Promoting Effective and Inclusive ICT Policy in Africa

Category Archives: Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog  /  Blog
26Jul

Kenya’s 2022 Political Sphere Overwhelmed by Disinformation

Author Evelyn Lirri Posted on

Ahead of the August 9, 2022, general elections, Kenya has been hit by a deluge of disinformation, which is fanning hate speech, threatening electoral integrity, and is expected to persist well beyond the polls. Last month, the Kenya ICT Action Network (KICTANet) and CIPESA convened stakeholders in Nairobi to disseminate the findings of research on the nature, pathways, and effects of disinformation in the lead-up to the election, and the actions required to combat disinformation. Below is a summary of the report findings and takeaways from the dissemination event, as captured by KICTANet:

There is a lot of strange information going on around the country, and this has been happening for a while. During the Kenya Internet Governance Forum (IGF) week, the Kenya ICT Action Network (KICTANet) in partnership with the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) held a workshop to disseminate a report on  Disinformation in Kenya’s Political Sphere: Actors, Pathways and Effects. The research is part of a regional study conducted by CIPESA, that explores the nature, perpetrators, and effects of misinformation in Cameroon, Ethiopia, Uganda, Nigeria, and Kenya.

As Kenya nears the 2022 general elections, disinformation remains at its peak levels, both at grassroots and national levels. The availability of sophisticated technology and its ease of use has enabled a wide range of political actors to act as originators and spreaders of disinformation.

Currently, there is no law that clearly defines or distinguishes between misinformation and disinformation. However, it is an offense to deliberately create and spread false or misleading information in the country. False publications and the publication of false information are punishable under the Computer Misuse and Cyber Crimes Act under Sections 22 and 23. It is a crime to relay false information with the intent that such information is viewed as true, with or without monetary gain. However, these same laws can also be used to silence dissent, making it a double-edged sword.

The study identifies different forms of disinformation that take place both physically and online. They include deep fakes, text messages, WhatsApp messages, and physical copies such as pamphlets and fliers. These are spread through the use of keyboard armies on social media, where politicians up to the grassroots levels hire influencers, and content creators who spread messages around them or against their opponents. This is done through mass brigading and document and content manipulation. The rationale is driven by the desire to get ahead politically or economically and is fuelled by an ecosystem that is fertile for the spread of this vice.

According to Safaricom, in the year 2017, 50% of its communications department time was spent monitoring fraud and fake information at different times. The instigators of this disinformation are influencers, politicians themselves, people they work with, and their parties.

There is a flow to how the fake news gets to the audience, and disinformation does not start with the pictures but with a plan that is part of a bigger political strategy. It starts with identifying the target audience, choosing the personnel and people to push the message, and then narrative development is done. This is followed by content development, which includes videos, pictures or memes, and audio files. Once this is done, the content is then strategically released to the unknowing public, who, without critically analyzing the information, spread it far and wide to a wider audience. This results in diminished trust in democratic and political institutions and restricted access to reliable and diverse information.

This can be addressed by having increased government engagement on social media as opposed to it being reactive only. For example, the government needs to be an active contributor to accurate information. Considering there is a space in which disinformation thrives, in particular where there is a lack of response, rumors spread. Civil society should also engage with policymakers and media representatives on enhancing digital literacy and fact-checking skills. The intermediaries should increase transparency and accountability in content moderation measures and conduct cross-sectoral periodic policy reviews.

Key Takeaways

  1. The weakest link in disinformation is the citizen, and therefore, one of the most effective ways to tackle the issue is to empower the citizenry to be able to detect and respond wisely to misinformation. If the general public is not informed, it is a lost battle.
  2. There is a thin line between misinformation and mal-information and it can easily be blurred.
  3. The Computer Misuse and Cyber Crimes Act 2018 is a double-edged sword that censors yet tries to get some accountability from the general public in regard to spreading misinformation.
  4. Safaricom reported that during the 2017 election, 50% of its time was spent monitoring fraudulent interactions.
25Jul

Skilling Justice Actors in Digital Rights Advocacy in Africa

Author Evelyn Lirri Posted on

CIPESA Staff |

In June, 2022, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) conducted a regional capacity building workshop aimed at equipping participants with thematic understanding of key digital rights trends in the region, including disinformation, alongside practical skills development in impactful digital rights advocacy and communication.

