Promoting Effective and Inclusive ICT Policy in Africa

Tag Archives: Human rights

  HomeCollaboration on International ICT Policy for East and Southern Africa (CIPESA)  /  Human rights
11May

Outpaced by Its Own Ambition: Can Kenya Bridge Its AI Regulation  Gap?

Author CIPESA Posted on

By Raylenne Kambua |

The raw paradox at the heart of Kenya’s Artificial Intelligence (AI) moment is that the country is simultaneously sprinting ahead in AI adoption while grappling with a shrinking space for the very digital voices that AI empowers.

According to the Digital Global Update Report, Kenya recorded the world’s highest usage rate of AI tools in 2025, with 42.1% of internet users aged 16 and above reporting active use of AI-powered technologies. This level of usage indicates that AI is increasingly being woven into the daily life of Kenyans.

However, the Navigating the Implications of AI on Digital Democracy in Kenya report by the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) highlights that while AI empowers citizens, it also enables unprecedented surveillance and manipulation.

A Nation Leading the Way in AI Adoption

Kenya has made significant investments in digital services, innovation hubs, and connectivity under the National Digital Master Plan 2022–2032.

These developments are also transforming how citizens interact with the government. Tools such as the Office of the Data Protection Commissioner’s Linda Data chatbot and platforms such as Sauti ya Bajeti have expanded access to rights information and budget tracking.

Yet, even as AI delivered clear benefits, it also revealed its dual nature, most visibly during the 2024 #RejectFinanceBill protests, during which Gen Zs mobilised through AI-generated infographics, satire, and short-form videos. At the height of the protests on June 25, a nationwide internet disruption was enforced despite assurances from the Communications Authority. The disruption was confirmed by network monitors like Cloudflare and NetBlocks, exposing the fragility of internet freedom in Kenya.

Civil society condemned the internet shutdown as a violation of rights, while telecoms Safaricom and Airtel attributed it to outages in their undersea cable. In the aftermath, reports of abductions and enforced disappearances of digital activists escalated, with the Kenya National Commission on Human Rights documenting at least 82 cases between June and December 2024.

Kenya’s AI Policy Landscape

The launch of the Kenya National AI Strategy 2025–2030 in March 2025 signalled the country’s ambition to position itself as Africa’s leading AI innovation hub. The strategy prioritises governance, ethics, investment, digital infrastructure, data ecosystem development, and support for AI research and innovation.

Kenya has also strengthened its international profile through participation in programmes such as the United Nations High-Level Advisory Board on AI, joining the International Network of AI Safety Institutes, and assuming leadership in the World Summit on the Information Society (WSIS+20).

At the national level, initiatives such as Digital Platforms Kenya (DigiKen) and the Kenya Bureau of Standards’ draft AI Code of Practice reflect growing momentum toward operationalising AI governance and skills building. The government is also developing an AI and Emerging Technologies Policy and a Data Governance Policy, both of which are expected to be in place by July 2026.

However, the gap between ambition and readiness remains wide. Kenya ranks 93rd in the 2025 Government AI Readiness Index, due to persistent weaknesses in infrastructure, implementation, and institutional capacity.

Moreover, Kenya’s legal framework for AI remains fragmented and incomplete. Currently, there is no standalone AI law in force, but a controversial Artificial Intelligence Bill, 2026, that has raised significant concerns about over-regulation and censorship  is under discussion. Additionally regulation is based on broader laws such as the Data Protection Act 2019 and the Computer Misuse and Cybercrimes Act 2018, which were not designed to address AI-specific risks such as deepfakes, automated decision-making, algorithmic discrimination, or synthetic disinformation.

As highlighted in the CIPESA report, critical gaps remain in the use of AI. These include the absence of mandatory algorithmic impact assessments, weak safeguards against AI-driven surveillance such as facial recognition, and scant measures to address AI-generated electoral misinformation. Furthermore, regulatory authorities lack sufficient capabilities to audit and monitor sophisticated AI systems, and there are no clear licensing or accountability frameworks for AI creators and deployers.

