Ethiopia Data Protection Law Explained
A comprehensive guide to Ethiopia's data protection law, Proclamation No. 1321/2024, covering the history of privacy rights in Ethiopia, what the current law says, data subject rights, enforcement gaps, and the future of data privacy in Africa.
On a quiet morning in July 2024, a notice appeared in the Federal Negarit Gazette that would rewrite the terms under which nearly 130 million people's personal information could be collected, stored, and sold. Proclamation No. 1321/2024, the Personal Data Protection Proclamation, had entered into force. For the first time in the country's history, there existed a single, enforceable framework governing what any entity could do with the personal data of people living in Ethiopia.
The moment was long overdue. For decades, Ethiopians had existed in a legal gray zone: a country whose successive constitutions promised privacy as a fundamental right, yet whose institutions lacked the tools, the mandate, or the will to translate that promise into real protection. The gap between what the law said and what actually happened to personal data was vast, and in the era of digital finance, national biometric ID programs, and mobile internet penetration, it had become dangerous.
Create an account to read the full story.
