Pricing

Burkina Faso's Digital Landscape: An Expert Guide to Internet, Mobile Networks, and Public WiFi

Navigate Burkina Faso's connectivity. This comprehensive guide covers internet speeds, major ISPs, 4G/5G, public WiFi laws, data privacy, and cybersecurity for residents and travelers.

Burkina Faso's Digital Landscape: An Expert Guide to Internet, Mobile Networks, and Public WiFi landmark

Travel & connectivity tips

Navigating Burkina Faso's Internet & Mobile Connectivity: A Deep Dive for Travelers and Residents

Burkina Faso, a landlocked nation in West Africa, is steadily advancing its digital infrastructure. While internet penetration is growing, understanding the local landscape is crucial for seamless connectivity. This section provides a detailed overview of internet speeds, major ISPs, network availability, and practical tips.

Current State of Internet Speeds and Infrastructure

Internet speeds in Burkina Faso vary significantly depending on location and the type of service. In urban centers like Ouagadougou and Bobo-Dioulasso, fixed broadband and 4G mobile data offer reasonably good speeds suitable for browsing, streaming, and professional communication. However, rural areas often contend with slower 2G/3G connections or limited availability.

  • Mobile Data Speeds: 4G LTE is the predominant high-speed mobile technology in urban areas. Users can expect download speeds ranging from 10 Mbps to 50 Mbps, with peaks sometimes reaching higher, depending on network congestion and location. 3G speeds are significantly slower, typically 1 Mbps to 5 Mbps. Consistent 5G network deployment is currently not widely available in Burkina Faso. Operators are focusing on expanding and optimizing their 4G networks.
  • Fixed Broadband Speeds: Fiber Optic to the Home (FTTH) and Fiber Optic to the Business (FTTB) are increasingly available in major cities, offering the most reliable and fastest internet options. Speeds can range from 20 Mbps to over 100 Mbps for residential users and higher for business clients. ADSL (Asymmetric Digital Subscriber Line) is still present but is gradually being phased out or reserved for areas without fiber access, offering speeds typically below 10 Mbps.

Major Internet Service Providers (ISPs) and Mobile Network Operators

Burkina Faso's telecommunications sector is dominated by two major players, offering both mobile and fixed internet services:

  1. Orange Burkina Faso (Sonatel BFI): A subsidiary of the French multinational Orange and part of the Sonatel Group (Senegal), Orange BF is a leading provider of mobile, fixed-line, and internet services. They offer extensive 2G, 3G, and 4G coverage, along with fiber optic broadband in urban areas. Their mobile data packages are popular and competitively priced, and they are a key player in enterprise connectivity.
  2. Moov Africa Burkina Faso: Part of Maroc Telecom, Moov Africa is the other major mobile network operator. They provide robust 2G, 3G, and 4G services, particularly strong in mobile data and value-added services. Moov Africa also offers some fixed wireless and limited fixed-line solutions, often targeting residential and small business segments.

Other smaller ISPs might exist for specialized business services or satellite internet, but Orange and Moov Africa are the primary choices for general consumers and most businesses.

Practical Connectivity Tips for Travelers and Residents

Whether you're visiting Burkina Faso or settling down, these tips will help you stay connected:

  • Local SIM Cards are Essential: For reliable and affordable mobile data, purchasing a local SIM card is highly recommended. Orange Burkina Faso and Moov Africa both have kiosks at airports, major city centers, and authorized distributors. You will need a valid ID (passport for foreigners, national ID for residents) for SIM card registration, a mandatory requirement under local laws for security and identification purposes.
    • Recommendation: Compare data bundles and coverage maps between Orange and Moov Africa based on your specific travel route or residential area. Both offer daily, weekly, and monthly data packages.
  • Top-Up and Data Bundles: Once you have a SIM, topping up credit and subscribing to data bundles is straightforward via USSD codes, mobile apps, or designated vendors. Ensure you understand the expiry dates of your bundles.
  • Unlocked Devices: Ensure your mobile phone is unlocked to accept a local SIM card. If you plan to use a MiFi device or USB modem, confirm its compatibility with local network frequencies.
  • Fixed Broadband for Stability: For businesses or residents requiring stable, high-speed internet, fiber optic connections from Orange Burkina Faso are the most reliable option in areas where it's available. Installation can take time, so plan accordingly.
  • Public WiFi Awareness: While hotels, cafes, and restaurants in major cities increasingly offer free public WiFi, exercise caution (as detailed in the 'Consumer Considerations' section). These networks can be convenient but often lack robust security.
  • Power Supply: Burkina Faso experiences occasional power outages. Consider a power bank for your mobile devices and a UPS (Uninterruptible Power Supply) for fixed internet equipment if consistent connectivity is critical.
  • Check Coverage Maps: Before committing to a service, especially if you plan to travel extensively outside major cities, consult the coverage maps provided by Orange Burkina Faso and Moov Africa on their respective websites. This will give you an idea of 2G, 3G, and 4G availability in specific regions.
  • Offline Resources: Download maps, travel guides, and important documents offline before venturing into areas with potentially limited connectivity.

By understanding these nuances, you can ensure a smooth and productive digital experience in Burkina Faso.

Local connectivity laws

Data Protection, Privacy, and Online Safety in Burkina Faso: A Legal Overview

Burkina Faso has made strides in establishing a legal framework for data protection and telecommunications, reflecting an increasing awareness of digital rights and responsibilities. Understanding these laws is vital for both individuals and businesses operating within the country's digital sphere.

Data Protection Laws and Privacy Regulations

The cornerstone of data protection in Burkina Faso is Law N° 055-2004/AN of 21 December 2004, on the Protection of Personal Data. This comprehensive law aims to protect individuals' privacy with regard to the processing of personal data. Key principles of this law include:

  • Consent: Personal data can only be processed with the explicit, informed, and unambiguous consent of the data subject, or under specific legal grounds.
  • Purpose Limitation: Data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data Minimization: Only data that is relevant, adequate, and not excessive in relation to the purposes for which it is collected and processed should be obtained.
  • Accuracy: Data must be accurate and, where necessary, kept up to date.
  • Storage Limitation: Data should not be kept for longer than is necessary for the purposes for which it was collected.
  • Security Measures: Data controllers are obligated to implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Regulatory Body: The enforcement and oversight of data protection are primarily handled by the Commission Nationale de l'Informatique et des Libertés (CNIL Burkina Faso). This independent authority is responsible for advising the government on data protection matters, receiving complaints from individuals, and ensuring compliance with the law. Businesses and organizations processing personal data must notify the CNIL or obtain authorization, depending on the nature of the processing.

SIM Card Registration: A critical aspect of privacy regulation impacting telecommunications users is the mandatory registration of all SIM cards. This requires individuals to provide a valid form of identification (National ID for citizens, passport for foreigners) when purchasing a SIM card. This measure, overseen by the Autorité de Régulation des Communications Électroniques et des Postes (ARCEP), is primarily aimed at enhancing national security, combating cybercrime, and facilitating law enforcement investigations, though it raises privacy considerations regarding data collection and retention by mobile operators.

Online Safety and Cybersecurity Framework

Beyond data protection, Burkina Faso has been developing its framework for online safety and cybersecurity:

  • Cybercrime Legislation: The country has laws addressing various forms of cybercrime, including hacking, fraud, identity theft, and the dissemination of illegal content. These laws aim to deter malicious online activities and provide legal recourse for victims.
  • Child Online Protection: While specific standalone legislation focused solely on child online protection may still be evolving, existing general laws on child protection and cybercrime are leveraged to safeguard minors from online exploitation and abuse.
  • National Cybersecurity Strategy: Burkina Faso is working towards strengthening its national cybersecurity posture, often with the support of international partners. This includes developing Computer Emergency Response Teams (CERTs) or similar bodies to respond to cyber incidents.
  • ARCEP's Role: The Autorité de Régulation des Communications Électroniques et des Postes (ARCEP) is the primary telecommunications regulator. ARCEP is responsible for licensing operators, ensuring fair competition, managing spectrum, and overseeing the quality of service. Its mandate also extends to ensuring compliance with certain aspects of online safety and consumer protection within the telecommunications sector.

