Hertta-Maria Amutenja
The ministry of information and communication technology (MICT) has confirmed that the country’s data protection bill is still under review by the cabinet committee for legislation.
This comes as the ministry of home affairs, immigration, safety and security, in partnership with the United Nations Development Programme (UNDP), has announced plans to roll out the country’s first electronic identity card (e-ID).
The smart card stores biometric and demographic data and is designed to support identity verification across sectors such as healthcare, banking, education, and public services.
Digital rights groups, including the Internet Society Namibia Chapter, have raised concerns about the rollout of the e-ID system without a national data protection law in place.
They warn that the absence of such a law could expose citizens’ personal data to misuse, pointing to last year’s data breach at a state-owned telecommunications company.
Responding to questions from Windhoek Observer, MICT spokesperson Ngaevarue Heuva confirmed that the draft data protection bill remains with the cabinet committee for legislation for feedback before it can be tabled in the National Assembly.
Asked whether the bill would be enacted before the full rollout of the e-ID system, Heuva said the ministry “cannot place a timeline on this”.
She stated that data privacy is already recognised under Article 13 of the Namibian Constitution.
“The right to data privacy is recognised in the Namibian Constitution under Article 13, which is upheld in the absence of a national law. In addition, there are regional and international best practices that the Ministry of Home Affairs can use to uphold privacy rights while implementing the e-ID system,” said Heuva.
The ministry said the draft bill aligns with several frameworks, including the African Union’s Malabo Convention, which Namibia ratified in 2019, the SADC Model Laws on data protection and cybercrime; the European Union’s General Data Protection Regulation (GDPR), and South Africa’s Protection of Personal Information Act (POPIA).
“These instruments provide a guide to ensuring that the e-ID system operates within principles of data privacy and protection, even before the domestic bill is passed,” Heuva said.
However, civil society groups argue that while international standards are useful, the lack of a national legal framework leaves gaps in oversight, enforcement, and accountability.
Questions sent to the ministry of home affairs on the matter were not answered by the time of publication.
