Growth in technology has resulted in the large-scale collection and
processing of Personally Identifiable Information by organizations that run
digital services such as websites, which led to the emergence of new
legislation to regulate PII collection and processing by organizations.
Subsequently, several African countries have recently started enacting new data
protection regulations due to recent technological innovations. However, there
is little information about the security and privacy practices of top websites
serving content to EAC citizens. We, therefore, analyze the website operators’
patterns in terms of third-party tracking, security of data transmission,
cookie information, and privacy policies for 169 top EAC website operators
using WebXray, OpenSSL, and Alexa top websites API. Our results show that only
75 percent of the analyzed websites have a privacy policy in place. Out of
this, only 16 percent of the third-party tracking companies that track users on
a particular website are disclosed in the site’s privacy policy statements
which means that users don not have a way of knowing which third parties
collect data about them when they visit a website. Such privacy policies take
time to read and are difficult to understand; on average, it takes a college
graduate to comprehend the policy and a user spends 12 minutes to read the
policy. Additionally, most third-party tracking on EAC websites is related to
advertisement and belongs to companies outside the EAC. This means that EAC
lawmakers need to enact suitable laws to ensure that people’s privacy is
protected as the rate of technology adoption continues to increase.

By admin