African Data Protection Laws: Current Regulatory Approaches, Policy Initiatives, and the Way Forward

Abstract

Data protection law is experiencing a global rise. Whilst setting the boundaries for public and private data processors, it has become a vital factor for individual protection and innovation alike. The quest for adequate data protection regimes is on-going, not only, but also on the African continent. Since 2001, the majority of African states have drafted and enacted data protection laws. Hard law and soft law instruments have been developed by the African Union and the African Regional Economic Communities. Regularly, EU-style legislation has been used as a source of inspiration – a process actively pushed for by the EU. Against this background, this study evaluates the current state of data protection law and data protection policy in Africa, questions the process of legal transplantation, and favours the consideration of a unique African approach to data protection. Thereby, this study is also a story about alternative routes to the General Data Protection Regulation (GDPR) which are – for many reasons – not easy to take. Africa, African Union, African Regional Economic Communities, Data Protection, Privacy, GDPR