“Without deliberate, inclusive, and rights-centred governance, AI risks entrenching authoritarianism and exacerbating inequalities.” (Navigating the Implications of AI on Digital Democracy in Kenya, 2025)

The Way Ahead: AI Governance Focused on Human Rights

The CIPESA report outlines a human rights–centred approach to AI governance that is built on the following key principles:

  1. Life-Centred and Human-Centred Design and Accountability: AI should support and not replace human judgment, with strong oversight to ensure transparency and accountability.
  2. Equity and Fairness: Design AI to prevent bias and expand inclusive access, especially for underrepresented groups.
  3. Transparency and Trust: Ensure AI systems are explainable, well-documented, and open to public scrutiny and challenge.
  4. Safety, Security and Resilience: Build resilient systems with ongoing risk assessments and strong protections against misuse.
  5. International Collaboration and Ethical AI Development: Advance ethical AI through international collaboration while upholding constitutional values and human oversight.
  6. Environmental sustainability: Align AI development with climate resilience and sustainable resource use.
  7. Inclusive Participation and Cultural Relevance: Reflect local diversity and involve marginalised communities in AI design.
  8. Robust Governance and Adaptive Regulation: Maintain flexible, responsive regulation that keeps pace with technological change.

The report calls for a coordinated, multi-stakeholder approach to AI governance. It recommends that:

  • The government should enact a comprehensive AI law aligned with constitutional and international human rights standards, establish a legally mandated National AI Advisory Council with inclusive representation and strong enforcement powers.  It should also introduce clear prohibitions on high-risk practices such as real-time biometric surveillance without judicial oversight.
  • Civil society and the media should strengthen public awareness, promote accountability, and counter AI-driven disinformation.
  • Private sector actors should uphold transparency, fairness, and ethical standards across AI systems, including fair labour practices. Labour protections must be guaranteed for gig workers and data annotators within the AI value chain.
  • Academia and research institutions should continue generating evidence that can guide context-specific policy and regulation.
  • Across all stakeholders, digital literacy must be expanded, especially in underserved and rural communities, so that citizens can understand and challenge AI systems that affect them.

With the ongoing legislative processes on AI, this is a pivotal time for Kenya, as it has the momentum and the attention of the world. But momentum without action will not work. The country cannot afford slow, fragmented debates while technology is fast progressing. Additionally, Kenya must strike a careful balance between regulation and innovation, as overly restrictive rules could limit access, slow local innovation, and lock the country out of AI’s economic and social benefits. The goal should be a flexible, forward-looking framework that protects rights while still enabling growth and opportunity.

Read the full report, Navigating the Implications of AI on Digital Democracy in Kenya.

11May

CIPESA Urges Rights-Centred Approach to Uganda’s AI Strategy

Author CIPESA Posted on

By CIPESA Writer |

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) has submitted recommendations to Uganda’s Artificial Intelligence (AI) and Emerging Technologies Strategy national taskforce, calling for a human rights-centred approach to the governance of these technologies.

The submission, made in response to the Ministry of ICT and National Guidance’s ongoing process to develop a National AI and Emerging Technologies Strategy, welcomes Uganda’s ambition to harness AI for development. At the same time, CIPESA cautions that innovation must be matched with the legal, institutional, and ethical safeguards needed to protect people from harms.

Discussions on Uganda’s AI policy come at a moment when AI technologies are already being deployed in both public and private sectors. The submission states that AI-enhanced tools are currently employed in customs risk profiling at the Uganda Revenue Authority, customer service functions, digital financial services, research organisations, and environmental monitoring initiatives.

In agriculture, AI-powered tools can support weather forecasting, pest detection, control and prevention, and tailored advice for farmers, whereas in healthcare, they can enhance disease detection, diagnostics, prescription and help address shortages in medical personnel. These applications highlight the transformative potential of AI, yet there are also concerns around surveillance, exclusion, discrimination, and misuse of personal data.

The submission is informed by CIPESA’s broader work on digital rights in Africa, including the Navigating the Implications of AI on Digital Democracy in Uganda report, which emphasises the growing impact of AI-driven technologies on online expression, political communication, surveillance practices, and civic participation.

