The 2020 Cybersecurity Act is a 67-page document enacted on 29 December 2020 to establish the Cyber Security Authority, regulate cybersecurity activities in the country, promote the development of cybersecurity in the country, and provide for related matters. The Act, divided into 100 sections split across 17 parts, has 3 schedules dedicated to an explanation of the Cyber Security Services, a table of administrative penalties, and the oath of secrecy.
See Full PDF See Full PDFAs Ghana's reliance on digital technology grows, so does the legal risk implicit in cybersecurity breaches. Such breaches can have serious legal consequences, aside financial and reputational costs or loss of digital trust. A cyber breach involving certain assets may also have crucial national security implications. The questions for CISOs include, what is the nature of the legal burden to which they are exposed?, Can a breach have international legal /security consequences? And how must CISOs respond? In Ghana, the legal ramifications of a cybersecurity breach is embeded in a number of statutes, key among them, the Data Protection Act, Electronic Transactions Act, and the Cybersecurity Act - as indeed a variety of civil and criminal liabilities. Domestic and international law imposes legal duties on entities to safeguard the personal data of their clients and customers, short of which legal penalties may arise. Dr. Dickson considers a range of vexed legal, regulatory and practical questions trends and learns that CISOs can learn in regard to situations of a cybersecurity breach.
Download Free PDF View PDF
Law Research Review Quarterly
There is free flow of information in the cyberspace and as a result, nations are obviously wary of the integrity of its data as part of both public safety and national security concerns. There are ways that the associated risk could be mitigated and mostly has to do with a proper development and implementation of Cyber security policies and strategies. This research focuses on the cyber security policies, strategies and laws of both Nigeria and South Africa and also making a comparative analysis of the current National Cyber Security Policy and Strategy of both countries and the necessary recommendations going forward. In the case of Nigeria, analytical evidence shows that the national documents were found to have satisfied most of the requirements in terms of content, but failed to address other aspects of cyber security concerns in the country. On the other hand, South Africa as a country is lagging especially in governmental coordination, cybersecurity legislation, engagement wit.
Download Free PDF View PDF
ThisstudyprovidesanunderstandingofcybersecurityandfurtheranalysestheCyberSecurityand DataProtectionBillofZimbabwe.Theinternetandothertechnologicaldevelopmentshaveprovided avarietyofplatformsforincreasedandsometimesunrestrictedexerciseoffreedomofexpression, association, online transactions, and access to information rights. Zimbabwe has faced increased threatsfromcyberactivities.ThishasnecessitatedthecountrytoenacttheCyberSecurityandData Protection Bill. The purpose of the Cyber Security and Data Protection Bill is to increase cyber securityinordertobuildconfidenceandtrustinthesecureuseofinformationandcommunication technologiesbydatacontrollers,theirrepresentatives,anddatasubjects.Thisstudyreliedondata gatheredthroughkeyinformantinterviewsanddocumentarysearch.Thekeyinformantsweredrawn fromvariousinstitutionsthatdealwithcybercrime.Zimbabwedoesnothaveadequateandeffective legislativeinstrumentstocombatcybercrime.
Download Free PDF View PDF
Journal of Law, Policy and Globalization
Since the advent of the internet, the world has become a global community. This is because through the worldwide web links information is being passed on and received almost instantaneously or in real time. People from different locations are able to communicate with one another by exploring social media platforms to advance their course. However, the increasingly use of the internet has fueled the emergence of cybercrime in Ghana and concerns have been raised by people in the position of trust about whether our current laws are robust to deal with the menace. The main thrust of the study was therefore to examine how the law enforcement agencies, especially the police and the judiciary are reacting to the cybercrime peril in the country. A total of nine (9) respondents took part in the study. Structured interview guide was employed as data collection instrument. In the data analysis, each of the in-depth interviews was transcribed as soon as the information is gathered and developed them into codes. The study revealed that the Ghana Police Service efforts to thwart the menace are being limited by factors such as computer crime investigators, ultramodern equipment, and cooperation from the Internet Service Providers to adduce electronic evidence. In addition, the Electronic Transaction Act of 2008, (Act 772) needs to be reviewed to accommodate the new challenges that have emerged in the cyber ecosystem. It was concluded from the discussions that a progressive capacity building programmes should be organized for law enforcement agencies to enable them acquire ICT skills to deal with cyber laws.
