Open Forum #56 Shaping Africas Digital Future a Forum on Data Governance

Summary

This discussion focused on shaping Africa’s digital future through effective data governance, bringing together government officials, civil society representatives, academics, and private sector leaders to examine the challenges and opportunities in implementing data governance frameworks across the continent. The panel was moderated by Anriet Esterhuisen and featured participants including Sierra Leone’s Minister of Communications Salima Bah, Kenyan Ambassador Bitange Ndemo, and representatives from Research ICT Africa, CIPESA, and Meta.

Minister Bah emphasized the importance of political buy-in and strategic prioritization in moving from policy to practice, highlighting Sierra Leone’s journey over the past 25 years with significant progress in recent years through dedicated institutions and presidential support. Ambassador Ndemo stressed the need to demonstrate data’s value to citizens before implementing complex regulations, arguing that Africa should abandon overly restrictive frameworks and focus on showing practical benefits first. Wakabi Wairagala from CIPESA outlined the essential elements of rights-based data governance, including privacy protection, independent oversight mechanisms, and special attention to marginalized groups’ data rights.

Kojo Boakye from Meta discussed the challenges of operating across multiple African jurisdictions with varying data protection laws, advocating for greater harmonization through the African Union Data Policy Framework while warning against over-regulation based on lessons from other regions. Priya Chetty from Research ICT Africa highlighted critical implementation gaps, including fragmented legislation, weak enforcement mechanisms, and the need for greater user-centered approaches that ensure meaningful inclusion and data literacy.

The discussion revealed tensions between protection and innovation, with participants debating the balance between comprehensive data governance frameworks and practical implementation that delivers tangible benefits to African citizens and economies.

Keypoints

## Major Discussion Points:

– **Moving from Policy to Implementation**: A central theme focused on bridging the gap between data governance policies and their practical implementation, with Sierra Leone’s Minister highlighting the importance of political buy-in, strategic prioritization, and institutional capacity building as key success factors.

– **Rights-Based Data Governance and Digital Inclusion**: Discussion of how to ensure data governance frameworks protect privacy and human rights while promoting digital inclusion, with emphasis on the need for meaningful citizen participation, data literacy, and protection of marginalized groups’ rights.

– **Harmonization vs. National Sovereignty**: Debate over balancing the need for harmonized data governance frameworks across Africa (to facilitate cross-border trade and digital transformation) against individual countries’ sovereignty and specific national needs, with particular reference to the African Union Data Policy Framework.

– **Enforcement Challenges and Institutional Capacity**: Examination of weak enforcement mechanisms across African nations, despite having data protection laws, and the need for stronger regulatory oversight, adequate institutional mandates, and effective complaint mechanisms.

– **Multi-stakeholder Collaboration and Private Sector Engagement**: Discussion of the need for better collaboration between governments, civil society, and private sector (particularly big tech companies) in developing and implementing data governance frameworks, with calls for more meaningful participation in national policy processes.

## Overall Purpose:

The discussion aimed to examine Africa’s digital transformation journey through the lens of data governance, bringing together diverse stakeholders (government officials, civil society, private sector, and academia) to share insights on challenges and solutions for implementing effective, rights-based data governance that balances protection with innovation and economic development.

## Overall Tone:

The discussion maintained a constructive and collaborative tone throughout, characterized by mutual respect among panelists and a shared commitment to Africa’s digital development. While there were moments of gentle disagreement (particularly around harmonization approaches and regulatory frameworks), the conversation remained diplomatic and solution-oriented. The tone was notably optimistic about Africa’s potential as a leader in data governance innovation, with panelists expressing confidence in African-developed frameworks and encouraging continued partnership and investment in the continent’s digital future.

Speakers

**Speakers from the provided list:**

– **Moderator (Anriet Esterhuisen)** – Organiser of the African School on Internet Governance, past chair of the UN IGF MAG, associated with the Association for Progressive Communications

– **Salima Monorma Bah** – Honourable Minister of Communications, Technology and Information, Sierra Leone

– **Bitange Ndemo** – His Excellency Ambassador of Kenya to the European Union (based in Brussels), past collaborator, hosted IGF in Nairobi in 2011

– **Kojo Boakye** – Vice President, Public Policy for Africa at META, 19th IGF participant

– **Wakabi Wairagala** – Representative from CEPESA (Centre for Collaborative Internet Policy in Eastern South Africa), veteran of internet governance

– **Participant 1** – Role/expertise not clearly specified in transcript

– **Audience** – Various audience members asking questions

**Additional speakers:**

– **Priyad Chetty** – Incoming Executive Director of Research ICT Africa (mentioned by moderator but appears to be speaking as “Participant 1” in transcript)

– **Kodjo Waji** – Vice President, Public Policy for Africa from META (mentioned by moderator, but appears the actual speaker was Kojo Boakye)

– **Guy Berger** – Convener of the African Alliance for Access to Data, working with the African Commission

– **Osei Keja** – From Ghana (audience member)

– **Amy** – From Nigeria (audience member)

– **Kuku** – Audience member working with African Union Commission, ISD division

# Shaping Africa’s Digital Future: A Comprehensive Discussion on Data Governance Implementation

## Introduction and Context

This panel discussion, moderated by Anriet Esterhuizen from the Association for Progressive Communications, brought together a distinguished group of stakeholders to examine the critical challenges and opportunities in implementing data governance frameworks across Africa. The conversation featured high-level government officials, including Sierra Leone’s Minister of Communications Salima Monorma Bah and Kenyan Ambassador to the European Union Bitange Ndemo, alongside representatives from civil society, academia, and the private sector, including Wakabi Wairagala from CIPESA (Centre for Collaborative Internet Policy in Eastern South Africa), the incoming Executive Director of Research ICT Africa, and Kodjo Waji from Meta.

The discussion emerged against the backdrop of Africa’s rapidly evolving digital landscape, with the conversation aimed at moving beyond theoretical frameworks to examine practical pathways for effective data governance that balances protection with innovation whilst ensuring meaningful citizen participation.

## Government Perspectives: From Policy to Practice

### Sierra Leone’s Strategic Approach

Minister Salima Monorma Bah provided insights into Sierra Leone’s journey in data governance, emphasising the transformative shift in governmental attitudes towards data. She noted that data governance has evolved “from something that was an afterthought for a lot of African governments to now being just a central piece to what we’re trying to do.” This evolution reflects a broader recognition of data’s dual nature as both an economic asset and a sovereignty issue.

The Minister highlighted critical success factors for effective implementation: strategic prioritisation, political buy-in from the highest levels of government, and understanding both the economic value of data and data sovereignty issues. She stressed that moving from policy to practice requires dedicated institutions and sustained presidential support, drawing from Sierra Leone’s experience of significant progress in recent years through focused institutional development.

Addressing the challenges smaller economies face when dealing with large technology companies, Minister Bah acknowledged that power imbalances sometimes lead countries to resort to “more draconian approaches” in their regulatory responses. This highlighted the complex dynamics between national sovereignty and global technology governance.

### Ambassador Ndemo’s Perspective

Ambassador Bitange Ndemo presented a different perspective on Africa’s approach to data governance. He briefly suggested reconsidering the current African Union data protection framework, arguing that regulations were being implemented before fully understanding what data could do for people. He advocated for demonstrating data benefits to citizens through practical applications.

The Ambassador also stressed the fundamental importance of digital literacy and capacity building as prerequisites for maximising technology use and effective data management, arguing that without these foundations, regulatory frameworks remain less effective.

