African experts are gathered for two days (19-20 February 2018) in Addis Ababa, Ethiopia to contribute to the development of the African Privacy and Personal Data Protection Guidelines. The meeting, facilitated by the African Union Commission (AUC) and supported by Internet Society, explored the future of privacy and data protection and provided some practical suggestions that African states can consider in implementing the Malabo convention provisions related to online privacy. The guidelines are aimed at empowering citizens, as well as establishing legal certainty for stakeholders through clear and uniform personal data protection rules for the region.
The expert meeting comes amidst growing concern across the world on the need to prepare for the EU General Data Protection Regulation (GDPR), which will be enforced on 25 May 2018. The expert meeting is rather focused on creating general principles for African member states in developing good practices now and in the future. The project, a partnership of the AUC and the Internet Society, comes as a follow up to the recommendations of the Africa Infrastructure Security Guidelines, developed in 2017 to assist speed up their adoption and subsequent ratification of the Malabo Convention.
Both the Heads of States Summit in January 2018 and Specialized Technical Committee Ministerial meeting endorsed the development of these guidelines as a way to strengthen the capacity of African states to deal with emerging issues in the digital space.
The African privacy and data protection landscape is still nascent with only 16 of the 55 countries having adopted comprehensive privacy laws regulating the collection and use of personal information (C Fichet, 2015). The African Union Convention on Cyber Security and Personal Data Protection is considered an important first step aimed at creating a uniform system of data processing and determining a common set of rules to govern cross-border transfer of personal data at the continental (African) level to avoid divergent regulatory approaches between the Member States of the African Union. Now that a continental framework is in place, there is a need for more detailed best practice guidelines on personal data protection to assist countries in the process of domesticating the Malabo Convention into the national laws.