šŖš¹ Ethiopia
Informations
Extracts :
Extract :
No mention of the subject rignt related to Citizens outside their jurisdiction
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
No mention of the subject rignt related to Persons within their jurisdiction
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
No mention of the subject rignt related to Legal entities
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
No mention of the data controller's obligation/responsibility to Organizations located outside the jurisdiction processing regulated subjects data.
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
"As stated above, the controller is obliged to conduct a DPIA if the personal data processing has a high potential risk to the personal data subjects. According to Article 34(2) of the PDPL, personal data processing with high potential risk includes:
automatic decision-making that has legal consequences or a significant impact on the data subject;
processing of specific personal data;
processing of large-scale personal data;
processing of personal data for systematic evaluation, scoring, or monitoring of data subjects;
processing of personal data for the activity of matching or combining a group of data;
the use of new technologies in the processing of personal data; and/or
the processing of personal data that limits the exercise of the rights of the data subject.
Article 128 of the Draft PDPL Implementing Regulation stipulates that the assessment must be documented and must at least include:
a systematic description of the activities and the purpose of the processing of the personal data, including the interests of the controller of the processing;
assessment of the need for and proportionality between the purposes and activities of the processing of personal data;
risk assessment for protecting the rights of personal data subjects; and
measures used by the controller to protect the personal data subjects from the risks of personal data processing.
Under the Draft PDPL Implementing Regulation, the controller is obliged to reassess in the event of a change in the risk of processing personal data. In its assessment, the controller is allowed to consult with the PDP Institution if the data processing has a risk of causing material and/or non-material harm to personal data subjects, with no technical and organizational policies that can be provided by the controller to minimize the harm.
PDP Regulations
Under Article 12 of GR 71, the ESPs must apply risk management towards damages or losses that they incurred. The provision provides the meaning of 'risk management' as conducting risk analysis and formulating mitigation measures and countermeasures to overcome threats, disturbances, and obstacles to the electronic system which it manages."
2023
Reference :
Indonesia Data protection overview | DataGuidance
Updated DataGuidance reports
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
Extracts :
Extract :
"Not applicable."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"Not applicable."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"Not applicable."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"The data subject rights (right to be informed, right to access, right to rectification, right to erasure, right
to object, right to portability, and right not to be subject to automated decision making) are not clearly
provided under the existing sector specific data protection rules. However, some of these rights are reflected
in some of the sector specific privacy and/or data provisions."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"The data subject rights (right to be informed, right to access, right to rectification, right to erasure, right
to object, right to portability, and right not to be subject to automated decision making) are not clearly
provided under the existing sector specific data protection rules. However, some of these rights are reflected
in some of the sector specific privacy and/or data provisions."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"The data subject rights (right to be informed, right to access, right to rectification, right to erasure, right
to object, right to portability, and right not to be subject to automated decision making) are not clearly
provided under the existing sector specific data protection rules. However, some of these rights are reflected
in some of the sector specific privacy and/or data provisions."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"The data subject rights (right to be informed, right to access, right to rectification, right to erasure, right
to object, right to portability, and right not to be subject to automated decision making) are not clearly
provided under the existing sector specific data protection rules. However, some of these rights are reflected
in some of the sector specific privacy and/or data provisions."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
"The data subject rights (right to be informed, right to access, right to rectification, right to erasure, right
to object, right to portability, and right not to be subject to automated decision making) are not clearly
provided under the existing sector specific data protection rules. However, some of these rights are reflected
in some of the sector specific privacy and/or data provisions."
2021
Reference :
Ethiopia Data protection overview | DataGuidance
(Data Protection Overview 2021)/ DataGuidance reports
Extracts :
Extract :
| Name | Short name | Classification | Jurisdiction | Year of creation |
|---|---|---|---|---|
| Regulator | No regulator |
| Legal text name | Original text name | Legislation type | Year signed | Regulation status | In effect since | Latest update initiated | Latest update areas | Latest update signed year |
|---|