We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Opinions

Opinion – Zooming in on Namibia’s data protection 

2025-03-072025-03-07By Correspondent
Opinion – Zooming in on Namibia’s data protection 

Fellow Namibian citizens, can we truly trust our institutions to safeguard our personal data? 

The simple answer is ‘no’. 

While this response is blunt, the reality of our digital setting demands a deeper understanding of the risks we face and the urgent reforms needed. 

What happened? 

Whether you are a consumer, investor or a policy maker, we all should be concerned about our data protection. 

There have been quite many reports of certain banks in Namibia being compromised, with unauthorised transfers of client funds, yet these breaches often end with no accountability or public apology. 

In December 2024, the largest data breach in Namibia’s history happened at one of Namibia’s biggest internet service providers, Telecom Namibia. 

Ironically, the government-owned telecommunication became the victim of a massive ransomware data breach, which impacted over 600 000 customers’ data. 

The intrusion was carried out by a group of hackers under the name of ‘Hunters International’. 

They had successfully penetrated information technology systems of Telecom Namibia, where sensitive clients’ information was compromised. 

A ransom was issued to keep this data from being published. 

These incidents have a very big implication for the cyber reputation of Namibia. 

Such incidents detract investors’ confidence, exposing the public to fraud, identity theft and financial loss. 

The Interpol African Cyberthreat Assessment Report of 2024 indicated that ransomware was one of the emerging cyber threats in Africa, with common threats such as business email compromise (BEC) and online scams. 

The report further continues to state that cybercrimes have an impact of up to US$4 billion in financial loses in Africa alone. 

What Namibia can learn from other nations 

Technology is developing at a tremendous rate. 

Most countries have already come up with legislations that can regulate data protection. 

For instance, Europe’s General Data Protection Regulation (GDPR). GDPR safeguards the data of users and makes companies responsible in case of a leak. 

This is the reason most users encounter the cookie consent pop-up when visiting any website. 

These laws make sure companies have stringent security protocols to safe guide users’ data. 

South Africa’s POPIA – Protection of Personal Information Act. POPIA specifies how data must be collected, used and stored. 

It makes the responsible organisation accountable for non-compliance. 

The penalty begins from USD 500 000 with up to 10 years of imprisonment. 

Citizens affected can, under POPIA, sue and receive fair compensation. 

All these legislations force organisations to take cybersecurity seriously and protect users’ data. 

Namibia equally needs to take these measures to secure its digital landscape. 

Legal void 

Unfortunately, Namibia’s existing legal framework is vague when it comes to cyber activity. 

The Electronic Transactions Act of 2019 primarily focuses on traditional cybercrimes, such as Denial of Services (DoS) attacks, hacking and falsification of electronic documents but fall short in regulating crimes like cyberbullying, identity theft, defamation of character, misuse of deepfakes and the misuse of artificial intelligence, etc. 

Moreover, the Act does not clearly establish consequences or accountability of organisations when breaches occur. 

While private institutions, such as banks, are required to comply with standards like the Payment Cards Industry Data Security Standard. 

There are no comprehensive laws in Namibia holding these institutions accountable in the event of a cyber breach. 

This gap leaves consumers unprotected. 

Compounding the issue, both the Data Protection and Cybercrime Bills have been stalled in the legislature since 2013. 

This is due to the rapid change in technology. 

By the time the bills are done with public consultations, they are obsolete when they reach the National Assembly for discussion. They end up being sent back for further consultations. 

At the rate of technological advancement, these proposed laws risk being outdated before they are even implemented. 

What Namibia urgently requires is dynamic and revised technology law to be reviewed from time to time in tandem with the advancement in emerging technologies. 

Stringent controls: to prevent user data from being jeopardised and to hold organisations accountable for any infringement. 

Ad hoc regulations by the regulator: The Communications Regulatory Authority of Namibia must propose interim regulations that will protect information up until the time legislations have been passed. 

Failing that, Namibia remains susceptible to cyber intrusion and data breaches. 

Until when stringent laws are passed, Namibians need to be very precautious. 

At a personal level, I have resolved not to disclose valid personal information to anybody who cannot identify themselves or legitimise their query. 

This is a small step, but that would go a long way. 

The country’s future in the digital era depends on how seriously we take the issue of cybersecurity and data protection today. 

Let us mobilise for responsibility, better legislation, and personal caution to safeguard our information, cyberspace and our nation. 

*Kondjeni Ndakeva is a data scientist, software developer and database administrator with a master’s degree in data science. 

MENU