Hosted in Lusaka, Zambia, the two-days workshop (June 28 and 29), attracted 20 participants from 10 African countries – Eswatini, Ethiopia, Kenya, Malawi, Mozambique, Rwanda, South Africa, Uganda, Zambia, and Zimbabwe.

According to Ashnah Kalemera, CIPESA’s Programme Manager, the training was part of various interventions through which, CIPESA is developing the capacity of different social justice organisations with the requisite skills to effectively engage in digital rights advocacy  including research methodology and communications, designing evidence-based advocacy strategies, as well as digital resilience.

“There is limited understanding of digital rights among traditional human rights defenders,  with many yet to make the direct link between technology, social justice and human rights as part of their advocacy efforts. Meanwhile, many are working in hostile environments, with shrinking civic space both online and offline,” said Kalemera. 

Although there has been a growing number of civil society and justice actors responding to and challenging government excesses over the years, there are still knowledge and skills gaps among actors that hinder their  engagement in meaningful policy advocacy. Findings from a 2017 joint research study conducted by CIPESA, Small Media, DefendDefenders, and the Centre for Intellectual Property and Information Technology Law (CIPIT) showed that in all of the countries surveyed (Burundi, Rwanda, Tanzania, and Uganda), civil society organisations (CSOs) failed to demonstrate a baseline of digital security knowledge, and/or failed to implement practices effectively.

The report notes that although the internet and related technologies have empowered CSOs to engage with the public, share information, and advocate for citizens’ rights in sometimes challenging and closed political environments, it has also offered means and tools that are used by state and non-state actors to interfere with their work, surveil them, and censor their voices.

In addition, digital security and safety skills are lacking among some of the most at-risk groups, yet trainers and support networks are in short supply. Without adequate digital security capacity, activists and human rights defenders are not able to meaningfully undertake advocacy and engagements around human rights, transparent and accountable governance.

CIPESA’s capacity building interventions are therefore designed and structured to provide both skills and knowledge modules and serve as a platform for developing collaborative advocacy strategies for advancing digital rights in the region. The training in Lusaka covered topics such as the interplay between technology, democracy and human rights; trends in digital rights violations such as arrests and intimidation of online users, internet blockages, surveillance and interception of communications. 

Other topics covered during the workshop were disinformation and human rights, which explored the implications of false and misleading information on online mobilisation and participation. Elsewhere, the workshop explored digital inclusion, with Zambia-based activist, Matha Chilongoshi of Revolt Media emphasising the need for increased engagement on the digital divide, online violence against women and girls and digital accessibility for persons with disabilities. In this regard, Kamufisa Manchishi, a Lecturer at the Mulungushi University – Zambia noted that the existing  digital disparities are a result of access and affordability barriers including failure by governments to design and implement universal service fund policies that prioritise equity. This calls for proactive efforts in policy influence for an inclusive digital society.

Indeed, as highlighted by Apolo Kakaire, the Advocacy and Communication Manager at the African Centre for Media Excellence (ACME), “in order for civil society’s work in Africa to impact government policy, help change attitudes and behaviour in society, and ultimately result in greater protections for internet freedom, there is a need to develop and implement robust advocacy and impactful communication strategies.

Post-evaluation of the training workshop indicated increased understanding of the key terms and concepts covered including the link between disinformation and freedom of expression, disinformation and internet shutdowns, and commitment by participants to apply the acquired knowledge and skills, including acting as infomediaries within their communities and organisations through awareness raising among colleagues, and conducting information verification prior to sharing.

