Kenya has released its first National Artificial Intelligence Strategy (2025–2030), a landmark document on the continent that sets out a government-led vision for ethical, inclusive, and innovation-driven AI adoption. Framed as a foundational step in the country’s digital transformation agenda, the strategy articulates policy ambitions that will be of
Continue Reading Kenya’s AI Strategy 2025–2030: Signals for Global Companies Operating in AfricaLong-Awaited POPIA Guidance on Direct Marketing Published by South Africa’s Information Regulator
The Information Regulator recently published its Guidance Note on Direct Marketing (“Guidance Note”), providing clarity on how personal information can be lawfully processed under the Protection of Personal Information Act (“POPIA”). The Guidance Note offers actionable steps for organizations to align their marketing practices with these principles, fostering responsible marketing…
Continue Reading Long-Awaited POPIA Guidance on Direct Marketing Published by South Africa’s Information RegulatorProtecting Children’s Privacy Under POPIA: Insights from South Africa’s 2023 High School Results Case
South Africa’s Protection of Personal Information Act (“POPIA”) imposes strict requirements on processing personal information, especially that of children. Under South African law, a child is a natural person under the age of 18. Recent enforcement action against the Department of Basic Education (“DBE’) highlights the importance of obtaining parental…
Continue Reading Protecting Children’s Privacy Under POPIA: Insights from South Africa’s 2023 High School Results CaseAfrica Technology Regulatory Update: Adoption of the AfCFTA Protocol on Digital Trade
What has happened?
The African Continental Free Trade Area (“AfCFTA”) has emerged as a pivotal opportunity that will set the framework for future trade across Africa. Amid the prospects, one of the challenges has been the fragmented and diverse regulatory environment, coupled with regulators adopting policies that are not conducive…
Continue Reading Africa Technology Regulatory Update: Adoption of the AfCFTA Protocol on Digital TradeEMA announces €10 million of funding to support the establishment of the African Medicines Agency
On 26 January 2024, the European Medicines Agency (EMA) announced that it has received a €10 million grant from the European Commission to support regulatory systems in Africa, and in particular for the setting up of the African Medicines Agency (AMA). Although still in its early stages as an agency…
Continue Reading EMA announces €10 million of funding to support the establishment of the African Medicines AgencyWill Biden deliver on his commitment to Africa in 2022?
When he was running to win the White House, President Joe Biden’s campaign committed to implement a “bold strategy” toward Africa, and one that would be based on a “mutually respectful engagement” and a reinvigorated diplomacy, if elected. Indeed, the campaign was the first-ever to outline how it would promote…
Continue Reading Will Biden deliver on his commitment to Africa in 2022?
Tech Regulation in Africa: Recently Enacted Data Protection Laws
There has been a substantial increase in the use of the Internet across the African continent, aided by ongoing investment into local digital infrastructure, reduction in the associated costs, and improved user access. This has allowed both individuals, and private and public entities, the ability to access, collect, process and/or disseminate personal data more easily, which has spurred a number of African countries to enact comprehensive data protection laws and establish data protection authorities. There is also a growing perception among African countries that there is a need to protect their citizen’s personal data, to regulate how public and private entities use personal data, and to establish data protection authorities tasked with enforcing these laws.
While countries like Kenya, Rwanda and South Africa now have comprehensive data protection laws, which share some elements found in the European Union’s General Data Protection Regulation (“GDPR”), many of the proposed data protection laws have specific rules that are different from those in other countries in Africa. Consequently, technology companies conducting business in Africa will be required to keep abreast of the evolving regulatory landscape as it relates to data protection on the continent.
Continue Reading Tech Regulation in Africa: Recently Enacted Data Protection Laws
How the Biden Administration can Make AGOA More Effective
The African Growth and Opportunity Act (AGOA) has served as the cornerstone of the U.S.-Africa commercial relationship for more than two decades but it is set to expire on September 30, 2025. While the legislation’s unilateral trade preferences have provided economic benefits for countries across sub-Saharan Africa, AGOA as a whole remains underutilized. To ensure continuity in U.S-African trade ties, the United States must grapple with the legislation’s potential reauthorization now, with a particular focus on how the utilization of AGOA might be improved.
Just a renewal of AGOA won’t be enough to achieve this ambitious vision, though. Instead, the Biden administration should double-down on its partnership with AGOA beneficiaries and ensure that each country makes greater use of the program, including through National AGOA Strategies, in a manner that promotes regional and continental value chains.Continue Reading How the Biden Administration can Make AGOA More Effective
Overview of South Africa’s Draft National Data and Cloud Policy
If there is a silver lining to most crises, the accelerated move toward digitized commerce globally and in Africa may be one positive outcome of the COVID-enforced lockdown. It is welcome news there that the South African Minister of Communications and Digital Technologies (“Minister”) published the Draft National Data and Cloud Policy (in Government Gazette no. 44389) (“Draft Policy”) for public comment. The Draft Policy seeks to create an enabling environment for the provision of data and cloud services in an effort to move “towards a data intensive and data driven South Africa” that ensures social and economic development and inclusivity. The Draft Policy affects a few key areas, which we briefly highlight below.
The objectives of the Draft Policy are to:
- Encourage universal access to broadband connectivity, along with access to data and cloud services;
- Eliminate regulatory barriers and enable competition in the data and cloud sector;
- Implement effective measures to ensure the security of cloud infrastructure;
- Create institutional mechanisms to govern data and cloud services;
- Support the development of small, medium, and micro enterprises (“SMMEs”);
- Promote research, innovation, and technological developments in relation to cloud;
- Increase the government’s capacity to deliver relevant data and cloud-based services to the public;
- Promote data sovereignty and security with respect to South African data; and
- Encourage alignment with the Fourth Industrial Revolution (“4IR”), the OECD Framework and standards adopted by the European Union.
Draft Policy proposal relating to digital infrastructure
The Draft Policy recognizes that digital transformation in South Africa relies upon further developing electronic communication networks, mobile communication networks, and cloud and data infrastructure services in the country.
In relation to universal access and service delivery obligations, the Draft Policy recommends a government-backed digital platform and for all South African citizens to be provided with an online identity in order to receive services more easily.
The Draft Policy discusses the need for a Wireless Open Access Network (“WOAN”) “to extend the digital infrastructure footprint and services” across the country. The Draft Policy also refers to various measures to ensure the deployment of electronic communication infrastructure, which will help to bridge the digital divide by ensuring universal access to cloud and data infrastructure services for all South Africans.
The Draft Policy also proposes that existing networks of state-owned enterprises, such as Sentech and Broadband Infraco, be consolidated to form a State Digital Infrastructure Company (“SDIC”), which will provide network connectivity for the State.
Continue Reading Overview of South Africa’s Draft National Data and Cloud Policy
Africa Compliance Minute Series – Getting to the Root of the Problem: Considerations for Conducting an Effective Root Cause Analysis
Our Africa Anti-Corruption Practice has previously outlined key considerations for handling internal investigations and remediation of compliance issues in Africa. Here, we take a closer look at a particular aspect of remediation, the root cause analysis. After the dust settles on an investigation identifying misconduct, a root cause analysis can…
Continue Reading Africa Compliance Minute Series – Getting to the Root of the Problem: Considerations for Conducting an Effective Root Cause Analysis