Last Chance To Register With Eswatini Data Protection Authority


By Phiwa Sikhondze 

Today, September 30, 2024, marks the deadline for data processors and data controllers in Eswatini to register under the Eswatini Communications Commission’s (ESCCOM) data protection campaign. 

Launched on March 1, 2024, the campaign aims to ensure that all companies comply with the provisions of the Data Protection Act, of 2022, as part of a broader mission to safeguard the personal information of citizens.

ESCCOM, acting as the Eswatini Data Protection Authority (EDPA), has been driving the registration process as a legal requirement for all entities that collect, store, or process personal data. So far, over 280 companies have registered under the campaign, receiving the first-ever data protection registration certificates. 

Registration is mandatory for data controllers and processors, ensuring they meet standards for transparency, accountability, and data security. Companies must provide specific details such as their name, address, purpose of processing, categories of data subjects, and plans for trans-border data flow. This information forms part of a national register maintained by ESCCOM to enhance oversight and protect consumers from data breaches and misuse.

In today’s digital age, protecting personal data is not only a legal requirement but also a critical factor in maintaining consumer trust. Proper compliance with data protection standards helps prevent unauthorized sharing of information, data breaches, and misuse, all of which can harm a company’s reputation and expose it to legal action.

ESCCOM has been proactive in raising awareness about the importance of data protection, urging companies to view compliance as a value addition rather than a burden. 

“Compliance should not be seen as a hindrance or cost to the company but as a value add in that consumers/data subjects will have trust that their personal data, which is at your disposal, is secure,” stated ESCCOM CEO, Mvilawemphi Dlamini, during a certificate issuance event held in April.

With today marking the final day for registration, ESCCOM has reiterated the urgency for businesses that have not yet registered to do so immediately. The consequences of missing the deadline include potential fines, legal action, and reputational damage. 

Additionally, registered entities benefit from enhanced cyber security guidance, enabling them to meet global data protection standards and strengthen their overall data management systems.

As the country continues to advance its digital economy, ESCCOM’s leadership in data protection will play a key role in ensuring that personal information is safeguarded across all sectors. Consumers can now have greater confidence that their data is being handled by legitimate, registered companies committed to protecting their privacy in the digital age.


Share With Friends