## Civil Society and Academic Perspectives

### Rights-Based Data Governance Framework

Wakabi Wairagala from CIPESA outlined elements of rights-based data governance, emphasising that data governance must uphold fundamental rights including privacy, access to information, and protection from surveillance. He highlighted the necessity of independent arbiters and remedial mechanisms to mediate disputes and enforce penalties for data rights violations.

Wairagala also emphasised the importance of protecting data rights of minorities and marginalised groups, ensuring that vulnerable populations receive specific attention in governance frameworks. He called for meaningful spaces for citizen participation and awareness-building about data rights.

Addressing harmonisation challenges, Wairagala suggested that working at regional economic community levels, such as through the East African Community, could facilitate harmonisation and domestication of African Union frameworks more effectively than attempting continent-wide coordination immediately.

### Research and Implementation Gaps

The incoming Executive Director of Research ICT Africa brought a critical user-centred perspective to the discussion, challenging participants to consider whether current frameworks adequately emphasise the user perspective. She posed a fundamental question about whether sufficient emphasis was being placed on users across different aspects of digital policy, from digital public infrastructure to artificial intelligence and data governance.

She highlighted several critical implementation gaps, including fragmented legislation, weak enforcement mechanisms, and insufficient attention to user demands and inequalities. She emphasised the need for sustainable mechanisms for data inclusion that enable users to participate meaningfully in and draw value from data systems.

Her analysis revealed that current data governance frameworks insufficiently address structural inequalities and fail to build adequate user capacity for meaningful participation in the data economy. She called for evidence-based policy making that uses data as a tool for better governance.

## Private Sector Perspectives

### Meta’s Continental View

Kodjo Waji from Meta, attending his 19th IGF, provided insights from the private sector perspective, highlighting both opportunities and challenges in Africa’s data governance landscape. He noted that whilst Africa has made progress with national data protection laws, the lack of harmonisation between national policies creates operational complexities for companies operating across multiple jurisdictions.

Waji identified opportunities in the African Union Data Policy Framework for governments to continue creating legislation that addresses national priorities whilst creating opportunities for harmonisation. However, he also noted the institutional complexity that arises when multiple organisations claim jurisdiction over data governance issues.

Addressing enforcement concerns, Waji advocated for approaches that focus on improving data governance for users rather than revenue generation. He also emphasised the importance of thoughtful communication about artificial intelligence benefits and risks.

Drawing from global experiences, Waji referenced discussions about regulatory approaches in other regions, encouraging African policymakers to learn from these experiences whilst developing their own frameworks.

## Key Areas of Agreement and Consensus

### Political Will and Strategic Prioritisation

There was strong consensus among participants that political will and strategic prioritisation represent essential foundations for effective data governance implementation. Both Minister Bah and the Research ICT Africa representative emphasised that successful data governance requires strong political commitment at the highest levels of government.

### African Union Framework Recognition

Despite some disagreements about implementation approaches, there was notable recognition of the African Union Data Policy Framework. The moderator emphasised its importance alongside the African Commission on Human and People’s Rights resolution as significant African instruments for data governance.

### Enforcement Challenges

Participants demonstrated clear consensus that enforcement mechanisms remain weak across African data governance systems. Multiple speakers emphasised the need for stronger enforcement capacity and regulatory cooperation.

### User-Centred Approaches

Both Wakabi Wairagala and the Research ICT Africa representative agreed on the crucial importance of user-centred approaches and meaningful participation in data governance, emphasising the need for citizen participation and awareness-building about data rights.

## Audience Engagement and Broader Concerns

### Enforcement Capacity Questions

Osei Keja from Ghana raised critical questions about strengthening enforcement mechanisms, particularly given the weak enforcement capacity in many African nations. This intervention highlighted the persistent gap between policy development and practical implementation across the continent.

### Learning from Global Experiences

Amy from Nigeria asked how Africa could learn from the successes and mistakes of other nations in data governance, seeking to identify best practices that could be adapted for African contexts.

### Private Sector Engagement

An audience member from the African Union Commission raised questions about how technology organisations could be better engaged in country-level policy development processes rather than only participating in high-level international platforms.

## Additional Contributions

### Multi-Stakeholder Initiatives

Guy Berger highlighted the African Alliance for Access to Data (dataalliance.africa) and the African Commission’s Resolution 620, which calls for practical guidelines on data governance. These initiatives represent ongoing efforts to create collaborative frameworks that bring together diverse stakeholders in developing practical approaches to data governance.

## Emerging Themes and Future Directions

### Capacity Building and Digital Literacy

Multiple speakers emphasised the fundamental importance of capacity building and digital literacy as prerequisites for effective data governance. This emerged as a foundational requirement for people to effectively participate in and benefit from data governance systems.

### Balancing Protection and Innovation

A recurring theme throughout the discussion was the need to balance data protection with innovation and economic development. This balance emerged as particularly challenging for African economies seeking to attract investment whilst protecting citizen rights and maintaining data sovereignty.

### Harmonisation Strategies

The discussion revealed ongoing debates about the most effective approaches to harmonising data governance frameworks across Africa, with suggestions ranging from continental approaches to regional economic community-level coordination.

## Conclusion and Implications

This discussion revealed both progress and persistent challenges in Africa’s data governance journey. Whilst there is clear recognition of data governance as central to Africa’s digital transformation, different perspectives remain about implementation approaches, timing, and institutional frameworks.

The conversation highlighted various viewpoints on data governance across different stakeholder groups, from government officials emphasising political will and sovereignty concerns, to civil society advocates focusing on rights-based approaches, to private sector representatives highlighting operational challenges and harmonisation opportunities.

The emphasis on the African Union Data Policy Framework and related continental instruments suggests a foundation for continued collaboration, whilst the call for enhanced multi-stakeholder engagement, strengthened enforcement mechanisms, and user-centred approaches provides direction for future efforts.

The discussion demonstrated that Africa’s data governance conversation continues to evolve, with stakeholders working to address implementation challenges whilst balancing protection with innovation and ensuring meaningful citizen participation in the continent’s digital transformation.

Moderator: Good afternoon everyone, welcome to this open future on Shaping Africa’s digital future and looking at that future through data governance. We have a fantastic panel, so I’m going to start, we’ve lost a little bit of time, so I’m going to quickly introduce this panel. Firstly, we have Honourable Salima Bah from Sierra Leone and we’re really, really pleased to have her. She’s the Sierra Leonean Minister of Communications, Technology and Information. On the other side of the panel, we have His Excellency Ambassador Bitange Ndemo, past collaborator and in fact something they didn’t put in your bio is that you once hosted the IGF in Nairobi in 2011. Currently Bitange is the Ambassador of Kenya to the European Union, so he’s based in Brussels. On my right is Priyad Chetty, the incoming Executive Director of Research ICT Africa, which I think is Africa’s foremost think tank and I think in general producer of data evidence and analysis in policy and digital development in Africa. And then on my left here, I have Wakabi. Wakabi is from CEPESA, the Centre for Collaborative Internet Policy in Eastern South Africa and also I think a veteran of internet governance and I think one of the organisations that has done just such an immense job in building the capacity of civil society in Africa in trying to be active or being active voices in policy. And then on the far left, we have Kodjo Waji, who is Vice President, Public Policy for Africa from META. And I think Kodjo, this is your second IGF? Third?

Kojo Boakye: No, this is my 19th IGF.

Moderator: Your ninth?

Kojo Boakye: Nineteenth.

Moderator: Nineteenth?

Kojo Boakye: Yeah, I feel like I’ve participated.

