Promoting Effective and Inclusive ICT Policy in Africa

Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog
12May

 How the WHO Digital Health Strategy Should Govern Data, AI and Digital Public Infrastructure

Author CIPESA Posted on

By Raylenne Kambua |

As the World Health Organization (WHO) develops the Global Digital Health Strategy for 2028–2033, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) has submitted recommendations urging that the strategy be anchored on human rights, equity, and accountability, alongside technological innovation. 

Across Africa, Artificial Intelligence (AI), telemedicine, disease surveillance systems, and automated diagnostic systems are transforming healthcare delivery. However, CIPESA pointed out in the submission to the WHO Regional Office for Africa that technological innovation without proper governance can worsen exclusion, undermine privacy protections, and reinforce inequalities in healthcare delivery.

The submission comes at a time when key global and regional digital health governance frameworks are being reshaped. Last year, the World Health Assembly extended the Global Strategy on Digital Health 2020–2025, and simultaneously mandated a successor framework to be completed in 2027. 

Furthermore, global initiatives such as the World Summit on the Information Society (WSIS) and the Global Digital Compact emphasise that digital transformation must integrate the Sustainable Development Goals and ensure inclusive development.

At the continental level, the Africa Centres for Disease Control and Prevention (Africa CDC) has rolled out the Africa CDC Digital Transformation Strategy which alongside the  African Union (AU) Data Policy Framework advances interoperability, transparency, privacy, and the ethical deployment of digital systems in the health sector. However, CIPESA notes that despite these commitments, implementation gaps remain significant, particularly regarding health data governance, accountability, and protection against algorithmic harm.

CIPESA’s work on health data governance in Uganda, patient data privacy in Ghana, Rwanda, and Uganda, and analysis of Kenya’s Digital Health Act, point to the same reality. The rules governing who controls health data, who is included in digital health systems, and who is held accountable when data is mishandled are still weak across most of the continent.

“As countries embrace AI, digital public infrastructure, and data-driven healthcare systems, the real test will be whether these technologies strengthen confidence in public health systems or deepen concerns about exclusion, surveillance, and the misuse of personal data,” said CIPESA Executive Director Dr. Wairagala Wakabi.

He added: “Trustworthy digital health systems require transparent digital infrastructure, accountable AI systems, and strong data protection safeguards. Africa has the chance to shape a digital health governance model that is innovative, inclusive, and based on the public interest and human dignity.”

CIPESA’s Core Positions and Recommendations

Digital health offers significant potential to enhance Universal Health Coverage and strengthen health systems across Africa. However, without governance anchored in rights, equity, inclusion, and accountability, this promise will remain unfulfilled. It is against this backdrop that CIPESA submitted the following recommendations:

1. Digital Public Infrastructure (DPI)

Digital health infrastructure should be open, interoperable, transparent, and rights-respecting, with safeguards to prevent exclusion and misuse of shared systems.

    2. Health Data Governance

    Most African countries lack specific laws that govern health data. Countries should therefore establish clear legal frameworks governing health data, including informed and meaningful patient consent, limits on data sharing, independent oversight mechanisms, and enforceable accountability structures.

    3. Artificial Intelligence (AI)

    CIPESA warns that most AI systems used in healthcare are trained on non-African datasets, which increases the risk of inaccurate diagnoses and exclusion. The submission recommends that AI tools and systems should be tested and validated in Africa, and include mandatory “explainability” standards so that health professionals understand how the AI reaches conclusions, and safeguards against bias in clinical decision-making tools.

    4. Interoperability

    Many digital health tools are isolated across countries and institutions, meaning they can not share data with each other. In this light, CIPESA recommends the adoption of national interoperability standards, including the WHO SMART Guidelines, to ensure secure and efficient health data exchange. Also, all digital health vendors should adhere to interoperability standards and the utilisation of shared infrastructure.

    5. Equity and Inclusion

    The digital divide continues to expand in most African countries and limits access to digital health services. CIPESA recommends conducting “equity impact assessments” before launching new systems, continued availability of offline options, and supporting digital literacy initiatives.

    6. Stronger Governance

    CIPESA holds that technology fails without clear leadership and coordination between health and technology departments. Therefore, creating clear governance structures for accountability and embracing a multi-stakeholder approach in decision-making processes are vital for resilient health systems. Other recommendations are the publication of institutional AI and digital health use policies and mandatory human rights impact assessments for high-risk systems.

