Data privacy Archives – Page 4 of 20 – Collaboration on International ICT Policy for East and Southern Africa (CIPESA)

03Sep

CIPESA Delivers Training to Ugandan Editors on AI in the Newsroom

CIPESA September 3, 2025September 22, 2025

By CIPESA Writer |

Artificial intelligence (AI)-related legal and national policy frameworks were the focus for Ugandan editors at an August 20, 2025, workshop organised by the Uganda Editors Guild and World Association of News Publishers (WAN IFRA). The training deliberated on responsible adoption of AI tools by newsrooms and saw participants brainstorm how to effectively navigate the complexities that AI poses to the media industry and the practice of journalism.

WAN-IFRA WIN Deputy Executive, Operations, Jane Godia emphasised that artificial intelligence is evolving rapidly and media houses can no longer afford to ignore the shift. “What we’re really focused on is how to embrace AI in ways that strengthen the core of journalism, and not to replace it, but to enhance its usage while safeguarding credibility and editorial independence,” she said.

Godia urged newsrooms to develop clear AI policies to guide ethical and responsible reporting in this new era in order to promote meaningful conversations about establishing practical, well-defined policies that harness the power of AI without compromising journalistic ethics.

At the workshop, the Collaboration on International ICT for East and Southern Africa (CIPESA) presentations focused on the state of artificial intelligence regulation and noted with concern, the lack of an AI-specific legislation in the country. However, there are several laws and policies in which provisions that touch the application and use of AI can be drawn. CIPESA highlighted existing legal frameworks enabling AI deployment, current regulatory gaps, and the consequent implications of AI on newsrooms.

The key legal instruments highlighted include the Uganda Data Protection and Privacy Act enacted in 2019, which provides for the protection and regulation of personal data, and whose data protection rights and principles apply to processing of data by AI systems. Section 27 of this Act specifically provides for rights related to automated decision-making, which brings the application of AI directly under the section.

The other instruments discussed include the Copyright and Neighboring Rights Act, which protects the rights of proprietors and authors from unfair use, and the National Payment Systems Act, which regulates payment systems and grants the Central Bank regulatory oversight over payments. Furthermore, the National Information Technology Authority, Uganda (NITA-U) Act establishes the National Information Technology Authority with a mandate to enhance public service delivery and to champion the transformation of livelihoods of Ugandans using information and communication technologies (ICT). While these laws do not specifically mention AI, some of their provisions can be utilised to regulate AI-related practices and processes.

Other laws discussed include the Uganda Communications Act enacted in 2013, which establishes the Uganda Communications Commission as the communications sector regulator that, among others, oversees the deployment of AI in the sector. Meanwhile, the Regulation of Interception of Communications Act (RICA) enacted in 2010, requires telecommunication service providers in section 8(1)(b) to aid interception of communications by installing hardware and software, which are essentially AI manned. Also relevant is the Anti-Terrorism Act provides for the interception of communication for persons suspected to be engaged in perpetration of acts of terrorism and the Computer Misuse Act provides for several offences committed using computers.

In addition to the laws, various AI-linked policy frameworks were also presented. These include Vision 2040, which is intended to drive Uganda into a middle-income status country by 2040; the National Fourth Industrial Revolution (4IR) Strategy (2020), which aims to position Uganda as a continental hub for 4IR technologies by 2040; and Uganda’s third National Development Plan (NDP III), which is a comprehensive framework to guide the country’s development. These strategic frameworks cover some areas of Machine Learning and AI integration by virtue of being technology-oriented.

Making reference to the Artificial Intelligence in Eastern Africa Newsrooms report, Edrine Wanyama, Programmes Manager-Legal at CIPESA, highlighted the advantages of AI in newsrooms as extending to increased increased productivity and efficiency in task performance, decrease in daily workload, faster reporting of news stories, quicker fact-checks and detection of disinformation and misinformation patterns.

On the flip side, the workshop also highlighted the current risks associated with use of AI in newsrooms, including facilitating disinformation and misinformation, the tradeoff of accuracy for speed by journalists and editors, over-reliance on AI tools at the cost of individual creativity, the erosion of journalistic ethics and integrity, and the threat of job loss that looms over journalists and editors.

Dr. Peter G. Mwesige, Chief of Party at CIPESA, urged editors to think beyond what AI can do for journalists and newsrooms, and treat AI itself as a beat to be covered critically. Citing trends from other markets, he observed that media coverage is often incomplete, swinging between hype and alarm, and called for explanatory, evidence-based reporting on the promise and limits of AI. He noted that one of AI’s most compelling capabilities is processing large data sets, such as election results, rapidly and at scale.

