Last year in this piece I wrote about Africa’s digital future as an ecosystem hiding in plain sight. AI, digital identity, blockchain, cybersecurity, climate tech, data governance, startups, regulation, and civil society were often being discussed as separate lanes. But they were never separate. They were always part of the same system.
In 2026, that system is clearer now.
Africa no longer lacks digital ambition. The architecture is now visible. The question today is whether the continent can convert that architecture into operating power before the next generation of digital dependency is locked in.
What has evolved since 2025?
The conversation has moved from “does Africa need data governance?” to “who controls the terms under which African data creates value?” The AU Data Policy Framework, the African Digital Compact, the Continental AI Strategy, and the AfCFTA Digital Trade Protocol now form a serious continental policy stack. The African Digital Compact was adopted in 2024 as Africa’s common position on digital transformation, aligned with the Global Digital Compact but grounded in Africa’s own challenges and opportunities.
This AfCFTA Digital Trade Protocol is especially important because it gives digital policy an economic integration spine. Its stated objective is to establish harmonised rules and common standards for digital trade, create a secure and trustworthy digital trade ecosystem, encourage interoperability, and support safe, ethical adoption of emerging technologies. Its annexes were finalized and adopted in February 2025, including areas such as digital identities, cross-border digital payments, cross-border data transfers, and rules of origin for digital products.
Taken together, these instruments suggest that Africa is no longer only producing digital policy. It is beginning to assemble the foundations of a continental digital market. But markets do not become powerful because documents exist. They become powerful when institutions, standards, incentives, enforcement, and trust begin to work together.
Data protection has also matured. Depending on the tracker and date, Africa now has roughly 43–45 data protection laws. Data Protection Africa’s January 2026 tracker maps 55 countries, 43 data protection laws, and 5 draft laws; Digital Policy Alert’s January 2026 roundup records 44 laws and 38 operational data protection authorities; Tech Hive’s March 2026 update says Burundi’s adoption brings the continent to about 45 laws.
The direction matters more than the exact count. Africa is moving from absence of rules to a more complex phase: overlapping laws, active regulators, uneven enforcement, and growing pressure to make privacy, innovation, trade, and sovereignty work together.
So now, data sovereignty is no longer theoretical. You might remember Ghana’s recent rejection of a proposed U.S. health deal over sensitive health-data access. That shows us that African governments are beginning to treat data governance as a negotiation issue, not just a compliance issue. The Ghanaian regulator objected to provisions that would have allowed access to health datasets, metadata, dashboards, reporting tools, data models, and data dictionaries without sufficient safeguards. Zambia has also objected to a proposed U.S. health funding agreement, including concerns around data-sharing requirements and the linking of health support to minerals access.
The recent Ghana and Zambia cases show that data sovereignty is no longer an abstract governance concern. It is now showing up inside health agreements, foreign aid negotiations, mineral diplomacy, and questions of national bargaining power.
Strategic movement into “digital bargaining power”
So as I read the pieces above, a question came to mind;
Can Africa build enough internal coherence and cogency to bargain as a digital bloc, or will its digital future be negotiated country by country, platform by platform, donor by donor, and contract by contract?
That is the heart of the matter today. A united digital front does not mean every African country adopts the same law. That is unrealistic. It means African states, regulators, technologists, civil society, researchers, and private-sector actors develop enough interoperability, mutual recognition, common standards, and shared negotiating principles that Africa stops entering digital markets as 54 fragmented regulatory islands.
The infrastructure conversation is urgent, but it is not sufficient. Data centres, cloud capacity, connectivity, and power matter. But without shared standards, institutional capacity, trusted data flows, rights protections, and value-capture strategies, infrastructure alone will not produce bargaining power. The real issue now is whether Africa can align policy, institutions, markets, rights, infrastructure, languages, trust, and bargaining power into one functioning digital ecosystem.
What is blocking a united African digital front
There are many blockers, but for cogency, we look at the six most important ones.
The first blocker is regulatory fragmentation. Cross-border data flows are central to digital trade, AI, research, fintech, logistics, health innovation, and regional markets. But domestic data rules across African countries still only loosely align with AfCFTA ambitions. Research ICT Africa’s 2025 report notes that fragmented data protection rules can require explicit consent, DPA permissions, or adequacy assessments before data can move, while localisation mandates and broad consent requirements can create tension with digital trade goals.
