Promoting Effective and Inclusive ICT Policy in Africa

Tag Archives: Data Governance

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Data Governance
11Mar

Human Rights Implications of Health Care Digitalisation in Kenya

Author CIPESA Posted on

By CIPESA Writer |

The evolution of digital health is largely driven by technological advancements, the quest for more efficient healthcare, and the growing demand for available, accessible, affordable and quality services. The United Nations’ 2030 Agenda for Sustainable Development recognises the transformative potential of Information and Communications Technology (ICT) in fostering human progress, bridging digital divides, and creating knowledge societies. Despite technological advancements, the World Health Organization (WHO) notes that many countries, including Kenya, have yet to fully leverage digital health for positive outcomes. 

​​The transition from the National Health Insurance Fund (NHIF) to the Social Health Insurance Fund (SHIF) presents a policy shift towards realising Universal Health Coverage (UHC) in Kenya. However, this transition has faced significant challenges that impact the right to health, particularly for vulnerable and marginalised groups (VMGs). A major concern within this transformation is the role of digitalisation in health care management and its implications for service delivery. 

It is against this background that the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the Danish Institute for Human Rights and the Kenya National Commission on Human Rights (KNCHR) undertook a human rights impact assessment on digitalisation of the health care sector in Murang’a, Laikipia, Kisii and Homabay counties in Kenya. The assessment included the NHIF to SHIF transition, digitalised solutions in the sector and their potential impacts especially on Vulnerable and Marginalized Groups (VMGs) to access quality health care.

This report presents the findings of the assessment which was conducted through literature review and field data collection, as elaborated in the methodology section below. The report highlights the positive impacts of digitalisation of health services, pressing challenges, and impacts on the state of healthcare. It also provides targeted and actionable recommendations for improving the effectiveness, inclusivity, and human rights compliance of digital health initiatives in Kenya.

As an integral part of a human rights-based approach, this assessment took a gender-responsive approach to adequately reflect the experiences of women and to understand gender relations within households and communities. It included a gender-responsive context analysis and representative participation in engagements as well as the conceptualisation, adaptation, and utilisation of existing public sector digital infrastructure for enhanced gender responsiveness.

A Human Rights-Based Approach to public sector digitisation should include Human Rights Impact Assessments (HRIA) in the conceptualisation, development, implementation, and monitoring of digital solutions, and the results thereof should be made publicly available. As such, HRIA is often called for, but examples of such assessments are hard to come by, making few public examples of HRIA of public digitalisation products. Therefore, this assessment documents and shows outcomes that may serve as a model and practical guidance for conducting future human rights impact assessments in the public sector in Kenya and beyond.

Read the full report here.

16Feb

AI Impact Summit 2026

Author CIPESA Posted on

Event |

Date: 16 – 20 February, 2026

Location: India, New Delhi

CIPESA will participate at the India AI Impact Summit which is one of the largest gatherings on AI in the global South. It happens at a time when conversations on artificial intelligence are increasingly focused on the impact of AI on live hoods, civic participation and democracy. We look forward to sharing insights from the landmark 2025 edition of the State of Internet Freedom in Africa report  which focused on the Implications of AI on Digital Democracy in Africa.

Our research on AI governance in Africa spans its impact on areas such as data protection, algorithmic accountability, disinformation, digital trade, and the political economy of AI. As global norms on AI take shape, we will advance the case for rights-respecting frameworks that center African realities, strengthen democratic oversight, and ensure that AI systems deployed across the continent.

