Access to information Archives – Collaboration on International ICT Policy for East and Southern Africa (CIPESA)

15Dec

Inform Africa Expands OSINT Training and DISARM-Based Research With CIPESA

CIPESA December 15, 2025December 22, 2025

ADRF |

Information integrity work is only as strong as the methods behind it. In Ethiopia’s fast-changing information environment, fact-checkers and researchers are expected to move quickly while maintaining accuracy, transparency, and ethical care. Inform Africa has expanded two practical capabilities to address this reality: advanced OSINT-based fact-checking training and structured disinformation research using the DISARM framework, in collaboration with the Collaboration on International ICT Policy for East and Southern Africa (CIPESA).

This work was advanced with support from the Africa Digital Rights Fund (ADRF), administered by CIPESA. At a time when many civic actors face uncertainty, the fund’s adaptable support helped Inform Africa sustain day-to-day operations and protect continuity, while still investing in verification and research methods designed to endure beyond a single project cycle.

The collaboration with CIPESA was not only administrative. It was anchored in shared priorities around digital rights, information integrity, and capacity building. Through structured coordination and learning exchange, CIPESA provided a partnership channel that strengthened the work’s clarity and relevance, and helped position the outputs as reusable methods that can be applied beyond a single team. The collaboration also reinforced a regional ecosystem approach: improving practice in one context while keeping the methods legible for peer learning, adaptation, and future joint work.

The implementation followed a phased timetable across the project activity period from April through November 2025. Early work focused on scoping and method design, aligning the training and research approaches with practical realities in newsrooms and civil society. Mid-phase work concentrated on developing the OSINT module and applying DISARM as a structured research lens, with iterative refinement as materials matured. The final phase focused on consolidation, documentation discipline, and packaging the outputs to support repeatable use, including onboarding, internal training, and incident review workflows.

A central focus has been an advanced OSINT training module built to move beyond tool familiarity into a complete verification workflow. Verification is treated as a chain of decisions that must be consistent and auditable: how to intake a claim, determine whether it is fact-checkable, plan the evidence, trace sources, verify images and videos, confirm the place and time, and document each step clearly enough for an editor or peer to reproduce the work. The aim is not only to reach accurate conclusions but also to show the route taken, including which evidence was prioritized and how uncertainty was handled.

This documentation discipline is not bureaucracy. It is a trust technology. In high-risk information environments, preserved sources, verification logs, and clear decision trails protect credibility, strengthen editorial oversight, and reduce avoidable errors. The module prioritizes hands-on, production-style assignments that mirror real newsroom constraints and trains participants to avoid overclaiming, communicate uncertainty responsibly, and present evidence in ways that non-expert audiences can follow.

In parallel, Inform Africa has applied the DISARM framework to disinformation research. DISARM provides a shared language for describing influence activity through observable behaviors and techniques, without drifting into assumptions. The priority has been to remain evidence-bound: collecting and preserving artifacts responsibly, maintaining a structured evidence log, reducing harm by avoiding unnecessary reproduction of inflammatory content, and avoiding claims of attribution beyond what the evidence supports. This DISARM-informed approach has improved internal briefs, strengthened consistency, and made incidents easier to compare over time and across partners.

Three lessons stand out from this work with CIPESA and ADRF. First, quality scales through workflow, not only through talent. Second, evidence discipline is a strategic choice that protects credibility and reduces harm in both fact-checking and research. Third, shared frameworks reduce friction by improving clarity and consistency across teams. Looking ahead, Inform Africa will integrate the OSINT module into routine training and onboarding and continue to apply DISARM-informed analysis in future incident reviews and deeper studies, reinforcing information integrity as a public good.

This article was first published by Informa Africa on December 15, 2025

15Dec

How CIPESA Is Supporting Harmonised Data Governance in African Countries

CIPESA December 15, 2025December 16, 2025

By Juliet Nanfuka |

Across the world, larger amounts of data are being collected than ever before. For instance, massive volumes of data are being collected by national identity systems and mandatory SIM card registration exercises, as well as by private actors, including through online platforms and mobile devices. However, in many African countries data governance structures remain lacking, fuelling various concerns such as data breaches and surveillance.

Over the course of 2025, CIPESA has undertaken extensive work alongside the GIZ DataCipation programme and the African Union to support countries and Regional Economic Communities (RECs) to collaboratively develop data governance policies that are progressive and rights-respecting.