“As a communication officer, I will cross-check and make sure that all the information I am sharing is not deceitful while encouraging others to do the same,” noted one participant. Another participant indicated that they would work to get more involved in advocacy regarding disinformation laws that are detrimental to human rights. “We are planning to have a workshop with the grassroots women human rights defenders on disinformation and human rights and develop a digital rights advocacy and communication strategy.” The planned workshop will take place in Kenya’s largest urban informal settlement, Kibera, led by Tunapanda.

30Jun

Bridging the Gender Digital Divide is Critical for Achieving Digital Rights in Africa

Author Evelyn Lirri Posted on

By Victor Kapiyo |

Digital technologies have created new spaces for interaction and enabled new ways to connect, share experiences, work and build communities. These technologies continue to be influential and have the potential of enhancing growth and expanding opportunities for the realisation of women’s rights in Africa. Indeed, access to the internet and digital devices has become central to the empowerment of women and girls, and in enabling them to realise and enjoy their digital rights. 

Women and girls in Africa form a key constituency and a distinct category in their experiences in using the internet compared to men and boys. Plan International points out that while technology and the internet can be a great enabler for women and girls, lack of opportunities and skills, and fear of discrimination, could prevent many from using and creating digital tools and online content. 

Indeed, the growing digital gender divide in access to the internet in Africa limits the potential of the internet and Information and Communication Technologies (ICT) to contribute to achieving gender equality, women’s rights and digital rights for women and girls. Notably, there is a substantial divide between men and women in internet access and use globally, as a majority of the 2.9 billion people who remain unconnected are women and girls. 

According to the International Telecommunications Union (ITU), in 2013, only 37% of all women were online, compared to 41% of all men. In 2017, the global internet penetration rate for men stood at 50.9% compared to 44.9% for women. This increased in 2019, with ​the proportion of women using the internet globally standing at 48%, compared to 58% of men. In 2022, 62% of men were using the internet compared to 57% of women, meaning that the global internet use gender gap stands at 8%. However, this divide is more glaring in the Least Developed Countries (LDCs), many of which are in Africa, where only 19% of women used the internet in 2020, compared to 86% in the developed world. 

Furthermore, the digital gender divide in Africa has continued to widen as most of the new internet users since 2013 were men. According to the GSMA, women in developing countries are 14% less likely to own a mobile phone than men and are less likely than men to utilise mobile data, social media applications or SMS services. Sub-Saharan Africa still has the most expensive data prices in the world, according to the 2021 Worldwide Mobile Data Pricing Report, with the average price for 1GB of mobile data coming in at USD 6.44. An analysis by the Alliance for Affordable Internet (A4AI) shows that 1GB of mobile broadband data became less affordable in 2021 than in 2020, following the impact of Covid-19, with the cost increasing by 12% in the LDCs.

Access remains critical to achieving digital inclusion. In countries such as Lesotho, Mozambique, Tanzania, Uganda, Zambia, and Zimbabwe evidence of the digital divide exists as shown in the table below. The high cost of access is driven by taxes such as those introduced in Tanzania, Uganda, and Zambia which are paid prior to accessing the internet and social media platforms. In some countries like Uganda, in addition to the high taxes, some social media platforms like Facebook are still blocked and are only accessible through Virtual Private Networks (VPNs). Further, save for Zimbabwe and Lesotho, the remaining countries fall below the average internet penetration rates in Africa and globally. With respect to mobile penetration, with the exception of Mozambique and Uganda, the other four countries reviewed in this blog – Lesotho, Tanzania, Zambia and Zimbabwe – are ranked above the African and global average, according to the Datareportal

Notably, all six countries fall below African and global social media use rates.  Despite being ranked highest among these countries, Lesotho still stood at 18.7% below the African average. However, it is important to note that there is limited availability of reliable gender-disaggregated data in Sub-Saharan Africa, where inequality is at its greatest.