Here are some of sessions you will find us at or drop us an email at [email protected] to schedule a meetup:

Learning Forum (Closed Door)| Host: Center for Communication Governance, National Law University Delhi & Global Network Initiative

February 16, 2026 | 10:00-18:30 (IST)

Data Governance at the Intersection of Digital Public Infrastructure and Artificial Intelligence | Host: Tech Global Institute and  the Government of Brazil 

Date: February 17, 2026 | 13:30 – 14:25 pm (IST)

Multistakeholder Approaches to Participation in AI Governance (MAP-AI) | Global Network Initiative (GNI) and the Centre for Communication Governance (CCG)

Date: February 17, 2026 | 09:00 – 18:00 (IST) 

Roundtable on AI Governance from the South: from redlines to baselines | Host: Global Digital Justice Forum (GDJF) 

Date: February 18, 2026 | 09:00 – 15:00 (IST)

Platform Governance & AI: Global Majority Perspectives! | Host: SFLC.in and Global Partners Digital (GPD)

Date: February 18, 2026 | 13:30 – 17:30 (IST)

04Feb

Why Data and AI Governance Are Central to Africa’s Digital Trade Ambitions

Author CIPESA Posted on

By CIPESA Writer |

Digital technologies are changing how African businesses trade and connect across borders. However, digital trade on the continent remains hugely constrained, including by regulatory fragmentation, infrastructure gaps, and bureaucratic hurdles. How then should African countries leverage the growing digitalisation and emerging technologies such as Artificial Intelligence (AI) to boost their digital economies?

According to the World Trade Organization (WTO), in 2024, Africa’s exports of digitally delivered services (DDS) were valued at USD 41.3 billion, representing just one percent of global exports. Nonetheless, the continent’s prospects are promising. The WTO and the World Bank project that greater use of digital technologies could boost Africa’s digital services exports by USD 74 billion between 2023 and 2040, doubling Africa’s share of global exports.

Evidently, if African countries do not address existing barriers and take decisive action, the continent risks becoming an even more marginal player in the global digital trade ecosystem. How to bridge the barriers and leverage data and AI to shape digital trade and Africa’s economic future was at the centre of discussions at the African Economic Research Consortium (AERC) Summit 2025, held in Nairobi, Kenya, last December.

A panel on digital trade and the governance of digital and AI economies, where the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) featured, stressed that, although frameworks such as the African Continental Free Trade Area (AfCFTA) Digital Trade Protocol are a step in the right direction, they could fail to significantly grow digital trade if member states lack enabling data and AI governance systems and practices.

Today, DDS account for approximately 35% of Africa’s total services export value, and have been rising at a double-digit rate, outpacing growth in other regions globally. However, growth in digital services trade remains uneven, concentrated in a handful of countries, mostly South Africa, Morocco, Ghana, Egypt, and Mauritius. Kenya, Nigeria and Tunisia are also notable players but with lower export values than the leading African countries.

Regional initiatives such as the AfCFTA Digital Trade Protocol can help to expand digital trade beyond domestic markets, including in countries that currently lag. The protocol, which was adopted two years ago, aims to harmonise rules for cross-border digital trade across Africa, including on electronic transactions, data governance, and digital payments. Meanwhile, the African Guidelines on Integrating Data Provisions in Protocols on Digital Trade of 2024, emphasise harmonised data governance as an enabler of secure and inclusive digital trade across Africa.

The African Union Data Policy Framework (AUDPF) similarly provides for interoperable data ecosystems across the continent, that are enabled by harmonised laws that support both innovation and rights protection. The various regional efforts support the dream of a Digital Single Market by 2030, as envisaged by the Africa Digital Transformation Strategy of the African Union.

The Galore of Barriers

The region currently lacks an operational continent‑wide harmonised framework for data protection, e‑commerce regulation, digital taxation, or AI governance. This gap raises compliance costs and presents a barrier to businesses that aim to scale operations across borders. This undermines cross‑border digital trade and data flows. Moreover, lack of regulations for paperless trade, including on electronic invoicing, e-signatures and e-contracts, presents an additional hurdle.

On the other hand, high taxes on goods, services, data, and devices drive up costs for businesses, yet several entrepreneurs struggle to access affordable digital financial services, including for effecting cross-border payments. These challenges are made worse by low internet speeds, unreliable electricity supply, as well as weak understanding of export regulations, data protection, and cybersecurity.

