Support Centre



The Data Protection Act, 2023 (the Act) was introduced by the Department of Information Communications Technology on March 16, 2023, and approved by the Cabinet of Seychelles on June 22, 2023. The Act subsequently entered into force on December 22, 2023, replacing the Data Protection Act, 2003.

The Act provides controllers and processors 18 months from its effective date to bring their data processing activities in compliance with the provisions of the Act. OneTrust DataGuidance Research provides an overview of the Act, highlighting data subject rights and controller and processor obligations.

The digital landscape continuously evolves, demanding strong and robust frameworks to safeguard personal data. Many countries have put in place laws to protect the privacy and security of individuals and organizations. On April 4, 2024, Ethiopia, which hitherto did not have any comprehensive data protection rules except for those scattered in financial and media laws, took a significant step forward by enacting the Personal Data Protection Proclamation (Proclamation No. 1321/2024) (the Proclamation).

One of the prominent legislations in the realm of private data protection is the European Union's General Data Protection Regulation (GDPR) which significantly strengthens privacy rights for individuals in the European Economic Area. Due to its comprehensive nature and its extensive geographical application, the GDPR could serve as a valuable reference standard. In this Insight article, Fitsum Sitotaw, from DABLO Law Firm LLP, gives a general overview of the Ethiopian Proclamation in light of the GDPR.

The Parliament of Malawi introduced the Data Protection Bill on December 7, 2023, which provides a comprehensive legal framework for data protection in compliance with internationally accepted principles of data protection. The bill introduces requirements for data controllers and processors, rights for data subjects, and restrictions on the processing and movement of personal data. OneTrust DataGuidance breaks down the key rights and obligations provided in the bill.  

In an age defined by rapid technological advancements, the imperative to fortify data protection measures has become increasingly evident. For Algeria, a country on the cusp of significant digital transformation, the legal infrastructure governing data protection is a critical aspect of ensuring the responsible use and safeguarding of sensitive information. Hakim Berrah, from Clyde & Co LLP, delves deeper into the current legal landscape of data protection in Algeria, exploring the challenges it faces and the legal initiatives undertaken to address these issues.

The past month has witnessed a surge in the number of allegations regarding the infringement of intellectual property (IP) rights by artificial intelligence (AI) models. In this Insight article, Tasmiya Patel, Davin Olën, and Amaarah Kapdi, from Dentons, unpack the broad international legal framework that is applicable in such cases, the potential defenses available, and discuss the remedies accessible to parties claiming the infringement of their IP rights.

To navigate this landscape, the article first articulates the methods used by AI to develop neural networks. It then proceeds to address the applicable international IP rights regime, which is subsequently developed, and concludes with an examination of the likely relief that a court may grant in such cases.

There have been radical developments in various artificial intelligence (AI) models, with ChatGPT being the most prominent. ChatGPT serves as a language-based AI chatbot that uses a set of techniques referred to as deep learning that has continuous learning capabilities. As a result of these revolutionary AI developments, businesses have acknowledged the valuable insights that AI platforms can provide. It facilitates the generation of contracts, marketing content, CVs, articles, essays, and much more. It does so by gathering and processing data sourced from the internet, encompassing large sets of data derived from books, articles, and other online resources. PR de Wet and Jako Fourie, from VDT Attorneys Inc., examine the impact of POPIA on AI developments, with a specific focus on the processing of data by automated means through AI.

On June 12, 2023, the Nigeria Data Protection Bill was signed into law by President Bola Ahmed Tinubu. Tiwalola Osazuwa, Peretimi Pere, Nenjom Asuk, and Ifeoluwa Ebiseni, from Aelex Partners, look at the key provisions of the Act, including its scope and applicability and penalties for non-compliance.

In this Insight article, Magda Cocco, Partner, Inês Antas de Barros, Partner, Isabel Ornelas, Managing Associate, and Maria de Lurdes Gonçalves, Managing Associate, from Vieira de Almeida & Associados, delve into the significance of the Malabo Convention on Cyber Security and Personal Data Protection (the Malabo Convention), exploring its impact on Africa's data protection and cybersecurity landscape and the challenges and opportunities it presents for member states and businesses.

2022 marked a memorable year for Tanzania when the National Assembly passed the very first Personal Data Protection Act (the Act). Rachel Magege, Lawyer and Project Associate at Pollicy, discusses the contents of the Act and its potential impact on companies.

Since the inception of the Protection of Personal Information Act, 4 of 2013 (POPIA), the Information Regulator has achieved some significant milestones in terms of POPIA and the Promotion of Access to Information Act, 2 of 2000 (PAIA). In this Insight Article, PR de Wet and Mishka Cassim, from VDT Attorneys Inc, analyze the milestones accomplished in 2022 and the expectations for 2023.

The Minister of Information and Communications Technologies published a new Draft for the Cyber and Data Protection Regulations, 2022 ('the Draft') in November 2022. Melody Musoni, an independent privacy professional, provides an overview of the Draft, with a specific look at licensing and registration of data controllers and how organisations can prepare.

Namibia's Ministry of Information and Communication Technology ('MICT') recently published Namibia's draft Data Protection Bill 2022 ('the Bill'). To ensure public participation, the MICT has conducted regional consultations with members of the public. Further, members of the public were invited to submit their inputs and comments to the Bill until 30 November 2022. The Bill is still in the early legislative steps and will have to go through parliamentary processes before it is passed into law.

Melody Musoni, an independent privacy professional, discusses the key provisions of the Bill, highlighting topics, such as data processing principles, data subject rights, and cross-border data transfers.