The 2018 After Access study on “Understanding the Gender Gap in the Global South” revealed that poorer countries from Africa such as Rwanda, Tanzania and Mozambique, showed high gender disparity in ICT access and use, with women being on the lower end. Further, sex, income, education and location were significant determinants of whether people used the internet, with women having a lesser chance and lagging behind men. The study also found that women who were more educated, with higher incomes, and living in urban areas were likely to have greater access to the internet than those in rural areas generally. 

The cost of devices was the primary barrier for the unconnected, while the price of data services was the main barrier for those who were connected. In rural areas, access to electricity was a greater challenge than mobile coverage. The study also revealed that the knowledge of the internet was lower among women in rural areas, with only 35% indicating knowledge of the internet. Indeed, sex remains a key determinant of the probability of an individual owning a mobile phone. These findings are not unique and could mirror the situation in other countries in Sub-Saharan Africa.

Currently, several instruments such as the Declaration on the Elimination of Violence against Women (DEVAW), Convention on the Elimination of All Forms of Discrimination against Women (CEDAW), Protocol to the African Charter on Human and Peoples’ Rights on the Rights of Women in Africa (Maputo Protocol), African Platform for Action, the Dakar Declaration of 1994, the Beijing Platform for Action of 1995, the Sustainable Development Goals call for the elimination of discrimination and the promotion of women’s rights and the UN Guiding Principles on Business and Human Rights call for the promotion and protection of women’s digital rights. These instruments, which enjoy wide acceptance in the continent, highlight the need for stronger protection of women’s rights and could present an opportunity for the use of ICT to empower women, including through the promotion of universal internet access. 

Additionally, governments according to an A4AI report are missing out on USD 1 trillion in gross domestic product (GDP) as a result of women’s exclusion. The report notes that governments are not adopting the policies needed to bridge the digital gender gap, with 40% of 29 countries studied in 2020 lacking meaningful policies or programmes to expand women’s access to the internet. 

Empowering women and girls through the provision of meaningful access to the internet and digital technologies could undoubtedly provide them with opportunities to start businesses, and to access education, health, social and financial services. It could also be a powerful tool to enable women and girls to participate in governance, to associate, assemble and express themselves on digital rights issues that are dear to them and to develop relevant content for their empowerment. In addition, there is a need to increase women’s representation in leadership and decision-making roles within the ICT sector.  

Therefore, in order to bridge the gender digital divide, African governments need to urgently implement legislative, policy, administrative and practical measures to address the existing structural inequalities in income, education, and employment opportunities, and stem the political, economic, legal, cultural, technological and social barriers that lead to the exclusion of women and girls from accessing and using the internet and ICT. These measures should include developing affirmative action that ensures that more women and girls have access to affordable internet and digital devices, meaningful connectivity and sound digital literacy and skills. Finally, closing the digital gender gap will require that countries collect and share gender and age disaggregated data on access and use of ICT in order to help track and evaluate progress and shape policies geared towards promoting the enjoyment of digital rights by women and girls on the continent.

29Jun

Ten Initiatives Receive USD 82,000 in Grants From the Africa Digital Rights Fund

Author Evelyn Lirri Posted on

By Ashnah Kalemera |

Ten initiatives, with interventions spanning seven African countries, are the recipients of total funding of USD 82,000 under the sixth round of the Africa Digital Rights Fund (ADRF). The supported initiatives are focused on promoting effective data governance in Kenya, Nigeria and Senegal; countering gendered and election-related misinformation and disinformation in Kenya, South Sudan and Uganda; building digital resilience within the media fraternity in Ghana, Nigeria and Uganda; promoting digital inclusion in Uganda and Kenya; and grassroots-based movements for internet freedom in South Africa.

These latest grants bring to USD 649,000 the sum of funding provided by the ADRF in sub-grants since its establishment in April 2019. A total of 52 initiatives covering 39 countries have been covered by the  ADRF, which offers flexible and rapid response grants to select initiatives in Africa to implement activities that advance digital rights.

