countries by these private companies further reduces the opportunities for enforcement and limited jurisdiction.77 Despite what is limited economic returns of African markets, this will change with Africa constituting the largest young population and many market opportunities. Private companies are protective of their collected personal data for profit purposes, and this creates market distortions and unfair competition. Again, there are valid grounds that if this information is shared it constitutes misuse contrary to data principles, yet it is not stopping these companies from profiteering from the same personal data. These are valid reasons requiring the development of data trust sharing principles, which reduces the risk to the individual data subject, increases trust and transparency on data handling. Such rules however cannot be developed at country level at the very minimum they need to be developed a regional level to capitalise on combined market share and political influence. As the value of personal and non-personal data has enormous social and economic potential, the current frameworks in many countries are insufficient to safely extract this value. The development of DIS will result in increased data sharing among public and private data controllers, and the massive personal data reuse to build the integrated systems. Ordinarily, the reuse of data for other purposes other than originally collected or without additional consent, or in the absence of a legitimate public interest is a violation. With digital identities, a more holistic and robust data governance framework is required, at the very minimum the various laws and policies must unequivocally address inclusion to respond to existing inequalities, incorporate robust and secure system design, and governance systems focused on building trust protecting privacy and user rights.78 While these principles provide for an enabling policy framework, a regional cross-sectoral instrument such as the EU Data Governance Act is necessary. Such an instrument will regulate data reuse, increase secure and trustworthy data sharing, regulate the many data intermediaries and encourage data sharing for public purposes. The adoption of data governance act does not remove the need for robust data protection protocol at the SADC level. There are cases pending in African courts now against platforms companies like Facebook, in Kenya on Content Moderators Labour Rights, https://www.foxglove.org.uk/ / / /facebook sama layoffs redundancy nairobi/ on in Ethiopia on the alleged complicit of Facebook in failing to remove materials that incited harm and violence in the Tigray conflict https://www.dw.com/en/facebook owner meta sued for inciting hatred in ethiopia/a accessed April . World Bank Principles on Identification for Sustainable Development: Towards the Digital Age . Governments are adopting principles to address digital identities such as the UK government Identity Assurance principles which articulate about principles essential for the establishment of secure DIS. These principles resonate with data privacy principles but are nuanced to digital identities. They are user control; transparency; multiplicity; data minimisation; data quality; service user access and portability; governance/certification; problem resolution; and exceptional circumstances. https://www.gov.uk/government/consultations/draft identity assurance principles/privacy and consumer advisory group draft identity assurance principles commentary on the context of the principles accessed April . PAGE