The various engagements, which were guided by the African Union Data Policy Framework (AUDPF), also involved building the capacity of regulators, policymakers, and other stakeholders in devising and implementing data governance policies that promote socio-economic transformation and regional integration.

Adopted in 2022, the AUDPF offers a harmonised set of principles to guide African states in governing data safely, fairly, and effectively, as it provides a continental vision for protecting personal rights, enabling cross-border data flows, unlocking socio-economic value, and fostering interoperable digital systems. CIPESA has long advocated for African countries to adopt the AUDPF as a common benchmark to guide data policies that strengthen accountability and foster trust between governments and citizens.

The inaugural capacity building workshop to build the capacity of judges and senior staff of the East African Court of Justice (EACJ) on data governance, was held in March 2025, in Kigali, Rwanda. The training aimed to enhance court officials’ understanding of the AUDPF and its implications for national and regional data governance, as well as the need for harmonised data governance policies within the East African Community (EAC).

As East Africa moves into a regional economy, the EACJ might be faced with a number of challenges in its operations. There are cases in national courts related to data governance, and if the EACJ is not aware of what is going on in the digital space, it might not be able to handle such cases should they come before the court.” Hon. Justice Nestor Kayobera, President of the EACJ

This was followed by another training in April 2025 in Kampala, Uganda for members of the East African Legislative Assembly (EALA). At a time when the eight-member regional bloc was developing a harmonised data policy legislation, this training strengthened the capacity of members and staff of the regional parliament in the areas of data governance, data protection, and related legislative and policy issues.

The Southern African Development Community (SADC) has similarly embarked on developing a Regional Data Governance Framework. In September, CIPESA supported training for more than 50 regulators and policymakers from 16 SADC countries in Madagascar, on harmonising data protection frameworks to support cross-border data flows and regional trade.

At the country level, CIPESA has supported capacity development as well as data governance policy development. In July 2025, a consultative workshop in the capital Maseru brought together more than 60 stakeholders from the Lesotho government, civil society, academia, and the private sector to review the country’s draft Data Management Policy and align it with the AUDPF. The workshop developed a roadmap towards building a more progressive data governance policy framework, with various revisions being made to the Data Management Policy. In October, the policy was validated at a multi-stakeholder engagement led by the Ministry of Information, Communications, Science, Technology and Innovation, alongside the AU, GIZ, and CIPESA.

In November 2025, CIPESA supported capacity building in Liberia for government ministries, civil society organisations, and private sector representatives at a two-day workshop in Monrovia. The engagement, which was convened by the Ministry of Posts and Telecommunications, CIPESA, and the AU, explored how data could support Liberia’s digital transformation and the need to align the country’s laws and policies with continental and global frameworks.

Additionally, CIPESA is supporting the government of Liberia to develop a Data Governance Policy that is aligned to the AUDPF. In this regard, a separate two-day multi-stakeholder consultation was held to inform the content of the prospective policy, which is anticipated to be completed early in 2026. The consultation marked a critical step in Liberia’s ongoing efforts to establish a coherent national framework for data governance, protection, and utilisation.

Also in November, CIPESA supported capacity building in Uganda for 81 policymakers, regulators, civil society, and private sector actors. In partnership with the Ministry of ICT and National Guidance, the Personal Data Protection Office, GIZ and AU, in Kampala, Uganda. Participants explored foundational elements of data governance, including data infrastructure, data value creation, standards, trust mechanisms, and institutional arrangements. Participants discussed regulatory approaches, institutional structures, and capacity-building strategies necessary for Uganda to harness data responsibly and efficiently.

Meanwhile, various global settings have also served as platforms to further deliberate and contribute to the global discourse on data governance in Africa. At the June 2025 Internet Governance Forum held in Norway, a collaborative session hosted by CIPESA, GIZ, and The Republic of The Gambia saw discussions on how fragmented national regulations and inconsistent privacy and cybersecurity standards pose challenges to regional and global cooperation.

Similarly at the September 2025 Forum on Internet Freedom in Africa (FIFAfrica25) hosted by CIPESA, various sessions discussed data governance as central to Africa’s digitalisation efforts. Across multiple sessions, speakers underscored the growing recognition that how data is governed will shape the continent’s democratic, economic, and social futures. Notably, the European Union (EU) Delegation to Namibia emphasised its continued commitment to investing in digital infrastructure, strengthening democratic governance, and advancing a human-centric digital transformation through the Global Gateway strategy.

