Data protection is critical to ensuring that data is not only fuelling innovation, but also that it is handled in a safe and responsible manner. To that end, mobile operators are building on the technical and compliance capabilities of the core GSM business to advance data protection in mobile money. In emerging market countries where data protection regulations are either outdated or yet to be introduced, there is also an active dialogue about how future rules can both ensure consumer protection and facilitate broad access to the digital economy.
Recognising these efforts, the GSMA has developed a set of Guidelines, based on inputs from a range of privacy experts and mobile money providers, to outline some of the industry’s best practices in approaching the privacy, security, and integrity of consumer data. They reflect initiatives spearheaded by the GSMA and its members since 2009, including the GSMA Mobile Privacy Principles and the GSMA Mobile Money Certification. The Guidelines encompass seven core principles of data protection: data governance; user choice and control; data minimisation; openness, transparency and notice; data and information security; data sharing; and accountability.