Promoting Effective and Inclusive ICT Policy in Africa

Blog

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Blog
29Dec

Sarah Kekeli Akunor

Author CIPESA Posted on

Who is Sarah Kekeli Akunor?

I am a young woman with visual impairment. I recently graduated from the University of Ghana with a Bachelor’s degree in Political Science and Philosophy. I am a member of the Mastercard Foundation’s Alumni Network Committee, serving as the lead for Inclusion, Gender, and Safeguard. I am also a Disability Inclusion Facilitator under the Mastercard Foundation’s ‘We Can Work’ programme. I also serve as an interim executive for the newly inaugurated Ghana Youth Federation, where I hold the position of Secretary for Gender Equality and Social Inclusion. I am a passionate advocate for disability rights and digital rights, and inclusion. I have a certificate in Disability Leadership in Internet Governance and Digital Rights from the Internet Society (ISOC).

Before I lost my sight, I had a very limited understanding of disability or its challenges. I have a genetic eye condition called Retinitis Pigmentosa, which was only diagnosed when I was 24 years old. I was born with the condition, but I could see with the help of glasses until the condition deteriorated through my teenage years and early twenties. After I lost my sight, I couldn’t read Braille, so I needed to learn how to use a computer. I noticed that leveraging technology made it possible for me to live a more fulfilling life. This served as a basis for my strong passion for advocating for digital rights, not just for myself, but for the countless persons with disabilities who are out there. Through my experience, I witnessed the transformative impact of Assistive Technology in the lives of persons with disabilities.

In Africa, there is inaccessibility everywhere. I noticed that persons with disabilities are left behind even in the digital space. I started by advocating in my own space, such as discussing disability inclusion with family and friends. I entered the digital space by volunteering at the Ghana Blind Union Assistive Technology lab and with Inclusive Tech Group. Now that I have a platform, my goal is to see the rights of persons with disabilities mainstreamed in all spaces, especially online, as online spaces have become increasingly central to how the world functions.

Across Africa, there are several innovators creating brilliant solutions for various categories of persons with disabilities. In Ghana, for example, a young innovator has developed an app called DeafCanTalk, which enables deaf people to communicate through sign language. The app converts the signs into written or spoken text for the other party to understand.

Other initiatives in Ghana, such as the “Disability Conclusion Hackathon”, organised by the Inclusive Tech Group, make it possible for young innovators without disabilities to co-design and co-create disability-relevant tech solutions together with their counterparts with disabilities. One organisation I belong to, The Phoenix Unity Club, is also championing the accessibility of apps and websites in Ghana by advocating strongly for the development of Ghana’s own ‘Web Content Accessibility Policy.’

In furtherance of these goals, I have held positive engagements with the authorities at the National Information Technology Agency and the Ghana Investment Fund for Electronic Communication. Across Africa, InABLE is doing great work promoting digital rights through its annual Inclusive Africa Conference. The Collaboration of ICT Policy for East and Southern Africa (CIPESA), with its Forum on Internet Freedom in Africa, the Internet Society, the Internet Governance Forum, and Paradigm Initiative, with its Digital Rights and Inclusion Forum (DRIF), are all actively promoting the realisation of digital rights for persons with disability across Africa.

The deployment of various apps, technologies, and AI platforms in Africa is definitely worth commending. However, there is a real risk of widening the digital divide if these technologies and AI platforms are not accessible to persons with disability, either because they are too expensive or poorly designed without consideration for accessibility needs. There are also real risks of data protection issues, particularly for persons with disabilities and those with little or no education.

To stay ahead of the curve, policymakers need to ensure that new technologies in Africa are only deployed for public use after they have been proven to be compliant with diverse accessibility needs. Again, innovators must be encouraged to co-create with persons with disabilities. And finally, data protection laws must be strengthened and strictly enforced.

