On January 28th, we join the global community in celebrating Data Privacy Day, a significant occasion to reflect on and evaluate our privacy practices. While privacy and data protection has become a prominent topic in modern discourse and regulation, it was already a topic back in 1981 when Convention 108+ was signed. This was the first legally binding instrument regulating privacy and data protection, laying the foundation for today’s privacy frameworks..
Of course, privacy in 1981 does not carry the same meaning it does today. The digital age has dramatically reshaped the landscape, bringing both opportunities and challenges – and Non Governmental Organizations are no exception to this development. By leveraging technology to the fullest, NGOs such as Tiko, ensure no opportunities are missed in addressing critical issues.
Tiko’s Mission and Privacy Practices
For Tiko, our mission is clear, to fight the triple threat across sub-Saharan Africa, i.e. joining forces to address teen pregnancy, HIV and gender-based violence. However, none of this can be achieved without relying heavily on technology – in our case, we developed a platform represented by our frontend Tiko interface, which connects individuals to service providers at no cost. Naturally, this means personal data will be processed.
Privacy by Design
While collecting personal data is fundamental to achieve our mission, Tiko is committed to collecting only personal data which is necessary to achieve our purpose. We aim to set an example for other players in the market, demonstrating that regulation is not a roadblock, but an opportunity to operate fairly and transparently.
At an early stage of any new project, Tiko embeds privacy principles into its design. Each team is trained to involve the Data Protection Officer early in the process to assist in ensuring all risks are mitigated (usually by conducting a Data Protection Impact Assessment).
To achieve this Tiko implemented four privacy pillars: By sticking to data minimization by design – if a category of personal data is not essential to achieving our purpose, we don’t collect it. For example, at any point in the user journey Tiko will collect the name of the user.
By ensuring data empowerment – users have control over what information they provide. I.e. If someone prefers not to share their phone number, Tiko offers an alternative by sharing a Tiko Card which contains unique codes that allow us to identify users in our systems without compromising their privacy.
By building digital literacy – as a tech first organization, we prioritize helping users understand how Tiko processes their personal data. This can be achieved by communicating in clear, plain language, training different actors on basic privacy concepts and ensuring users are aware of their privacy rights – not just within Tiko but with any organization which processes their personal data.
By ensuring data security – defining technical and organizational measures which protect personal data from unauthorized access.
Challenges
Of course ensuring a robust privacy programme is not a walk in the park, operating in multiple countries means navigating several privacy laws. To address this, Tiko opted to adhere to the strictest applicable privacy law (such as the General Data Protection Regulation), while respecting local-specific requirements. This approach requires continuous monitoring of legal updates, fines, and local guidance but ensures each individual has the same high threshold when it comes to their privacy.
Looking Forward
This day serves as a powerful reminder to prioritize privacy and security. For Tiko, it’s an opportunity to collectively review our practices, raise awareness, and encourage actions like updating passwords and reviewing privacy notices.
As we look in the future and aim at expanding either geographically or areas of work, we remain committed to fostering a safe environment where every user feels respected and trusts that their personal data is handled securely. Digital Privacy is a fundamental right, and at Tiko, we strive to uphold it every step of the way.
What about you? What steps will you take to protect yours and your users’ privacy? Join Tiko in strengthening privacy standards and safeguarding personal data across our sector.
Mafalda Paes de Carvalho – Data Protection Officer