Moderator: Were you in the youth caucus at the first one?

Kojo Boakye: No, I am a seventies baby.

Moderator: Well, welcome. It’s really good to have all of you here. And my name is Anriet Esterhuisen. I am the organiser of the African School on Internet Governance. I’m a past chair of the UN IGF MAG and associated with the Association for Progressive Communications. I think just really thanks to the organisers for this session, because data governance I think is indeed really one of those important cross-cutting topics that we need to engage at the IGF. And it’s particularly important at the moment for Africa, looking at where Africa is in its journey on digital transformation. There’s a rollout of digital IDs, national data exchanges, AI strategies and cross-border trade initiatives. For example, the implementation of the African continental free trade area. And all of these efforts hold promise for Africa’s development and for increased digital equality in Africa. But behind every digital system and innovation lies a very important critical foundation. In fact, I think two critical foundations. Firstly, data governance, effective, accountable, inclusive, development-oriented data governance. But then also digital inequality, which is the context that still tends to undermine the implementation of so many innovative and forward-looking digital transformation strategies on the continent. But data governance is not just about regulation. I think it’s about systems, coordination and institutions that ensure that data is managed in ways that are secure, transparent and trusted. And I think, just adding this, this is particularly relevant to the IGF. Trusted across stakeholder groups and by different types of actors. Trusted by private sector operators, by privacy advocates, by trade justice advocates, by governments and by the technical community as well. And it’s only really when you have this trust that digital transformation can be implemented, but work and achieve benefits for people. For governments, there really is a challenge at this point in terms of how quickly to move from policy to practice, how to build systems that are technically sound, and I think also systems that are future-proof, but at the same time systems that recognize that the realities of the context that those governments are trying to work in are still so characterized, so deeply characterized by digital exclusion at multiple levels, at the level of institutional capacity, people’s access, the capacity to have the devices and the skills that are needed to really participate and benefit from these systems. So this session is trying to bring together these quite diverse, different stakeholders to talk about this. They’re all involved in this in one way or another, and so they’re here to share their insights on what the challenges are, what the possible solutions are, what we’ve learned from the data governance implementation and framework development that’s taken place so far. And to start us, I’m going to ask Minister Salimah Bah from Sierra Leone to just give us a sense in terms of what Sierra Leone has done and the experience that you’ve gained over the last few years. What do you think, what are the critical factors, the variables that really make that difference between not effectively implemented policy and strategy or incoherent or non-harmonized policy and strategy to policy and strategy that actually makes that leap from theory, from ideas, from strategy to practice to implementation?

Salima Monorma Bah: Thank you, thank you so much for organizing this, and definitely to the organizers at GIZ and everybody else who’s participated. I think, as you said, this is such a really critical conversation to have, specifically when we look at Africa’s digital transformation journey and agenda and how data is the essential part of that. I think I was having a conversation with somebody, I was like, it went from something that was an afterthought, I think, for a lot of African governments to now, I think, being just a central piece to what we’re trying to do. And I think, well, one, specifically we understand when we talk about our digital transformation agenda, how issues such as data sovereignty and how our data is managed and what that looks like. I think, you know, now the understanding of how critical that is, I think it’s even more established. But then also, I think the other reality is the economic value when it comes to data as well. I think that is also part of it, that everybody’s getting to the understanding of there’s a huge economic value and we want to ensure that how that is exploited or how that is managed or leveraged or tapped into, we want to be part of those conversations as well. But definitely key points in terms of how do you move from policy and strategy to practice, I think one of the first for Sierra Leone, what has really worked, because this has been a journey that we’ve been on for maybe over 20, 25 years, but really we’ve only started seeing effective outputs from that, I think, for the past six, seven years. And I think it’s been as a result of really strategic prioritization. So for example, from the very top level, by His Excellency the President, we get to see that political buy-in and interest. For example, when the President came in for the very first time, he appointed a Chief Innovation Officer, he established a dedicated agency that focuses on technology and how do we implement, he’s included it in making technology a big five.

Bitange Ndemo: With these few things that I have mentioned here plus digital literacy, we can begin to maximize the use of this technology and also manage our data in a in a better way that can move us forward.

Moderator: Thanks, thanks a lot for that Bitanga. And I now want to turn to you Wacabi and you know SPSA has done such pioneering work in terms of digital rights and the protection of privacy and recognizing how that and data protection is an enabler of other rights. I mean for you, what does meaningful rights-based data governance look like in practice at this point in time? And I think particularly now that we’re no longer just talking about GDPR or privacy, data governance is now so much more than the protection of personal information. Thank you very much for joining us. I’m going to turn it over to you, Dr. Wairagala, to talk about how the ecosystem involves so many different types of data. So how do you feel we can effectively apply this rights-based approach to this evolving landscape of data governance?

Wakabi Wairagala: ≫ Thanks, Henriette. So, yeah, from the outset, as you know, we have a lot of data. And we have a lot of data that is relevant to our lives and our participation in society. So if the right is not promoted, if then the appetite for citizens to partake of public services, for them to participate in public affairs, ETC, will all be undermined. So how then do we have rights-based approaches? So, for example, we should ensure that the right to privacy and access to information, and access to data protection, we should ensure that they uphold the right to privacy and related rights like access to information, and protection from surveillance. On the other hand, we should ensure that our laws are aligned with the high-level instruments such as the Constitution, and that they are not limited to the right to privacy and access to information, and that they govern a lot of rights around the continent, as well as with constitutional guarantees in the individual countries. But Dr. Ndemo has also mentioned the issue of balancing protection with innovation. As much as we want to protect rights, we also need the use of data. So, we are not saying that it is specifically for the public interest. A lot of the time, those principles of data-protection, which we keep talking about, but if we were to do a sort of assessment, many of those in the data-protection system, we would say that it is not for the public interest, it is for the private interest, and it becomes our role to do assessments of countries to see whether they are actually living up to those principles, or they are not. The other element I would like to speak to is that of the independent arbiters and remedial mechanisms, and the Minister from Sierra Leone actually spoke about them. So, we are going to be able to have the right to be able to mediate, to issue guidance, to issue penalties, that, again, is an area in which we are going to be able to have the rights respected. A final one is clearly acknowledging and instituting measures to ensure that data rights of minorities and marginalised groups are clearly upheld, which brings in the question of the right to be able to mediate, to issue penalty, to issue penalties, namely, that data should not be collected, should not be used in any way that undermines the rights of the marginalised groups. As I sum up, what are some of the elements that need to be done to ensure that citizen voices are heard? One of them is clearly having meaningful spaces for citizens to be able to express their views, and for those views to be taken into practice, but there is also the area of privacy and data rights are fairly new rights, not many people know their data rights, or how to express them, so creating awareness of the rights, creating awareness of how to protect yourself in digital environments, and in policy-making are areas also that can go somewhere in this regard.

Moderator: Yes, I was actually going to ask you, if you think people know what data rights are, and if the concept of data justice is one that is well understood, and I think it is challenging, particularly because data rights also spans different types of data, but absolutely, that’s, you know, that’s exactly the role that civil society should be doing. Kojo, let me move to you. As Meta has to operate in this space, how do you, from your experience of a company that operates in multiple jurisdictions, a very powerful company, a company that’s a very data-intensive data, so central to your business model, how do you find the policy and regulatory environment in Africa from the perspective of a business model? How do you find the policy and regulatory environment in Africa from the perspective of complexity, suitability, harmonisation, compliance, and accountability and transparency on your part?

