Botswana DPA

Data Protection Act 2024

Botswana's modernized data protection law requiring Data Protection Impact Assessment and establishing age 16 for consent.

Jurisdiction

Botswana

Enacted

Aug 1, 2024

Effective

Oct 1, 2024

Enforcement

Data Protection Commissioner

Replaced 2018 Act with enhanced protections

Strathmore CIPIT Analysis

Why It Matters

Botswana's 2024 Act is Africa's most recent data protection modernization, establishing clear age 16 consent threshold and mandatory DPIA for AI systems.

Recent Developments

Enacted August 2024, replaced 2018 Act with stronger AI-era protections

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Requires

Transparency User Rights Data Minimization

Who Must Comply

Data controllers and processors in Botswana
Entities processing data of Botswana residents
High-risk AI systems processing personal data

Obligations fall on:

Safety Provisions

Children 16+ may consent; under 16 requires guardian consent
Mandatory Data Protection Impact Assessment for high-risk processing
Breach notification required
Data Protection Officer for certain controllers
Cross-border transfer restrictions

Compliance & Enforcement

Penalties

criminal liability

Criminal liability

Primary Source

Strathmore CIPIT Analysis

https://cipit.strathmore.edu/understanding-botswanas-2018-and-2024-data-protection-acts/

View on map

Botswana

Focus Areas

Mental health & crisis

Child safety

Algorithmic accountability

Cite This

APA

Botswana. (2024). Data Protection Act 2024.

Related Regulations

In Effect ZM

Zambia DPA

Zambia's comprehensive data protection law with special protections for vulnerable persons and DPIA requirements for high-risk processing.

In Effect SC

Seychelles DPA

Seychelles' modern data protection law requiring DPO for large-scale processing and recognizing Cross-Border Privacy Rules certification.

In Effect DZ

Algeria Law 18-07

Algeria's data protection law with mandatory DPO requirement added by 2025 amendment and 5-day breach notification.

In Effect RW

First African country to adopt comprehensive national AI policy. Establishes Responsible AI Office (RAIO) under MINICT. Implements RURA ethical guidelines covering beneficence, non-maleficence, autonomy, justice, explicability, transparency. Non-binding framework.

In Effect US-CA

CA SB 524

Requires law enforcement agencies to disclose when AI is used to write or assist in creating official police reports, maintain audit trails, and preserve AI-generated first drafts.

In Effect CN

China CSL Amendments

First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.