By Abdullahi Salad - Reporter
Somalia, 20 May 2026 Somalia’s Data Protection Authority on Wednesday said it has launched a registration and oversight system for institutions handling citizens’ personal data, as digital services expand across the country.
Mohamed Noor Olow, Director of the Data Protection Authority, told Dawan Media that the agency had begun registering data controllers and data processors as part of efforts to strengthen oversight of personal data management.
He said the initiative was aimed at improving accountability among institutions that collect and store citizens’ information for various use.
“We are introducing regulations, registration systems and monitoring mechanisms for institutions handling citizens’ data,” Olow said.
He said the authority would conduct regular assessments every six months to evaluate how institutions protect and manage personal data.
The director said the oversight framework would apply to both public and private institutions, including telecommunications firms, banks, fintech companies, hospitals, NGOs and government agencies handling citizens’ personal data.
Somalia has experienced rapid growth in mobile money services, digital identification systems and online government services in recent years, increasing concerns over cyber security, privacy and the handling of citizens’ personal data.
Somalia is considered one of Africa’s most active mobile money markets, with millions of users relying on digital payment platforms for daily transactions and financial services.
Related articles
The agency also plans public awareness campaigns, training programs and reporting mechanisms for citizens who believe their personal information has been misused or improperly accessed.
Somalia established the Data Protection Authority in 2023 after parliament approved a data protection law amid growing concerns over digital security and the rapid expansion of online services in the country.
The director said institutions experiencing cyber breaches or unauthorized access to personal data would be required to report incidents to the authority within 72 hours.
Officials said institutions that fail to report data breaches or improperly handle citizens’ information could face regulatory action under Somalia’s data protection law.
“Citizens must understand that protecting personal data starts with individuals themselves,” Olow said.
He said public awareness remained one of the biggest challenges facing the authority, arguing that many citizens and institutions still lacked understanding of data protection and digital privacy.
Somalia joins a growing number of African countries introducing data protection regulations as governments seek to strengthen digital governance and cyber security frameworks.
Loading twitter content...