There are several things that we should be doing. First, we need to make sure that we build meaningful collaborations and partnerships among all stakeholders across policy, civil society, digital rights activists, government, and persons with disabilities from different parts of Africa, and foster a spirit of true friendship and openness in discussing the common problems of access to assistive devices, online accessibility, data privacy breaches, etc., and develop solutions that are relevant to our local African context.

Secondly, it is important to promote co-creation and co-design of all innovations in Africa with persons with disabilities. Persons with disabilities, women, youth, and older persons must be involved in the innovation process right from the ideation stage. Once these innovations are complete, these groups of people must be consulted in testing the products before they are released to the market.

In addition, as digital rights advocates, we must not only make passionate arguments for inclusion but also insist that there is a business case for including persons with disabilities and other vulnerable groups in the development of new technologies. After all, there are countless funding and grant opportunities that make accessibility a non-negotiable requirement before these funds are granted. In short, disability inclusion is not a matter of charity but a long-term business strategy.

Journalists at a Training
22Dec

Why Digital Security Training Is No Longer Optional for Ugandan Journalists

Author CIPESA Posted on

By Byaruhanga Brian |


Ugandan journalists are increasingly facing intertwined physical and digital threats which  intensify during times of public interest including elections and protests. These threats are compounded by  internet shutdowns, targeted surveillance, account hacking, online harassment, and regulatory censorship that directly undermines their safety and work.  A study on the Daily Monitor’s experience found that the 2021 general election shutdown constrained news gathering, data-driven reporting, and online distribution, effectively acting as digital censorship. These practices restrict news gathering, production, and dissemination and have been documented repeatedly from the 2021 general election through the run‑up to the 2026 polls.

Over the years, CIPESA has documented digital rights violations, challenged internet shutdowns, and worked directly with media practitioners to strengthen their ability to operate safely and independently. This work has deepened as the threats to journalism have evolved.

In recent  months CIPESA has conducted extensive journalist safety and digital resilience trainings across the country, reaching more than 200 journalists from diverse media houses and districts across the country, in the Acholi subregion (Gulu, Kitgum, Amuru, Lamwo, Agago, Nwoya, Pader, and Omoro), Ankole sub region (Buhweju, Bushenyi, Ibanda, Isingiro, Kazo, Kiruhura, Mbarara (City & District), Mitooma, Ntungamo, Rubirizi, Rwampara, and Sheema), Central (Kampala, Wakiso), Busoga Region (Bugiri, Bugweri, Buyende, Iganga, Jinja, Kaliro, Kamuli, Luuka, Mayuge, Namayingo, and Namutumba), and the Elgon, Bukedi, and Teso subregions (Mbale, Bududa, Bulambuli, Manafwa, Namisindwa, Sironko, Tororo, Busia, Butaleja, Kapchorwa, Soroti, and Katakwi).

The trainings aimed to strengthen the capacity of media actors to mitigate digital threats and push back against rising online threats and censorship that enable digital authoritarianism. The training was central to helping journalists and the general media sector to understand media’s role in democratic and electoral processes, ensure legal compliance and navigate common restrictions, buttressing their digital and physical security resilience, enhancing the skills to identify and counter disinformation and facilitating the newsroom safety frameworks for the media sector.

The various trainings were tailored to respond to the needs of the journalists, covering media, democracy, and elections; electoral laws and policies; and peace journalism, with attention to transparent reporting and the effects of military presence on journalism in post-conflict settings.

Meanwhile, in Mbale and Jinja, reporters unpacked election-day risks, misinformation circulating on social media, and the legal boundaries that are often used to intimidate them. Across the different regions, newsroom managers, editors and reporters worked through practical exercises on digital hygiene, safer communication, and physical-digital risk intersections.