Download Free PDF View PDF
Download Free PDF View PDF
The cybersecurity discourse in Africa has been evolving very slowly, notably since 2007 when the regional block started mooting its own approach towards it. However, it still lags behind the region's technological growth and its attendant challenges such growth poses to governance and human rights. This has created a chasm between technology uptake and the policy framework that address digital-related challenges. The understanding of cyber-related challenges is embryonic, thus leading to polarised and esoteric discussion of cybersecurity. As cyberspace is bringing important opportunities and challenges for governance and development in Africa, the region increasingly need to understand what cybersecurity means to its various constituencies, then adopt relevant supra and national cyber security policies in line with this diffusive understanding. Through the African Union (AU), it the needs to leverage opportunities brought by the cyberspace especially to spur growth and extend digital rights. Such measures, in our view, should balance the competing interests of African states, civil society, the private sector including international cooperations who have a stake in this new dynamic environment. Balancing these competing interests towards securing digital rights for all is the challenge the AU faces in taking the cybersecurity issue forward. The Convention on Cybersecurity and Personal Data Protection provides a normative framework within which these developments can sit and find strength. The adoption of, two years ago, the Convention on Cybersecurity and Personal Data Protection by the AU, signalled the continent's acknowledgement that the cyber challenges are now deeper than naïve random email scams and chiselling crimes. It also demonstrates the continent's readiness to adopt a regional grown benchmark. The region has awoken to the realisation that cyber security threats are real, and some of them are new, for example, criminal gangs are embracing more sophisticated ways to use technology that transcend borders. Yet, despite the current awakening to cybercrime and national security, the cyber security discourse needs to move beyond cybercrime and perceived threats to national security. Such a skewed understanding has led to limited interventions, such as the usage of military sting rays in civil spaces and explains lack of appetite to adopt the Convention. To borrow the text of the 4 th amendment to the U.S Constitution, " The right of the people to be secure [including on the internet] " is the heartbeat of cybersecurity. Thus, the conceptualisation of cybersecurity in Africa must encompass the broad areas such as privacy, security, freedom of expression and equal treatment of data traffic on the internet: It must secure liberty in changing digital world. The AU should prioritise this task as it moots the way forward. In light of the above, what should be the practical way forward for the AU on cybersecurity in the region? In our view there is need for an audit: First, although consensus may never be reached, there should be a general common understanding of the term 'cybersecurity' and what it entails to the various constituencies. This will require a proactive and intentional awareness raising campaign in regional internet and other forums. Although the impact of cybercrime on businesses has been looming large in policy discussions, important as that discussion is, it has overlooked the interests of users at risk such as human rights defenders and those in the LGBT community to whom privacy of their correspondence and online activities matter the most. In response to their concerns, government have insisted 'If you have nothing to hide what do you fear'. This lax commitment to the privacy and security of users is reflected in the Convention's questionable human rights clauses which has led to its mixed reception by civil society groups and some international companies. The AU has to create platforms to converge cybersecurity discourses, a first step in engendering confidence in the Convention. So far, the regional Internet Governance Forums have not achieved this as public officials obsess with reducing risks to national security, perceived or actual, and prioritisation of domestic crime prevention such as hate crime and child pornography. Kenya, Zambia and Swaziland are good examples. In the absence of national frameworks that guide law enforcement and national security agencies on such issues, these officials have rarely considered the risks to privacy and the risks to freedom and civil liberties. Second, the AU needs to examine why there has been very little appetite to adopt, let alone, ratify the Convention. It seems that geopolitical considerations which motivated its formulation have led to its dormancy. If these considerations are not addressed hook, line and sinker, they might permanently stall the process. According to Mailyn Fiddler, A Marshall Scholar at Oxford University, the AU's choice to develop its own Convention instead of promoting African participation in existing cyber treaties,
Download Free PDF View PDF