As African countries increasingly prioritise data governance, the vision of a unified data governance framework across the continent is steadily becoming a reality. During our recently concluded East Africa Data Governance Conference, Immaculate Kassait, Kenya’s Data Protection Commissioner announced a significant milestone: the validation of the unified East Africa Data Governance Policy Framework. This framework marks a crucial step toward harmonising data governance policies across East African countries, ensuring they speak with one voice on data governance for sustainable economic growth and regional integration.
Bringing Stakeholders Together
The conference created a platform for diverse stakeholders in the data governance space to come together and find ways to advance data governance across East Africa. Participants included representatives from national and county governments, such as Tanzania, Uganda, and Kenya’s Data Protection Offices, alongside Nandi and Kilifi County governments. The event also brought together the private sector, civil society, and international partners from Kenya, Uganda, Tanzania, Ethiopia, South Africa, Zimbabwe, and the Netherlands.
This gathering built upon the success of the National Data Governance Conference convened two years ago together with Amnesty International Kenya. This year, the conference expanded its reach, inviting regional partners to deepen the dialogue and explore collaborative approaches to data governance.
Defining Privacy in the African Context
Davis Adieno, Chair of our Board of Directors, posed a thought-provoking question:
“What is our national and East African culture around data governance, and how can we embed it within our society and future generations?”
Davis Adieno, Chairman, Board of Directors (Open Institute)
He emphasised that effective data governance requires more than just policy discussions; it thrives within society. To truly embed a culture of data governance, it’s crucial to go beyond conventional frameworks and creatively address the underlying cultural and societal challenges.
One of the central themes at the conference was the importance of contextualising data governance within the African cultural context. As Edna Kasozi from Uganda’s Personal Data Protection Office pointed out, “We appreciate data protection in the Western context, but how do we customise it to appreciate our African culture?” Privacy, as understood in Western countries, does not always align with African cultural norms. In fact, many African languages lack a direct translation for the word “privacy,” highlighting the need for a more nuanced approach to data governance.
“Through thoughtful data governance, we can ensure that our technological future is built on the foundation of our rich linguistic heritage, leaving no one behind.”
– Dr. Melissa Omino
Dr. Melissa Omino, Director of The Centre for Intellectual Property and Information Technology Law (CIPIT), echoed this sentiment during her keynote address, emphasising that the lack of African language data online widens the gap in language research and digital inclusion. This gap poses a risk of Africa being left behind in the digital age. To bridge this gap, data governance frameworks must prioritise community ownership, representation, and ethical use. This is part of the work of CIPIT, whose mission is to study, create, and share knowledge on the development of intellectual property and information technology, with a special focus on their contribution to African law and human rights.
A Call for Regional Transparency and Collaboration
The conference also underscored the importance of moving beyond mere rhetoric about collaboration to practical action. Dr. Noe Elisa Nnko from Tanzania’s Personal Data Protection Commission highlighted the need for guidelines on cross-border data flows, revealing that Tanzania is preparing to introduce new regulations to facilitate data transfers. Meanwhile, Edna Kasozi from Uganda acknowledged Kenya’s progress in implementing the Data Protection Act and emphasised Uganda’s focus on awareness creation as they work towards similar advancements.
“Are there transparency mechanisms that can be shared across the region?”
Viola Ochola, Commission on Administrative Justice
There is a call for regional transparency mechanisms, highlighting the importance of learning from each other’s successes and challenges to advance data governance collectively.
Placing Citizens at the Center of Data Governance
A key takeaway from the conference was the need to place citizens at the heart of data governance strategies. This involves making crucial documents, such as terms and conditions, accessible and understandable for all citizens.
In Kenya, for example, simplified versions of the Data Protection Act are available in both English and Kiswahili, with plans to create a Braille version. The Office of the Data Protection Commissioner has also developed an AI chatbot, Linda Data, that visitors to the website can interact with in English, Swahili and Sheng, a Kenyan informal language used by the urban youth in the country. This approach emphasises inclusivity and ensures that no one is left behind.
In a breakout session by KICTANet on data governance for regional integration, a participant asked a pertinent question,
“Is it only in Nairobi where we hear conversations about data? How are we bridging the conversation about data in the other parts of the country? How do we have these conversations in rural areas, and ensure that it’s not an elitist conversation?”
These realities are some of the reasons we chose to develop the Ficha Uchi campaign, a data protection awareness campaign geared towards citizens. In the second phase of the campaign, we conducted focus group discussions and spoke in community radio stations about data protection, sometimes in local languages, in 9 counties. Last year, the campaign focused on Kilifi, taking a deeper dive into citizens’ motivations behind exposing their data. We engaged citizens in 7 sub counties in Kilifi, demystifying data, data protection and privacy in local languages. We used storytelling, role-playing, and relatable examples, making the sessions with communities engaging and impactful. As a result, participants walked away better informed and equipped to protect their data. In our findings, one of the lessons we learned was that cultural practices affect privacy. Sharing personal information openly is common in the community, which increases the chances of identity theft and financial fraud.
Inclusion therefore also means designing data protection regulations with the most vulnerable members of society in mind. It’s not enough for governments to extract value from data; citizens must also benefit. This requires a shift in mindset, from designing for government needs to designing with citizens in mind. By raising awareness of citizens’ rights and involving all stakeholders in the data governance process, especially those most affected, we can create more inclusive and impactful data governance frameworks.
Creating Supportive Ecosystems Through Collaboration
A recurring theme throughout the conference was the need for genuine collaboration between governments, the private sector, and civil society. Governments alone cannot build and implement all data governance solutions; they require support from various stakeholders to extend their service delivery. Immaculate Kassait called for breaking down silos and fostering collaboration, emphasising that sandboxes could offer a safe space for innovators to test new ideas without the burden of regulatory suspicion. The conference showcased the power of bringing together diverse voices to advance data governance across East Africa. It highlighted that collaboration is a necessary practice for building effective frameworks and ecosystems.
Advancing Data Governance Together
As we continue to advance data governance in East Africa, the conversation must remain ongoing. True collaboration across governments, the private sector, and civil society is essential to building sustainable data governance systems. This collective effort will ensure that effective data governance remains at the core of everything we do as data practitioners, driving sustainable economic growth and regional integration.
The East Africa Data Governance Conference reinforced the importance of data governance in today’s digital age. By contextualising data governance within African cultures, ensuring citizen inclusion, and fostering genuine collaboration, East African countries are paving the way for a unified data governance framework.
With the groundwork laid and momentum building, the vision of a unified data governance framework in East Africa is not just a dream but an achievable reality. The journey continues, and the future of data governance in East Africa looks brighter than ever.