital systems.
Speaking at the signing ceremony in Harare, Potraz director-general Dr Gift Machengete said the partnership was built on early technical support from South Africa when Zimbabwe established its Data Protection Unit in 2023.
“We remain deeply thankful to you, your chairperson and your entire team for hosting the Potraz Data Protection Unit in December 2023. That was the time when we really needed handholding, and we identified yourselves as our close brothers and neighbours who had already started on this journey.”
The agreement will formalise cooperation on joint investigations, benchmarking, policy development and capacity building.
It commits the two authorities to strengthening regulatory capacity in data protection, harmonising safeguards for cross-border data flows, improving business efficiency through clear frameworks, and building trust in the digital economy.
With over 20 000 daily border crossings between the two countries and annual remittances exceeding US$800 million, the volume of personal data exchanged was a major factor behind the agreement. Dr Machengete said such statistics justified the importance of the agreement.
Information Regulator of South Africa chief executive officer Mr Mosalanyane Mosala said the protection of personal information was a constitutional obligation under his country’s constitution.
“Section 14 guarantees the right to privacy as it relates to the protection of personal information. Your name, your address, your biometric details — anything that identifies you is your personal information,” said Mr Mosala.
He added that the Information Regulator has a mandate to enforce access to information and called it a dual responsibility grounded in the law.
“Our impact statement is that all persons are empowered to assert their right to privacy and their right to access to information,” said Mr Mosala.
There were challenges in responsiveness and reaching citizens who should benefit from the legislation and enforcement decisions by the regulator often faced legal challenges from large corporations.
The agreement responded to a directive issued by Zimbabwe’s Minister of ICT, Postal and Courier Services, Tatenda Mavetera, in March this year calling for stronger regional collaboration in line with the 2012 Sadc Model Law on Data Protection. The regulators will now engage in annual bilateral meetings to review progress and set joint targets.
The agreement comes amid increasing pressure on governments across the region to align privacy laws with global standards, particularly as digital trade and cross-border data transfers intensify.