The recommendations also build on CIPESA’s earlier work on developing an inclusive AI ecosystem for Uganda. According to the policy brief, An Artificial Intelligence Eco-System for Uganda, the country’s existing legal and policy frameworks provide a fragmented foundation for regulating AI and responding to emerging risks such as algorithmic bias, automated discrimination, opaque decision-making, and AI-enabled surveillance.

Accordingly, CIPESA calls for a rights-by-design approach to AI governance. High-risk AI systems used by both public and private actors should be transparent, auditable, and subject to independent oversight. It also calls for mandatory Human Rights Impact Assessments for AI systems used in sensitive sectors such as healthcare, agriculture, education, taxation, law enforcement, and social protection.

The submission further recommends dedicated legal and policy measures that address algorithmic transparency, automated decision-making, public-sector AI procurement, safeguards against discriminatory outcomes, and mechanisms for redress where harm occurs.

CIPESA also raises concerns about the growing use of automated systems in areas such as digital lending and mobile money services, where millions of Ugandans are already subjected to algorithmic profiling and automated credit scoring with limited transparency or accountability. The submission recommends that Uganda’s AI strategy should establish clear safeguards and oversight standards for both existing and future AI systems.

While AI presents significant opportunities for improving public service delivery and supporting development priorities, CIPESA stresses that such systems must be built using representative local datasets, and designed in ways that minimise bias, exclusion, and discriminatory outcomes.

The organisation further stresses that AI governance must be inclusive and participatory. The submission calls for meaningful involvement of civil society organisations, academia, technical experts, and affected communities in shaping Uganda’s AI strategy. It also recommends multilingual and accessible AI-enabled platforms that support citizen participation through channels that are accessible to underserved and low-literacy communities.

Beyond governance safeguards, CIPESA urges the government to invest in local AI research, innovation, and infrastructure development. It recommends support for universities, innovation hubs, and local startups, alongside the establishment of national AI research centres and dedicated funding mechanisms. Earlier recommendations by CIPESA also proposed the creation of a national AI Research Fund and citizen awareness programmes to improve public understanding of AI technologies and their societal implications.

Without deliberate investment in local capacity, Uganda risks becoming merely a supplier of raw data to foreign technology companies while deriving limited economic value from AI technologies. This would also deepen dependence on externally developed systems that may not fully reflect local contexts, needs, or priorities.

CIPESA additionally calls for alignment between Uganda’s strategy and broader regional initiatives, including the African Union Continental AI Strategy and wider African efforts on digital governance, data protection, and platform accountability.

Ultimately, CIPESA argues that Uganda’s AI and Emerging Technologies Strategy should put people first, ensuring that innovation and emerging technologies are matched with clear safeguards and meaningful oversight.

Read the full submission here: CIPESA Submissions on Uganda AI and Emerging Technology Strategy

01May

Tanzania’s Digital Rights Record Faces Fresh Scrutiny at the UPR

Author CIPESA Posted on

By Ainembabazi Patricia |

In November 2026, Tanzania will be up for its fourth cycle review under the Universal Periodic Review (UPR) mechanism of the United Nations Human Rights Council (HRC). Ahead of the review, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA), the Pan African Lawyers Union (PALU), and JamiiAfrica made a joint stakeholder submission on the state of digital rights including expression, access to information, assembly and association, privacy, data protection, and gender equality in digital spaces in Tanzania.

The submission recognises the positive steps taken by Tanzania to advance the digital ecosystem  since its previous assessment in 2021. Internet connectivity has expanded significantly, and the country has adopted important digital governance measures. These include the enactment of the Personal Data Protection Act, 2022, and the establishment of the Personal Data Protection Commission, reforms to the Media Services Act, and policy initiatives such as the Digital Economy Strategic Framework 2024–2034, and emerging AI governance frameworks.

However, the report finds that these gains have not translated into a freer or safer digital civic space in the country. Repressive laws and regulations continue to be used to restrict online expression, limit publications, silence dissent and elevate censorship. The Electronic and Postal Communications (Online Content) Regulations as amended in 2020 and 2025 still require licensing for online media service providers and grant the Tanzania Communications Regulatory Authority (TCRA) broad powers to suspend or revoke licences. Vague provisions in the Cybercrimes Act and related laws also continue to criminalise legitimate expression, creating a chilling effect for journalists, bloggers, activists, and ordinary users.

