While it is conceivable that African countries have made effort to enact legal framework for data protection and data governance due to the increased use of personal data, compared to the EU General Data Protection Regulation (GDPR), the African Union does not have a central legislation that generally regulates the concept of data protection its member states. The existing instrument (Malabo Convention) that appears pan-African is not yet enforceable due to non-ratification by the required number of member states. This research analyses the provisions, efficiency, compliance and enforceability of data protection laws in Africa in relation to data governance. It concludes on the necessity of legal frameworks for data protection and some recommendations that could be adopted to develop new or strengthen existing data protection framework within the context of data governance.