    7. Sustainable Financing

    Many digital health initiatives rely on short-term donor funding, resulting in countries being dependent and unable to scale such programmes. Additionally, gaps in workforce capacity constrain implementation. CIPESA urges governments to invest in domestic financing of digital health systems and training of health and technical personnel.

    In conclusion, CIPESA’s submission emphasises that while digital technologies offer significant opportunities to strengthen health systems and improve service delivery, without strong safeguards, digital health risks reproducing and scaling existing inequalities in new, technologically mediated forms. A rights-based, inclusive, and accountable approach is therefore essential to ensure that Africa’s digital health future is not only innovative, but also equitable and just.

    Read the full submission here.

    11May

    Outpaced by Its Own Ambition: Can Kenya Bridge Its AI Regulation  Gap?

    Author CIPESA Posted on

    By Raylenne Kambua |

    The raw paradox at the heart of Kenya’s Artificial Intelligence (AI) moment is that the country is simultaneously sprinting ahead in AI adoption while grappling with a shrinking space for the very digital voices that AI empowers.

    According to the Digital Global Update Report, Kenya recorded the world’s highest usage rate of AI tools in 2025, with 42.1% of internet users aged 16 and above reporting active use of AI-powered technologies. This level of usage indicates that AI is increasingly being woven into the daily life of Kenyans.

    However, the Navigating the Implications of AI on Digital Democracy in Kenya report by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) highlights that while AI empowers citizens, it also enables unprecedented surveillance and manipulation.

    A Nation Leading the Way in AI Adoption

    Kenya has made significant investments in digital services, innovation hubs, and connectivity under the National Digital Master Plan 2022–2032.

    These developments are also transforming how citizens interact with the government. Tools such as the Office of the Data Protection Commissioner’s Linda Data chatbot and platforms such as Sauti ya Bajeti have expanded access to rights information and budget tracking.

    Yet, even as AI delivered clear benefits, it also revealed its dual nature, most visibly during the 2024 #RejectFinanceBill protests, during which Gen Zs mobilised through AI-generated infographics, satire, and short-form videos. At the height of the protests on June 25, a nationwide internet disruption was enforced despite assurances from the Communications Authority. The disruption was confirmed by network monitors like Cloudflare and NetBlocks, exposing the fragility of internet freedom in Kenya.

    Civil society condemned the internet shutdown as a violation of rights, while telecoms Safaricom and Airtel attributed it to outages in their undersea cable. In the aftermath, reports of abductions and enforced disappearances of digital activists escalated, with the Kenya National Commission on Human Rights documenting at least 82 cases between June and December 2024.

    Kenya’s AI Policy Landscape

    The launch of the Kenya National AI Strategy 2025–2030 in March 2025 signalled the country’s ambition to position itself as Africa’s leading AI innovation hub. The strategy prioritises governance, ethics, investment, digital infrastructure, data ecosystem development, and support for AI research and innovation.

    Kenya has also strengthened its international profile through participation in programmes such as the United Nations High-Level Advisory Board on AI, joining the International Network of AI Safety Institutes, and assuming leadership in the World Summit on the Information Society (WSIS+20).

    At the national level, initiatives such as Digital Platforms Kenya (DigiKen) and the Kenya Bureau of Standards’ draft AI Code of Practice reflect growing momentum toward operationalising AI governance and skills building. The government is also developing an AI and Emerging Technologies Policy and a Data Governance Policy, both of which are expected to be in place by July 2026.

    However, the gap between ambition and readiness remains wide. Kenya ranks 93rd in the 2025 Government AI Readiness Index, due to persistent weaknesses in infrastructure, implementation, and institutional capacity.

    Moreover, Kenya’s legal framework for AI remains fragmented and incomplete. Currently, there is no standalone AI law in force, but a controversial Artificial Intelligence Bill, 2026, that has raised significant concerns about over-regulation and censorship  is under discussion. Additionally regulation is based on broader laws such as the Data Protection Act 2019 and the Computer Misuse and Cybercrimes Act 2018, which were not designed to address AI-specific risks such as deepfakes, automated decision-making, algorithmic discrimination, or synthetic disinformation.