Addressing these barriers would offer entrepreneurs a range of benefits. Businesses can reach new customers beyond national borders without investing much in physical export infrastructure, which can reduce costs and expand their market reach. Also, interoperable digital payments can help to minimise settlement delays and overcome currency conversion hurdles.

Priorities on AI and Data Governance

Projections by a WTO 2025 report show that AI could boost the value of cross-border flows of goods and services by around 40% by 2040, due to productivity gains and lower trade costs. However, Africa’s readiness for AI regulation and uptake, particularly by small and medium enterprises, remains low. The WTO report points to AI’s potential to reduce logistics costs, overcome language barriers, ease regulatory compliance, and boost productivity.

In a March 2025 survey among firms from across the world, the most cited benefits of AI were improved trade efficiency (22%), optimised trade decision-making (14%), expanding the foreign customer base (10%), enhanced supply chain management (9%), and broader import and export product ranges (9% and 8% respectively).

How data and AI are governed is therefore key for the future of Africa’s digital economy. If African countries do not put in place robust and harmonised legislation, they will risk perpetuating patterns of the so-called “AI colonialism” in which African data and users fuel global AI markets yet their economies do not receive proportionate economic benefits. Many African countries are adopting AI in the public and private sectors but lack comprehensive AI-specific laws and governance frameworks and often rely instead on outdated laws that pre-date the current technologies.

The State of Internet Freedom in Africa 2025 report calls for human‑centred AI laws that ensure transparency in algorithms, clear accountability, and effective mechanisms for liability and redress. The report urges governments to strengthen independent AI and data oversight institutions, invest in digital infrastructure and inclusion, expand internet access, and ensure AI tools serve local languages. The report also highlights that Africa’s AI market is projected to grow from USD 4.51 billion in 2025 to USD 16.5 billion by 2030.

Africa thus urgently needs cross-border data governance frameworks that support trusted data flows, reduce fragmented national rules, and establish interoperable standards to boost regional digital trade under initiatives such as AfCFTA and the AUDPF. At the same time, investments in affordable connectivity, local cloud capacity, public digital platforms, and datasets in African languages are essential.

The Role of Civil Society and Think Tanks

The Summit discussion stressed the urgent need for research to inform policy, particularly on cross-border data flows, AI adoption, and ways for Africa to avoid new forms of dependency while getting greater value from its data and digital innovation.

Also essential is civil society engagement in monitoring the implementation of continental digital trade and data initiatives, supporting harmonisation of policies and standards, and building the capacity of policymakers, regulators, and businesses.

Actions to Grow Digital Trade in Africa

  • Embrace digital transformation and connectivity by investing in robust networks and backup systems.
  • Implement robust cyber security frameworks while ensuring effective cyber leadership and prioritising investments in cyber infrastructure, skilling, awareness.
  • Recognise data as a trade enabler by ensuring trade agreements have provisions that prevent unnecessary restrictions on data flows.
  • Harmonise data protection standards to reduce compliance costs for businesses and build trust among different stakeholders.
  • Adopt and implement Intellectual Property (IP) laws to ensure that local innovators and individuals in the region benefit.
  • Build robust digital infrastructure with a focus on Digital Public Infrastructure (DPI) and data privacy.
  • Assess and address the impact of emerging technologies like artificial intelligence, blockchain and IoT, ensuring they foster innovation and address ethical challenges.

Source: CIPESA – Policy Considerations for Enhancing Digital Trade in East Africa

15Dec

How CIPESA Is Supporting Harmonised Data Governance in African Countries

Author CIPESA Posted on

By Juliet Nanfuka |

Across the world, larger amounts of data are being collected than ever before. For instance, massive volumes of data are being collected by national identity systems and mandatory SIM card registration exercises, as well as by private actors, including through online platforms and mobile devices. However, in many African countries data governance structures remain lacking, fuelling various concerns such as data breaches and surveillance.

Over the course of 2025, CIPESA has undertaken extensive work alongside the GIZ DataCipation programme and the African Union to support countries and Regional Economic Communities (RECs) to collaboratively develop data governance policies that are progressive and rights-respecting.

