Ethiopia is laying the groundwork for a new era of artificial intelligence (AI) governance, combining policy leadership with emerging legal safeguards. While there is no single, all-encompassing AI law yet, the government is steadily developing a coordinated framework anchored in ethics, data protection, and institutional oversight.

This measured approach reflects Ethiopia’s broader vision — to harness AI for economic and social progress while ensuring accountability, fairness, and human oversight.

1. National AI Policy: Ethiopia’s Strategic Blueprint

Approved in June 2024, the National Artificial Intelligence Policy is the country’s central strategic document for guiding AI development. Although it is not a binding law, it sets the direction for forthcoming legislation and regulatory measures.

The policy focuses on four key pillars:

  • Ethics and Accountability: AI systems must operate with fairness, transparency, and human responsibility to prevent discriminatory or harmful outcomes.

  • Data Governance: Recognizing that reliable data is essential for AI, the policy calls for strong standards for data collection, sharing, and ethical use.

  • Human Capital: It emphasizes building domestic expertise through education and training so that Ethiopia can cultivate its own AI innovators.

  • Infrastructure Development: It encourages both public and private investment in broadband, data centers, and computing power to support large-scale AI deployment.

2. Data Protection as Legal Cornerstone

The Personal Data Protection Proclamation (No. 1321/2024) — enacted in July 2024 — represents Ethiopia’s first major binding instrument relevant to AI regulation. Closely modeled on the EU’s GDPR, the law strengthens privacy rights and regulates how personal data can be processed by both public and private entities.

Key highlights include:

  • Individual Rights: Citizens can access, correct, and object to the automated processing of their personal data. They also have the right to challenge AI-only decisions that significantly affect them (e.g., in credit, hiring, or insurance).

  • Controller Obligations: Organizations handling data must secure explicit consent, limit data collection to what is necessary, and register with the Ethiopian Communications Authority (ECA).

  • Data Localization: Personal data collected in Ethiopia must be stored on local servers unless the destination country provides “adequate” data protection. This impacts how cloud-based AI solutions operate across borders.

3. Institutional Pillars for AI Governance

Two key institutions play a central role in Ethiopia’s AI landscape:

  • Ethiopian Artificial Intelligence Institute (EAII): Established in 2022, the EAII leads national research, policy implementation, and capacity-building programs. It also evaluates and certifies imported AI technologies for domestic use.

  • Ethiopian Communications Authority (ECA): The ECA enforces data protection compliance, registers controllers and processors, and determines which foreign jurisdictions meet adequacy standards for data transfer.

Together, these bodies ensure that AI growth is supported by both innovation and regulatory integrity.

4. Supporting Legislation

Ethiopia’s broader digital laws complement its AI strategy:

  • Computer Crime Proclamation (No. 958/2016): Criminalizes unauthorized access, data manipulation, and cyberattacks — essential for protecting the infrastructure that AI depends on.

  • Intellectual Property Laws: Current IP rules primarily recognize human authorship, posing challenges for AI-generated content. Lawmakers are expected to review these provisions to address authorship and ownership of AI-created works.

5. Regional and Continental Alignment

Ethiopia’s policy direction aligns with the African Union’s Continental AI Strategy and the Africa Declaration on Artificial Intelligence. Participation in these frameworks underscores Ethiopia’s commitment to a shared African vision of responsible and inclusive AI innovation.

6. Why This Matters

Ethiopia’s step-by-step model — combining strategic policy, enforceable data protection law, and institutional oversight — places it among the few African nations actively defining a responsible AI governance path.

As sector-specific rules emerge (particularly for finance, healthcare, and public services), organizations deploying AI solutions should review data governance practices, ensure compliance with the new data protection proclamation, and anticipate further regulatory developments.

Firm Insight

At Liku Worku Legal Services, we monitor the intersection of technology, data protection, and regulatory compliance in Ethiopia. Our team advises on emerging AI, privacy, and digital policy matters, helping clients navigate the evolving legal landscape with confidence.