    As highlighted in the CIPESA report, critical gaps remain in the use of AI. These include the absence of mandatory algorithmic impact assessments, weak safeguards against AI-driven surveillance such as facial recognition, and scant measures to address AI-generated electoral misinformation. Furthermore, regulatory authorities lack sufficient capabilities to audit and monitor sophisticated AI systems, and there are no clear licensing or accountability frameworks for AI creators and deployers.

    “Without deliberate, inclusive, and rights-centred governance, AI risks entrenching authoritarianism and exacerbating inequalities.” (Navigating the Implications of AI on Digital Democracy in Kenya, 2025)

    The Way Ahead: AI Governance Focused on Human Rights

    The CIPESA report outlines a human rights–centred approach to AI governance that is built on the following key principles:

    1. Life-Centred and Human-Centred Design and Accountability: AI should support and not replace human judgment, with strong oversight to ensure transparency and accountability.
    2. Equity and Fairness: Design AI to prevent bias and expand inclusive access, especially for underrepresented groups.
    3. Transparency and Trust: Ensure AI systems are explainable, well-documented, and open to public scrutiny and challenge.
    4. Safety, Security and Resilience: Build resilient systems with ongoing risk assessments and strong protections against misuse.
    5. International Collaboration and Ethical AI Development: Advance ethical AI through international collaboration while upholding constitutional values and human oversight.
    6. Environmental sustainability: Align AI development with climate resilience and sustainable resource use.
    7. Inclusive Participation and Cultural Relevance: Reflect local diversity and involve marginalised communities in AI design.
    8. Robust Governance and Adaptive Regulation: Maintain flexible, responsive regulation that keeps pace with technological change.

    The report calls for a coordinated, multi-stakeholder approach to AI governance. It recommends that:

    • The government should enact a comprehensive AI law aligned with constitutional and international human rights standards, establish a legally mandated National AI Advisory Council with inclusive representation and strong enforcement powers.  It should also introduce clear prohibitions on high-risk practices such as real-time biometric surveillance without judicial oversight.
    • Civil society and the media should strengthen public awareness, promote accountability, and counter AI-driven disinformation.
    • Private sector actors should uphold transparency, fairness, and ethical standards across AI systems, including fair labour practices. Labour protections must be guaranteed for gig workers and data annotators within the AI value chain.
    • Academia and research institutions should continue generating evidence that can guide context-specific policy and regulation.
    • Across all stakeholders, digital literacy must be expanded, especially in underserved and rural communities, so that citizens can understand and challenge AI systems that affect them.

    With the ongoing legislative processes on AI, this is a pivotal time for Kenya, as it has the momentum and the attention of the world. But momentum without action will not work. The country cannot afford slow, fragmented debates while technology is fast progressing. Additionally, Kenya must strike a careful balance between regulation and innovation, as overly restrictive rules could limit access, slow local innovation, and lock the country out of AI’s economic and social benefits. The goal should be a flexible, forward-looking framework that protects rights while still enabling growth and opportunity.

    Read the full report, Navigating the Implications of AI on Digital Democracy in Kenya.

    11May

    CIPESA Urges Rights-Centred Approach to Uganda’s AI Strategy

    Author CIPESA Posted on

    By CIPESA Writer |

    The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) has submitted recommendations to Uganda’s Artificial Intelligence (AI) and Emerging Technologies Strategy national taskforce, calling for a human rights-centred approach to the governance of these technologies.

    The submission, made in response to the Ministry of ICT and National Guidance’s ongoing process to develop a National AI and Emerging Technologies Strategy, welcomes Uganda’s ambition to harness AI for development. At the same time, CIPESA cautions that innovation must be matched with the legal, institutional, and ethical safeguards needed to protect people from harms.

    Discussions on Uganda’s AI policy come at a moment when AI technologies are already being deployed in both public and private sectors. The submission states that AI-enhanced tools are currently employed in customs risk profiling at the Uganda Revenue Authority, customer service functions, digital financial services, research organisations, and environmental monitoring initiatives.

    In agriculture, AI-powered tools can support weather forecasting, pest detection, control and prevention, and tailored advice for farmers, whereas in healthcare, they can enhance disease detection, diagnostics, prescription and help address shortages in medical personnel. These applications highlight the transformative potential of AI, yet there are also concerns around surveillance, exclusion, discrimination, and misuse of personal data.