The second blocker is the gap between protection and value creation. Many African data governance efforts still focus heavily on privacy and protection. That is necessary, but insufficient. The next frontier is portability, interoperability, responsible localisation, trusted data flows, and value capture. Even Microsoft’s Africa policy analysis (it is useful here because it reflects a major platform actor’s reading of the field) argues that Africa’s AI future depends on whether value created from African data, talent, and deployment is captured within African economies.
The third blocker is institutional capacity. Laws are multiplying faster than the institutions needed to implement them well. UNESCO’s January 2026 account of African ICT leaders at Transform Africa noted persistent legal, technical, and institutional gaps in data governance, including limited technical capacity for data management and sharing.
The fourth blocker is geopolitical asymmetry. Africa is being courted by the U.S., Europe, China, Gulf states, Big Tech, AI companies, cloud providers, and development finance institutions. That attention creates opportunity, but also risk. The UAE’s $1 billion AI-for-development initiative for Africa, Morocco’s partnership with Mistral AI, Orange’s work with OpenAI and Meta on African language models, and IFC’s $100 million financing for Raxio all show growing external and private-sector interest in Africa’s AI and data infrastructure. The strategic question that comes to mind is; do these partnerships build African capability and ownership or simply extend new forms of dependency?
The fifth blocker is the surveillance-rights tension. AI governance cannot be written only as an innovation story. A March 2026 Guardian report, drawing on work by the Institute of Development Studies and the African Digital Rights Network, warned that AI-enabled surveillance systems are expanding across Africa, often with weak safeguards and chilling effects on civic space. This matters because trust is the invisible infrastructure of the digital economy. Without rights, accountability, and redress, digital transformation can (and will) scale coercion and inequity as easily as it scales services.
The sixth blocker is language and data representation. AI systems cannot meaningfully serve if African languages, knowledge systems, contexts, and social realities remain underrepresented in training data. African Next Voices, Masakhane, Lelapa AI, and Deep Learning Indaba are important today because they are not only “AI projects”; they are attempts to correct who gets represented in the digital knowledge layer. We need more such institutions covering even more languages.
What is the real potential in the field today…?
Having shared the blockers above, the future is not bleak. Far from it. There are already signals that Africa is thinking and acting differently. The more useful question is not simply who is doing interesting work, but what role different actors are playing in shaping the continent’s digital future. When seen together, a more strategic picture begins to emerge.
The first group are the architecture builders. These are the institutions helping to define the continental policy and coordination backbone: the AU, AUDA-NEPAD, the AfCFTA Secretariat, Smart Africa, and related regional bodies. Their work matters because Africa’s digital future cannot be built only through scattered national reforms or one-off innovation projects. The AU Continental AI Strategy, for example, gives shape to an Africa-centred, development-oriented AI agenda, with attention to infrastructure, datasets, skills, investment, risk, and regional cooperation. AUDA-NEPAD’s AI Roadmap for Africa 2025–2030 adds a more implementation-oriented frame, connecting AI to human capital, regulatory governance, economic growth, infrastructure, and investment. Smart Africa’s commitments around interoperability, digital public infrastructure, African language technologies, and even the idea of a continental “Government Operating System” are also significant because they point beyond policy language toward operational architecture. This is important. Africa does not only need digital ambition. It needs systems that can work together.
The second group are the governance translators. These are the actors helping to translate high-level continental ambition into the practical language of rights, law, regulation, implementation, and accountability. CIPESA, Research ICT Africa, Paradigm Initiative, ALT Advisory/Data Protection Africa, and similar organizations are important because they sit in the space between principle and practice. They help us see where the tensions are: between innovation and rights, trade and protection, data flows and sovereignty, continental ambition and national legal realities. CIPESA’s work with GIZ DataCipation and the AU, for instance, has supported countries and regional economic communities to think through data governance policies aligned with the AU Data Policy Framework. Research ICT Africa’s mapping of cross-border data flows is especially useful because it makes visible one of the central tensions of this moment: Africa may have continental digital ambitions, but its data governance systems are still largely shaped by uneven national laws, institutional capacity, and enforcement realities.