Kojo Boakye: Great question. Big question as well. The first thing I’ll say is a huge thanks to the government of Norway for putting this conference on, having spent so much time at a number of them, most recently Japan and Saudi and others, I know what a big undertaking it is, but also a huge thanks to my fellow panellists. I told Dr Ndemo unashamedly that he mentored me from afar, certainly in my time with the Alliance for Affordable Internet and still with the Global Digital Inclusion Partnership, et cetera, and some of the changes he made to the policy environment in Kenya were ground-breaking in terms of how they accelerated access to the mobile, et cetera, and Wakabi and Priya who I worked with, Alison and many others, and I told the minister that I worked in Sierra Leone for a while, so huge respect for the panellists. In terms of the policy and regulatory environment in Africa itself, and most of my work across Africa, Middle East and Turkey is with sub-Saharan Africa, although I do look after North Africa as well, but I’ll probably focus on sub-Saharan, I see a lot of development. We have 13 national laws that speak to this. Some of the most well-known are obviously Papaya in South Africa, Nigeria’s Data Protection Act, Kenya’s Data Protection Act as well, which highlight how thoughtful governments are being about this particular issue. Part of your question, Ariane, spoke to the level of harmonisation we see and the impact it has on companies like ours, and I will say smaller companies, if you want to describe it that way, who seek not only to operate in their national jurisdictions but also access African markets abroad, and I’m not going to go on about the Africa Continental Free Trade Agreement and the promise that it holds. What I’m probably seeing less of is harmonisation between those national policies. Yes, there are similarities, but I think if you think about companies that are seeking, both big and small, that are seeking to take advantage of a one billion person opportunity on the continent itself, 1.3 billion if you want to look at North Africa and Sub-Saharan Africa, and growing and getting younger, some level of harmonisation is needed. I think the AU data policy framework offers a huge opportunity not only for governments to continue creating legislation that speaks to their national priorities, whatever those may be, but also creates opportunities to harmonise those frameworks and let organisations, whether they be purely private sector or public sector or NGO, CSO organisations, work across, have some certainty and predictability about how data can flow across the continent and travel. I just want to make a couple of quick comments on some of the great interventions from colleagues. My learned colleague from Sierra Leone, whom I’ve just met and has already impressed me with her policy stance, spoke about the creation of institutions. You asked, Ariane, I just want to link this to the question, you asked about how companies operate. I will say I would love to know more about the kind of institutions being made, because in our experience, sometimes when CODJO is asked to have a call with country X, I’m speaking to this head of an organisation that’s just been created, I’m speaking to the current DG of the regulator, who has been there for some time and the organisation has been there for some time, I’m speaking to the digital development organisation as well, all who understandably believe they have jurisdiction over this growing and important area. And sometimes, not in Sierra Leone, but in some countries, you get a complexity that creates challenges between the institutions themselves and the individual players, as well as for companies both large and small as well. So I do think that people should think carefully about that. I thought Dr Ndemo’s intervention about the lessons learned from Are we telling them that there’s a huge opportunity that they can feed into, that governments can feed into, that commercial companies can feed into to help improve their lives, as Dr. Ndeme said we could have done in the past? Or are we suggesting that big companies like Meta, like Google, like Microsoft, or governments with nefarious purpose, who have nefarious intent or purposes, are going to use AI to, you know, whatever the nefarious purposes may be? And I do think the communication about the promise of AI, the benefits, as well as the risks, need to be really, really thoughtfully approached and delivered to people who will benefit most from it. I hope that answers your question a bit.

Moderator: No, you absolutely did. Thanks very much for that, Kojo. And I just want to emphasize, Kojo talked about the African Union Data Policy Framework. For those of you that are not from Africa, I really urge you to have a look at it. In fact, there are people around this table who helped develop it, and GIZ played a very supportive role. But it’s an African instrument that has been adopted by African states. And it’s a framework that I think very effectively balances the protection of data with the use of data, the making availability, the sharing of data for economic and social and public interest benefits. And then there’s another African instrument. I’m going to let you speak, don’t worry. I know you. There’s something that the African Commission on Human and People’s Rights, a resolution that was passed last year. This is an African body. It developed soft norms, but they’re very powerful norms. And they passed a resolution on access to data and the role that data plays and access to data in realizing the right to access to information. And again, a very powerful, forward-looking, human rights-oriented instrument that again, looks at the use, the protection, the sharing of data. Kojo, you wanted to have a quick response.

Kojo Boakye: I want to be super quick, Ariane. Thank you so much for the additional time. The one other thing I would say about the framework is I believe as a historian of African history, and I’ve spoke about my respect for the panelists, but my heroes include Kwame Nkrumah and many of the kind of post-imperialist or decolonization heroes of our time. I think the framework also offers an opportunity for us to create a harmonized policy framework that is bespoke for Africa. And I say bespoke for Africa because I know data is a global thing, but fits not only our national need, but also our continental need and helps us assume that position. I quickly did a search on Mario Draghi’s report, which I’ve read in full, but I asked Meta.ai, you can also use chat GPT if you want, but I asked Meta.ai, or DeepSeek, whatever you like. I used Meta.ai to ask you what were the main findings of the Mario Draghi report, the Mario Draghi report. And the Mario Draghi report says that, I won’t read it all, but the key thing is Europe has fallen behind its other regions. Lack of investment, no big, a small number of big tech players, no big tech players, I’ll say diplomatically, less diplomatically, many other issues that have happened because of this, in short, over-regulation. Okay, let’s get back to… No, there’s a pushback because…

Moderator: I’m going to push back too.

Kojo Boakye: You can, because there is..

Moderator: We’re not going to talk about European regulation.

Kojo Boakye: No, no, I’m not going to talk about that. I’m talking about the lessons learned from that and the lessons we can take as a continent from that. And for those of you who are interested, go and read the report. It’s not me saying it, it’s one of Europe’s foremost politicians who has said that lessons could be learned, and I would encourage our continent and others to learn

Moderator: from that. I’m teasing Carter, but because he’s from Meta and I think Meta deserves… I’m from Ghana. But that’s true. No, but I think your point about the data policy framework, I think in the context of data flows that are still very extractive, you’re absolutely correct about the power of the data policy framework. Priya, in Research ICT Africa’s experience, you’ve been working with governments in implementing and domesticating the principles in the African Union data policy framework. Can you also work with data and evidence-based policy as a tool? What do you see as the most common critical gaps in implementation? What are governments really struggling with? Is there a multi-stakeholder dimension to this that we might not have touched on enough? So what do you think are the issues that we really need to focus on if we want to utilize the power of data in a rights-oriented and development-oriented way?

