More work is needed by West African countries to adopt and coordinate laws related to cybersecurity, according to officials who met at recent events hosted by UNCTAD, the U.N. Conference on Trade and Development.
In the region, only Cote d’Ivoire, The Gambia, Ghana and Senegal have passed cyberlaws, according to representatives who attended UNCTAD seminars in Senegal last month and Ghana last week.
To spur development of ICT in the 15-state West Africa region, much more work is needed to adopt and coordinate a legal framework for e-transactions, privacy and computer crime, officials said. The region is becoming known as a base for Internet scams, and it has become clear that cybercrime has a cross-border pattern that makes it extremely difficult for law enforcement agencies to tackle solely from a national perspective, officials said.
At the four-day UNCTAD gathering in Accra, Ghana, country representatives discussed ways to coordinate laws on e-commerce and also looked at developing cybercrime legislation based on the Budapest Convention on Cybercrime. The Budapest Convention is an international treaty that addresses the harmonisation of cybercrime laws written by the EU’s Council of Europe in 2001 and signed by 42 countries so far.
The Accra meeting was called “to encourage countries to harmonise their legislation with existing instruments, such as the Budapest Convention and others,” said Council of Europe Cybercrime Convention Committee Executive Secretary Alexander Seger, in email.
“It is clear that once legislation is in place, capacity building is needed at all levels,” Seger said. “This includes in particular training.”
Seger added that the Council of Europe would be prepared to assist countries in West Africa in both cybercrime and data protection legislation.
“A clear legal framework in line with international standards and rule of law and human rights requirements and the ability to apply such a framework in practice will allow societies in West Africa to exploit the human development potential of information technologies,” Seger said.
At the Accra meeting, Ghana adopted a Cybersecurity Strategy, signing a memorandum of understanding with the Commonwealth Cyber Initiative (CCI) of the 53-member Commonwealth of Nations to focus on child online protection and cybersecurity plans.
Eight countries in West Africa have prepared bills, though they have not yet been passed into law.
“In the region, only Guinea, Guinea Bissau and Sierra Leone do not have draft laws,” said UNCTAD Programme Manager on E-Commerce and Law Reform at the ICT Analysis Section, Cécile Barayre. “It’s a slow process but there is indication that countries are moving ahead. Even if the adoption of cyberlaw does not get the same priority in every country, there is a common understanding of the need for harmonisation,” Barayre said in email.
The Council of Europe’s Seger noted that to enhance cybersecurity in Africa, it is essential that countries establish, as a foundation, a regulatory framework covering different aspects of cyberspace.
“With regard to cybercrime this includes criminal law provisions in line with the Budapest Convention on Cybercrime,” he said. “It is important that the powers given to law enforcement are subject to safeguards,” Seger wrote in email. “Moreover, countries should adopt a framework for the protection of personal data. It is good to see that several countries of West Africa have made good progress in this respect.”
Enhancing cybersecurity in Africa not only requires government engagement at the highest level, but also training to ensure local law enforcement and technical personnel have the tools and training required to enhance and enforce security laws and related IT, said UNCTAD’s Barayre.
There was wide agreement among West African officials attending the Accra conference last week to work toward coordinating efforts on cyberlaws. One way to do this, officials decided, is to take advantage of UNCTAD’s TrainForTrade program, which includes online learning courses.