Internet Freedom and Censorship

Burkina Faso generally enjoys a relatively open internet environment compared to some other nations in the region. However, challenges to internet freedom and instances of censorship have been observed, particularly during periods of political instability or social unrest:

  • Social Media Restrictions: There have been documented cases, particularly following coups or significant political events, where access to social media platforms (such as WhatsApp, Facebook, X/Twitter) has been temporarily restricted or entirely cut off by government directives. These actions are typically justified on grounds of maintaining public order or national security, though they are often criticized by human rights organizations as infringements on freedom of expression.
  • Website Blocking: While widespread, systematic blocking of news or opposition websites is not a consistent feature, targeted blocking can occur. The mechanisms for such blocking typically involve directives to ISPs to restrict access to specific IP addresses or domain names.
  • Surveillance: The mandatory SIM card registration, coupled with laws allowing authorities to request user data from telecommunications operators, raises concerns about potential government surveillance capabilities. While these powers are legally intended for legitimate law enforcement and national security purposes, their application can be opaque.
  • Self-Censorship: Due to the possibility of surveillance and the legal consequences of certain online expressions, a degree of self-censorship among online users and journalists can occur, particularly concerning politically sensitive topics.

While Burkina Faso's legal framework provides a foundation for data protection and online safety, the practical application and enforcement of these laws, particularly concerning internet freedom, can be subject to political dynamics. Users and businesses should remain aware of the evolving legal landscape and their rights and obligations.

For venue operators

Public WiFi for Businesses in Burkina Faso: Legal & Technical Obligations

Offering public WiFi to customers is a significant value-add for hotels, cafes, malls, and other businesses in Burkina Faso. However, it comes with specific legal responsibilities and technical considerations that providers must adhere to, especially concerning user identification, data retention, and security.

Legal Obligations for Public WiFi Providers

Businesses offering public WiFi in Burkina Faso must navigate regulations primarily derived from the data protection law (Law N° 055-2004/AN) and telecommunications regulations set by ARCEP. Key obligations include:

  1. User Identification: Due to national security concerns and anti-cybercrime efforts, there is an expectation, and often a legal requirement, for public WiFi providers to identify their users. This can be implemented through:

    • Captive Portals with Personal Data: Requiring users to register with their name, phone number, and potentially an ID number. If a phone number is provided, it must be linked to a registered SIM card. Some establishments may even require a physical ID check.
    • Temporary Accounts: For short-term visitors, some venues might issue temporary access codes linked to a check-in or registration process that already captures identification data.
    • Best Practice: Integrate with existing customer identification processes (e.g., hotel check-in) to streamline user authentication for WiFi access.

  2. Data Retention: Public WiFi providers are typically obligated to retain certain connection logs for a specified period (often 6 months to a year, though specific periods can vary based on ARCEP directives or national security laws). This data usually includes:

    • User identification details (if collected).
    • Timestamp of connection and disconnection.
    • Assigned IP address.
    • MAC address of the connecting device.
    • Websites visited (in some cases, although packet inspection for individual browsing history is more complex and less common for general public WiFi).
    • Purpose: This data is crucial for law enforcement investigations in cases of cybercrime or other illicit online activities traceable to the network.

  3. Transparency and Privacy Policy: Businesses must be transparent about their data collection practices. This involves:

    • Terms of Service: Presenting clear terms of service and a privacy policy on the captive portal that users must accept before gaining access. This policy should detail what data is collected, why it's collected, how it's stored, and who it might be shared with (e.g., law enforcement).
    • Data Subject Rights: Informing users of their rights under Law N° 055-2004/AN, such as the right to access, rectify, or object to the processing of their data.

  4. Data Security: Providers are legally obliged to protect the personal data they collect from unauthorized access, loss, or disclosure. This means:

    • Implementing robust security measures for data storage.
    • Ensuring only authorized personnel have access to logs.
    • Using secure transmission protocols where data is exchanged.

