Addis Ababa, 30 November 2022 (ECA) - The Economic Commission for Africa (ECA) launched the Guideline for a Model Law on Cybersecurity of African Union Member States during the 17th Internet Governance Forum (IGF) held in Addis Ababa. The model guideline is expected to provide guidance to synergize an intercontinental cyber norm that enables African member states to take proactive measures in countering cyber threats.
The draft guidelines indicated some key areas that policymakers and legal experts could explore in suggesting member states implement the Lomé Declaration through national legislative processes. It is to be recalled that on 23rd March 2022 African Heads of State and Government adopted the Lomé Declaration on Cybersecurity and the Fight Against Cybercrime in Africa to ensure cybersecurity takes top priority at the highest level of governance.
Jean-Paul Adam, Director of Technology, Climate Change and Natural Resource Management at ECA noted: ‘the introduction and implementation of cybersecurity laws is an essential component of regional response to the promotion of cybersecurity in Africa’. He further mentioned that ‘ECA’s continued support to enhance interoperability and regional integration efforts such as the African Continental Free Trade Agreement (ACFTA), can be further reinforced through the implementation of such common guiding principles on cybersecurity.
Mactar Seck, Chief of Technology and Innovation at ECA indicated the significance of the guideline in setting shared cybersecurity protocols in response to the increasing threat of cyber-related crimes in the continent. According to related research findings, Africa’s low level of preparedness in cybersecurity is costing member states on average 10% of their GDP (ECA, 2022). As one of the reviewers of the report, Nnenna Ifeanyi-Ajufo also noted the importance of following a human-centered approach to cybersecurity for development beyond the functional dimensions.
While the Guideline is not a binding law or legislation and does not seek to limit the operation of any national or regional law, it provides a set of guiding principles that African Member States may follow as they set out to establish standards for ensuring cybersecurity. As of the writing of this report, only 28 of the 54 African countries have data protection legislation, and six are still in the process of drafting legislation (ECA, 2022).
Remarks from participants noted that this approach will encourage African governments to prioritize cybersecurity and also ensure that cybersecurity laws meet expected standards, are compatible with best practices, and enshrine principles of human rights.
The Guideline document can be accessed here.
Macktar Seck; firstname.lastname@example.org
Abiy Goshu; email@example.com