On the ethical front, Dr. Mwesige emphasised the need for transparency, saying journalists should disclose material use of AI in significant editorial tasks. He urged newsrooms to adopt clear internal policies or integrate AI guidance into existing editorial guidelines.

Dr. Mwesige concluded that while AI can assist with brainstorming story ideas, editing, and transcription, among others, “journalists must still put in the hard work.”
Following the deliberations, CIPESA presented recommendations that challenged the use of AI in the newsroom and the protection of the participants, if AI is to be used meaningfully and ethically without compromising integrity and professionalism.

Ethically use AI by, among others, complying with acceptable standards such as the Paris Charter on AI, respect for copyright and acknowledge sources of works.
In collaboration with other newsrooms and media houses, develop best practices including policies to guide the integration and application of AI in their work.
Media houses should collaboratively invest resources in training journalists in responsible and ethical use of AI.
Employ and deploy the use of fact-checkers to deal with information disorders like misinformation, disinformation and deepfakes.
Respect other people’s rights, such as intellectual property rights and the right to privacy, while using AI.
Use AI under the exercise of extra caution when generating content to avoid cases of unethical usage that often undermines journalism’s ethical standards.
Prioritise human oversight over the application and use of AI to ensure that all cases of excessive intrusion by AI are ironed out and a human aspect is added to generated content.

13Aug

Claiming Digital Rights in Uganda’s Business Sector

CIPESA August 13, 2025August 19, 2025

By CIPESA Writer |

In an era where digital technologies are reshaping every sector including health, agriculture, finance, education and the labour market, Uganda is fast-tracking its ambition to become a fully connected, inclusive digital society. Yet, as the country rolls out its Digital Transformation Roadmap, critical questions remain: Who is being left behind? Who bears the cost of connecting the unconnected? How do we ensure that technological innovation does not come at the expense of human rights protection?

These were the central concerns at the inaugural National Business and Digital Rights Policy Dialogue hosted by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) on July 23, 2025. The event brought together 55 participants comprising policymakers, innovators, civil society, the private sector, and development partners to explore how Uganda’s digital transformation is affecting human rights, especially data protection, privacy, access, and equity. The dialogue reviewed not just Uganda’s progress, but the power dynamics, policy gaps, and human rights risks shaping digitalisation in business.

The Digital Vision vs. The Digital Reality

Uganda’s Digital Transformation Roadmap sets bold targets: 90% household connectivity, nationwide broadband coverage, and widespread e-service access by 2040. Progress is visible, with over 4,000km of national optical fibre infrastructure laid, and more than 100 digital public services rolled out. Yet, beneath these achievements, gaps in digital literacy, access and utility, as well as funding constraints, persist.

According to the 2024 National Population and Housing Census, Uganda’s population stands at 45.9 million, of whom 50.5% are under the age of 18, representing a massive youth cohort born into a digital world yet often lacking affordable internet access and digital tools. Connectivity gaps are further shaped by geography, with over 75% of the population living in rural areas where infrastructure is limited.

On the gender lens, women who comprise 23.4 million of the population, slightly outnumbering men at 22.5 million, continue to disproportionately face digital access barriers. These range from high data costs, low digital literacy, and limited access to devices and digital infrastructure, especially in rural and remote districts. As one of the panelists during the policy dialogue noted, “Digital transformation is moving fast, but our institutions and communities are not always keeping pace.”

Meanwhile, the informal sector, which employs approximately 80-92% of the country’s workforce, remains largely invisible in national digital strategies and compliance frameworks. This informal sector significantly overlaps with Micro, Small, and Medium Enterprises (MSMEs), which are central to Uganda’s economic growth, yet they often operate without proper tools to secure user data or navigate the evolving digital compliance landscape due to limited awareness, resources, and technical capacity.

As businesses digitise, their responsibility to protect users’ rights increases. However, many of them lack the knowledge to protect these rights. Uganda’s laws and enforcement mechanisms also have gaps. As a result, there is weak oversight over fintech platforms and digital lenders, low awareness and implementation of the Data Protection and Privacy Act, rampant digital surveillance, and gendered digital harms, including online harassment.

Data Is Power but Who Holds It?

Uganda’s fast-growing population is generating an unprecedented amount of personal data. The 2024 population census itself relied on tablet-based digital enumeration for the first time. However, while digital data collection is expanding, data governance is not keeping pace. The Personal Data Protection Office (PDPO) and National Information Technology Authority Uganda (NITA-U) are key players, but capacity and resourcing gaps persist. If left unaddressed, digital innovation risks entrenching inequality, with vulnerable populations, especially refugees, informal workers, and low-income women, paying the price for systems that were not designed with their rights in mind.