02Dec

#BeSafeByDesign: A Call To Platforms To Ensure Women’s Online Safety

CIPESA December 2, 2025December 3, 2025

By CIPESA Writer |

Across Eastern and Southern Africa, activists, journalists, and women human rights defenders (WHRDs) are leveraging online spaces to mobilise for justice, equality, and accountability. However, the growth of online harms such as Technology-Facilitated Gender-Based Violence (TFGBV), disinformation, digital surveillance, and Artificial Intelligence (AI)-driven discrimination and attacks has outpaced the development of robust protections.

Notably, human rights defenders, journalists, and activists face unique and disproportionate digital security threats, including harassment, doxxing, and data breaches, that limit their participation and silence dissent.

It is against this background that the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), in partnership with Irene M. Staehelin Foundation, is implementing a project aimed at combating online harms so as to advance digital rights. Through upskilling, advocacy, research, and movement building, the initiative addresses the growing threats in digital spaces, particularly affecting women journalists and human rights defenders.

The first of the upskilling engagements kicked off in Nairobi, Kenya, at the start of December 2025, with 25 women human rights defenders and activists in a three-day digital resilience skills share workshop hosted by CIPESA and the Digital Society Africa. Participants came from the Democratic Republic of Congo, Madagascar, Malawi, South Africa, Tanzania, Uganda, Zambia, and Zimbabwe. It coincides with the December 16 Days Of Activism campaign, which this year is themed “Unite to End Digital Violence against All Women and Girls”.

According to the United Nations Population Fund (UNFPA), TFGBV is “an act of violence perpetrated by one or more individuals that is committed, assisted, aggravated, and amplified in part or fully by the use of information and communication technologies or digital media against a person based on their gender.” It includes cyberstalking, doxing, non-consensual sharing of intimate images, cyberbullying, and other forms of online harassment.

Women in Sub-Saharan Africa are 32% less likely than men to use the internet, with the key impediments being literacy and digital skills, affordability, safety, and security. On top of this gender digital divide, more women than men face various forms of digital violence. Accordingly, the African Commission on Human and Peoples’ Rights (ACHPR) Resolution 522 of 2022 has underscored the urgent need for African states to address online violence against women and girls.

Women who advocate for gender equality, feminism, and sexual minority rights face higher levels of online violence. Indeed, women human rights defenders, journalists and politicians are the most affected by TFGBV, and many of them have withdrawn from the digital public sphere due to gendered disinformation, trolling, cyber harassment, and other forms of digital violence. The online trolling of women is growing exponentially and often takes the form of gendered and sexualised attacks and body shaming.

Several specific challenges must be considered when designing interventions to combat TFGBV. These challenges are shaped by legal, social, technological, and cultural factors, which affect both the prevalence of digital harms and violence and the ability to respond effectively. They include weak and inadequate legal frameworks; a lack of awareness about TFGBV among policymakers, law enforcement officers, and the general public; the gender digital divide; and normalised online abuse against women, with victims often blamed rather than supported.

Moreover, there is a shortage of comprehensive response mechanisms and support services for survivors of online harassment, such as digital security helplines, psychosocial support, and legal aid. On the other hand, there is limited regional and cross-sector collaboration between CSOs, government agencies, and the private sector (including tech companies).

A guiding strand for these efforts will be the #BeSafeByDesign campaign that highlights the necessity of safe platforms for women as well as the consequences when safety is missing. The #BeSafeByDesign obligation shifts the burden of responsibility of ensuring safety in online spaces away from women and places it on platforms where more efforts on risk assessments, accessible and stronger reporting pathways, proactive detection of abuse, and transparent accountability mechanisms are required. The initiative will also involve the practical upskilling of at-risk women in practical cybersecurity.

28Nov

CIPESA @African Economic Research Consortium (AERC) Summit 2025

CIPESA November 28, 2025December 2, 2025

Update |

This year, the African Economic Research Consortium (AERC) is holding its first Summit in the context of its new 10-year Strategic Plan (2025-2035), Nairobi, Kenya. The three-day Summit themed ‘A Renewed AERC for Africa’s New Development Priorities’, is designed to hardwire the research-policy bridge.

