The virtual Plenary Sitting of the Chamber of Deputies on Thursday, August 12, adopted the new law relating to personal data protection and privacy. The law was voted for by 59 MPs. But, there were two spoiled votes (nulls). This law consists of the processing of personal data done by electronic or other means of processing personal data. It provides grounds for collecting and processing personal data, safeguards required for processing of personal data including sensitive data and the general rules applicable for collecting and processing of personal data. It also provides the right of data subject and punishment for failure to comply with the requirement of this law by those who either collect or process personal data. According to the explanatory note of the law, personal data protection aims at safeguarding fundamental right to privacy by regulating the processing of personal data, providing the individual with rights over their data, and setting up systems of accountability and clear obligations for those who control or undertake the processing of the personal data. It noted that, increasingly, everything we do generates data, whether we are in possession of a device or not; and that our devices, networks, and even homes generate vast amounts of data. Also, our transport systems, cars, payment systems, and cities generate data through us and about us. Our devices, and infrastructure, it indicated, are being designed for data exploitation. And, increasingly, it is beyond the ability of individuals themselves to control the ways in which data about their lives is shared and processed. To this end, it provided for clear obligations of those processing data, so that they take measures to protect personal data, mitigate the infringement of the right to privacy, and are held to account when they fail to comply with obligations. Veneranda Uwamariya, Chairperson of the Committee on Education, Technology, Culture and Youth which scruitnised the bill before it was voted into law by the Plenary Sitting said that it had 64 articles contained in eight chapters when the Government tabled it to Parliament on May 6 this year. But, after the Committee examined it, it consisted of 70 articles grouped in nine chapters, because there was a new chapter which was included in it. Two of the articles of the initial bill were approved without amendment, while 53 were amended. Three articles were removed from the draft law because they were deemed unnecessary. And, 15 articles were introduced in the bill with the aim to include new provisions to make it complete, she indicated. “This law will enable the protection of personal data and privacy as one of the factors regarded as the core of issues about the lives of people where personal data is moving at the same pace as the use of technology in providing or seeking services,” she said.