According to industry reports, Zimbabwe has introduced data protection licences for organisations that gather first-party data.
The data protection licensing payments range from US$50 to US$2500, and organisations, including churches and WhatsApp group admins, must secure these licences from the telecoms regulator, the Post and Telecommunications Regulatory Authority (POTRAZ).
Furthermore, these organisations and WhatsApp groups must appoint a data protection officer (DPO) trained and accredited by POTRAZ.
Zimbabwe’s ICT minister, Tatenda Mavetera, wrote on LinkedIn: “Even churches that collect personal data ought to have such a licence and appoint a DPO. WhatsApp group admins are not spared, too; if your groups are meant for business, you should also obtain a licence. Failure to comply attracts penalties.”
According to Mavetera, the move enforces the country’s Data Protection Act, enacted in 2021, aiming to increase data protection.
The law also addresses aspects of cybersecurity and cybercrime. The Act’s main focus is on data privacy and ensuring data protection for any data acquired by data handlers within and outside the country if the means used for processing is located in Zimbabwe.