In light of the proliferation of North-South Free Trade Agreements (FTAs), that is, agreements between the developed countries and the less developed, it is important that trade policy negotiators look at data provisions in these agreements with a tooth-comb.
Perhaps EAC and other African countries can draw inspiration from the EU, who have the General Data Protection Regulations (GDPR) which have a framework for protections of citizens’ personal data as well as measures aimed at preventing transfer of data to third countries.
Could the developed countries then be exploiting this lacuna in the EAC data protection regime, in the trade agreements?
For instance, the US-Kenya FTA, according to the US Department of Commerce, aims to, among other things, “establish state of the art commitments to ensure Kenya refrains from imposing measures that restrict cross-border data flows and does not require the use of installation of local computing facilities”.
This is all the more reason these agreements and others that will come to the African continent should be thoroughly scrutinised with the needs of the African countries in mind given the insufficiency of data security laws on the continent.
