The enactment of the European Union’s General Data Protection Regulation (GDPR) in 2016 marked a turning point not only for European data governance but for data protection globally. Its influence has been felt across jurisdictions on every continent, and the East African region is no exception. While the African Union’s Malabo Convention on Cybersecurity and Personal Data Protection represented an earlier and deliberate effort to address data governance at a continental level, its practical impact has been constrained by slow ratification across member states. The GDPR’s reach, by contrast, derives in large part from the cross-border reality that organisations and governments operating globally must engage, in one way or another, with data connected to EU member states. That practical compulsion has been among the forces shaping the region’s legislative trajectory.
Data Protection and Privacy in East AfricaApril 18, 2026
Why the Sovereignty Bill is BadApril 18, 2026
HOW THE VALUATION ACT 2026 AND THE BUILDINGCONTROL (AMENDMENT) ACT 2026 WILL AFFECT THE BUILT ENVIRONMENT.April 10, 2026
Niche Ankole BreedMarch 2, 2026
