In the next segment of Uganda’s Data Protection and Privacy Law Digest, Lawpoint Uganda, in partnership with DPO Privacy Centre (East Africa), features an article by SSALI JOHN NDIGEJJERAWA examining the limitations of Uganda’s Data Protection and Privacy Act, Cap 97.

Although the Act establishes a framework for protecting personal information, it does not expressly recognise biometric, genetic, and location data as distinct categories requiring heightened protection. As a result, some of the most sensitive and permanent forms of personal data remain inadequately safeguarded.

In his article, “Limitations of Uganda’s Data Protection and Privacy Act (Cap 97): Narrow Scope of Sensitive Data and Lack of Explicit Protections for Biometrics, Genetics, and Location Data,” Ssali explores how these gaps expose individuals to growing privacy risks in an era increasingly shaped by facial recognition technology, DNA profiling, and continuous geolocation tracking.

The article raises an important question, is it time to strengthen Uganda’s data protection laws to address emerging digital privacy challenges?

Read more to understand how these legal gaps may affect you.