By 
By Nana Theresa Timothy
Privacy leaders urge harmonized, enforceable, and indigenous data protection policies to safeguard digital sovereignty and drive regulatory innovation across Africa.
African Privacy Experts Rally for Harmonized Data Protection Framework
At the 2025 NADPA-RAPDP Conference and Annual General Meeting in Abuja, leading African data privacy experts, regulators, and policymakers called for a continent-wide harmonized data protection framework to tackle the growing risks of privacy invasion in Africa’s digital economy.
RELATED: Africa unites for data privacy: Nigeria hosts 8th NADPA-RAPDP conference in Abuja
Held under the theme “Privacy, Trust, and Regulatory Innovation in a Data-Driven Africa,” the conference spotlighted the urgent need for enforceable, value-based, and adaptable data protection regimes across the continent.
Keynote: Ajijola Warns Against ‘Surveillance by Architecture’
During Plenary Session 1, titled “Data Privacy and Protection Regulation,” cybersecurity expert Abdul-Hakeem Ajijola, Executive Chairman of Consultancy Support Services and member of the African Union Cybersecurity Expert Group, delivered a compelling keynote.
Ajijola issued a stark warning about the passive surrender of privacy in Africa through everyday digital devices, stating:
“This is not privacy by design. It is surveillance by architecture—and Africa must act now.”
He urged African nations to build locally relevant and enforceable data protection laws, rather than replicate foreign models like the GDPR without adaptation.
“Africa must not imitate; Africa must innovate,” he said, calling for strategic regulatory harmonization rooted in African realities.
Nigeria’s Data Protection Ecosystem Commended
Ajijola praised the progress of Nigeria’s Data Protection Act 2023, which established the Nigeria Data Protection Commission (NDPC) and a pioneering public-private partnership (PPP) model for national compliance.
Key achievements include:
- 267 licensed Data Protection Compliance Organizations (DPCOs)
- Over 40,000 supported data controllers and processors
- Enforcement milestones such as a ₦5.8 billion fine on a commercial bank
- The $220 million fine on Meta by the Consumer Protection Commission
Ajijola emphasized that Nigeria’s success—with minimal public funding—proves that decentralized models enhance compliance, build capacity, and create jobs.
Panel Explores Challenges and Benefits of Regulatory Harmonization
Plenary Session 1B, titled “Unifying Data Protection in Africa: Exploring the Benefits and Challenges of a Harmonized Regulatory Framework,” brought together key stakeholders:
- Dr. Vincent Olatunji, CEO, NDPC (Nigeria)
- Immaculate Kassait, Commissioner, ODPC (Kenya)
- Ousmane Thiongane, President, CDP (Senegal)
- Iro Adamou, Chair, NADPA-RAPDP & Head of HAPDP (Niger)
- Omar Seghrouchni, Chair, CNDP (Morocco) – Moderator
Panelists emphasized the need for:
- Continental data governance alignment
- Cross-border data transfer protocols
- A unified data protection maturity framework
While over 35 African countries have enacted data protection laws, speakers noted inconsistencies in enforcement, limited interoperability, and poor adoption of the Malabo Convention—ratified by only 18 countries in 14 years.
A Call to Co-Author Africa’s Digital Destiny
The session concluded with a collective commitment to:
- Amplify Africa’s digital voice in global forums
- Promote regional collaboration
- Develop data privacy regimes rooted in African culture, dignity, and sovereignty
Ajijola closed with a powerful African proverb:
“If you want to go fast, go alone. If you want to go far, go together. Africa must co-author its digital destiny.”
