| dc.description.abstract | Currently, Africa hosts 4 of 10 countries with the highest cybercrime levels in the world. To augment the inadequacy of municipal cyber legislations in Africa, the African Union Convention on Security in Cyberspace and Personal Data Protection (AUCSCPDP) was signed in July 27, 2014 in Malabo, Equatorial Guinea. Basing on documentary reviews, surveillance of media coverage and observations on cybersecurity initiatives across the globe, this critical assessment concludes that the AUCSCPDP is the most comprehensive continent-wide cybersecurity convention. Unlike the Council of Europe Convention on Cybercrime (CoECC, 2001), benchmarked herein, the AUCSCPDP attunes to Africa’s context, prohibiting identity flexibility and associative anonymity in ecommerce; outlawing spam; addressing the use of encryption in cybercrime; prohibiting key forms of online discrimination, which all currently constitute Africa’s biggest vulnerability in cyber space.
The AUCSCPDP provision for independent expert vulnerability testing of Internet service introduces an essential process through which Africa’s ICT development will proactively incorporate online security measures. However, the provisions permitting nonconsensual interference with private, personal and sensitive data; the interference with online traffic or content data; and the issuance of search and seizure warrants that permit inappropriate and broad ongoing investigation mandates to judges will inadvertently undermine values that the
AUCSCPDP is seeking to protect such as rights to privacy and freedom of expression. The provisions covering aggravation and corporate liability are crafted, albeit inadvertently, in ways that will impose unjustified legal burdens on individuals and corporations. By not providing for a model cyber law, by precluding provisions on jurisdiction, and avoiding a continent-wide Computer | en_US |
