NAMIBIA
DATA PROTECTION FACTSHEET
-
Population: 2,540,916
Capital: Windhoek
President: Hage Geingob
2021 Freedom House Score: 77/100
Data protection law? A draft has been tabled, and no data protection authority has been appointed
-
Privacy enshrined in Constitution: Yes, Namibia recognises the right to privacy as a fundamental human right in Article 13 of the Namibian Constitution.
DPA legislation: Despite several high-profile data security incidents in Namibia, no particular policies, frameworks, or strategies deal directly with cybercrime, cybersecurity, or data privacy. In October 2022, the Ministry of Information and Communication Technology (MICT) called for comment on a new Data Protection Bill, 2021.
-
ICCPR: Acceded
Council of Europe Convention 108: No
Council of Europe Convention 185: No
Malabo Convention: Ratified
ECOWAS Supplementary Act on Personal Data Protection: No
Council of Europe Additional Protocol to Convention 108 (Treaty No. 181): No
-
Applies to natural persons: No law
Applies to juristic persons: No law
Applies to public entities: No law
Domestic/personal purposes exclusion: No law
National security exclusion: No law
Law enforcement exclusion: No law
Cabinet or Executive Council exclusion: No law
Judicial functions exclusion: No law
Journalistic, literary or artistic purposes exclusion: No law
Temporary copies exclusion: No law
Other exclusion(s): No law
Broad or vague exclusions: No law
Applies to foreign entities: No law
Excludes foreign entities that only transit personal data through the country: No law
-
Personal data is not specifically defined under Namibian law.
-
The collection and processing of personal data in not addressed in Namibian law.
-
Notification that data is being processed: No law
Notification to DPA in event of data breach: No law
Notification to data subject in event of data breach: No law
Timeframe for notification is specified: No law
Exceptions exist to breach notifications: No law
Requires a data processing register: No law
Register is publicly available: No law
Provides for terms of service icons: No law
DPA must submit at least annual report: No law
DPA report is made public: No law
-
Explicit provision for civil liability: No law
Established/designates a Data Protection Authority: No law
DPA is empowered to investigate: No law
DPA is empowered to subpoena or request evidence: No law
Law provides for criminal penalties: No law
Law provides for administrative penalties: No law
DPA is independently structured (does not exist within or receive instructions from another public body): No law
DPA receives funding directly from the state budget/legislative body: No law
DPA may receive some forms of external funding/own revenue: No law
Adequate protections against undue removal: No law
Number of members in DPA: No law
Maximum term length for members of the DPA (years): No law
-
Right of data subject to access a copy of their personal data: No law
Right of data subject to request a correction of data: No law
Right of data subject to request deletion of data: No law
Justification required for a request for deletion: No law
Defines the requirements for consent: No law
DPA is mandated to participate in policy formulation: No law
-
There are no restrictions for international data transfers in Namibia.
-
Provides a right not to be subject to automated decision-making: No law
Page last updated: 29 November 2022