Digital Rights are Human Rights

The future of work in the advent of technology emerged as a key aspect of digital rights, with Moses Okello of the National Organisation of Trade Unions (NOTU) warning that Uganda’s labour laws have not kept pace with the rise of gig work and digital employment. Millions of informal workers remain unprotected and unaware of their rights in the digital economy. He called for urgent legal reforms and a national strategy that integrates labour protections into digital policy, while urging stronger collaboration with civil society to build grassroots awareness and empower workers to navigate digital transitions.

Ruth Ssekindi, Director at the Uganda Human Rights Commission (UHRC), underscored the commission’s constitutional duty to uphold human rights across both state and private sectors, particularly in Uganda’s fast-evolving digital landscape. She highlighted growing concerns over digital rights violations including uninformed data consent, artificial intelligence (AI) manipulation, child exploitation, and poor data security, noting that these challenges disproportionately affect vulnerable populations amid low digital literacy and weak enforcement.

Ssekindi called on businesses to embrace a broader duty of care that goes beyond tax compliance and profit, stressing the need to respect, protect, and remedy digital rights violations. She also pointed to the persistent gender gap in digital access and urged greater inclusion of women and marginalised communities in digital development. While the UHRC plays a key role in shaping digital governance through legal review, education, and policy oversight, she noted that the commission must be adequately resourced, empowered and supported to effectively fulfil its mandate in the digital age.

The dialogue reinforced a clear message that connectivity alone is not enough. Uganda must build an inclusive digital economy anchored in justice, transparency, and community voice. This means empowering watchdog institutions like the PDPO, updating outdated laws and regulations, investing in digital literacy, especially for youths and women, and supporting civic participation in digital policy-making.

In direct response, CIPESA launched the #BeeraSharp (translated as “Be Smart”) campaign. This initiative aims to equip Ugandan businesses with the knowledge and tools to act responsibly in the digital space. #BeeraSharp champions a culture of accountability, urging businesses to take charge of how they collect, store, share, and protect user data. It also promotes understanding of legal obligations under Uganda’s Data Protection and Privacy Act, while encouraging ethical digital conduct across sectors.

A Digital Future for All?

As Uganda ramps up its digitalisation agenda and embraces emerging technologies such as AI and robotics, businesses, policymakers, and civil society must work hand in hand to ensure Uganda’s digital revolution is not just a story of innovation but also a story of inclusion and respect for human rights. As the dialogue closed, one key takeaway stood out: Uganda’s digital future must be intentionally inclusive and rights-driven. Achieving this will require cross-sector collaboration to scale digital skills, reform of outdated laws, more financial and capacity support to institutions like UHRC, NITA-U and the PDPO to protect data rights, and empowering communities through digital literacy, local innovation, and inclusive governance.

04Aug

Lesotho Charts a Progressive Path on Data Governance

CIPESA August 4, 2025August 19, 2025

Patricia Ainembabazi |

From July 28-31, Lesotho’s highland capital of Maseru buzzed with the energy of a data governance sprint. Government officials, academics, civil society, and the private sector assembled for an intensive workshop convened by the African Union Development Agency-NEPAD and AU-GIZ with support from the Lesotho Ministry of Information, Communications, Science, Technology and Innovation (MICSTI), the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) and the Kenya ICT Action Network (KICTANet).

The gathering drew over 60 participants with a shared proposition: get everyone on the same page about what good data governance should look like in Lesotho and how to achieve it. The workshop charted a pathway for Lesotho to domesticate the African Union Data Policy Framework (AUDPF), which was adopted by the African Union in 2022. The framework provides guidance to Member States on building harmonised, rights-respecting data governance policies that support digital transformation, innovation, and secure cross-border data flows.

Lesotho’s efforts to domesticate this framework come at a crucial time, as the country seeks to modernise its digital policy environment and position itself within the continent’s increasingly data-driven economy. These efforts, including the workshop, demonstrate Lesotho’s political will to align with continental digitalisation and data governance blueprints such as the AUDPF and to build an inclusive digital future.

Lesotho’s Minister for Information, Communications, Science, Technology and Innovation, Nthati Moorosi, stated that the various workshop sessions aimed to “instill more understanding on data governance for clear domestication of the [AUDPF] policy framework.” Sessions saw participants introduced to key concepts such as data as a public good, the importance of ethics and accountability, and the need for harmonised cross-border data policies. Case studies from across Africa helped illustrate how sound data governance could unlock value in sectors such as agriculture, health, and education.

