Giving ‘teeth’ to the African Union towards advancing compliance with data privacy norms

Abstract

ABSTRACT That international organizations have always played a pivotal role in the development and advancement of data privacy norms is now beyond doubt. With regard to advancing compliance specifically, the role of international organizations cannot be overemphasized. Although data privacy is no longer new to Africa, compliance with data privacy norms has been significantly lower compared to other jurisdictions. A (possible) explanation for this is that the primary regional organization on the continent – the African (AU) – has played an insignificant role in this regard. Related to this explanation is the usual contention that the absence of a settled normative standard is a reason for the low level of compliance. Since there is now a continental data privacy standard in Africa - the AU Data Protection Convention - the question remains why is compliance still low. Therefore, using insights from the normative and institutional theories of state compliance with international norms, the article examines why there is still a low compliance rate. The article then suggests how to strengthen the AU towards advancing compliance with data privacy norms on the continent.