June 27, 2020 marked 6 years since the adoption of the African Union (“AU”) Convention on Cyber Security and Personal Data Protection (the “Convention”) at the 23rd Ordinary Session of the AU Assembly held in Malabo, Equatorial Guinea. At the heart of the Convention is the emergence and rise of the Africa knowledge economy, thus, its main thrust of setting out the security rules for establishing a credible digital space for electronic transactions, personal data protection and combatting cybercrimes in Africa. With only 14 signatures , 5 ratifications and deposits , the Convention is not yet in force as it requires at least 10 more ratifications from the outstanding 50 AU Member States.
With its 1.3billion population, 97% of which are below 65years, Africa has a potentially productive population, especially where aided by information communication technology. Thus, initiatives like the AU-EU conceived Policy and Regulation Initiative for Digital Africa (PRIDA) which aims to foster universally accessible and affordable broadband across Africa should naturally have an ally in the Convention that seeks to ensure that the security, privacy and personal data protection rights of all persons living or interacting with Africa are preserved and promoted. With mobile broadband coverage currently at over 70% of the Africa continent and still rising, the emergence of a uniform framework for personal data protection and cybersecurity in Africa, underscored by the Convention, becomes imperative. It is no gainsaid repeating that there is the utmost need to engender the Africa data interchange/transfer market and the attendant development of Africa with more e-government services, data centers and general broadband penetration. Actions need to be taken to create the environment that will sustainably foster the Africa knowledge economy. The Convention was one of such actions, more are needed.


The decisive actions that need to be taken are the focus of the purposed 1st Africa Data Protection Conclave (the “Conference”). With over 50% of African countries having one form of personal data protection and or cybersecurity legislation in place, it is time to discuss their common and peculiar challenges in regulation/administration/enforcement in a bid to solve them on a scale that decreases the cost and time of the solutions while increasing their effectiveness.

Leave a comment

Your email address will not be published. Required fields are marked *