Why We Need Information Technology Standards

The Digital age, has brought with it an influx of computer systems, software,  firmware and and other related resources used in the acquisition, storage, manipulation and processing of data.

These systems have undoubtedly changed the way we live and work. Technology has improved the way we communicate, has created jobs, and has contributed to the economy. The opportunities information technology (IT) has to offer are limitless and have naturally been exploited. Over the past decade, we have seen a proliferation of counterfeit IT products that are sold to all & sundry. These devices are sold alongside genuine products and it is often difficult albeit impossible, to tell the difference.

Walk through downtown Kampala, and in almost every store, there is an information technology product and technician. Usually, these technicians are uncertified and the day to day consumer is left without recourse, in the event of a misdiagnosis or botched repair job.

Inspite of this, these businesses have flourished, seemingly unabated. This is exacerbated by inadequate consumer protection & counterfeit laws that have left consumers inevitably exposed. That is until recently, when The National Information Technology Authority of Uganda (NITA-U) enacted the Certification of Providers of Information Technology Products and Services Regulations, 2016.

The regulations, under rule 3 (1) make it mandatory for every person providing/vending information technology related products or services to have certification, provided by NITA-U.

The regulations, apply to wholesalers and retailers of computer equipment, printers, scanners, software & telecommunications equipment, technicians & installers of IT installations, data centers, server rooms etc. The certification is also required for all computer programming & information technology related services.

The regulations, are meant to standardize information technology services and to eliminate middlemen who peddle these services un-discriminatorily. These standards, will hopefully assure safety of products, promote the interoperability of products and services, facilitate trade by removing trade barriers and promote common understanding of a product.

Most importantly, standardization will make it easier to enforce intellectual property protection. Under regulation 17, NITA-U may refuse an application because the information technology products do not conform to approved standards for information technology products. NITA-U may take appropriate action including seizing and destroying the products.

While the applicability of these regulations is debatable, they are a step in the right direction. There is still a lot to be done in relation to the registration of small businesses that take up the bulk of information technology providers. The regulations attempt to bridge this disparity, under regulation 7 (2) by making it mandatory for any person intending to provide information technology products to—

  1. in the case of a legal person, be registered in accordance with the law;
  2. abide by the standards for the provision of information technology products or services;
  3. demonstrate financial viability, where necessary;
  4. put in place and maintain a sound quality management systems;
  5. have in place policies and procedures to govern the provision of information technology products or services;
  6. where applicable, employ competent and qualified staff to provide information technology products or services;
  7. provide appropriate infrastructure and equipment required to provide information technology products or services.

NITA-U has also set penalties of up to two (2) years imprisonment in the event of failure to comply with the regulations.

Overall, whether the act will be wholesomely implemented or not, it is important for all businesses offering information technology related services, to comply with the law and to get certified or risk criminal liability.

Kenneth Muhangi

Partner - KTA Advocates
LLB Hons (UCU) LLM (Wales) Dip Lp. LDC
Technology, Media, Telecommunications & Intellectual Property Law Practitioner

All author posts