CIPESA led practical sessions during which participants examined Lesotho’s Data Protection Act and the draft Data Management Policy (2025) in relation to key African instruments, including the AUDPF, the Malabo Convention, the African Continental Free Trade Area (AfCFTA), and the Digital Transformation Strategy for Africa. Participants noted areas of alignment between the national and continental frameworks but also identified gaps in the national data governance framework.

As such, effort went into mapping out where Lesotho is already aligned with the AUDPF and which specific areas need to be prioritised in revising the country’s legal and policy framework. Recommendations from this mapping exercise included establishing an independent Data Protection Commission, clarifying categories of personal and sensitive data, improving inter-agency coordination, and investing in digital literacy and data privacy skills across the public and private sectors.

The workshop was complemented by a strategic stakeholder survey to assess perceptions on Lesotho’s data governance framework. The survey revealed a minimal understanding of the country’s data governance frameworks. Over half of the respondents stated that existing policies were outdated and unable to address current challenges such as cross-border data flows, cloud computing, and evolving digital privacy threats. Respondents identified digital trade, innovation, health research, and public trust as key benefits of robust data governance. Responses further emphasised the importance of inclusive policymaking, public awareness on data governance campaigns in both English and Sesotho, alongside targeted support for rural and marginalised communities.

By the conclusion of the meeting, participants had agreed on a national data governance strengthening roadmap. With contributions coming from the broad spectrum of participants, who included Princess Senate Mohato Seeiso, through to Principal Secretary Kanono Leronti Ramashamole of the MICSTI, who noted that “data is no longer a by-product of administration but a strategic national asset”, the meeting reinforced the value multistakeholderism holds in digital governance.

Undeniably, no single institution can carry the policymaking load by itself. The real story from Maseru is the multistakeholder collaboration, with the MICSTI anchoring at home, the AUDA-NEPAD and AU-GIZ bringing continental scaffolding, civic and technical communities translating frameworks into practice, and a steady emphasis that data governance has to work for everyone. Ultimately, this process could enable Lesotho to not just catch up with the AUDPF, but to help show what a people-centred, innovation-friendly data ecosystem looks like in the region.

As regional leaders in digital rights and digital governance, CIPESA is committed to providing continued support to Lesotho as it works to reform its policies and institutionalise stronger data governance mechanisms. Our involvement helps to ensure that national efforts are grounded in best practices and aligned with continental and global standards, such as those set by the African Union.

23Jul

CIPESA Welcomes Namibia Ministry of ICT and the Namibia IGF as Co-Hosts of FIFAFrica25

CIPESA July 23, 2025July 23, 2025

By FIFAfrica |

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) is pleased to announce that the 2025 edition of the Forum on Internet Freedom in Africa (FIFAfrica25) will be co-hosted in partnership with the Namibian Ministry of Information and Communication Technology (MICT) and the Namibia Internet Governance Forum (NamIGF).

Set to take place in Windhoek, Namibia, from September 25–27, 2025, this year’s Forum will serve as yet another notch in FIFAfrica’s 12-year history of assembling digital rights defenders, policymakers, technologists, academics, regulators, journalists, and the donor community, who all have the shared vision of advancing internet freedom in Africa.

With its strong commitments to democratic governance, press freedom, and inclusive digital development, Namibia offers fertile ground for rich dialogues on the future of internet freedom in Africa. The country holds a powerful legacy in the global media and information landscape, being the birthplace of the 1991 Windhoek Declaration on promoting independent and pluralistic media. In a digital age where new challenges are emerging – from information integrity and Artificial Intelligence (AI) governance to connectivity gaps and platform accountability – hosting FIFAfrica in Namibia marks a key moment for the movement toward trusted information as a public good, including in the digital age.

“Through the Ministry of Information and Communication Technology, Namibia is proud to co-host FIFAfrica25 as a demonstration of our commitment to advancing technology for inclusive social and economic development. This Forum comes at a critical moment for Africa’s digital future, and we welcome the opportunity to engage with diverse voices from across the continent and beyond in shaping a rights-respecting, secure, and innovative digital landscape,” Minister of Information and Communication Technology (ICT), Emma Inamutila Theofelus

This sentiment is shared by the NamIGF Chairperson, Albertine Shipena. “We are honoured to co-host the FIFAfrica25 here in Namibia. This partnership with MICT and CIPESA marks a significant step in advancing digital rights, open governance, and meaningful multistakeholder engagement across the continent. As the NamIGF, we are proud to contribute to shaping a more inclusive and secure internet ecosystem, while spotlighting Namibia’s growing role in regional and global digital conversations.”

The NamIGF was established in September 2017, through a Cabinet decision, as a multistakeholder platform that facilitates public policy discussion on issues pertaining to the internet in Namibia.

