In 2018, Mauritius set a precedent by becoming the first African nation to establish a national AI strategy. Since that milestone, over a dozen African countries have launched their own national AI policies, signaling a growing interest in artificial intelligence across the continent.
An AI strategy generally outlines priorities and objectives intended to guide a nation in achieving specific policy outcomes related to AI governance and utilization.
At the continental level, the African Union is also in the process of adopting an AI strategy to ensure cohesive efforts among member states. Countries like Kenya and Ethiopia have recently submitted draft AI laws aimed at defining the governance frameworks for AI technologies. Meanwhile, nations such as Morocco, Egypt, and Nigeria are in various stages of contemplating AI legislation. This trend reflects a critical shift among policymakers—from unbridled excitement for AI to a cautious examination of its governance risks.
As scholars specializing in technology law and policy, we delve into the governance dynamics and strategies surrounding emerging technologies like AI. Our latest research focuses on the origins, nature, and scope of AI governance initiatives in Africa. Notably, we have identified several common themes in recent policy and legislative activities, including a tendency for African countries to model their AI regulations on the European Union’s approach. However, the viability of this trend warrants scrutiny.
There is no doubt that Africa requires comprehensive AI legislation. Such laws are essential for regulating the development and use of AI systems that could jeopardize individual rights, societal cohesion, and even national security. Furthermore, establishing a new regulatory authority could facilitate oversight of AI frameworks and data protection measures.
For instance, Kenya’s AI Bill proposes the creation of the AI Commissioner and the AI Advisory Council, tasked with regulating AI systems within the country. However, there are critical considerations that must inform these legislative efforts.
Challenges of Enforcement in AI Legislation
One major concern is whether the introduction of additional digital laws is necessary when many existing technology regulations have remained largely unenforced. The goal of AI policies should be to effectively coordinate AI development at the national level. While some nations are committed to responsible AI governance, others have yet to establish the institutions or allocate the funding necessary to bring their strategies to life.
This issue underscores a unique challenge for Africa: the lack of implementation. A prime example is data protection. Numerous African countries have enacted data protection laws, yet many either lack appropriate oversight bodies or those entities are too under-resourced to ensure compliance. Creating AI legislation in this context risks generating aspirational policies that, much like previous initiatives, may exist only on paper.
Concerns About Adopting European Standards
A second significant concern revolves around the heavy dependence on European benchmarks in formulating new AI laws. Both Kenya and Ethiopia’s proposed AI bills embrace the European Union’s risk-based regulatory approach, which classifies AI systems based on the risks they present. Notably, any system deemed to pose an “unacceptable risk” would face outright prohibition, whereas lower-risk systems would be subject to specific requirements.
This tendency for African countries to replicate European standards in their regulatory frameworks is not new. The initial batch of data protection and cybercrime laws on the continent drew directly from European legal models. Unfortunately, such transplants often disregard local conditions, interests, and concerns, which may explain why data protection measures in Africa face implementation challenges.
The concern lies not with the approach itself, but rather with the African nations’ inability to conceive regulations grounded in their own realities. AI legislation should not be an exercise in signaling regulatory advancement; instead, it must address the specific challenges faced by African nations, characterized by limited institutional capacity, informal data flows, and populations with restricted ability to invoke the rights ostensibly protected by the law.
Developing Grounded AI Regulations
In crafting AI laws, African nations need to take a realistic look at the implications of AI technologies on the continent. Before moving forward with regulations, several crucial questions must be addressed:
How are technology companies engaging with local markets? In what ways are information and misinformation propagated across the continent? How is AI deployed in public services, and who benefits from its integration into social protection, policing, and other public sectors? Who controls the data being generated in Africa, especially when major tech firms based in the US, China, or Europe are the primary data handlers? This often occurs under terms users may not fully understand or consent to, leading to a lack of accountability among African regulators. Additionally, in the event of failures or mishaps, who bears the consequences? Finally, whose interests are overlooked—particularly when AI-driven moderation struggles with local languages and contexts?
Urgency for Regulatory Action
As enthusiasm for AI continues to grow, various sectors in African countries are already adopting these technologies, including healthcare initiatives in Ethiopia and Rwanda aimed at screening for tuberculosis and cervical cancer. However, such applications are often occurring in a regulatory void. Without robust regulatory frameworks, the potential for AI to inflict significant harm on individuals and societies remains high.
While the introduction of an AI Bill may represent a positive step toward closing this regulatory gap, it appears to be confined to a select number of countries, whose methods have yet to extend beyond European conventions. Policymakers should prioritize more nuanced and context-sensitive strategies to genuinely mitigate the risks associated with AI technologies.
Until these frameworks are established, it may be prudent to reconsider or even pause the implementation of high-risk AI systems in sensitive sectors like healthcare.