  5. ARCEP Compliance: Businesses offering internet services, even as a secondary offering, should be aware of any specific guidelines or licensing requirements from ARCEP for public WiFi hotspots. While direct licensing for small venues might not be required, adhering to service quality and security standards is generally expected.

Technical Obligations and Best Practices

Implementing a public WiFi network requires more than just plugging in a router. Technical best practices ensure security, reliability, and compliance:

  1. Robust Network Infrastructure: Invest in business-grade access points (APs) and network equipment that can handle multiple concurrent users and offer good coverage within the premises. Consider mesh networks for larger areas.

  2. Captive Portal Implementation: A captive portal is essential for authentication and legal compliance. It should:

    • Require user login (e.g., via email, phone number, social media, or a pre-issued voucher).
    • Display Terms of Service and Privacy Policy for acceptance.
    • Allow for bandwidth management per user or device to ensure fair usage and prevent a single user from hogging bandwidth.
    • Integrate with user identification systems to link connections to specific individuals.

  3. Network Segmentation: Isolate the public WiFi network from the business's internal network (e.g., POS systems, back-office computers). This is critical for security, preventing unauthorized access to sensitive business data.

    • Use separate VLANs (Virtual Local Area Networks) or physically separate networks.

  4. Encryption (WPA2/WPA3): While public WiFi often means users connect to an open network via the captive portal, the underlying wireless transmission should still be secured with WPA2 or, preferably, WPA3 encryption. This protects wireless communication between the user's device and the access point.

  5. Traffic Monitoring and Logging: Implement network monitoring tools to log connection details (IP address, MAC address, connection times) as required by law. Ensure these logs are stored securely and for the mandated duration.

  6. Firewall and Intrusion Detection: Deploy firewalls to protect the network from external threats and potentially an Intrusion Detection System (IDS) to monitor for suspicious activity.

  7. Regular Updates and Maintenance: Keep all network equipment firmware and software up to date to patch security vulnerabilities. Conduct regular network audits.

  8. Bandwidth Management: Implement Quality of Service (QoS) rules to prioritize critical business traffic and manage bandwidth allocation for public WiFi users. This prevents network saturation and ensures a decent experience for everyone.

By diligently addressing both the legal and technical aspects, businesses in Burkina Faso can provide a valuable public WiFi service while protecting their customers, their business, and ensuring compliance with national regulations.

For your guests

Cybersecurity in Burkina Faso: Essential Advice for End-Users and Travelers

As internet penetration grows in Burkina Faso, so do the associated cybersecurity risks. Whether you're a resident or a traveler, understanding these risks and adopting proactive security measures is paramount for protecting your personal data, financial information, and digital privacy. This section provides critical cybersecurity advice tailored for the Burkinabè digital landscape.

The Perils of Open Hotspots and Public WiFi

Public WiFi networks, commonly found in hotels, cafes, airports, and public spaces in Burkina Faso, offer convenience but pose significant security risks:

  • Man-in-the-Middle (MITM) Attacks: Unsecured public networks are prime targets for attackers who can intercept data flowing between your device and the internet. This allows them to steal login credentials, financial information, or inject malware.
  • Data Interception: Without encryption, all data you send or receive (emails, social media posts, banking details) can be easily read by anyone on the same network using basic sniffing tools.
  • Malicious Hotspots: Cybercriminals can set up fake WiFi hotspots with names similar to legitimate venues (e.g., "Hotel_Free_WiFi"). Connecting to these rogue networks gives attackers full access to your device and data.
  • Malware Distribution: Attackers can use unsecured networks to distribute malware to connected devices, compromising your system.

Advice: Avoid conducting sensitive activities (online banking, shopping, accessing confidential work emails) on public WiFi. If you must, use a Virtual Private Network (VPN).

The Indispensable Role of Virtual Private Networks (VPNs)

A VPN is a crucial tool for enhancing your online security and privacy in Burkina Faso, especially when using public WiFi or if you have concerns about internet freedom.