According to the CIPESA, PALU and JamiiAfrica report, several incidents have narrowed the environment for the exercise of online freedoms.  Key media and engagement platforms such as the Clubhouse, X (formerly Twitter) and JamiiForums were blocked in 2023 and 2025 respectively. In 2024, Tanzania’s media space was marked by intensified restrictions.  TCRA suspended Mwananchi Communications’ online platforms for 30 days on October 2, 2024, against a backdrop of broader restrictions on unregistered Virtual Private Networks (VPNs) in October 2023.

Particularly concerning were the restrictions imposed during the 2025 general elections. The report notes that Tanzania implemented a nationwide internet shutdown from October 29 to November 3, 2025, cutting off access to major social media and communication platforms. This disrupted the ability of citizens, journalists, and observers to share information, document events, and participate in public debate during a critical democratic moment.

While Tanzania in 2022 enacted the Personal Data Protection Act, which came into force in 2023, its implementation is weakened by restrictions on anonymity and VPN usage, as well as heightened surveillance. Pronouncements by government officials against sharing certain election-related content have fostered fear and self-censorship. For many Tanzanians, especially critics of government and civic actors, legal protections for personal data remain undermined by surveillance-related risks.

The submission also draws attention to the growing threat of Technology-Facilitated Gender-based Violence (TFGBV). Women journalists, politicians, activists, and other public-facing women are increasingly subjected to online harassment, sexualised abuse, doxxing, reputational attacks, and coordinated trolling. These harms were particularly acute around the 2025 elections, when gendered disinformation and intimidation converged with broader restrictions on online speech.

To address these concerns, the report recommends that Tanzania repeals or amends vague and overly broad laws including the Cybercrimes Act and the Online Content Regulations. The report calls for compliance with international human rights standards, discouraging restrictions such as internet shutdowns and platform blocking. It also calls for judicial oversight over surveillance, greater transparency in state requests to technology companies, stronger support for the Personal Data Protection Commission, investment in digital rights literacy, and explicit protections against TFGBV.

Read the full report submission here.

01May

CIPESA Condemns Zambia’s Cancellation of RightsCon 2026

Author CIPESA Posted on

By CIPESA Writer |

The Collaboration on International ICT Policy for East and Southern Africa (CIPESA) notes with deep concern the Government of Zambia’s decision to postpone Rights Con 2026, which was scheduled to take place in Lusaka next week. The postponement was confirmed by the organisers on April 29, 2026. Civic convenings of this nature thrive precisely because they create a safe space for diverse, sometimes uncomfortable, conversations about rights, technology, and power. Restricting that space undermines the principles of openness, dialogue, and democratic engagement on the continent.

The information provided by the Zambia government suggests that halting of RightsCon was not a necessary and proportionate measure. It has caused undue financial losses and disrupted the plans of thousands of national and international human rights actors and the local tourism, travel and conferencing sector, while also denting Zambia’s  governance credentials and international standing.

CIPESA has joined over 130 organisations from across the world in expressing concern over the  government’s decision that raises questions about transparency, civic space, and commitment to inclusive global digital governance.

The cancellation of RightsCon 2026 escalates an ongoing crisis of democratic regression and the rise of digital authoritarianism on the continent.

In a related development, the World Press Freedom Day (WPFD) Global Conference, originally scheduled to also take place in Lusaka ahead of RightsCon. has also undergone significant changes. UNESCO has announced that the conference will now be held online, while the UNESCO/Guillermo Cano World Press Freedom Prize ceremony will be relocated to the UNESCO Headquarters in Paris, France at a later date. These developments effectively delist Zambia as the host of this year’s WPFD, although a commemorative event remains scheduled for May 4, 2026.