Participant 1: Thank you so much, Chair, and thank you for the opportunity to be here today and speak on this panel. I love coming in at this point because I think that people have raised different gaps and challenges already, and this correlates very much with what we are seeing in our work. In our work, we work at the national level, we work at the institutional level, we work at the regional level, and more recently, we have worked as a knowledge partner to the G20 as well. In our work at the moment, data governance has evolved from a standalone concept to how it’s integrated into concepts such as DPI, the extent to which it can be used as a tool for AI transparency and accountability, and more recently, we’ve become a little bit obsessed with the data value chain and participation and agency and inclusion for all of society, including micro, small enterprises as well, in having access to some of those data benefits. So people have spoken about the different gaps and challenges in terms of the fragmented legislation, not necessarily speaking to each other, and this is a global phenomenon as well. It’s a very dynamic field and definitions of data are changing by the day, in fact, and we cannot resolve on a single definition, and even when we speak about the data value chain, it’s so dynamic, it’s moving very, very fast, and in fact, it’s in some ways unfair to us, the policy, to keep up with the pace of innovation. People have spoken about the enforcement mechanisms and weaknesses in the enforcement mechanisms and the regulatory oversight models that we have, and that coherence and alignment in what we speak about now as a data ecosystem, where we realize everyone’s got a role to play, the different government departments, we heard how science, tech and innovation are coming in, we know about how statistics are being called upon to play a role, so that coherence in the data ecosystem as well, and someone raised political will, and as being one of the, and we’ve all had experiences with that, you know, investment and money and being resourced is the one challenge in order to make these kinds of institutional shifts and capacitate the different institutions, but on the other hand, you have to have a real political will and commitment to seeing it through, and of course, we remain with these very structural inequalities, so when we speak as the global south, when we speak from a continental perspective, we entrench that we need meaningful inclusion, and that means that we also need data literacy and digital skills that enable us to participate in the opportunities that we are speaking about. The work that we have been doing is then in that evolution of the data governance framework, so what do we want to see from a regulation perspective, institutional perspective, and I don’t want to box us into an African perspective, because as Anwet mentioned, we have a world-class African Union data policy framework, and it is being consulted on as a novel approach to data governance across the world, and because it introduces novel principles on how we can bring more equity and agency for everyone in the benefits of the data economy, but what are the things we are looking for as we make these shifts? For those who work with us, our partners, you know, we always speak about our situational analysis, where we want to understand the political economy and the kind of infrastructure set up, and where do we stand before we work on data governance. We also look at the rights framework, so we want… We want to know if there’s the right to privacy, right to access information. We also want to know if there’s something that can be interpreted as the right to meaningful connectivity, or the rights to benefit from the data value chain. We try to improve on the adequacy of the privacy frameworks and the access to information frameworks. And more recently, we’ve been placing emphasis on the access to information frameworks. How do we manipulate the proactive disclosures and mandatory disclosures in this, that we start to open up the data and have it available to those that need to use it. We also want to try and improve the adequacy of the enforcement mechanisms by going and having a look at the mandate of the institutions and of the regulators. If we look at the consumer protection regulators, the information regulators, if we look at the ministries, if we look at the institutional mandates to carry out standards building, are the mandates sufficient to really give legitimacy to what they are going to input into the ecosystems? There’s also no point in developing any of these if it doesn’t have legitimacy coming from the institutional mandates. So there’s often a need to change the mandates and to expand those. But what I wanted to place focus here that we haven’t spoken about is to bring the civil society perspective in, which is that in all the work that we are doing, are we really putting emphasis on the user? And whether we’re speaking about DPI, whether we’re speaking about AI, whether we’re speaking about data governance that informs those, are we putting the emphasis on the user? Have we considered their demands? Have we considered their inequalities, their baseline of where they’re coming from? And can we look at these different mechanisms, the laws and the policies and the institutional frameworks, and can we use that as a means of coalescing to build the user’s capacity to participate and draw value? And that, I think, is the most fascinating part of our work at the moment, is how do we build sustainable mechanisms for that data inclusion? It’s something personally that we’re very excited about.

Moderator: And do you feel that’s something we’re not doing enough of right now?

Participant 1: And we’re not doing it. And if I even think about conversations we’re having here, I would challenge us to say, are we putting enough emphasis on that?

Moderator: Thanks. I know the panel want to respond, but we only have 10 minutes left. So before you respond, are there any questions online, Joshua? Are there any questions in the room? If you want to ask a question, go and stand by a microphone. Nothing online. Perfect. Please, you have to be super, super brief. Your name and your question. And make it a question, please. It’s active. You can just speak.

Audience: Okay. So mine is a comment related to Kodjo’s submission. So currently, the African Union Commission, ISD division to be precise, is working with African countries to implement the African Union Data Policy Framework, for which GIZ is supporting. And the aim is harmonization. But there are 54 or some say 55 countries on the continent. And so we should accept that this is not going to be a very easy task. So the harmonization issue is on the agenda. But this is just a call for action for Kodjo and other big tech organizations. What we have realized so far in implementing the African Union Data Policy Framework is that usually, and I know it’s difficult, but big tech in the country processes usually tend to shy away. And they are more interested in platforms like this. And I think where we need to do a bit of work is in the country processes, so that they support with the policy development and the development of the data ecosystem. Thank you.

Moderator: Thanks. And sorry to cut you short, but we have seven minutes left. Please, quickly, and then we’ll take that last point.

Audience: Thank you to the panel and thank you to the moderator for mentioning the African Commission on Human Rights Resolution 620. Please take a look at it, Resolution 620, African Commission on Human and People’s Rights. My name is Guy Berger. I’m convener of the African Alliance for Access to Data that are working with the African Commission to develop guidelines on access to data following Resolution 620. So if you’re interested in the alliance and the work and shaping these guidelines on access to data, public sector data and private sector data, please visit dataalliance.africa. Thank you.

Moderator: Thanks for that, Guy. Please be quick.

Audience: Hello, everyone. I’m Osei Keja from Ghana. My question is many African nations do have data protection laws and largely modeled after the GDPR, yet enforcement capacity has been notoriously weak. What critical strategies or mechanisms can be put in place to make enforcement work? Thank you very much.

Moderator: Thanks very much. And the last question.

Audience: Hi, I’m Amy from Nigeria, and my question is how can we learn from the successes and mistakes from other nations who are currently trying to improve data governance so that we can actually make some successful data governance changes within Africa ourselves?

Moderator: Thanks very much for that. And Kojo, that’s exactly the opening you were looking for earlier. So, panel, we’ve got one minute each left. I think I’d like to bring in – Kojo mentioned earlier AI. I think I’d like you to respond. Think about the questions. Think about what you don’t want to see as we continue on this journey and what you do want to see. And I am going to start over here with Emmanuel Manasseh, and then we’ll move all the way to – and we’re going to finish with the Minister.

Bitange Ndemo: Thank you. I’ll be very clear. What I want to see is to abandon the African Union data protection law and each country. You mean the Malabo? Yes. And if you recall, before we developed this, we had an open government partnership which had actually dealt with a lot of management of resources and transparency. Once we begin to show what data can do, then we can put data regulations in place. Now we have put data regulation before we even know what data will do to the people. At the African level, it’s not doing anything. Nobody is implementing. It can’t be implemented. It’s just something we keep on waving around that we have.

Moderator: Thanks, Bitange. Priya?

Participant 1: In my closing, I’ll respond quickly to some of the comments as well, which is the first is that we do have to continue the support for developing data governance frameworks at the national level and including in the detail of how institutions evolve. The second is I love the civil society coalition with the African alliance coalition because we must develop these standards from that perspective, with those needs in mind, and this complements what could be done at the government levels and at the regional levels. And the third is to respond to the regulatory oversight mechanisms that, one, we can strengthen practically our complaint mechanisms that we have at the regulators, and secondly, we’ve got a lot of traction with regulatory cooperation, so looking at how competition regulators interact with information regulators, and so you’re closing the loop on different gaps and where some of the challenges might be. So that’s my closing shots and a quick response.

Moderator: Thank you, Priya. Wakabi?

Wakabi Wairagala: Thank you. We are working with GIZ to help the East African community come up with a law, a harmonized law on data governance. We’ve been doing a lot of trainings, ETC, and we think that this working at the level of regional economic communities can be one way in which countries can domesticate the African Union data policy framework. There are a lot of problems, different maturity levels, different laws, but harmonization, we think, can happen, especially in areas where there is already an economic community, so it can deepen free flow of videos.

