DATA PROTECTION AFRICA
Data Protection Africa maps the state of data protection regulation in Africa by analysing the existence of domestic and international legal commitments in each of the 55 Member States of the Africa Union.
To get started, select a country from the main menu, or browse the home-page map for a big-picture look at data protection across the continent.
This page describes the methodology used to analyse the state of data protection in each country.
How we reached our conclusions
Our researchers looked at 50 different factors to evaluate each country’s legal framework on data protection. These variables were chosen because they represent some of the most important ways in which a data subject’s rights can be protected.
The variables cover seven different areas: (1) Domestic Legal Commitments; (2) International Legal Commitments; (3) Scope of Application; (4) Transparency; (5) Accountability; (6) Participation; and (7) Automated Processing.
See the section below for more detail about each variable.
What we didn’t look at
Our analysis looks only at the existence of laws and the text of those laws or draft Bills, where applicable, at the time of publication. It does not assess actual compliance with the law or whether the provisions have been implemented, other than looking at whether members of the Data Protection Authority (DPA) have been appointed. This is a starting point to understand the gaps and remaining challenges in advancing data protection in Africa.
This analysis also looks only at comprehensive data protection legislation. In other words, we did not evaluate other legislation, such as electronic communications or cybercrimes acts, unless they explicitly reference the protection of personal information or deal substantially with data protection.