GLOBAL RECs: Towards a Continental Approach to Data Protection in

These frameworks include: ● The SADC Model Law (2012),4 ● The EAC Cyberlaw Legal Framework (2008),5 ● The ECCAS Model Law and the Economic and Monetary Community of Central Africa (CEMAC) Consumer Protection Directive (2013),6 and ● The ECOWAS Supplementary Act on Personal Data Protection (2010).7 Owing to the absence of a formal right to privacy and data protection in the African Charter of Human. [...] Modeled heavily from the European Union (EU) Data Protection Directive 95/46/EC, the creation of the frameworks in part culminated in the AU’s Convention on Cyber Security and Personal Data Protection (Malabo Convention) in 20148 and the Privacy and Personal Data Protection Guidelines for Africa,9 both of which operate on the continental level and in theory offer a unified roadmap for data protect. [...] Efforts at the AU level to promote harmonization directly influenced the creation of the regional frameworks in ECOWAS, the ECCAS, and the SADC.20 All three of these bodies actively participated in regional expert groups leading up to the adoption of the Convention, which seems to be directly inspired by the HIPSSA project. [...] Areas of convergence There is broad overlap between the Malabo Convention and some of the regional frameworks on data protection, both in terms of the objectives of the framework and the underlying provisions and structure of the instruments. [...] In coordination with the HIPSSA project in the late 2000s, the AU began prioritizing the creation of harmonized frameworks for data protection through the RECs, which also saw the release of the Malabo Convention in 2014.