Dr. Wairagala Wakabi, the CIPESA Executive Director, noted that FIFAfrica25 presents a timely opportunity to advance progressive digital policy agendas that uphold fundamental rights and promote digital democracy in Africa. “As global debates on internet governance, data sovereignty, and platform accountability intensify, it is essential that Africans inform and shape the frameworks that govern our digital spaces. We are honoured to partner with the Namibian government and NamIGF to convene this critical conversation on the continent,” he said.

Since its inception in 2014, FIFAfrica has grown to become the continent’s leading assembly of actors instrumental in shaping conversations and actions at the intersection of technology with democracy, society and the economy. It has become the stage for concerted efforts to advance digital rights and digital inclusion. These issues, and new emerging themes such as mental health, climate and the environment, and the content economy, will take centre stage at FIFAfrica25, which will feature a mix of plenaries, workshops, exhibitions, and a series of pre-events.

Meanwhile, FIFAfrica will also recognise the International Day for Universal Access to Information (IDUAI), celebrated annually on September 28. The commemoration serves to underscore the fundamental role of access to information in empowering individuals, supporting informed decision-making, fostering innovation, and advancing inclusive and sustainable development – tenets which resonate with the Forum. This year’s celebration is themed, “Ensuring Access to Environmental Information in the Digital Age”.

At the heart of the Forum is a Community of Allies that have, over the years, stood alongside CIPESA in its pursuit of effective and inclusive digital governance in Africa.

Feedback on Session Proposals and Travel Support Applications

All successful session proposals and travel support applicants have been contacted directly. See the list of successful sessions here. Thank you for your patience and for contributing to what promises to be an exciting FIFAfrica25.

Prepare for FIFAfrica25: Travel and Logistics

Everything you need to plan your attendance at the Forum can be found here – visit this page for key logistical details and tips to help you make the most of your experience!

16Jul

Advancing Respect for Human Rights by Businesses in Uganda

CIPESA July 16, 2025August 11, 2025

CIPESA |

In partnership with Enabel, the European Union, and the Uganda Ministry of Gender, Labour, and Social Development, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) is implementing “The Advancing Respect for Human Rights by Businesses in Uganda (ARBHR) project”. Launched in November 2024, the project seeks to among others reduce human rights abuses connected to business activities in Uganda, particularly those impacting women and children.

With a focus on Uganda, the project is being implemented in the regions of Busoga (Iganga, Mayuge, Bugiri, and Bugweri), Albertine (Hoima, Kikuube, Masindi, Buliisa, and Kiryandongo) and Kampala Metropolitan (Kampala, Mukono, and Wakiso). While working in these regions, CIPESA is enhancing awareness on business and human rights concerns through evidence based advocacy, sensitisation campaigns, reporting and redress mechanisms, as well as through public and private sector policy dialogues.

More details about the project can be found here.

Connecting Business to Digital Rights

Many Ugandan businesses, particularly small and medium enterprises (SMEs), lack a comprehensive understanding of digital rights principles and their obligations in upholding them. A significant portion of Uganda’s population lacks access to the internet and modern digital technologies, limiting the reach and impact of digital rights initiatives.

According to the telecommunications regulator, as of June 2023, Uganda had a total of 34.9 million telephone subscriptions which translates to a 77% penetration rate. At 27.7 million internet subscriptions, internet penetration is at 61%. According to a 2018 nation-wide survey by the National Information Technology Authority of Uganda (NITA-U), 76.6% of respondents named high cost as the main limitation to their use of the internet. The same reason was reported in the 2022 survey, which also cited the rural-urban divide (84.9% vs 92.1% vs) and a gender gap (84.6% female and 89.6% male) in mobile phone ownership.

Businesses often prioritise short-term economic gains over long-term investments in responsible digital practices such as data privacy and user security. The existence of insufficient digital infrastructure, especially in rural areas, hampers the effective implementation and enforcement of digital rights protections. Businesses face increasing cybersecurity threats that compromise data privacy and other digital rights, necessitating robust security measures.

Related reading: See this commentary on the Future of work in Uganda: Challenges and Prospects in the Context of the Digital Economy

#BeeraSharp Campaign

The #BeeraSharp (“be smart” in Luganda) campaign is our response in addressing the gaps that Ugandan businesses face when navigating digital rights, online spaces and digital data. It aims to fill key knowledge gaps on the understanding of business legal obligations through adopting secure and ethical digital practices to build a smarter, safer, and more resilient business ecosystem in Uganda.

Previous page 1 2 3 4 5 6 … 20 Next page

Tag Archives: Data privacy

Prepare for FIFAfrica25: Travel and Logistics