The various engagements, which were guided by the African Union Data Policy Framework (AUDPF), also involved building the capacity of regulators, policymakers, and other stakeholders in devising and implementing data governance policies that promote socio-economic transformation and regional integration.

Adopted in 2022, the AUDPF offers a harmonised set of principles to guide African states in governing data safely, fairly, and effectively, as it provides a continental vision for protecting personal rights, enabling cross-border data flows, unlocking socio-economic value, and fostering interoperable digital systems. CIPESA has long advocated for African countries to adopt the AUDPF as a common benchmark to guide data policies that strengthen accountability and foster trust between governments and citizens.

The inaugural capacity building workshop to build the capacity of judges and senior staff of the East African Court of Justice (EACJ) on data governance, was held in March 2025, in Kigali, Rwanda. The training aimed to enhance court officials’ understanding of the AUDPF and its implications for national and regional data governance, as well as the need for harmonised data governance policies within the East African Community (EAC).

As East Africa moves into a regional economy, the EACJ might be faced with a number of challenges in its operations. There are cases in national courts related to data governance, and if the EACJ is not aware of what is going on in the digital space, it might not be able to handle such cases should they come before the court.” Hon. Justice Nestor Kayobera,  President of the EACJ

This was followed by another training in April 2025 in Kampala, Uganda for members of the East African Legislative Assembly (EALA). At a time when the eight-member regional bloc was developing a harmonised data policy legislation, this training strengthened the capacity of members and staff of the regional parliament in the areas of data governance, data protection, and related legislative and policy issues.

The Southern African Development Community (SADC) has similarly embarked on developing a Regional Data Governance Framework. In September, CIPESA supported training for more than 50 regulators and policymakers from 16 SADC countries in Madagascar, on harmonising data protection frameworks to support cross-border data flows and regional trade.

At the country level, CIPESA has supported capacity development as well as data governance policy development. In July 2025, a consultative workshop in the capital Maseru brought together more than 60 stakeholders from the Lesotho government, civil society, academia, and the private sector to review the country’s draft Data Management Policy and align it with the AUDPF. The workshop developed a roadmap towards building a more progressive data governance policy framework, with various revisions being made to the Data Management Policy. In October, the policy was validated at a multi-stakeholder engagement led by the Ministry of Information, Communications, Science, Technology and Innovation, alongside the AU, GIZ, and CIPESA.

In November 2025, CIPESA supported capacity building in Liberia for government ministries, civil society organisations, and private sector representatives at a two-day workshop in Monrovia. The engagement, which was convened by the Ministry of Posts and Telecommunications, CIPESA, and the AU, explored how data could support Liberia’s digital transformation and the need to align the country’s laws and policies with continental and global frameworks.

Additionally, CIPESA is supporting the government of Liberia to develop a Data Governance Policy that is aligned to the AUDPF. In this regard, a separate two-day multi-stakeholder consultation was held to inform the content of the prospective policy, which is anticipated to be completed early in 2026. The consultation marked a critical step in Liberia’s ongoing efforts to establish a coherent national framework for data governance, protection, and utilisation.

Also in November, CIPESA supported capacity building in Uganda for 81 policymakers, regulators, civil society, and private sector actors. In partnership with the Ministry of ICT and National Guidance, the Personal Data Protection Office, GIZ and AU, in Kampala, Uganda. Participants explored foundational elements of data governance, including data infrastructure, data value creation, standards, trust mechanisms, and institutional arrangements. Participants discussed regulatory approaches, institutional structures, and capacity-building strategies necessary for Uganda to harness data responsibly and efficiently.

Meanwhile, various global settings have also served as platforms to further deliberate and contribute to the global discourse on data governance in Africa. At the June 2025 Internet Governance Forum held in Norway, a collaborative session hosted by CIPESA, GIZ, and The Republic of The Gambia saw discussions on how fragmented national regulations and inconsistent privacy and cybersecurity standards pose challenges to regional and global cooperation.