Moderator: Thank you very much, Wakabi. One minute, Kojo.

Kojo Boakye: Quickly responding, closing and quickly responding to comments, Kuku, I think, we’ve met here. Nice to meet you here. Call to action. I would hope we’re already doing that. I think META has one of the larger policy teams, certainly in Africa. Each of the members, I’m proud to say, was born of the region or whose parents were born of the region and come from various backgrounds, government, private sector, civil society. And I think a lot of call for actions, when we receive them, we are responding to. We want to be involved. For META’s benefit and the benefit of the continent and the benefit of users, we want to be involved in contributing to policy and regulatory development. So we’re happy to work on this particular process as well, especially if it lends itself to harmonisation. On Osei’s comment, my friend Osei just gave a comment about enforcement. He asked, how do we enforce better, in short? I think enforcement should take into consideration the aims and what you’re trying to do to improve data governance on behalf of users, as it always should. I think in my personal experience, that should be the primary reason for enforcement. And we should be thinking less about revenue generation, which is the case that some governments, and there’s some excellent governments who aren’t thinking about that at all, but some governments are thinking about it as, in part, revenue generation. And I think we need to be careful of that. And the last thing I’ll say is on learning from others. The lady asked the question, learning from others. Let’s learn from others. I’ve encouraged people to read the Mario Draghi report, which talks of fragmented regulation and over-regulation and the consequences of that. I would encourage us to be even more confident in ourselves about developing policy and regulation. Arionet has spoken to how the world is now looking at the data policy framework. I would encourage us to do that. And talk to each other, is my last point. I know the EPA’s regulators across the region talk to each other, but talk more broadly as well. Talk to India, to Brazil, to other places as well, to think about how they’re doing it. And seek to talk to us as part of a call for action, because I think tech wants to be involved. Sorry to take so long, Arionet.

Moderator: Thanks a lot, Kodjo. Salima?

Salima Monorma Bah: Yes, thank you. Thank you very much. I really, as a closing, as a response, I think the question asked from the participants from Ghana, I think that’s such a critical conversation. And I’ll show you at the very highest level within government, across governments, that’s something we’re discussing, to see how do we really better enforce. I like what you mentioned about fear, and what you mentioned about maybe each country needs to look at what they need in terms of our data protections. Sometimes the harmonization doesn’t really get into effect. I do think the conversation about enforcement could be a separate panel on its own. And I think it’s a separate panel with private sector. Part of that, I know you mentioned some governments, it’s an issue of the revenue, but really, maybe some, but I’ll show you a large part of it is sometimes an issue of, it doesn’t seem as if I can bring them to the table any other way. Especially when you’re dealing with countries of a smaller economic size, and when they go up against big tech, sometimes there’s that gap in me getting what I want. So maybe I’m going to go the most draconian I can. So I think this is where big tech really needs to come to the table to see how do we do that. So you see actually a lot of the movements going towards the GDPR, because it seems as if it’s the best example of continents outside of the Americas who’s been able to get effective hold of how this is managed. So maybe, I think that’s a separate panel of itself, because you can dive into causations, and how, and different models, and how we get there. But I do think for the continent’s sake, as a closing, I think for the continent’s sake, for the private sector’s sake, and for the citizens’ sake, I think this is a really critical conversation that needs to happen as soon as possible.

Moderator: Thanks very much. We’re out of time, but I don’t think I need to make closing remarks either. So thanks for this fantastic panel. Thanks to the team that organized it. And I think to everyone, I work in data governance in many parts of the world. I think Africa is the place to follow. Join us. Invest in our journey. Partner in our journey. And thank you so much for coming to the session. And a quick thanks to the online participants. I know you didn’t speak, but we saw you. So you were visible. You were in the room with us. Thank you. Thank you.

Agreement points

Political will and strategic prioritization are essential for effective data governance implementation

Speakers

– Salima Monorma Bah
– Participant 1

Arguments

Strategic prioritization with political buy-in from the highest levels of government is essential for effective implementation

Evidence-based policy making using data as a tool is crucial for effective governance frameworks

Summary

Both speakers emphasize that successful data governance requires strong political commitment and strategic approach at the highest levels of government, combined with evidence-based policy making

Topics

Development | Legal and regulatory

The African Union Data Policy Framework represents a world-class approach that should be leveraged for harmonization

Speakers

– Kojo Boakye
– Participant 1
– Moderator

Arguments

The African Union data policy framework offers opportunities for harmonization while allowing countries to address national priorities

The African Union Data Policy Framework represents a world-class approach being consulted globally for its novel equity principles

African data governance instruments represent world-class, forward-looking frameworks that balance protection with utilization

Summary

All three speakers recognize the AU Data Policy Framework as an exceptional instrument that balances protection with utilization and offers opportunities for continental harmonization while being consulted globally

Topics

Legal and regulatory | Development

Enforcement mechanisms remain weak and need strengthening across African data governance systems

Speakers

– Wakabi Wairagala
– Participant 1
– Audience

Arguments

Independent arbiters and remedial mechanisms are necessary to mediate, issue guidance, and enforce penalties for data rights violations

Regulatory cooperation between different types of regulators can help close gaps in enforcement mechanisms

Enforcement capacity remains notoriously weak despite existing data protection laws modeled after GDPR

Summary

There is consensus that current enforcement mechanisms are inadequate and require strengthening through independent arbiters, regulatory cooperation, and improved capacity

Topics

Legal and regulatory | Development

User-centered approaches and meaningful participation are crucial for effective data governance

Speakers

– Wakabi Wairagala
– Participant 1

Arguments

Meaningful spaces for citizen participation and awareness-building about data rights are essential components

Current data governance frameworks insufficiently emphasize the user perspective and their demands and inequalities

Summary

Both speakers emphasize the need for genuine citizen participation and user-centered approaches in data governance, noting current frameworks don’t adequately address user perspectives and needs

Topics

Human rights | Development

Similar viewpoints

Both acknowledge the power imbalance between smaller countries and big tech companies, with the Minister explaining why countries resort to draconian measures and Kojo advocating for user-focused rather than revenue-focused enforcement

Speakers

– Salima Monorma Bah
– Kojo Boakye

Arguments

Smaller countries face challenges in enforcing regulations against large tech companies, leading to more draconian approaches

Enforcement should focus on improving data governance for users rather than revenue generation

Topics

Legal and regulatory | Economic

Both emphasize the importance of protecting vulnerable populations and ensuring equitable access to data governance benefits through specific protections and capacity building

Speakers

– Wakabi Wairagala
– Participant 1

Arguments

Data rights of minorities and marginalized groups must be specifically protected and upheld

Data literacy and digital skills are necessary for meaningful participation in data economy opportunities

Topics

Human rights | Development

Both stress that digital literacy and capacity building are foundational requirements for people to effectively participate in and benefit from data governance systems

Speakers

– Bitange Ndemo
– Participant 1

Arguments

Digital literacy and capacity building are fundamental prerequisites for maximizing technology use and better data management

Data literacy and digital skills are necessary for meaningful participation in data economy opportunities

Topics

Development | Sociocultural

Unexpected consensus

Criticism of current African Union data protection implementation approach

Speakers

– Bitange Ndemo
– Audience

Arguments

The current African Union data protection approach should be reconsidered as it’s not being effectively implemented

Harmonization across 54-55 African countries is challenging but necessary for continental data governance

Explanation

Despite general praise for the AU framework from other speakers, there’s unexpected consensus that the current implementation approach faces significant challenges, with Ambassador Ndemo calling for abandoning the current approach and audience members acknowledging the difficulty of harmonization across 54-55 countries

Topics

Legal and regulatory | Development

Big tech companies should be more actively involved in country-level policy processes

Speakers

– Kojo Boakye
– Audience

Arguments

Institutional complexity creates challenges when multiple organizations claim jurisdiction over data governance

Harmonization across 54-55 African countries is challenging but necessary for continental data governance

Explanation

Unexpectedly, both the Meta representative and audience members agree that big tech companies need to be more engaged in country-level policy development processes, with Kojo acknowledging the complexity companies face and audience calling for more active participation beyond platform discussions

Topics

Legal and regulatory | Development

Overall assessment

Summary

The speakers demonstrate strong consensus on several key areas: the importance of political will and strategic prioritization, the value of the AU Data Policy Framework as a world-class instrument, the need to strengthen enforcement mechanisms, and the importance of user-centered approaches. There’s also agreement on the challenges faced by smaller countries in dealing with big tech companies and the need for capacity building and digital literacy.