Promoting Effective Data Governance Policy and Practice

In June 2021, Senegalese President Macky Sall launched a national data centre to promote data sovereignty in line with the country’s Digital Strategy 2025. State agencies are required to host all their data at the China-backed data centre. Jonction Senegal will conduct a study on the data localisation, biometric databases and digital ID landscape in Senegal. The findings of the study will feed into stakeholder engagement and advocacy for participatory and inclusive data governance frameworks in Senegal.

As part of the Kenya Internet Governance Forum (KeIGF) 2022, the Kenya ICT Action Network (KICTANet) will convene a dialogue on public health data governance frameworks and practices in Kenya. With a focus on Covid-19, the dialogue will explore government data collection and processing as part of contact tracing efforts and citizens’ experiences, towards informing engagement with the newly established Data Protection Commission.

According to the Global Entrepreneurship Monitor (GEM), Nigeria is among the countries with the highest number of women entrepreneurs, most of whom conduct their business online. With the increasing prevalence of cyber attacks and fraud, the success of women-owned Small-Media Enterprises (SMEs) in the country is under threat.  Tech Hive Advisory and Ikigai Innovation Initiative will conduct a study on the data governance and cyber security challenges and needs of women-owned SMEs in Nigeria. The findings of the study will feed into the development of a toolkit and capacity building of up to 250 online SMEs in data protection and cyber security practices that improve their sustainability and competitiveness. The project is expected to cover four regions – Lagos, Abuja, Kaduna and Ibadan.

Building Digital Resilience in the Media Sector

Under the second round of ADRF, iWatch Africa was supported to track, document, and analyse online abuse and harassment against journalists and rights activists covering political and societal issues in Ghana. In partnership with the Ghana Police and the Commission on Human Rights and Administrative Justice (CHRAJ), iWatch Africa developed draft guidelines for the prevention of online abuse and harassment and continued to undertake advocacy in the field while engaging stakeholders on legal support for victims to seek redress.

Building on the foundations of the project, iWatch Africa will engage newsrooms in Ghana and Nigeria on online safety for women journalists. Based on the Keeping Journalists Safe Online: A Guide for Newsrooms in West Africa and Beyond, iWatch will support 20 newsrooms in developing reporting guidelines and protocols for online abuse and conduct capacity-building training for editors and journalists. The intervention will be reinforced by an online campaign against harassment of journalists.

Similarly, in Uganda, the Northern Uganda Media Club (NUMEC) will host trainings and dialogues with editors, journalists and content creators in five districts – Gulu, Kitgum, Lira, Adjumani and Pader – on digital safety and online harassment. The engagements will be informed by a survey on the extent of use of digital platforms by media houses in these districts. NUMEC is one of only a few media development organisations based out of Uganda’s capital, Kampala.

Countering the Information Disorder

KICTANet will convene a second dialogue around the KeIGF 2022 e focused on disinformation in the run-up to the August 2022 elections. Based on the findings of a study on Disinformation Pathways and Effects on Democracy and Human Rights, the dialogue will deliberate on ways to tackle the disinformation eco-system of Kenya’s political sphere as the polls draw nearer.

Meanwhile, through campaigns and convenings, Her Internet will explore gendered misinformation and disinformation online. With a focus on sexual minorities and sex workers in Uganda, the project will work to build awareness and understanding of the effects and perpetrators of gendered misinformation and disinformation attacks online and build alliances and networks as support systems for mitigating the impact and countering the false narratives.

In South Sudan, DefyHateNow will leverage its track record in combating online hate speech and incitement to violence to engage journalists, social media users and grassroots communities on disinformation and cybersecurity in the face of the implementation of the Revitalised Agreement for the Resolution of Conflict in the Republic of South Sudan, which is expected to pave way for elections in 2023. The organisation will conduct monthly fact-checking and safety online meetups. The meetups will also aim to build community trust circles for information verification through the fact-checking platform https://211check.org/. DefyHateNow will also conduct radio and social media campaigns on disinformation and misinformation dubbed #FactsMatter and #DigitalWellness, and award cyber security fellowships with placements in local civic organisations in line with its https://safetycomm.org platform.