  • Encryption: A VPN encrypts your internet traffic, creating a secure tunnel between your device and the VPN server. This makes your data unreadable to anyone trying to intercept it, even on an open public WiFi network.
  • Anonymity and IP Masking: A VPN masks your real IP address, replacing it with the IP address of the VPN server. This enhances your anonymity online and can circumvent geo-restrictions.
  • Circumventing Censorship: In instances where social media or specific websites might be restricted by authorities in Burkina Faso (as has occurred during political events), a VPN can help bypass these blocks by routing your traffic through servers in other countries.

Legality of VPNs in Burkina Faso: Generally, the use of VPNs for personal security and privacy is legal in Burkina Faso. There are no specific laws prohibiting their use. However, using a VPN for illegal activities (e.g., cybercrime) remains illegal, and the VPN itself does not grant immunity from national laws.

Advice: Choose a reputable, paid VPN service. Free VPNs often have limitations, collect user data, or lack robust security features. Ensure your VPN client is always active when connecting to untrusted networks.

Guarding Against Spoofing and Phishing Attacks

Spoofing and phishing are common social engineering tactics used by cybercriminals to trick you into revealing sensitive information:

  • Email Spoofing: Attackers send emails that appear to be from a legitimate source (e.g., your bank, a government agency, a known contact). These emails often contain malicious links or attachments.
  • Website Spoofing (Phishing): You might be redirected to a fake website that looks identical to a legitimate one (e.g., your bank's login page). Entering your credentials on such a site hands them directly to the attacker.
  • SMS Spoofing (Smishing): Similar to email spoofing, but via text messages, often prompting you to click a link or call a number.

Advice:

  • Verify Senders: Always scrutinize the sender's email address. Look for subtle misspellings or unusual domain names.
  • Hover Before Clicking: Before clicking any link in an email or SMS, hover your mouse over it (on a computer) or long-press (on mobile) to reveal the actual URL. If it looks suspicious, do not click.
  • Examine Website URLs: Before entering any sensitive information, check the website's URL carefully. Look for https:// (indicating a secure connection) and a padlock icon. Be wary of unusual domains or subdomains.
  • Never Share Passwords: Legitimate organizations will never ask for your password via email, SMS, or phone.
  • Be Skeptical of Urgent Requests: Phishing attempts often create a sense of urgency to bypass critical thinking.

General Cybersecurity Hygiene for End-Users

Beyond specific threats, robust general cybersecurity practices are crucial:

  • Strong, Unique Passwords: Use complex passwords (a mix of uppercase, lowercase, numbers, and symbols) for all your accounts. Never reuse passwords. Consider using a reputable password manager.
  • Two-Factor Authentication (2FA): Enable 2FA whenever available (e.g., for email, banking, social media). This adds an extra layer of security, typically requiring a code from your phone in addition to your password.
  • Software Updates: Keep your operating system (Windows, macOS, Android, iOS), web browsers, and all applications updated. Updates often include critical security patches.
  • Antivirus and Anti-Malware Software: Install and maintain reputable antivirus and anti-malware software on your computers and potentially on Android devices. Keep its definitions updated.
  • Mobile Device Security: Set a strong passcode or biometric lock on your phone. Be cautious about app permissions; only grant necessary access. Consider enabling remote wipe functionality in case your device is lost or stolen.
  • Backup Your Data: Regularly back up important data to an external drive or a secure cloud service. This protects against data loss due to device failure, theft, or ransomware attacks.
  • Be Wary of Free Downloads: Exercise extreme caution when downloading software, media, or apps from unofficial sources, as they may contain malware.
  • Understand Permissions: When installing new applications, especially on mobile, review the permissions they request. If an app requests excessive permissions (e.g., a flashlight app requesting access to your contacts), reconsider installing it.

By adopting these cybersecurity practices, you can significantly mitigate your risks and enjoy a safer and more private digital experience in Burkina Faso. Stay informed, stay vigilant, and prioritize your digital security.