This event is taking place from November 30 to December 02, 2025. For more information, click here.

19Nov

CIPESA Participates in the 4th African Business and Human Rights Forum in Zambia

CIPESA November 19, 2025December 2, 2025

By Nadhifah Muhamad |

The fourth edition of the African Business and Human Rights (ABHR) Forum was held from October 7-9, 2025, in Lusaka, Zambia, under the theme “From Commitment to Action: Advancing Remedy, Reparations and Responsible Business Conduct in Africa.”

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) participated in a session titled “Leveraging National Action Plans and Voluntary Disclosure to Foster a Responsible Tech Ecosystem,” convened by the B-Tech Africa Project under the United Nations Human Rights Office and the Thomson Reuters Foundation (TRF). The session discussed the integration of digital governance and voluntary initiatives like the Artificial Intelligence (AI) Company Disclosure Initiative (AICDI) into National Action Plans (NAPs) on business and human rights. That integration would encourage companies to uphold their responsibility to respect human rights through ensuring transparency and internal accountability mechanisms.

According to Nadhifah Muhammad, Programme Officer at CIPESA, Africa’s participation in global AI research and development is estimated only at 1%. This is deepening inequalities and resulting in a proliferation of AI systems that barely suit the African context. In law enforcement, AI-powered facial recognition for crime prevention was leading to arbitrary arrests and unchecked surveillance during periods of unrest. Meanwhile, employment conditions for platform workers on the continent, such as OpenAI ChatGPT workers in Kenya, were characterised by low pay and absence of social welfare protections.

To address these emerging human rights risks, Prof. Damilola Olawuyi, Member of the UN Working Group on Business and Human Rights, encouraged African states to integrate ethical AI governance frameworks in NAPs. He cited Chile, Costa Rica and South Korea’s frameworks as examples in striking a balance between rapid innovation and robust guardrails that prioritise human dignity, oversight, transparency and equity in the regulation of high-risk AI systems.

For instance, Chile’s AI policy principles call for AI centred on people’s well-being, respect for human rights, and security, anchored on inclusivity of perspectives for minority and marginalised groups including women, youth, children, indigenous communities and persons with disabilities. Furthermore, it states that the policy “aims for its own path, constantly reviewed and adapted to Chile’s unique characteristics, rather than simply following the Northern Hemisphere.”

Relatedly, Dr. Akinwumi Ogunranti from the University of Manitoba commended the Ghana NAP for being alive to emerging digital technology trends. The plan identifies several human rights abuses and growing concerns related to the Information and Communication Technology (ICT) sector and online security, although it has no dedicated section on AI.

NAPs establish measures to promote respect for human rights by businesses, including conducting due diligence and being transparent in their operations. In this regard, the AI Company Disclosure Initiative (AICDI) supported by TRF and UNESCO aims to build a dataset on corporate AI adoption so as to drive transparency and promote responsible business practices. According to Elizabeth Onyango from TRF, AICDI helps businesses to map their AI use, harness opportunities and mitigate operational risk. These efforts would complement states’ efforts by encouraging companies to uphold their responsibility to respect human rights through voluntary disclosure. The Initiative has attracted about 1,000 companies, with 80% of them publicly disclosing information about their work. Despite the progress, Onyango added that the initiative still grapples with convincing some companies to embrace support in mitigating the risks of AI.

To ensure NAPs contribute to responsible technology use by businesses, states and civil society organisations were advised to consider developing an African Working Group on AI, collaboration and sharing of resources to support local digital startups for sustainable solutions, investment in digital infrastructure, and undertaking robust literacy and capacity building campaigns of both duty holders and right bearers. Other recommendations were the development of evidence-based research to shape the deployment of new technologies and supporting underfunded state agencies that are responsible for regulating data protection.

The Forum was organised by the Office of the United Nations High Commissioner for Human Rights (OHCHR), the United Nations (UN) Working Group on Business and Human Rights and the United Nations Development Programme (UNDP). Other organisers included the African Union, the African Commission on Human and Peoples’ Rights, United Nations Children’s Fund (UNICEF) and UN Global Compact. It brought together more than 500 individuals from over 75 countries – 32 of them African. The event was a buildup on the achievements of the previous Africa ABHR Forums in Ghana (2022), Ethiopia (2023) and Kenya (2024).

1 2 3 … 19 Next page

Tag Archives: Access to information