CIPESA’s digital security trainings respond to the real conditions journalists work under. The sessions focus on election-day and post-election reporting, verifying information and claims under pressure, protecting sources, and strengthening everyday digital security through strong passwords, two-factor authentication, and safe device handling. Journalists also develop newsroom safety protocols and examine how peace journalism can help de-escalate tension rather than inflame it during contested political moments

One of the most important shifts for the participants,  came from the perspective that safety stopped being treated as an individual burden and started being understood as an organisational responsibility. Through protocol-development sessions, journalists mapped threats, identified vulnerabilities such as predictable routines and weak passwords, and designed “if-then” responses for incidents like account hacking, detention, or device theft. For many journalists, this was the first time safety had been written down rather than improvised.

Beyond the training for journalists, CIPESA hosted several digital security clinics and help desks for human rights defenders and activists. At separate engagements, close to 70 journalists received one-on-one support during a digital security clinic at Ukweli Africa held from the 15 December 2025 including the at the Uganda Media Week. These efforts sought to  enhance their digital security practices. The support provided during these interventions included checking the journalists’ devices for vulnerabilities, removal of malware, securing accounts, enabling encryption, and secure data management approaches.

“Some journalists who had arrived unsure, even embarrassed, about their digital habits, left lighter, not because the risks had vanished, but because they now understood the tools and how to manage risks.”

These engagements serve as avenues to build the digital resilience of journalists in Uganda, especially as the media faces heightened online threats amidst a shrinking civic space.Such trainings that speak the language of lived experience often travel further than any policy alone. In Uganda, where laws can be used to narrow civic space, where the internet can be switched off, and where surveillance blurs the line between public and private, practical digital security becomes a necessity.

By training journalists across Uganda, supporting them through digital security desks, and standing with them during moments like Media Week, CIPESA has helped journalists strengthen their resilience to keep reporting in spite of the challenges and threats they encounter daily.

15Dec

Inform Africa Expands OSINT Training and DISARM-Based Research With CIPESA

Author CIPESA Posted on

ADRF |

Information integrity work is only as strong as the methods behind it. In Ethiopia’s fast-changing information environment, fact-checkers and researchers are expected to move quickly while maintaining accuracy, transparency, and ethical care. Inform Africa has expanded two practical capabilities to address this reality: advanced OSINT-based fact-checking training and structured disinformation research using the DISARM framework, in collaboration with the Collaboration on International ICT Policy for East and Southern Africa (CIPESA).

This work was advanced with support from the Africa Digital Rights Fund (ADRF), administered by CIPESA. At a time when many civic actors face uncertainty, the fund’s adaptable support helped Inform Africa sustain day-to-day operations and protect continuity, while still investing in verification and research methods designed to endure beyond a single project cycle.

The collaboration with CIPESA was not only administrative. It was anchored in shared priorities around digital rights, information integrity, and capacity building. Through structured coordination and learning exchange, CIPESA provided a partnership channel that strengthened the work’s clarity and relevance, and helped position the outputs as reusable methods that can be applied beyond a single team. The collaboration also reinforced a regional ecosystem approach: improving practice in one context while keeping the methods legible for peer learning, adaptation, and future joint work.

The implementation followed a phased timetable across the project activity period from April through November 2025. Early work focused on scoping and method design, aligning the training and research approaches with practical realities in newsrooms and civil society. Mid-phase work concentrated on developing the OSINT module and applying DISARM as a structured research lens, with iterative refinement as materials matured. The final phase focused on consolidation, documentation discipline, and packaging the outputs to support repeatable use, including onboarding, internal training, and incident review workflows.

A central focus has been an advanced OSINT training module built to move beyond tool familiarity into a complete verification workflow. Verification is treated as a chain of decisions that must be consistent and auditable: how to intake a claim, determine whether it is fact-checkable, plan the evidence, trace sources, verify images and videos, confirm the place and time, and document each step clearly enough for an editor or peer to reproduce the work. The aim is not only to reach accurate conclusions but also to show the route taken, including which evidence was prioritized and how uncertainty was handled.