Promoting Digital Inclusion 

Media Focus on Africa will host training and dialogues with journalists in the Northern Uganda districts of Soroti, Moroto, Arua, Lira, Gulu and Kabale on the digital divide and effective coverage of digital exclusion of rural communities, women, and persons with disabilities in the respective districts.

For its part, the Kenya National Association for the Deaf will study the digital access and literacy levels among the hearing impaired in eight counties in Kenya. Through a blend of focus group discussions, key informant interviews, surveys and questionnaires, the research will cover Nairobi, Migori, Busia, Machakos, Nyeri, Nandi, Wajir, and Kilifi. The findings of the study will inform stakeholder engagements including with national and county governments on digital accessibility for persons with disabilities and inclusive policies.

Coalition Building for Internet Freedom Advocacy

In South Africa, Yetu Info Tech Collective will work to establish a community of human rights defenders and civil society organisations campaigning for internet freedom across five provinces. Starting with a national conference, Yetu Info Tech Collective will engage up to 70 organisations on local trends on access, affordability, censorship and surveillance as priority advocacy areas. The conference will be followed with the development and piloting of a Moodle course on collective action and activism for internet freedom in South Africa. The organisation will also provide ongoing support to members of the coalition in campaign development and execution.

The ADRF was established in recognition that technology had become pivotal to promoting livelihoods and human rights on the continent but there was need to strengthen local capacity in evidence-based research, collaborative advocacy and impactful policy engagements responsive to regulatory and practice developments that affect internet freedom in Africa.

The ADRF’s supporters have included the Centre for International Private Enterprise (CIPE), the Ford Foundation, the Swedish International Development Cooperation Agency (Sida), the German Society for International Cooperation Agency (GIZ), and the Omidyar Network.

29Jun

Leveraging the African Union Data Policy Framework to Bolster National Data Governance Practices

Author Evelyn Lirri Posted on

By CIPESA Staff Writer |

Earlier this month, stakeholders from around Africa met in Kigali, Rwanda to discuss how to implement the recommendations of the African Union (AU) Data Policy Framework to enable member states to improve their data governance policies and practices, including respect for citizens’ rights. Held on the sidelines of the World Telecommunications Development Conference (WTDC), the convening discussed the prevalent data governance challenges and how the Policy Framework can help to address them.

In 2021, the AU Commission embarked on developing the Policy Framework, which was endorsed by the Executive Council in February this year. The Policy Framework offers guidance to member states on how to derive value from data generated by governments and private entities. Further, it makes the case for policy interventions to optimise cross-border data flows, such as harmonising data governance frameworks. The Policy Framework envisages the creation of a shared data space and standards that regulate data production and use across the continent. In turn, the AU is devising an implementation plan to support the domestication of the Policy Framework by member states and putting in place the necessary mechanisms to enable data flows across the continent.

The continental policy comes at a time when the role of data in powering socio-economic growth is taking centre-stage, but so are various data governance concerns that are undermining more effective usage of data and the uptake of data-based initiatives. In some countries, the data regulation is retrogressive and unduly restricts data flows. Other countries lack data protection laws. 

Prevailing digital rights concerns include increased surveillance, proliferation of regressive laws and regulations that undermine digitalisation efforts, large-scale data collection programmes by governments amidst weak oversight and rampant privacy breaches including by business entities. Many governments in the region are undertaking rapid data collection and digitalisation initiatives, such as digital ID, biometric voters’ cards, drivers’ licences and SIM card registration.

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) was invited to participate at the Kigali convening, specifically to discuss what the Framework means for ordinary citizens and how its implementation can uphold rights, sustain trust and enable data flows that support economic growth and digital transformation.

