A recent report published by Google and the International Finance Corporation shows that there are approximately 700,000 developers in Africa. More than half of these developers are concentrated in five countries- Kenya, South Africa, Morocco, Egypt, and Nigeria with the majority coming from Kenya and Nigeria.
This explains the rapid adoption of technology and the emergence of thousands of new startups in Africa. Just as expected, most if not all modern startups exist in form of web or mobile apps. This cuts across all sectors- from Nigeria’s fintech Flutterwave to Kenyan-based sexual health education Miss SophieBot.
Building user privacy-centric apps
Early last month, Italy joined France and Netherlands among other European Union countries in banning Google Analytics. Italian Data Protection Authority banned Google Analytics for sending users’ data to the US without any supplementary protection measures by the European Union.
Coming closer home, Safaricom has been forced to restructure its M-Pesa Daraja API. The new API redacts users’ phone numbers and names in compliance with the Data Protection Act 2019. The law requires organizations handling payment data to minimize the use and transfer of sensitive customer data such as names and phone numbers during the processing of a transaction.
According to Masibo Law– a popular law firm specializing in user data privacy, a privacy-centric design simplifies everything. It means putting the user first and helping them to be aware of the privacy implications of using your app/product. It also includes how to manage their data in a way that gives them power over how it is used.
For instance, users deserve to know why they should allow an app to access their location. A more practical approach would be to periodically allow the users to select how their data should continue being used.
Again, it is also important to be clear to users on Third Party Access. This can be effected by clarifying if and how their data will be shared with third parties. There should be a precise and careful extraction of users’ consent for this.