Who will dig the trench?

CybAfriqué is a space for news and analysis on cyber, data, and information security on the African continent.

HIGHLIGHTS

Who will dig the trench?

A highlight no one attempted to title ‘trenches war’ or ‘one hole to rule them all’

2025 has been Ghana’s year of digital policies. This year, the West African country raised a National Harmonisation Bill, a Cybersecurity Act (Amendment), an AI Governance Framework, and now, the piece de resistance of digital access x civil engineering bureaucracy: the “Dig Once” Policy.

The concept of "dig once" is interesting. It is typical that wen ISPs deploy fiber internet  to a location, they dig those messy trenches. So the government says; "Since you are already opening the ground to lay a water pipe, would you mind terribly if we threw a fiber optic cable in there too?" It is a hedge against the absurdity of a road being paved on Monday and ripped up again for fiber internet on Friday.

Fiber internet became a thing in the 1970s (specifically 1970, when Corning glass researchers made the first low-loss fiber). By 1988, it had become a staple of global internet connectivity with the laying of TAT-8, the first transatlantic fiber cable. But it wasn’t until 2009 that the first truly high-capacity undersea fiber connections, SEACOM and TEAMS, started appearing in East Africa.

In 2010, when Google was exploring early fiber deployments (Project Link) on the continent, industry observers noted a recurring grievance. Steve Song, a prominent telecommunications researcher, wrote that the "right of way," the legal permission to put fiber glass in the ground, was the single biggest bottleneck to African connectivity.

It is 2025, and those complaints persist; in Lagos, Nairobi, Johannesburg, and really any emerging market where fiber is deployed. The conversation often comes with the "who will bell the cat" question: who will actually dig the trench? Contracts are awarded over it, right-of-way fees are paid to local chiefs and state governors, and in some cases, area boys and local gangs demand a cut before shovels hit the dirt.

This leads to a pretty obvious question: power lines are mostly passed above ground. Why can’t fiber lines just hitch a ride? In fact, that would be cheaper because preexisting power infrastructure can be used. If you have fiber in your house right now, there is a decent chance the "drop cable" actually entered your home from a pole, not a hole. 

The backbone of fiber lines has to go underground because of signal attenuation and physical durability. Fiber is just very thin glass. If it sways too much in the wind or gets baked in the sun, things break. According to the World Bank, providers spend up to 80% of their total deployment costs just on civil works—digging the trenches and burying the lines. It’s also an environmental mess, causing soil erosion and urban disruptions that turn city commutes into obstacle courses.

In 2009, the United States began formalizing "Dig Once" via the Broadband Conduit Deployment Act, though the concept is as old as the first shared utility tunnels in Victorian London. The idea is that the government builds "empty pipes" (conduits) whenever it builds a road. Since then, the policy has been raised in more than 50 countries. In the past 10 years, at least 15 African nations have passed or drafted dig once policies. Ghana is the latest, but as with everything in infrastructure, it is easier said than done.

Dig once policies do not easily answer the question: who pays for the hole? Governments in developing countries struggle to find the upfront capital to build "speculative" conduits. Despite the Nigerian federal government passing the National Broadband Plan (2020-2025), which championed fiber sharing, progress has been lopsided. Most of the real movement has been at the state level. In Lagos State, the government partnered with private firms to build 6,000km of unified fiber ducts as part of a "Smart City" project. 

The second model is Mandatory Co-location. It mandates that anyone digging a trench must allow others to tap in for a fair fee. This is a direct descendant of the Tower Sharing model that allowed the mobile explosion in the 2000s; instead of every telco building its own metal tower, they all just rented space on each other’s.

Despite all the legislation, the "digital divide" persists. Under 20% of the continent has meaningful access to fiber-speed internet, concentrated heavily in North African countries like Egypt. 

Ghana is the latest to try and legislate its way out of this hole. They probably won't be the last. 

Exams v. privacy rights; version two

Conversations about data privacy in Africa always range from the existential (like biometric surveillance) to the far less existential, but nonetheless significant. Take, for instance, the recent legal kerfuffle in South Africa.

