Digitalisation 4 Development

Group
public
Last Updated: 28 March 2025
82
 Members
11
 Discussions
62
 Library items

Table of contents

Infosheet 2 - Policy and Regulation

Toolkit infosheet 2 - Policy and Regulation 

 


 

DIGITALISATION FOR DEVELOPMENT.

A TOOLKIT FOR DEVELOPMENT COOPERATION PRACTITIONERS INTERNATIONAL PARTNERSHIPS

 

The rapid process of digitalization around the globe touches upon economic, social and political aspects. Seizing the vast opportunities while avoiding pitfalls is challenging. A global race is ongoing to set the Policy and Regulatory frameworks, which will influence digital interaction between parties within countries and around the globe. In this context, promoting the EU’s value-based and humancentric approach to digitalisation, will be beneficial to International Partnerships as well as strengthen EU global role in building a digital cooperation strategies. 



Digital technologies pose deep challenges to regulation. They do so by blurring the traditional definition of markets; challenging enforcement; and crossing administrative boundaries at the domestic and international level. It is crucial to build solid policies and regulations, fit to the dynamics of the digital age and identify how the existing frameworks can adapt to them. The rapid evolution requires these frameworks to be flexible, addressing threats and challenges related to the misuse of digital technologies, while encouraging investments and an inclusive technological progress. Effective international cooperation should not only focus on protecting individual rights and addressing common risks and threats in the cyberspace; efforts are also required to create a favourable environment for the digital economy to thrive, for example by achieving data interoperability across regulatory frameworks and encouraging the uptake of Artificial Intelligence (AI), while building a qualified workforce in line with market needs.



EU policy-making has been increasingly engaging with the evolving digital landscape. Although national and regional priorities, approaches and systems may differ, promoting the EU experience in regulating digital technologies and interactions between citizens, businesses and governments will enable the EU to play a key partnership role in countries around the globe.



In 2015, the Commission set the Digital Single Market (DSM) strategy, with the aim of achieving the EU’s four freedoms – the free movement of goods, capital, services and labour – in the online world. The DSM strategy was built on three pillars: 

  • Access: better access to digital goods and services across Europe, 
  • Environment: creating the conditions and a level playing field for digital networks and innovative services to flourish,
  • Economy & Society: maximising the growth potential of the digital economy.

The DSM policy areas, which are also relevant to partner countries at the national and regional level, are:

  • Connectivity: meeting growing connectivity needs, including in rural and remote areas and boosting competitiveness,
  • e-Commerce: making it easier to buy and sell online across borders,
  • Data: creating a competitive data economy within the Digital Single Market,
  • Media/copyright: promoting European content and providing citizens with more choice and access, 
  • Trust: strengthening trust and data protection, and the EU’s capacity to respond to cyberattacks, 
  • e-Government: making it easier for citizens to deal with public administrations online.

With digitalisation being a top priority for the Commission, the initiatives and the channels to promote the European way to intend digital transformation are multiplying. The new EU Digital Strategy includes policy priorities that can be followed at varying levels in partner countries.

 

The EU promotes a value-based and human-centric approach, leading to an inclusive and fair digital transformation while reducing the impact of the challenges and threats of digital transformation. This includes the promotion of the respect of human rights in an open, safe and free internet and the promotion of democratic principles and transparency in the use of digital technologies. In other words, ensuring that off-line rules and principles are effectively also applied online.

With the new Digital Strategy, the EU aims at strengthening its global role towards building a Global Digital Cooperation Strategy, by:

  • Becoming a global role model for the digital economy,
  • Supporting developing economies throughout digital transition,
  • Promoting its digital standards internationally.

Data: Policy and regulatory environments 

The role of EU Delegations in supporting partner countries in integrating data protection into their policy and regulatory

frameworks can greatly benefit from intra-European experience on developing relevant strategies. 

The assumption is that, if pooled together and used correctly, the unprecedented and ever-increasing amount of data being generated can lead to completely new means and levels of value creation for individuals, governments and businesses. 

Most partner countries lack adequate policies and regulations governing data, often neglecting the consequences of data misuse for citizens’ rights, as well as missed opportunities for country development coming from the free flow of public data. It is therefore crucial to support policymakers and regulators to develop the right frameworks governing the collection, use and sharing of personal data and non-personal data.



