Patricia Ainembabazi |
From July 28-31, Lesotho’s highland capital of Maseru buzzed with the energy of a data governance sprint. Government officials, academics, civil society, and the private sector assembled for an intensive workshop convened by the African Union Development Agency-NEPAD and AU-GIZ with support from the Lesotho Ministry of Information, Communications, Science, Technology and Innovation (MICSTI), the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) and the Kenya ICT Action Network (KICTANet).
The gathering drew over 60 participants with a shared proposition: get everyone on the same page about what good data governance should look like in Lesotho and how to achieve it. The workshop charted a pathway for Lesotho to domesticate the African Union Data Policy Framework (AUDPF), which was adopted by the African Union in 2022. The framework provides guidance to Member States on building harmonised, rights-respecting data governance policies that support digital transformation, innovation, and secure cross-border data flows.
Lesotho’s efforts to domesticate this framework come at a crucial time, as the country seeks to modernise its digital policy environment and position itself within the continent’s increasingly data-driven economy. These efforts, including the workshop, demonstrate Lesotho’s political will to align with continental digitalisation and data governance blueprints such as the AUDPF and to build an inclusive digital future.
Lesotho’s Minister for Information, Communications, Science, Technology and Innovation, Nthati Moorosi, stated that the various workshop sessions aimed to “instill more understanding on data governance for clear domestication of the [AUDPF] policy framework.” Sessions saw participants introduced to key concepts such as data as a public good, the importance of ethics and accountability, and the need for harmonised cross-border data policies. Case studies from across Africa helped illustrate how sound data governance could unlock value in sectors such as agriculture, health, and education.
CIPESA led practical sessions during which participants examined Lesotho’s Data Protection Act and the draft Data Management Policy (2025) in relation to key African instruments, including the AUDPF, the Malabo Convention, the African Continental Free Trade Area (AfCFTA), and the Digital Transformation Strategy for Africa. Participants noted areas of alignment between the national and continental frameworks but also identified gaps in the national data governance framework.
As such, effort went into mapping out where Lesotho is already aligned with the AUDPF and which specific areas need to be prioritised in revising the country’s legal and policy framework. Recommendations from this mapping exercise included establishing an independent Data Protection Commission, clarifying categories of personal and sensitive data, improving inter-agency coordination, and investing in digital literacy and data privacy skills across the public and private sectors.
The workshop was complemented by a strategic stakeholder survey to assess perceptions on Lesotho’s data governance framework. The survey revealed a minimal understanding of the country’s data governance frameworks. Over half of the respondents stated that existing policies were outdated and unable to address current challenges such as cross-border data flows, cloud computing, and evolving digital privacy threats. Respondents identified digital trade, innovation, health research, and public trust as key benefits of robust data governance. Responses further emphasised the importance of inclusive policymaking, public awareness on data governance campaigns in both English and Sesotho, alongside targeted support for rural and marginalised communities.
By the conclusion of the meeting, participants had agreed on a national data governance strengthening roadmap. With contributions coming from the broad spectrum of participants, who included Princess Senate Mohato Seeiso, through to Principal Secretary Kanono Leronti Ramashamole of the MICSTI, who noted that “data is no longer a by-product of administration but a strategic national asset”, the meeting reinforced the value multistakeholderism holds in digital governance.
Undeniably, no single institution can carry the policymaking load by itself. The real story from Maseru is the multistakeholder collaboration, with the MICSTI anchoring at home, the AUDA-NEPAD and AU-GIZ bringing continental scaffolding, civic and technical communities translating frameworks into practice, and a steady emphasis that data governance has to work for everyone. Ultimately, this process could enable Lesotho to not just catch up with the AUDPF, but to help show what a people-centred, innovation-friendly data ecosystem looks like in the region.
As regional leaders in digital rights and digital governance, CIPESA is committed to providing continued support to Lesotho as it works to reform its policies and institutionalise stronger data governance mechanisms. Our involvement helps to ensure that national efforts are grounded in best practices and aligned with continental and global standards, such as those set by the African Union.