As we mark Data Protection and Privacy Week, it is important to acknowledge a critical reality of the digital age: data breaches are no longer a theoretical risk; they are an everyday occurrence. Personal data, particularly email addresses, is frequently exposed through cyber incidents affecting organizations across sectors and jurisdictions. From a data protection perspective, this underscores a key principle under modern data protection laws, including the Data Protection and Privacy Act (Uganda) and the GDPR: personal data must be processed securely, and risks to data subjects must be actively mitigated.