This documentation discipline is not bureaucracy. It is a trust technology. In high-risk information environments, preserved sources, verification logs, and clear decision trails protect credibility, strengthen editorial oversight, and reduce avoidable errors. The module prioritizes hands-on, production-style assignments that mirror real newsroom constraints and trains participants to avoid overclaiming, communicate uncertainty responsibly, and present evidence in ways that non-expert audiences can follow.

In parallel, Inform Africa has applied the DISARM framework to disinformation research. DISARM provides a shared language for describing influence activity through observable behaviors and techniques, without drifting into assumptions. The priority has been to remain evidence-bound: collecting and preserving artifacts responsibly, maintaining a structured evidence log, reducing harm by avoiding unnecessary reproduction of inflammatory content, and avoiding claims of attribution beyond what the evidence supports. This DISARM-informed approach has improved internal briefs, strengthened consistency, and made incidents easier to compare over time and across partners.

Three lessons stand out from this work with CIPESA and ADRF. First, quality scales through workflow, not only through talent. Second, evidence discipline is a strategic choice that protects credibility and reduces harm in both fact-checking and research. Third, shared frameworks reduce friction by improving clarity and consistency across teams. Looking ahead, Inform Africa will integrate the OSINT module into routine training and onboarding and continue to apply DISARM-informed analysis in future incident reviews and deeper studies, reinforcing information integrity as a public good.

This article was first published by Informa Africa on December 15, 2025

15Dec

How CIPESA Is Supporting Harmonised Data Governance in African Countries

Author CIPESA Posted on

By Juliet Nanfuka |

Across the world, larger amounts of data are being collected than ever before. For instance, massive volumes of data are being collected by national identity systems and mandatory SIM card registration exercises, as well as by private actors, including through online platforms and mobile devices. However, in many African countries data governance structures remain lacking, fuelling various concerns such as data breaches and surveillance.

Over the course of 2025, CIPESA has undertaken extensive work alongside the GIZ DataCipation programme and the African Union to support countries and Regional Economic Communities (RECs) to collaboratively develop data governance policies that are progressive and rights-respecting.

The various engagements, which were guided by the African Union Data Policy Framework (AUDPF), also involved building the capacity of regulators, policymakers, and other stakeholders in devising and implementing data governance policies that promote socio-economic transformation and regional integration.

Adopted in 2022, the AUDPF offers a harmonised set of principles to guide African states in governing data safely, fairly, and effectively, as it provides a continental vision for protecting personal rights, enabling cross-border data flows, unlocking socio-economic value, and fostering interoperable digital systems. CIPESA has long advocated for African countries to adopt the AUDPF as a common benchmark to guide data policies that strengthen accountability and foster trust between governments and citizens.

The inaugural capacity building workshop to build the capacity of judges and senior staff of the East African Court of Justice (EACJ) on data governance, was held in March 2025, in Kigali, Rwanda. The training aimed to enhance court officials’ understanding of the AUDPF and its implications for national and regional data governance, as well as the need for harmonised data governance policies within the East African Community (EAC).

As East Africa moves into a regional economy, the EACJ might be faced with a number of challenges in its operations. There are cases in national courts related to data governance, and if the EACJ is not aware of what is going on in the digital space, it might not be able to handle such cases should they come before the court.” Hon. Justice Nestor Kayobera,  President of the EACJ

This was followed by another training in April 2025 in Kampala, Uganda for members of the East African Legislative Assembly (EALA). At a time when the eight-member regional bloc was developing a harmonised data policy legislation, this training strengthened the capacity of members and staff of the regional parliament in the areas of data governance, data protection, and related legislative and policy issues.

The Southern African Development Community (SADC) has similarly embarked on developing a Regional Data Governance Framework. In September, CIPESA supported training for more than 50 regulators and policymakers from 16 SADC countries in Madagascar, on harmonising data protection frameworks to support cross-border data flows and regional trade.