Consensus level

High level of consensus with constructive disagreement on implementation approaches. The consensus suggests a mature understanding of data governance challenges in Africa and points toward collaborative solutions that balance protection with innovation, emphasize user rights, and leverage African-developed frameworks. The disagreements are primarily about implementation strategies rather than fundamental principles, indicating a solid foundation for moving forward with continental data governance initiatives.

Different viewpoints

Effectiveness and Implementation of African Union Data Policy Framework

Speakers

– Bitange Ndemo
– Kojo Boakye
– Participant 1

Arguments

The current African Union data protection approach should be reconsidered as it’s not being effectively implemented

The African Union data policy framework offers opportunities for harmonization while allowing countries to address national priorities

The African Union Data Policy Framework represents a world-class approach being consulted globally for its novel equity principles

Summary

Bitange Ndemo argues for abandoning the AU data protection framework as it cannot be implemented and is merely symbolic, while Kojo Boakye sees it as offering harmonization opportunities, and Participant 1 views it as a world-class framework being consulted globally for its innovative approach to equity.

Topics

Legal and regulatory | Development

Approach to Data Regulation Timing and Implementation

Speakers

– Bitange Ndemo
– Salima Monorma Bah

Arguments

The current African Union data protection approach should be reconsidered as it’s not being effectively implemented

Moving from policy to practice requires understanding both the economic value of data and data sovereignty issues

Summary

Bitange argues that data regulations were put in place before understanding what data could do for people and advocates showing data benefits before implementing regulations, while Minister Bah emphasizes the importance of understanding both economic value and sovereignty issues as foundations for effective policy implementation.

Topics

Legal and regulatory | Development | Economic

Enforcement Approach and Revenue Generation

Speakers

– Kojo Boakye
– Salima Monorma Bah

Arguments

Enforcement should focus on improving data governance for users rather than revenue generation

Smaller countries face challenges in enforcing regulations against large tech companies, leading to more draconian approaches

Summary

Kojo warns against enforcement motivated by revenue generation and advocates for user-focused enforcement, while Minister Bah explains that smaller countries sometimes resort to draconian approaches because of power imbalances with big tech companies, suggesting enforcement challenges are more complex than revenue motivation alone.

Topics

Legal and regulatory | Economic

Unexpected differences

Fundamental Value of African Union Data Policy Framework

Speakers

– Bitange Ndemo
– Participant 1
– Moderator

Arguments

The current African Union data protection approach should be reconsidered as it’s not being effectively implemented

The African Union Data Policy Framework represents a world-class approach being consulted globally for its novel equity principles

African data governance instruments represent world-class, forward-looking frameworks that balance protection with utilization

Explanation

This disagreement is unexpected because Bitange Ndemo, as a former Kenyan government official and current Ambassador, takes a surprisingly critical stance against a major African continental framework, while other panelists and the moderator celebrate it as innovative and world-class. This suggests significant divergence in how African policy leaders view continental integration efforts in data governance.

Topics

Legal and regulatory | Development

Overall assessment

Summary

The main areas of disagreement center on the effectiveness and implementation approach of continental frameworks, the timing and sequencing of data regulation versus demonstrating data benefits, and the motivations behind enforcement mechanisms. There are also partial agreements on harmonization pathways and citizen participation approaches.

Disagreement level

Moderate disagreement with significant implications. The disagreements reveal fundamental tensions between continental integration approaches versus national/regional approaches, between regulation-first versus benefits-first strategies, and between different perspectives on enforcement challenges. These disagreements could impact the coherence and effectiveness of Africa’s data governance development, particularly regarding whether to strengthen existing continental frameworks or pursue alternative approaches.

Partial agreements

Similar viewpoints

Both acknowledge the power imbalance between smaller countries and big tech companies, with the Minister explaining why countries resort to draconian measures and Kojo advocating for user-focused rather than revenue-focused enforcement

Speakers

– Salima Monorma Bah
– Kojo Boakye

Arguments

Smaller countries face challenges in enforcing regulations against large tech companies, leading to more draconian approaches

Enforcement should focus on improving data governance for users rather than revenue generation

Topics

Legal and regulatory | Economic

Both emphasize the importance of protecting vulnerable populations and ensuring equitable access to data governance benefits through specific protections and capacity building

Speakers

– Wakabi Wairagala
– Participant 1

Arguments

Data rights of minorities and marginalized groups must be specifically protected and upheld

Data literacy and digital skills are necessary for meaningful participation in data economy opportunities

Topics

Human rights | Development

Both stress that digital literacy and capacity building are foundational requirements for people to effectively participate in and benefit from data governance systems

Speakers

– Bitange Ndemo
– Participant 1

Arguments

Digital literacy and capacity building are fundamental prerequisites for maximizing technology use and better data management

Data literacy and digital skills are necessary for meaningful participation in data economy opportunities

Topics

Development | Sociocultural

Key takeaways

Strategic political buy-in from the highest government levels is essential for successful data governance implementation, moving beyond policy to practice

Africa has developed 13 national data protection laws but lacks harmonization between countries, creating challenges for cross-border operations

The African Union Data Policy Framework is recognized as a world-class instrument that balances data protection with economic use and is being consulted globally

Current data governance frameworks insufficiently emphasize user perspectives and needs, requiring more focus on data inclusion and citizen participation

Enforcement mechanisms remain weak across African countries despite existing legal frameworks, with smaller nations struggling against large tech companies

Rights-based data governance must protect privacy and access to information while ensuring special protection for marginalized groups

Digital literacy and capacity building are fundamental prerequisites for effective data governance and citizen participation

Regional economic communities can serve as effective platforms for harmonizing data governance approaches across member states

Resolutions and action items

Call for big tech organizations to actively participate in country-level policy development processes rather than only engaging in international forums

Invitation to join the African Alliance for Access to Data and contribute to developing guidelines following African Commission Resolution 620

Recommendation for regulatory cooperation between different types of regulators (competition, information, consumer protection) to close enforcement gaps

Suggestion for African countries to learn from other regions’ experiences, including studying reports like the Mario Draghi report on regulatory approaches

Proposal for a separate dedicated panel discussion specifically focused on enforcement mechanisms and strategies

Unresolved issues

How to effectively enforce data protection laws given the current weak enforcement capacity across African countries

Whether the African Union data protection framework should be abandoned in favor of country-specific approaches or strengthened for better implementation

How to balance revenue generation motives with user protection objectives in data governance enforcement

How to achieve meaningful harmonization across 54-55 African countries with different maturity levels and legal frameworks

How to ensure big tech companies engage constructively in policy development without resorting to ‘draconian’ regulatory approaches

How to build sustainable mechanisms for data inclusion that address structural inequalities and ensure meaningful citizen participation

Suggested compromises

Balancing data protection with innovation needs by applying data protection principles while allowing beneficial data use for public interest

Using regional economic communities as intermediate platforms for harmonization rather than attempting continent-wide harmonization immediately

Focusing enforcement efforts on improving data governance for users rather than primarily on revenue generation

Developing bespoke African solutions that learn from global experiences while addressing specific continental needs and contexts

Creating meaningful spaces for multi-stakeholder engagement that includes government, private sector, and civil society perspectives

I think it went from something that was an afterthought, I think, for a lot of African governments to now, I think, being just a central piece to what we’re trying to do… But then also, I think the other reality is the economic value when it comes to data as well.

