Ethiopia Personal Data Protection Proclamation (No. 1321/2024)
Ethiopia's first comprehensive personal data protection law. Personal Data Protection Proclamation No. 1321/2024, passed by the Federal House of Representatives on 4 April 2024 and published in the Federal Negarit Gazette No. 35 on 24 July 2024. The Proclamation has 70 articles governing the processing of personal data, including processing principles, lawfulness and consent, sensitive personal data (with stronger protections for minors), fairness/transparency/purpose limitation/accuracy/storage limitation/integrity/confidentiality/security, cross-border data transfer (with data sovereignty considerations), data subject rights (be informed, access, rectification, erasure, object, restriction, automated decisions, portability), a controller/processor registration regime, Data Protection Officer, security measures and breach notification, records of processing, DPIA, prior authorisation/consultation, data protection by design and by default, accountability, research exceptions, monitoring and enforcement, administrative fines and criminal sanctions.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (12)
Ethiopia PDPP - Controllers, Processors and Registration
| Code | Title |
|---|---|
| ETH-PDPP-Art.33-39 | Controller registration regime |
Ethiopia PDPP - Cross Border Transfer
| Code | Title |
|---|---|
| ETH-PDPP-Art.18-22 | Cross-border transfer and data sovereignty |
| ETH-PDPP-Art.23 | Duration of personal data protection |
Ethiopia PDPP - Data Protection Officer and Accountability
| Code | Title |
|---|---|
| ETH-PDPP-Art.40-41 | Data Protection Officer |
| ETH-PDPP-Art.52 | Accountability of the controller |
Ethiopia PDPP - Data Quality and Security
| Code | Title |
|---|---|
| ETH-PDPP-Art.12-15 | Fairness/transparency, purpose limitation, accuracy, storage limitation |
| ETH-PDPP-Art.16-17 | Integrity and confidentiality; Security |
Ethiopia PDPP - Data Subject Rights
| Code | Title |
|---|---|
| ETH-PDPP-Art.24-28 | Right to be informed, access, rectification and erasure |
| ETH-PDPP-Art.29-32 | Right to object, restriction, automated decision-making, portability |
Ethiopia PDPP - Final Provisions
| Code | Title |
|---|---|
| ETH-PDPP-Art.65-70 | Reference, cooperation duties, non-applicable laws, transitory and final provisions |
Ethiopia PDPP - General Provisions
| Code | Title |
|---|---|
| ETH-PDPP-Art.1-3 | Short Title, Definitions and Scope |
| ETH-PDPP-Art.4-5 | Powers and functions of the Ministry and the Authority |
Ethiopia PDPP - Monitoring, Sanctions and Offences
| Code | Title |
|---|---|
| ETH-PDPP-Art.55-58 | Enforcement orders, monitoring and complaints |
| ETH-PDPP-Art.59-62 | Administrative fines, sanctions and complaints |
| ETH-PDPP-Art.63-64 | Burden of proof and criminal offences |
Ethiopia PDPP - Principles of Processing
| Code | Title |
|---|---|
| ETH-PDPP-Art.6 | Principles of personal data processing |
| ETH-PDPP-Art.7 | Lawfulness of processing |
| ETH-PDPP-Art.8 | Conditions for consent |
Ethiopia PDPP - Research Exceptions
| Code | Title |
|---|---|
| ETH-PDPP-Art.53-54 | Research and exceptions to research |
Ethiopia PDPP - Security, Breach and DPIA
| Code | Title |
|---|---|
| ETH-PDPP-Art.42-45 | Security measures, breach notification and prior security check |
| ETH-PDPP-Art.46-48 | Records of processing, DPIA and prior authorisation/consultation |
| ETH-PDPP-Art.49-51 | Data protection by design and by default; duty to destroy; joint controllers |
Ethiopia PDPP - Sensitive Data and Minors
| Code | Title |
|---|---|
| ETH-PDPP-Art.11 | Processing of personal data of a minor |
| ETH-PDPP-Art.9-10 | Processing of sensitive personal data and further categories |
Maps to 2 other frameworks
Frequently Asked Questions
What is Ethiopia Personal Data Protection Proclamation (No. 1321/2024)?
Ethiopia Personal Data Protection Proclamation (No. 1321/2024) is a compliance framework from Ethiopia with 12 domains and 24 controls. Ethiopia's first comprehensive personal data protection law. Personal Data Protection Proclamation No. 1321/2024, passed by the Federal House of Representatives on 4 April 2024 and published in the Federal Negarit Gazette No. 35 on 24 July 2024. The Proclamation has 70 articles governing the processing of personal data, including processing principles, lawfulness and consent, sensitive personal data (with stronger protections for minors), fairness/transparency/purpose limitation/accuracy/storage limitation/integrity/confidentiality/security, cross-border data transfer (with data sovereignty considerations), data subject rights (be informed, access, rectification, erasure, object, restriction, automated decisions, portability), a controller/processor registration regime, Data Protection Officer, security measures and breach notification, records of processing, DPIA, prior authorisation/consultation, data protection by design and by default, accountability, research exceptions, monitoring and enforcement, administrative fines and criminal sanctions. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Ethiopia Personal Data Protection Proclamation (No. 1321/2024) have?
Ethiopia Personal Data Protection Proclamation (No. 1321/2024) has 24 controls organised across 12 domains. The largest domains are Ethiopia PDPP - Monitoring, Sanctions and Offences (3 controls), Ethiopia PDPP - Principles of Processing (3 controls), Ethiopia PDPP - Security, Breach and DPIA (3 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Ethiopia Personal Data Protection Proclamation (No. 1321/2024) map to?
Ethiopia Personal Data Protection Proclamation (No. 1321/2024) maps to 2 other compliance frameworks. The top mapping partners are GDPR (42% coverage), ISO/IEC 38500:2024 (4% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Ethiopia Personal Data Protection Proclamation (No. 1321/2024) compliance?
Start your Ethiopia Personal Data Protection Proclamation (No. 1321/2024) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Ethiopia Personal Data Protection Proclamation (No. 1321/2024) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 24 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required