27Apr

Strengthening Digital Rights Awareness and Practice in the Business Sector

Author CIPESA Posted on

By Nadhifah Muhammad |

It has been 12 months since the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) championed the Civil Society (CSO) Fund for digital rights in Uganda’s business sector. Across 12 districts, the supported initiatives have implemented action plans to advance advocacy and awareness on digital rights for businesses.

Radio and television programmes, social media campaigns, community forums, stakeholder dialogues, and caravans were part of the awareness campaigns conducted by partners. As a result, more than 17 million citizens, including district leaders, youths, and the general public, have been sensitised on business and digital rights. In parallel, CIPESA has supported Small and Medium Enterprises (SMEs) in tourism and travel, education, digital marketing, IT development, legal services, lifestyle and health to conduct digital security self assessment and to integrate digital rights within their business models.

Before the interventions were rolled out, CIPESA built the partners’ capacity in implementing awareness raising and advocacy campaigns. At a March 2026 bootcamp, CIPESA re-convened the CSOs and SMEs, alongside innovators, researchers, local government officials and human rights advocates, to reflect on progress and take stock of their interventions. The 30 participants at the bootcamp also explored how to sustain, deepen, and institutionalise this work beyond the Advancing Respect for Human Rights by Businesses (ARBHR) project funded by the European Union and implemented with the support of Enabel.

A participant appreciated CIPESA’s approach to equipping them with skills and knowledge on digital rights and business and human rights ahead of rolling out the initiatives, stating: “It played a fundamental role in helping us appreciate the issues for us trickle them down to the communities.”

During the bootcamp, partners shared lessons and experiences from their action plans across the project focus regions: Busoga (Iganga, Mayuge, Bugiri, and Bugweri), the Albertine region (Hoima, Kikuube, Masindi, Buliisa, and Kiryandongo) and the Kampala Metropolitan area (Kampala, Mukono, and Wakiso).

Key lessons learnt included framing failure to respect digital rights as business risks to increase private sector engagement, prioritising multi-stakeholder engagements to foster ownership of initiatives, using local languages and simplified text while interfacing with grassroots communities, partnering with media to amplify awareness campaigns and consistent engagement with beneficiaries to ensure they grasp the context of the project initiatives.

However, despite the project’s wide reach, surveys conducted by project partners show that the majority of SMEs continue to face numerous digital vulnerabilities. For instance, a study by Girls for Climate Action on digital inclusion among 924 women-led green businesses in the Busoga region revealed an 85.9% digital skills gap. In Kampala, a mapping by Boundless Minds of 119 youth-led SMEs found that 49% were unaware of the existence of the Data Protection and Privacy Act, Cap 97 .

Similarly, the Capacity Needs Analysis conducted by the Private Sector Foundation Uganda (PSFU) on 79 Business Member Associations showed that while 72% of the businesses collect customer data, only 38% are aware of the Data Protection and Privacy Act, and only 16% have internal cybersecurity policies. These findings reinforce the need for continued support to help Ugandan businesses to understand and uphold digital rights in their operations.

However, the question of resources to continue the business and digital rights work beyond the ARBHR seed funding remained a concern. With the changing funding landscape, advocates were urged to rethink strategies for sustainability and reduce dependence on grants. As one participant noted, “Budget limitations greatly affected effective execution of some awareness campaigns,” which hampered the reach and depth of engagements.

Dr. Joyce Tamale, of Capital Solutions Ltd who facilitated a session on financial resilience, addressed this challenge by demonstrating how organisations can strengthen institutional sustainability and build long-term financing models to sustain their work. Framing the issue through a “mindset cycle,” she argued that resilience begins with a shift in thinking that shapes attitudes, actions, and ultimately results. She paired this with practical strategies such as building operating reserves, diversifying funding streams, and adopting long-term financial planning. Emphasising social entrepreneurship, she encouraged organisations to monetise their assets without compromising their mission.

To put this into practice, organisations were encouraged to codify financial health within their institutions through operating reserve policies, building emergency funds, and the use of financial instruments such as bonds and unit trusts, while also strengthening their own financial literacy.

To consolidate these gains and sustainability of efforts under the project, partners were rallied to mainstream digital rights and the Business and Human Rights agenda in their institutional programming.

1 2 3 39