    The submission is informed by CIPESA’s broader work on digital rights in Africa, including the Navigating the Implications of AI on Digital Democracy in Uganda report, which emphasises the growing impact of AI-driven technologies on online expression, political communication, surveillance practices, and civic participation.

    The recommendations also build on CIPESA’s earlier work on developing an inclusive AI ecosystem for Uganda. According to the policy brief, An Artificial Intelligence Eco-System for Uganda, the country’s existing legal and policy frameworks provide a fragmented foundation for regulating AI and responding to emerging risks such as algorithmic bias, automated discrimination, opaque decision-making, and AI-enabled surveillance.

    Accordingly, CIPESA calls for a rights-by-design approach to AI governance. High-risk AI systems used by both public and private actors should be transparent, auditable, and subject to independent oversight. It also calls for mandatory Human Rights Impact Assessments for AI systems used in sensitive sectors such as healthcare, agriculture, education, taxation, law enforcement, and social protection.

    The submission further recommends dedicated legal and policy measures that address algorithmic transparency, automated decision-making, public-sector AI procurement, safeguards against discriminatory outcomes, and mechanisms for redress where harm occurs.

    CIPESA also raises concerns about the growing use of automated systems in areas such as digital lending and mobile money services, where millions of Ugandans are already subjected to algorithmic profiling and automated credit scoring with limited transparency or accountability. The submission recommends that Uganda’s AI strategy should establish clear safeguards and oversight standards for both existing and future AI systems.

    While AI presents significant opportunities for improving public service delivery and supporting development priorities, CIPESA stresses that such systems must be built using representative local datasets, and designed in ways that minimise bias, exclusion, and discriminatory outcomes.

    The organisation further stresses that AI governance must be inclusive and participatory. The submission calls for meaningful involvement of civil society organisations, academia, technical experts, and affected communities in shaping Uganda’s AI strategy. It also recommends multilingual and accessible AI-enabled platforms that support citizen participation through channels that are accessible to underserved and low-literacy communities.

    Beyond governance safeguards, CIPESA urges the government to invest in local AI research, innovation, and infrastructure development. It recommends support for universities, innovation hubs, and local startups, alongside the establishment of national AI research centres and dedicated funding mechanisms. Earlier recommendations by CIPESA also proposed the creation of a national AI Research Fund and citizen awareness programmes to improve public understanding of AI technologies and their societal implications.

    Without deliberate investment in local capacity, Uganda risks becoming merely a supplier of raw data to foreign technology companies while deriving limited economic value from AI technologies. This would also deepen dependence on externally developed systems that may not fully reflect local contexts, needs, or priorities.

    CIPESA additionally calls for alignment between Uganda’s strategy and broader regional initiatives, including the African Union Continental AI Strategy and wider African efforts on digital governance, data protection, and platform accountability.

    Ultimately, CIPESA argues that Uganda’s AI and Emerging Technologies Strategy should put people first, ensuring that innovation and emerging technologies are matched with clear safeguards and meaningful oversight.

    Read the full submission here: CIPESA Submissions on Uganda AI and Emerging Technology Strategy

    01May

    Tanzania’s Digital Rights Record Faces Fresh Scrutiny at the UPR

    Author CIPESA Posted on

    By Ainembabazi Patricia |

    In November 2026, Tanzania will be up for its fourth cycle review under the Universal Periodic Review (UPR) mechanism of the United Nations Human Rights Council (HRC). Ahead of the review, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the Pan African Lawyers Union (PALU), and JamiiAfrica made a joint stakeholder submission on the state of digital rights including expression, access to information, assembly and association, privacy, data protection, and gender equality in digital spaces in Tanzania.

    The submission recognises the positive steps taken by Tanzania to advance the digital ecosystem  since its previous assessment in 2021. Internet connectivity has expanded significantly, and the country has adopted important digital governance measures. These include the enactment of the Personal Data Protection Act, 2022, and the establishment of the Personal Data Protection Commission, reforms to the Media Services Act, and policy initiatives such as the Digital Economy Strategic Framework 2024–2034, and emerging AI governance frameworks.