Speaker

Salima Monorma Bah

Reason

This comment reframes data governance from a compliance burden to a strategic economic opportunity, highlighting the evolution in African governments’ thinking about data as an asset rather than just a regulatory concern.

Impact

This set the tone for the entire discussion by establishing that African governments now view data governance as central to economic development, moving the conversation beyond just privacy protection to economic empowerment and sovereignty.

What I’m probably seeing less of is harmonisation between those national policies… some level of harmonisation is needed… the AU data policy framework offers a huge opportunity not only for governments to continue creating legislation that speaks to their national priorities… but also creates opportunities to harmonise those frameworks

Speaker

Kojo Boakye

Reason

This identifies a critical gap between having individual national laws and creating a coherent continental framework, highlighting the tension between national sovereignty and regional integration in data governance.

Impact

This comment shifted the discussion from national-level implementation challenges to continental-level coordination, introducing the complexity of balancing local needs with regional harmonization and setting up later discussions about the AU Data Policy Framework.

Are we telling them that there’s a huge opportunity that they can feed into… Or are we suggesting that big companies like Meta, like Google, like Microsoft, or governments with nefarious purpose… are going to use AI to… whatever the nefarious purposes may be? And I do think the communication about the promise of AI, the benefits, as well as the risks, need to be really, really thoughtfully approached

Speaker

Kojo Boakye

Reason

This comment challenges the panel to consider how data governance narratives are communicated to citizens, questioning whether current approaches emphasize fear over opportunity and highlighting the importance of balanced messaging.

Impact

This introduced a meta-level discussion about communication strategies and public perception, adding a dimension about how data governance policies are presented to and understood by citizens, which influenced later discussions about data literacy and inclusion.

In all the work that we are doing, are we really putting emphasis on the user? And whether we’re speaking about DPI, whether we’re speaking about AI, whether we’re speaking about data governance that informs those, are we putting the emphasis on the user?… And that, I think, is the most fascinating part of our work at the moment, is how do we build sustainable mechanisms for that data inclusion?

Speaker

Participant 1 (Priya)

Reason

This comment fundamentally challenges the panel to recenter the discussion on end users rather than institutional frameworks, questioning whether current approaches adequately consider citizen needs and capabilities.

Impact

This was a pivotal moment that shifted the conversation from institutional and regulatory perspectives to user-centered design, prompting the moderator to directly ask if this emphasis is lacking and influencing subsequent discussions about enforcement and implementation.

What I want to see is to abandon the African Union data protection law and each country… Once we begin to show what data can do, then we can put data regulations in place. Now we have put data regulation before we even know what data will do to the people.

Speaker

Bitange Ndemo

Reason

This is a provocative challenge to the entire premise of current data governance approaches, arguing for a complete reversal of the typical regulatory sequence – suggesting demonstration of value should precede regulation rather than follow it.

Impact

This comment created a significant tension in the discussion, directly challenging the work that other panelists had been describing and advocating for a fundamentally different approach. It forced other participants to defend their positions and highlighted the ongoing debate about the optimal timing and sequencing of data governance frameworks.

I quickly did a search on Mario Draghi’s report… Europe has fallen behind its other regions… over-regulation… I would encourage our continent and others to learn from that… lessons could be learned

Speaker

Kojo Boakye

Reason

This comment introduces a controversial comparative analysis, using Europe’s experience as a cautionary tale about over-regulation stifling innovation, which directly challenges approaches that prioritize strong regulatory frameworks.

Impact

This created immediate pushback from the moderator and added tension to the discussion by suggesting that strong data protection frameworks might hinder rather than help African development, forcing the panel to grapple with the balance between protection and innovation.

Overall assessment

These key comments fundamentally shaped the discussion by introducing several productive tensions: between national sovereignty and continental harmonization, between regulatory protection and economic opportunity, between institutional frameworks and user-centered approaches, and between precautionary regulation and innovation-first policies. The most impactful comments challenged participants to move beyond their initial positions and consider alternative perspectives, particularly around the sequencing of regulation versus demonstration of value, the importance of user-centered design, and the communication of data governance benefits versus risks. The discussion evolved from a relatively consensus-oriented conversation about implementation challenges to a more nuanced debate about fundamental approaches to data governance, with the provocative comments from Ndemo and Boakye forcing other participants to articulate and defend their positions more clearly. This created a richer, more complex dialogue that better reflected the real tensions and choices facing African policymakers in data governance.

How can enforcement mechanisms for data protection laws be strengthened, particularly given the notoriously weak enforcement capacity in many African nations despite having GDPR-modeled laws?

Speaker

Osei Keja from Ghana

Explanation

This addresses a critical gap between policy development and implementation, where laws exist but lack effective enforcement mechanisms

How can Africa learn from the successes and mistakes of other nations currently improving data governance to make successful changes within Africa?

Speaker

Amy from Nigeria

Explanation

This seeks to identify best practices and lessons learned from global experiences that could be adapted for African contexts

How can big tech organizations be better engaged in country-level policy development processes rather than just participating in high-level platforms?

Speaker

Audience member from African Union Commission

Explanation

This highlights the need for more direct involvement of technology companies in national policy development to support harmonization efforts

What does meaningful rights-based data governance look like in practice, particularly as data governance evolves beyond just privacy protection to encompass different types of data?

Speaker

Moderator Anriet Esterhuisen

Explanation

This explores the practical implementation of rights-based approaches in an increasingly complex data governance landscape

How can data literacy and awareness of data rights be improved among citizens who may not understand their data rights or how to exercise them?

Speaker

Wakabi Wairagala

Explanation

This addresses the fundamental challenge of ensuring citizens can meaningfully participate in data governance frameworks

How can sustainable mechanisms for data inclusion be built to ensure users can participate in and draw value from the data economy?

Speaker

Priyad Chetty

Explanation

This focuses on creating lasting systems that enable broader participation in data benefits rather than just protection

Should the focus shift from implementing data protection laws to first demonstrating what data can do for people before putting regulations in place?

Speaker

Ambassador Bitange Ndemo

Explanation

This challenges the current approach of regulation-first and suggests a benefits-first approach to build understanding and support

How can enforcement be designed to focus on improving data governance for users rather than revenue generation for governments?

Speaker

Kojo Boakye

Explanation

This addresses concerns about enforcement mechanisms being driven by financial rather than protective motives

How can smaller economies effectively engage with big tech companies without resorting to overly restrictive measures?

Speaker

Minister Salima Monorma Bah

Explanation

This explores the power imbalance between smaller African nations and large technology companies in policy negotiations