The East African Community (EAC) has taken a pivotal step toward harmonising data governance frameworks across its eight Partner States. This initiative follows a Regional Workshop for Data Experts on Cross-Border Data Flows convened by the EAC Secretariat as part of the Eastern Africa Regional Digital Integration Project (EARDIP). The project aims to establish a seamless and secure environment for cross-border data flows within the region.
“This workshop reaffirms our steadfast dedication to positioning the EAC as a leader in digital transformation and regional integration,” said Annette Ssemuwemba, EAC Deputy Secretary General in charge of Customs, Trade, and Monetary Affairs, during the workshop’s opening.
The workshop provided a platform for policymakers to deliberate and reach a consensus on creating a cross-border data exchange mechanism. The proposed framework is expected to enable secure, ethical, and responsible data sharing, foster innovation, boost trade, and enhance global competitiveness across the region.
Addressing Gaps in Data Protection
The discussions highlighted disparities in the data protection landscape among the EAC Partner States. Notably, South Sudan lacks a national data protection law, while only five countries—Kenya, Rwanda, Somalia, Uganda, and Tanzania—have dedicated data protection authorities. These gaps underscore the urgency of a harmonised legal framework to address inconsistencies, bolster trust, and unlock economic opportunities.
Aligning with international best practices like the EU’s General Data Protection Regulation (GDPR) and the APEC mechanisms, the workshop emphasized tailoring global standards to the region’s unique context. Private sector representatives stressed that fragmented legal frameworks and data localisation requirements hinder innovation and investment. Harmonised regulations, they noted, would enhance data security and attract investment, enabling seamless cross-border operations.
Establishing a Technical Working Group
To advance these efforts, the workshop resolved to establish a Technical Working Group (TWG) comprising representatives from Data Protection Authorities, Ministries responsible for ICT, ICT Authorities, Attorney General’s Chambers, and the EAC Secretariat.
The TWG will develop principles for the cross-border data flow framework, pilot programs, and a roadmap for the eventual EAC Data Protection and Privacy Act. The group will address technological requirements such as consent management and conduct consultations, validations, and capacity-building sessions to ensure the framework reflects the region’s needs.
Pioneering Regional Data Governance
The TWG’s work is expected to streamline data governance within the EAC and position the bloc as a model for regional data governance on the continent. By fostering trust, protecting personal data, and creating a predictable regulatory environment, the harmonised approach will attract significant investments, drive innovation, and enhance the region’s global competitiveness.
As cross-border data flow becomes a cornerstone of the digital economy, the EAC’s efforts to harmonise data protection laws underscore its commitment to regional integration, sustainable growth, and leadership in digital transformation.