    However, the report finds that these gains have not translated into a freer or safer digital civic space in the country. Repressive laws and regulations continue to be used to restrict online expression, limit publications, silence dissent and elevate censorship. The Electronic and Postal Communications (Online Content) Regulations as amended in 2020 and 2025 still require licensing for online media service providers and grant the Tanzania Communications Regulatory Authority (TCRA) broad powers to suspend or revoke licences. Vague provisions in the Cybercrimes Act and related laws also continue to criminalise legitimate expression, creating a chilling effect for journalists, bloggers, activists, and ordinary users.

    According to the CIPESA, PALU and JamiiAfrica report, several incidents have narrowed the environment for the exercise of online freedoms.  Key media and engagement platforms such as the Clubhouse, X (formerly Twitter) and JamiiForums were blocked in 2023 and 2025 respectively. In 2024, Tanzania’s media space was marked by intensified restrictions.  TCRA suspended Mwananchi Communications’ online platforms for 30 days on October 2, 2024, against a backdrop of broader restrictions on unregistered Virtual Private Networks (VPNs) in October 2023.

    Particularly concerning were the restrictions imposed during the 2025 general elections. The report notes that Tanzania implemented a nationwide internet shutdown from October 29 to November 3, 2025, cutting off access to major social media and communication platforms. This disrupted the ability of citizens, journalists, and observers to share information, document events, and participate in public debate during a critical democratic moment.

    While Tanzania in 2022 enacted the Personal Data Protection Act, which came into force in 2023, its implementation is weakened by restrictions on anonymity and VPN usage, as well as heightened surveillance. Pronouncements by government officials against sharing certain election-related content have fostered fear and self-censorship. For many Tanzanians, especially critics of government and civic actors, legal protections for personal data remain undermined by surveillance-related risks.

    The submission also draws attention to the growing threat of Technology-Facilitated Gender-based Violence (TFGBV). Women journalists, politicians, activists, and other public-facing women are increasingly subjected to online harassment, sexualised abuse, doxxing, reputational attacks, and coordinated trolling. These harms were particularly acute around the 2025 elections, when gendered disinformation and intimidation converged with broader restrictions on online speech.

    To address these concerns, the report recommends that Tanzania repeals or amends vague and overly broad laws including the Cybercrimes Act and the Online Content Regulations. The report calls for compliance with international human rights standards, discouraging restrictions such as internet shutdowns and platform blocking. It also calls for judicial oversight over surveillance, greater transparency in state requests to technology companies, stronger support for the Personal Data Protection Commission, investment in digital rights literacy, and explicit protections against TFGBV.

    Read the full report submission here.

    01May

    CIPESA Condemns Zambia’s Cancellation of RightsCon 2026

    Author CIPESA Posted on

    By CIPESA Writer |

    The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) notes with deep concern the Government of Zambia’s decision to postpone Rights Con 2026, which was scheduled to take place in Lusaka next week. The postponement was confirmed by the organisers on April 29, 2026. Civic convenings of this nature thrive precisely because they create a safe space for diverse, sometimes uncomfortable, conversations about rights, technology, and power. Restricting that space undermines the principles of openness, dialogue, and democratic engagement on the continent.

    The information provided by the Zambia government suggests that halting of RightsCon was not a necessary and proportionate measure. It has caused undue financial losses and disrupted the plans of thousands of national and international human rights actors and the local tourism, travel and conferencing sector, while also denting Zambia’s  governance credentials and international standing.

    CIPESA has joined over 130 organisations from across the world in expressing concern over the  government’s decision that raises questions about transparency, civic space, and commitment to inclusive global digital governance.

    The cancellation of RightsCon 2026 escalates an ongoing crisis of democratic regression and the rise of digital authoritarianism on the continent.

    In a related development, the World Press Freedom Day (WPFD) Global Conference, originally scheduled to also take place in Lusaka ahead of RightsCon. has also undergone significant changes. UNESCO has announced that the conference will now be held online, while the UNESCO/Guillermo Cano World Press Freedom Prize ceremony will be relocated to the UNESCO Headquarters in Paris, France at a later date. These developments effectively delist Zambia as the host of this year’s WPFD, although a commemorative event remains scheduled for May 4, 2026.

    1 2 3 200