The third group are the public-interest and sectoral anchors, especially in areas where data governance is no longer theoretical. Health is one of the clearest examples. Africa CDC and AUDA-NEPAD are important here because health data sits at the intersection of privacy, public health, research, genomics, AI, cross-border collaboration, and national sovereignty. A Continental Health Data Governance Framework, if developed and implemented well, could help harmonize standards around health and genomic data, including privacy, consent, ownership, and cross-border sharing. Given recent concerns around health-data access in countries such as Ghana, this may become one of the most politically important areas of African data governance. It shows that data is no longer just a technical asset. It is now part of how countries negotiate health partnerships, aid relationships, research collaboration, and sovereign decision-making.
The fourth group are the knowledge, language, and AI ecosystem builders. This includes Masakhane, African Next Voices, Lelapa AI, Deep Learning Indaba, and the broader community of African AI researchers, technologists, linguists, and data practitioners. Their work matters because sovereignty cannot be reduced to where servers sit. Server location matters, of course, but sovereignty is also about whose languages, contexts, values, and knowledge systems are encoded into the models that will increasingly shape education, health, finance, governance, public services, and work. If African languages remain underrepresented, if African social realities are poorly reflected in training data, and if local knowledge systems are treated as peripheral, then Africa will remain a user of systems built around someone else’s assumptions. The work of building African language datasets and context-aware AI systems is therefore not a side project. It is central to digital self-determination.
The fifth group are the infrastructure and market shapers. These include actors such as Raxio/IFC, Cassava/StriveAI, Morocco’s sovereign data-centre push, cloud providers, telecoms, fintechs, and other private or blended-finance players investing in Africa’s digital infrastructure. This part of the field is moving quickly because the demand is obvious. Africa’s data consumption is rising, digital services are expanding, AI requires compute capacity, and cloud infrastructure is becoming more central to public and private systems. So yes, the infrastructure conversation is urgent. But infrastructure alone does not settle the sovereignty question. The deeper questions remain: who owns the infrastructure, who governs it, whose standards apply, who has access, who negotiates the contracts, and who captures the value created from African data?
This is why I think the real potential in the field today lies not in any single actor or initiative, but in the possibility of connecting these layers more deliberately. Policy architecture, governance translation, public-interest safeguards, African language systems, infrastructure investment, and market innovation all matter. But if they continue to evolve in isolation, Africa may still end up with more digital activity than digital power.
The opportunity now is to build coherence across the field. Not uniformity. Not one centralized model. But enough alignment that Africa can participate in the next digital economy with stronger terms, clearer safeguards, deeper local capability, and a better chance of retaining the value generated from its people, languages, markets, and public systems.
That, to me, is where the real potential sits today. Not simply in the fact that Africa is becoming more digital, but in the possibility that Africa can become more strategic about the terms on which that digital future is built.
The opportunity now
The opportunity is not for Africa to copy GDPR, China, India, or the U.S. model. The opportunity is to define a fourth path: African data sovereignty as trusted participation, not isolation.
Africa should see today that locking data behind borders is not necessarily sovereignty. Understand that openness does not equal surrender. A strategically designed system will be one that allows data to move under African terms. I.e. with consent, accountability, interoperability, value capture, local capability, public interest safeguards, and regional bargaining power.
Africa’s digital bargaining power will not be secured by more pilots, more apps, or more policy documents alone. It will be secured when the continent can decide, together. Decide what must be protected, what must be governed, and what value must remain.
Africa’s digital future will not be secured by more pilots, more apps, more platforms, or more policy documents alone. It will be secured when the continent can decide, with greater coherence, what should flow, what must be protected, what should be governed, what value must remain, and what terms it is no longer willing to accept.
If Africa’s data, languages, markets, and public systems are becoming the raw material of the next digital economy, then the real question is no longer whether Africa will participate.
The question is: on whose terms?
At Project by Projects, this is how we work: we help institutions make sense of complexity, see the patterns shaping their work, and translate insight into strategic direction.
You must be logged in to post a comment.