Legal and regulatory frameworks that make non-personal data available for the development of services, including eGovernance, while ensuring personal data protection, are essential in any country willing to both take advantage of technology advancements and protect its citizens from them. Only 50% of countries in Africa have completed drafting laws that regulate to some level the collection, use and sharing of personal data. In Asia-Pacific, these amount to 57%, while in Latin America and the Caribbean the percentage rises to 63%. EU Delegations can play a key role in supporting partner countries in developing and enforcing flexible and adaptive frameworks that establish legal and regulatory frameworks for data that prove accountable, secure and responsible.



eGovernance will be the main topic of one of the next Infosheets in this Series.

 

Ensuring data protection by design and data protection by default 

The GDPR encourages companies and organisations to implement technical and organisational measures at the earliest stages of the design of the processing operations, in such a way that safeguards privacy and data protection principles right from the design phase (‘data protection by design’). Companies and organisations should also make sure that personal data is processed with the highest privacy protection, for example by only processing the necessary data and storing the data for a short period, so that by default personal data is not made accessible to an indefinite number of persons (‘data protection by default’). For example:



Data protection by design

The use of pseudonymisation (replacing personally identifiable material with artificial identifiers) and encryption (encoding

messages so only those authorised can read them).



Data protection by default

A social media platform should be encouraged to set users’ profile settings in the most privacy-friendly setting by, for example, limiting from the start the accessibility of the users’ profile so that it isn’t accessible by default to an indefinite number of persons.



Data and AI will be the main focus of one of the next Infosheets of this Series.

 

CASE STUDY

Kenya‘s Data Protection Law



Kenya is one of the most connected countries in Africa. It is home to a growing number of start-up incubators, an extensive internet infrastructure, and a long-standing innovation ecosystem that, when combined, offer optimal conditions for digital engagement. Furthermore, Kenya’s digital profile has been raised by several effective digital solutions. These include: M-Pesa, the most popular digital financial service used to pay for goods and services on and offline in Kenya and several other African countries; Ushahidi, a crisis mapping tool; and the iHub, a pioneering innovation space for the technology community in Kenya. Kenya’s digital boom has created vast opportunities with great investments coming in, whilst generating significant threats to the nation and society in terms of misuse of personal and non-personal data. The great lack of data privacy protection has had a considerable impact in Kenya’s digital rights landscape, resulting in institutional corruption. Many Kenyans have been subject to various forms of privacy violations, with increasing cases of mobile and online fraud, often targeting users of M-pesa.



In 2019, the Kenyan President Uhuru Kenyatta approved the country’s first data protection law which has been modelled around the GDPR, complying with EU legal standards and aims to strengthen external interests in the nation’s digital revolution. The new data protection law governs how consumer data can be collected, shared and stored. An independent office will be established, to investigate any violations and enforce a maximum fine of 3 million shillings (ca. EUR 25,000) or a 2-year jail sentence.



The legislation will have momentous and extensive impacts as Kenya continues to maintain one of the highest rates of data/internet users in Africa, reaching 52.0 million in 2019 with 99.3% accounting for mobile data subscriptions. Already, Amazon Web Services (AWS), a secure cloud services platform, has declared it will be expanding its operations and setting up an ‘edge location’ site in Nairobi, which will be its first outside South Africa. Furthermore, the government’s plans to digitize citizens’ identities, which has previously come under widespread criticism, could now benefit from the more stringent and secure data protection legislation.



Across the continent, there are concerns that prevailing tech companies such as Facebook and Google are collecting consumer data in Africa unrestrictedly and unchallenged. Kenya’s new legislation is setting the standard for the African continent as a whole.



CASE STUDY

The Philippines’ Innovative Startup Act



In the last years the Philippines has developed policies enabling a strong push towards digital transformation. 

The most representative is the 2019 Innovative Startup Act, a promising step taken by the government to increase both national business prosperity and international attractiveness. The Startup Act is aimed at supporting startups and start-up enablers by providing subsidies for business registration fees and advisory services, as well as priviledged regulations prioritizing startups interested in providing state services. 



Secondly, the Act provides a possibility to receive business travel grants for international exposure. The policy created special startup visas for foreigner investors and employees, as well as special business permits for Filipino startup executives. The Act further sets up a Startup Venture Fund, as well as a dedicated grant fund for research and development, training, and expansion plans. Additionally, the Government provided subsidies for the use of office spaces, equipment, and repurposed government spaces.