At the country level, CIPESA has supported capacity development as well as data governance policy development. In July 2025, a consultative workshop in the capital Maseru brought together more than 60 stakeholders from the Lesotho government, civil society, academia, and the private sector to review the country’s draft Data Management Policy and align it with the AUDPF. The workshop developed a roadmap towards building a more progressive data governance policy framework, with various revisions being made to the Data Management Policy. In October, the policy was validated at a multi-stakeholder engagement led by the Ministry of Information, Communications, Science, Technology and Innovation, alongside the AU, GIZ, and CIPESA.

In November 2025, CIPESA supported capacity building in Liberia for government ministries, civil society organisations, and private sector representatives at a two-day workshop in Monrovia. The engagement, which was convened by the Ministry of Posts and Telecommunications, CIPESA, and the AU, explored how data could support Liberia’s digital transformation and the need to align the country’s laws and policies with continental and global frameworks.

Additionally, CIPESA is supporting the government of Liberia to develop a Data Governance Policy that is aligned to the AUDPF. In this regard, a separate two-day multi-stakeholder consultation was held to inform the content of the prospective policy, which is anticipated to be completed early in 2026. The consultation marked a critical step in Liberia’s ongoing efforts to establish a coherent national framework for data governance, protection, and utilisation.

Also in November, CIPESA supported capacity building in Uganda for 81 policymakers, regulators, civil society, and private sector actors. In partnership with the Ministry of ICT and National Guidance, the Personal Data Protection Office, GIZ and AU, in Kampala, Uganda. Participants explored foundational elements of data governance, including data infrastructure, data value creation, standards, trust mechanisms, and institutional arrangements. Participants discussed regulatory approaches, institutional structures, and capacity-building strategies necessary for Uganda to harness data responsibly and efficiently.

Meanwhile, various global settings have also served as platforms to further deliberate and contribute to the global discourse on data governance in Africa. At the June 2025 Internet Governance Forum held in Norway, a collaborative session hosted by CIPESA, GIZ, and The Republic of The Gambia saw discussions on how fragmented national regulations and inconsistent privacy and cybersecurity standards pose challenges to regional and global cooperation.

Similarly at the September 2025 Forum on Internet Freedom in Africa (FIFAfrica25) hosted by CIPESA, various sessions discussed data governance as central to Africa’s digitalisation efforts. Across multiple sessions, speakers underscored the growing recognition that how data is governed will shape the continent’s democratic, economic, and social futures. Notably, the European Union (EU) Delegation to Namibia emphasised its continued commitment to investing in digital infrastructure, strengthening democratic governance, and advancing a human-centric digital transformation through the Global Gateway strategy.

10Dec

Addressing Online Harms Ahead of Rwanda’s 2026 UPR Review

Author CIPESA Posted on

By Patricia Ainembabazi |

As the world commemorates the 16 Days of Activism Against Gender-Based Violence (November 25 to December 10), global attention is drawn to the rising risks women and girls face in digital environments. These harms increasingly undermine political participation, public discourse, and the safety of women across Africa.

Accordingly, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) and the Association for Progressive Communications (APC) have stressed the urgent need to address technology-facilitated gender-based violence (TFGBV) in Rwanda in written and oral submissions to the Universal Periodic Review (UPR) 51st pre-session for Rwanda at the United Nations Human Council in Geneva. In a joint CIPESA–APC fact sheet on human rights, the two organisations highlighted critical gaps in legal protections, online safety, and digital inclusion in Rwanda.

The joint UPR report notes that TFGBV has become a major deterrent to Rwandan women’s participation online, affecting women in politics, journalism, activism, and advocacy. The 2024 online smear campaign against opposition figure Victoire Ingabire Umuhoza illustrates the gendered nature of digital disinformation and harassment. Such attacks rely on misogynistic narratives designed to humiliate, silence, and delegitimise women’s public engagement. This pattern is not only a violation of rights; it also reinforces structural inequalities and dissuades other women from engaging in civic or political life.

