The conversation we’ve been having about digital sovereignty just became concrete with the America First Global Health Strategy.
The United States had signed 26 bilateral health Memorandum of Understanding with African governments under the Trump administration’s America First Global Health Strategy, the framework that replaced USAID and restructured PEPFAR.
All the African MOUs signed so far involve the U.S. winding down previous support for African countries’ priority health programmes, particularly PEPFAR support for HIV and tuberculosis, while making access to information about dangerous pathogens a priority.
These aren’t just health funding agreements. They are digital governance agreements. We need to pay attention to what is being signed away.
What the Agreements Actually Require
Each MOU comes bundled with two sub-agreements that should concern every digital health practitioner in a signatory country.
- The Specimen-Sharing Agreement reportedly requires countries to share physical pathogen specimens and genetic sequence data within five days of detection.
- The Data-Sharing Agreement reportedly grants the U.S. government or its contractors access to national health data systems, including surveillance databases and laboratory management platforms.
The reported durations are striking: 25 years for specimen access and 10 years of post-termination data access, attached to five-year funding commitments.
The deals do not guarantee that any drugs or vaccines developed as a result of that exchange would go to the countries affected. Zimbabwe’s government spokesperson Nick Mangwana put it plainly: his country was asked to provide the raw materials for scientific discovery without any assurance that the end products would be accessible to Zimbabweans.
This is the core asymmetry. Five years of declining U.S. funding in exchange for decades of data access with no reciprocal benefit-sharing obligation.
As I wrote when Kenya first signed, we’ve spent years building principles around data protection, privacy, and sovereignty, and the WHO Global Strategy on Digital Health emphasizes that countries should adopt digital health that respects their sovereignty, but those principles assume countries have meaningful choices.
These agreements reveal how fragile that assumption was.
African Countries Are Not Responding Uniformly
The conventional narrative here is “African countries are accepting these deals because they have no choice.” The reality is more complex, and we need to understand the variation because it has direct implications for where and how we work.
Zimbabwe rejected it outright.
On February 25, 2026, the U.S. Embassy in Harare confirmed Zimbabwe would begin winding down U.S. health assistance after negotiations collapsed on a proposed $367 million bilateral health funding agreement.
Zimbabwe’s government described the deal as asymmetrical and connected its rejection explicitly to WHO Pathogen Access and Benefit-Sharing (PABS) negotiations, arguing that accepting a bilateral arrangement would undermine African solidarity in multilateral forums.
The cost is immediate: 1.2 million men, women, and children currently receiving HIV treatment through U.S.-supported programs face a funding vacuum.
Zambia pushed back on the MOU.
Zambia’s government said it had pushed back on a section of its deal, with negotiations stalled as of early March 2026. Civil society actors described the data flow as running exclusively from Zambia to the U.S. with no reciprocal mechanisms.
Reuters reported that the draft agreement ties funding to a ‘bilateral compact’ linked to mining collaboration proposed by Secretary Rubio. The Zambian government explicitly denied any connection, stating the agreement ‘has no relation whatsoever to minerals, mining, or any natural resources.
Rwanda negotiated a bespoke agreement.
Rwanda’s $228 million MOU signed on December 5, 2025, reportedly includes $158 million from the USA and $70 million Rwanda, and unique elements absent in the template: explicit support for two U.S. companies:
- Zipline International for drone delivery
- Ginkgo Bioworks for ‘biothreat radar’ surveillance
Independent analysis has characterized the Rwanda MOU as qualitatively different from others. Rwanda signed the MOU during a visit that also produced a DRC peace accord and a deportation agreement with the U.S.
The broader strategic relationship and geopolitical positioning complicates independent assessment of the health MOU’s terms and changes the context for understanding Rwanda’s negotiating leverage.
Nigeria has a religious angle.
Nigeria’s Global Health MOU is the largest by total value at $5.1 billion – $2.1B from U.S., $2.9B from Nigeria. It also has a distinctive and confirmed provision.
The State Department stated publicly that the agreement was negotiated in connection with reforms the Nigerian government has made to prioritize protecting Christian populations from violence, including dedicated funding for Christian healthcare facilities.
This faith-based conditionality raises distinct questions about the application of religious criteria to health funding in a country with a slight Muslim majority population.
Kenya signed, then faced the courts.
Kenya’s High Court has frozen implementation of its MOU after two separate court challenges by the Consumer Federation of Kenya and local Senator Okiya Omtatah over concerns about patients’ data privacy and the bypassing of Parliament.
This is significant.
When domestic data protection laws are robust enough, they can function as a constraint on international agreements. A Kenyan legal opinion found the draft MOU unconstitutional and in violation of the Data Protection Act, the Digital Health Act, and the Health Act.
That’s not just a sovereignty argument. That’s a digital governance argument with teeth.
26 African governments have signed MOUs
There are at least 26 global health MOUs, between the U.S. and partner countries represent five-year plans outlining the USA engagement in each country’s health efforts with the goal of helping countries move toward more resilient and durable health systems.
Each agreement details how health funding will transition country programs from U.S. assistance to long-term country ownership, with a pledge from each partner country to increase its domestic health spending, or co-investment in health, over the next five years as the U.S. decreases its health assistance.
There was limited public controversy in most countries, though Uganda’s agreement reportedly embeds implementation plans as an annex to its national health budget, directly subordinating parliamentary appropriation to donor-specified priorities.
Africa CDC Is in an Impossible Position
Africa CDC Director-General Jean Kaseya unveiled the Africa Health Security and Sovereignty Agenda in November 2025, describing it as “non-negotiable” and stating that health sovereignty does not mean isolation — it signals a new model of partnership in which African nations lead with clarity and confidence.
Two months later, his institution was watching 18 member states sign agreements that contradict that agenda. When the U.S. offered Africa CDC an observer role in the bilateral negotiations, Kaseya declined.
Kaseya told journalists: “There are huge concerns regarding data, regarding pathogen sharing. We want to own our data in Africa. We want to own our future.”
He simultaneously pledged technical support to all member states regardless of whether they signed, rejected, or renegotiated. That dual position reflects the institutional constraints Africa CDC faces: advisory authority without the power to direct sovereign decisions.
What This Means for Us
We’ve been discussing digital sovereignty as a development principle for years. As I’ve argued before, locally owned health data systems are the foundation of health system resilience. What we’re watching right now is the stress test of everything we’ve been building toward.
Four implications you cannot ignore:
1. Accountability architecture has shifted.
NGO-mediated implementation of PEPFAR funding is being replaced by government-to-government agreements. If your organization was implementing U.S.-funded health programs, your role in that funding chain has fundamentally changed. The question of who owns data collected through your programs is no longer abstract.
2. Data governance is a frontline program issue.
If you are managing health data systems in any MOU-signatory country, you need to understand how data-sharing provisions interact with domestic data protection law. Kenya’s court intervention demonstrates this isn’t theoretical. It’s operationally consequential.
3. Civil society leverage varies dramatically by context.
The Kenya case shows that organized legal challenges work — when domestic judicial independence is meaningful and data protection frameworks are developed enough to provide legal standing. That leverage barely exists in countries like Burkina Faso or Burundi, where institutional capacity is weaker and health system dependency on U.S. funding is acute.
4. Multilateral stakes are organizational and diplomatic.
The MOUs make access to information about dangerous pathogens a priority Health Policy Watch in ways that directly contradict the WHO’s PABS negotiations. The U.S. withdrew from WHO in January 2025. The bilateral channel it has built bypasses the multilateral pathogen-sharing architecture entirely.
If that architecture fractures, the consequences for pandemic preparedness fall on every organization working in global health, regardless of which country they operate in.
