Abstract
The General Data Protection Regulation (GDPR) protects the personal data of natural persons and at the same time allows the free movement of such data within the European Union (EU). Hailed as majestic by admirers and dismissed as protectionist by critics, the Regulation is expected to have a profound impact around the world, including in the African Union (AU). For European–African consortia conducting research that may affect the privacy of African citizens, the question is `how to protect personal data of data subjects while at the same time ensuring a just distribution of the benefits of a global digital ecosystem?’ We use location privacy as a point of departure, because information about an individual’s location is different from other kinds of personally identifiable information. We analyse privacy at two levels, individual and cultural. Our perspective is interdisciplinary: we draw from computer science to describe three scenarios of transformation of volunteered or observed information to inferred information about a natural person and from cultural theory to distinguish four privacy cultures emerging within the EU in the wake of GDPR. We highlight recent data protection legislation in the AU and discuss factors that may accelerate or inhibit the alignment of data protection legislation in the AU with the GDPR.
Highlights
On 25 May 2018, two years after its enactment into law, the General Data Protection Regulation (GDPR), “the most contested law in the E.U.’s history, the product of years of intense negotiation and thousands of proposed amendments,” became enforceable in the European Union [1]
The GDPR protects the processing of personal data of natural persons and allows the free movement of such data within the European Union (EU)
Having a personal understanding of one’s location privacy requires an understanding of regulations in place, trust in regulation maintenance processes, as well as an understanding of the personal data that is in play, and the inference capabilities that others may have once they have access to such data
Summary
On 25 May 2018, two years after its enactment into law, the General Data Protection Regulation (GDPR), “the most contested law in the E.U.’s history, the product of years of intense negotiation and thousands of proposed amendments,” became enforceable in the European Union [1]. We turn our gaze to (location) privacy in the African Union, a polity where currently ongoing legislative activity for personal data protection is matched by an intense activity of data extraction from African-based organizations for expert analysis in advanced economies [25,26] Such an exploration, tentative, is important to us, because of our long-term engagement with African academia and government in joint research projects, involving African ‘data subjects.’
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