These concerns reflect global trends. UN Women has warned of the rapid escalation of deepfake pornography, a form of digitally manipulated sexualised content disproportionately deployed against women and girls. Deepfakes can cause severe psychological, reputational, and professional harm, often leaving survivors without effective avenues for redress. They are increasingly used to silence women, distort electoral participation, and discourage women from entering political leadership. Such harms undermine democratic processes, distort public debate, and entrench gender inequality.

Rwanda’s obligations under the Convention on the Elimination of All Forms of Discrimination Against Women (CEDAW) require the state to take comprehensive measures to eliminate discrimination (Articles 2 and 3) and ensure women’s full participation in political and public life (Article 7). However, as documented in the joint UPR report and fact sheet, gaps persist. The 2018 Cybercrime Law lacks survivor-centred provisions, and its broad definitions have on occasion been applied in ways that disadvantage victims.

Moreover, enforcement remains inconsistent, and the absence of specialised mechanisms for investigating and prosecuting online violence limits accountability. In this context, TFGBV is not merely a digital phenomenon; it is a direct barrier to fulfilling Rwanda’s CEDAW obligations and achieving SDGs 5 and 16.

The gender digital divide further compounds these harms. Internet penetration in Rwanda stands at 34.2%, with women representing just 38.2% of social media users. Structural inequalities, including device affordability, income disparities, and limited digital literacy, restrict women’s participation in digital spaces. These inequalities heighten vulnerability to online harm and restrict access to safety tools, reporting mechanisms, and digital rights resources. As the joint CIPESA–APC evidence indicates, without targeted investment in digital literacy, device access, and connectivity for women, Rwanda risks deepening existing socio-economic and civic inequalities.

During the UPR pre-session, CIPESA and APC presented a set of recommendations aimed at promoting rights-respecting digital governance. These included adopting survivor-centred TFGBV protections aligned with CEDAW, strengthening investigative and prosecutorial capacities to effectively respond to online harms, and compelling technology platforms to improve reporting, moderation, and accountability mechanisms. The submission also called for amending restrictive provisions in the Penal Code and Cybercrime Law, establishing independent oversight over surveillance operations, and addressing the gender digital divide through targeted digital literacy and affordability initiatives.

The 16 Days of Activism provide an important reminder that violence against women is evolving in both form and reach. Digital technologies have expanded the avenues through which women are targeted, often enabling harm that is faster, more pervasive, and harder to remedy. Ending violence against women, therefore, requires recognising online spaces as critical sites of protection.

Rwanda enters its fourth UPR cycle with a number of unaddressed commitments. During the 2021 review, the Rwandan government received 32 recommendations on freedom of expression and media freedom, including 24 urging reforms to restrictive speech provisions and 17 calling for enhanced protections for journalists and human rights defenders. Yet implementation has been limited. Provisions in Rwanda’s 2018 Penal Code and 2018 Cybercrime Law continue to criminalise “false information”, edited content, and criticism of public authorities, enabling arrests of journalists and discouraging dissenting expression.

These laws have contributed to widespread self-censorship, shrinking civic space, and undermining public participation in digital environments. At the same time, reports of intrusive surveillance, such as the documented use of Pegasus spyware targeting thousands of journalists, activists, and diaspora members, further erode trust and violate privacy rights. The absence of independent oversight in surveillance practices intensifies this concern.

The Country’s ongoing engagement with the UPR process and its upcoming review scheduled for January 21, 2026, offers a timely opportunity to address these challenges. During the pre-sessions 51 from 26 -27 November 2025 in Geneva, several permanent missions expressed eagerness to advance strong recommendations for Rwanda, and there is hope that these delegations will amplify our proposals during the formal review.

CIPESA and APC remain committed to supporting evidence-based reforms that strengthen digital rights protections across Africa. Rwanda’s review presents a defining moment for the government to adopt meaningful, future-focused reforms that uphold human rights, ensure accountability, and create a digital environment where all citizens, especially women, can participate safely, freely, and equally in shaping the country’s democratic and digital future.

1 4 5 6 7 8 195