More on the Draft Data Protection Bill
Some of our readers may be aware of long-running discussions regarding the implementation of data protection legislation in Namibia. These efforts culminated in the publication of a Draft Data Protection Bill (2022) by the Namibian Ministry of Information and Communication Technology. The latest Bill was published for consultation and public comment in October 2022. However, the 2022 Draft Bill appears to be substantially different to the Final Draft Bill that was circulated for public comment in 2020.
Several concerns have since been raised regarding the 2022 Draft Bill, most of which focused on its likely impact on human rights and the underdeveloped consent provisions contained therein. The Draft Data Protection Bill in Namibia is intended to safeguard individuals’ personal information by setting clear regulations for data collection, storage, and processing. In furtherance of this objective, it mandates responsible and transparent handling of personal data by data controllers and processors. The Bill also grants individuals the right to access their data, request corrections, and seek remedies for misuse. By aligning with international standards, the Bill aims to enhance privacy protection, boost consumer confidence, and support the country’s digital economy.
Some key points to note, at this stage, in respect of Namibia’s current Draft Data Protection Bill:
- Compliance Period: Data controllers will have a one-year period after the Bill’s commencement to comply.
- Scope: The Bill applies to personal data processing activities within and outside Namibia, provided these activities concern individuals within Namibia’s jurisdiction.
- Primary Objectives: The Bill seeks to regulate personal information processing to protect fundamental rights and freedoms, ensure data subject rights, establish a supervisory authority, and outline the responsibilities of data controllers and processors.
- Administrative Fines: There are no specified minimum or maximum limits for administrative fines that may be imposed on controllers by the supervisory authority. The data protection supervisory authority has been mandated to make regulations pertaining to administrative fines. The data protection supervisory authority may consider high administrative fines in an effort to discourage data controllers from contravening the legislation, once in force.
- Regulatory Alignment: Businesses already compliant with GDPR or POPIA will find it relatively straightforward to comply with the Bill once it becomes law.
We will keep you updated on further developments in this regard.

POLICE SEIZE COUNTERFEIT GOODS WORTH R5 MILLION
Police in Limpopo have made a significant impact on the illegal trade of counterfeit goods, seizing items worth R5 million (approximately $271 723) in Musina. The operation, conducted by multiple la...
February 12 2025

MINISTRY ISSUES PIVOTAL REPORT ON PROTECTION AND ENFORCEMENT OF IP
The Ministry of Investments, Trade, and Industry has issued the Second International Symposium on Intellectual Property Protection and Enforcement (ISIPPE-2) report which aims to reinforce Kenya’s c...
February 12 2025

Ministry Issues Updates on The Suspension of Trade Marks
The Libya Trade Mark Office has issued Ministerial Decision No. 2 of 2025 which provides that all acceptance notices issued during the closure of the Trademark Office (from 2 April 2024 to 1 September...
February 12 2025