The court has just ruled that publicly publishing the matriculation/final school exam results of students does not constitute a disclosure of personal information and thus does not violate data rights. The logic being that since the results are published alongside the students' matric numbers rather than their names, the court reasoned that their data isn't being compromised. The student is "anonymized" by a string of digits.

To understand why this logic is, let's say, optimistic, we can look at Al-Ameen. Al-Ameen handles most of the scraping and day-to-day monitoring here at CybAfrique, but in his "real life," he is a university student.

When Al-Ameen received his matric number, it was pasted on a faculty notice board alongside hundreds of others in his year. You see, matric numbers are rarely randomized. Usually, they are generated via a predictable formula that uses the year of registration, a faculty code, and a serial number generated in alphabetical order of the names of students registered.

If Al-Ameen’s matric number is 25/10D001, it doesn't take a master hacker to figure out that the person whose name follows him alphabetically (let’s say Al-Ameed)  is 25/10D002. If you have the list from the notice board (which everyone does, because they took a photo of it) the anonymous number becomes a simple Caesar cipher for a person’s identity.

It is not hard to see how publicly posting exam results, even using matric numbers as proxies, violates personal rights. If I know your name starts with 'B' and I see the 'B' section of the list has three people failing, I’ve learned something about you that you didn't want me to know.

Yet, it is also not hard to see why a court might lean toward disclosure. In many countries, examinations carry a heavy moral and social weight. They are the ultimate arbiter of merit. There is a "public interest" argument that the process should be transparent to prevent the "disappearing" of bad grades or the "manifesting" of good ones for the well-connected. This obsession with exam integrity is the same reason governments in Ethiopia, Algeria, and Sudan have historically restricted internet access during statewide examinations. If you have to shut down the entire internet to stop cheating, a little "anonymized" data leak on a notice board seems like a small price to pay for transparency."

This practice of public shaming, sorry, result publication is still standard in many countries that ironically all have comprehensive Data Protection Acts on the books meant to protect personal privacy.

Is the ability for your neighbor to see that you got a 'C' in Macroeconomics an existential threat to your digital rights? Perhaps it is, and perhaps it isn’t. You decide.

FEATURES

• How the global AI race is reshaping power, and why Africa matters more than ever

• How would a sub-$30 smartphone affect Africa?

HEADLINES

• Benin: Attempted coup and explosion of fake news

• South Sudan to get data protection bill in 2026, says minister

• Airtel Africa teams up with Starlink to launch direct-to-cell service in 14 markets

• South Africa lawmakers seek halt to Starlink rule easing amid empowerment row

• Kenya pushes ahead with Safaricom split, even as the Government sells stake

• Protecting children in Algeria cyber cyberspace: the ONPPE announces the creation of a monitoring unit 

• Nigeria: CAC warns of intensified crackdown on unregistered PoS operators

• 2025 Africa Cup of Nations in Morocco: Rabat host an international against digital piracy 

• Madagascar officially launches the process of developing its cybersecurity strategy 

• The BCLCC arrested two suspected cyber criminals in Ouadadougu for a loss of 15.1 million CFA francs

• Data protection in Kenya: High court order suspension of the health cooperation framework signed into the United States

• Illegal distribution of pornographic content in Senegal: Police dismantle an online network

ACROSS THE WORLD

• Canada’s privacy regulator to probe billboards equipped with facial scanning tech

• Austria’s high court orders Meta to change its personalised ad practices

• Venezuela says oil export system down after weekend cyberattack

OPPORTUNITIES

• Travel and Registration Support for Rightscon

• Building a Safer Cyber World Conference

• Technology and Human Rights Fellowship

• The Global InfoSec Awards for 2026 Are Now Open!

IMAGE OF THE WEEK

This has been an amazing year for us. I hope it has been so for you, too. This is our last newsletter of the year. We will be on break till the second week of January 2026. We will be kicking off the year with our annual notes on most important conversations in African infosec. This time around, we’ve chosen to start the incoming year with it, rather than end the outgoing one with. This report has always been about reminding stakeholders about what is happening and what they can tap in. What better time to send that than the beginning of a new year?

See you next year.