Stage 3
10:30 - 11:00
Privacy Protection in Africa - A State of Affairs

Short thesis

The session will discuss the African Union Convention on Cyber Security and Personal Data Protection accepted by African Union Heads of Sates and Government at Malabo in June 2014 emphasizes the importance of every African Union member state establishing a legal framework aimed at strengthening fundamental rights, particularly the protection of physical data and remedies for any violation of privacy without prejudice to the principle of free flow of personal data.


The use of personal data has increased in the wake of technological advancements. Datasets can now be used for positive purposes such as humanitarian and development research such as predicting disease outbreaks. On the other hand, this poses various risks which can have a chilling effect on the right to privacy. The dangers of these personal data sets being accessed by third parties and what it would mean for human rights has been espoused by Bruce Schneier, one of the world’s foremost authorities on privacy, “Data is the pollution problem of the information age, and protecting privacy is the environmental challenge”.

The lack of a comprehensive data protection law and existence of laws by AU member states that can be broadly interpreted to allow for free collection of personal data, storage, usage, and dissemination to other parties has created a situation where citizens are not notified whenever their data is collected and do not have remedies whenever their data is breached and/or unnecessarily retained by both public and private actors.

This session is an adaption of original research. It provides a comprehensive analysis of the existing and proposed personal data protection regulatory frameworks in Africa with a special focus on Nigeria. The session also provides recommendations for further enhancing the data protection ecosystem, in order to better protect Africans (including Nigerians’) privacy and security online.