Similarly at the September 2025 Forum on Internet Freedom in Africa (FIFAfrica25) hosted by CIPESA, various sessions discussed data governance as central to Africa’s digitalisation efforts. Across multiple sessions, speakers underscored the growing recognition that how data is governed will shape the continent’s democratic, economic, and social futures. Notably, the European Union (EU) Delegation to Namibia emphasised its continued commitment to investing in digital infrastructure, strengthening democratic governance, and advancing a human-centric digital transformation through the Global Gateway strategy.

31Oct

Applications are Open for a New Round of Africa Digital Rights Funding!

Author CIPESA Posted on

Announcement |

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) is calling for proposals to support digital rights work across Africa.

This call for proposals is the 10th under the CIPESA-run Africa Digital Rights Fund (ADRF) initiative that provides rapid response and flexible grants to organisations and networks to implement activities that promote digital rights and digital democracy, including advocacy, litigation, research, policy analysis, skills development, and movement building.

 The current call is particularly interested in proposals for work related to:

  • Data governance including aspects of data localisation, cross-border data flows, biometric databases, and digital ID.
  • Digital resilience for human rights defenders, other activists and journalists.
  • Censorship and network disruptions.
  • Digital economy.
  • Digital inclusion, including aspects of accessibility for persons with disabilities.
  • Disinformation and related digital harms.
  • Technology-Facilitated Gender-Based Violence (TFGBV).
  • Platform accountability and content moderation.
  • Implications of Artificial Intelligence (AI).
  • Digital Public Infrastructure (DPI).

Grant amounts available range between USD 5,000 and USD 25,000 per applicant, depending on the need and scope of the proposed intervention. Cost-sharing is strongly encouraged, and the grant period should not exceed eight months. Applications will be accepted until November 17, 2025. 

Since its launch in April 2019, the ADRF has provided initiatives across Africa with more than one million US Dollars and contributed to building capacity and traction for digital rights advocacy on the continent.  

Application Guidelines

Geographical Coverage

The ADRF is open to organisations/networks based or operational in Africa and with interventions covering any country on the continent.

Size of Grants

Grant size shall range from USD 5,000 to USD 25,000. Cost sharing is strongly encouraged.

Eligible Activities

The activities that are eligible for funding are those that protect and advance digital rights and digital democracy. These may include but are not limited to research, advocacy, engagement in policy processes, litigation, digital literacy and digital security skills building. 

Duration

The grant funding shall be for a period not exceeding eight months.

Eligibility Requirements

  • The Fund is open to organisations and coalitions working to advance digital rights and digital democracy in Africa. This includes but is not limited to human rights defenders, media, activists, think tanks, legal aid groups, and tech hubs. Entities working on women’s rights, or with youth, refugees, persons with disabilities, and other marginalised groups are strongly encouraged to apply.
  • The initiatives to be funded will preferably have formal registration in an African country, but in some circumstances, organisations and coalitions that do not have formal registration may be considered. Such organisations need to show evidence that they are operational in a particular African country or countries.
  • The activities to be funded must be in/on an African country or countries.

Ineligible Activities

  • The Fund shall not fund any activity that does not directly advance digital rights or digital democracy.
  • The Fund will not support travel to attend conferences or workshops, except in exceptional circumstances where such travel is directly linked to an activity that is eligible.
  • Costs that have already been incurred are ineligible.
  • The Fund shall not provide scholarships.
  • The Fund shall not support equipment or asset acquisition.

Administration

The Fund is administered by CIPESA. An internal and external panel of experts will make decisions on beneficiaries based on the following criteria:

  • If the proposed intervention fits within the Fund’s digital rights priorities.
  • The relevance to the given context/country.
  • Commitment and experience of the applicant in advancing digital rights and digital democracy.
  • Potential impact of the intervention on digital rights and digital democracy policies or practices.

The deadline for submissions is Monday, November 17, 2025. The application form can be accessed here.

1 2