African Union: African Union adopted Convention on Cyber Security and Personal Data Protection including provisions on data protection regulation

On 27 June 2014, the African Union (AU) adopted the AU Convention on Cyber Security and Personal Data Protection. The Convention outlines principles for the lawful, fair, and transparent processing of personal data, ensuring that data is collected and used responsibly. It mandates data controllers to implement appropriate security measures to protect personal data from unauthorised access, alteration, or destruction. The Convention also establishes the rights of data subjects, including the right to access, rectify, and object to the processing of their data, erasure, and protection against automated decision-making.