There has been a substantial increase in the use of the Internet across the African continent, aided by ongoing investment into local digital infrastructure, reduction in the associated costs, and improved user access. This has allowed both individuals and private and public entities the ability to access, collect, process, and/or disseminate personal data more easily, which has spurred several African countries to enact comprehensive data protection laws and establish data protection authorities. There is also a growing perception among African countries that there is a need to protect their citizen’s personal data, regulate how public and private entities use personal data, and establish data protection authorities tasked with enforcing these laws. While countries like Kenya, Rwanda, and South Africa now have comprehensive data protection laws, which share some elements found in the European Union’s GDPR, many of the proposed data protection laws have specific rules that are different. What are the recently enacted data protection laws in those countries?