Speaking at the meeting, CIPESA’s Dr. Wairagala Wakabi indicated that the Framework promises to deliver enhanced data governance in Africa. By providing common benchmarks for states to embrace and be assessed by, it could help engender good policies and practices, which is not the case in some countries currently. However, for this to be realised, common challenges must be addressed. These challenges mostly relate to the security and privacy of data, and the fear by governments that flexible data outflows would undermine local capacity development and job creation and result in revenue losses.

Further, Dr. Wakabi stated that citizens’ trust was “critical to stimulating” the uptake of data-based initiatives. Yet low trust prevailed, mostly due to the lack of public education and awareness among data subjects, little or no information provided on uses of data, and citizens’ previous experiences of data misuse and data breaches by the state or data controllers. To build trust, African countries should institute procedures and systems to ensure data is not breached or abused; enact enabling laws to protect data and rights; conduct adequate education on data handling and usage; grow data controllers’ understanding of the regulatory requirements and ensure they comply with them.

The aspiration of the Framework to increase policy harmonisation and improve data flows across countries holds much promise for economic integration and offers citizens and businesses wider opportunities including for trade beyond national borders. The facilitation of flexible data flows and greater public access to data held by governments and private entities can provide evidence to inform policy and aid the attainment of development objectives such as the Sustainable Development Goals (SDGs).

Similarly, flexible data flows guided by common frameworks that are well defined can serve the public good by enabling innovation, jobs creation and e-services development, and facilitating intra-Africa digital trade. As such, there is a need to address policy measures that restrict data flows across borders and mandatory legal requirements that data be stored or processed in a specific country.

“Many countries have prohibited cross-border transfers of personal data unless authorised by Data Protection Authorities or other designated entity. Common drivers are fears of losing local digital economy jobs, tax revenue and local capacity, for example in data infrastructure, and the need to ensure adequate data security. However, laws and policies are rarely clear on the rationale behind data localisation,” said Dr. Wakabi.

African countries have adopted different approaches to data localisation. Many use laws on financial services (e.g. Nigeria, Ethiopia and Rwanda), cybersecurity and cybercrimes (Rwanda, Zambia and Zimbabwe), telecom (Cameroon, Rwanda and Nigeria) and data protection (Kenya, South Africa, Tunisia and Uganda) to place restrictions on cross-border data transfer. Some specify data that can not be exported without authorisation. Kenya specifies all public data; Nigeria mentions all government data, subscriber and consumer data; while Zimbabwe, Malawi and Tunisia cite personal information. Sierra Leone prohibits the cross-border transfer of subscribers’ registration information. Other countries have data location requirements related to telecom providers’ data, data of entities operating in sectors of “vital importance”, in e-commerce, and those offering cloud services. 

The laws generally provide similar grounds for when personal data may be sent across borders, with transfers easier to make to countries that offer an equivalent level of protection. However, recognition of equivalence among fellow African countries is limited. For instance, Morocco’s 2015 list of countries with a sufficient level of protection featured no African country, while Tunisia’s 2018 list of 49 countries had just Algeria, Mauritania, Mauritius, Morocco, and Senegal.

Those national data sovereignty moves can hamper regional data sharing, trade, foreign investment, and innovation, and run counter to the AU Policy Framework. They also do not always result in greater protection for data or respect for citizens’ rights. As such, a framework is needed to govern cross-border flows, but it should primarily be enabling and not restrictive as is currently the case with most countries.

In sum, it is crucial to build trust among citizens and governments, including by generating evidence to debunk theories that inform current localisation moves and to demonstrate that data can flow freely across borders without undermining national interests. There is also a need to create awareness among citizens of their data rights and how to protect them, grow awareness among data controllers of their obligations and conduct audits of their performance. This alongside empowering regulators to function independently and with sufficient resources. Finally, it is essential to build the capacity of data collectors, regulators, government departments and data intermediaries to robustly protect the rights of data subjects.

1 22 23 24 25 26 70