African Union Struggling to Adopt Convention on Cyber Security

The African Union (AU) has failed to adopt much-needed legislation by not ratifying the Convention on Cyber Security. Opposition comes largely from Kenya, which is claiming that the bill would limit basic rights and economic development. The AU postponed the vote on the Convention on Cyber Security at its 22nd semi-annual summit in January 2014.

The Convention was first drafted in 2011 to establish a ‘credible framework for cybersecurity in Africa through organization of electronic transactions, protection of personal data, promotion of cyber security, e-governance and combating cybercrime’.1

The process was reportedly hindered by technical delays and political opposition.2 A vocal opponent of the bill has been the Kenyan Strathmore University’s Centre for Intellectual Property and Information Technology Law (CIPIT), which claims that the current version of the Convention would limit freedom of speech and the right to privacy and would give governments too much power, producing a ‘legislative overkill’.3 For instance, critics say that the convention would give excessive rights to judges to access personal information.4 New regulations posed by the draft are also causing concern for private companies who fear that the Convention will impede the development of e-commerce in the region.4

The info society division of the AU gave CIPIT until May 2014 to draw up a unified proposal for how to amend the current draft Convention1 to be signed by the Ministers of Justice. The next AU summits will be held in July 2014 and January 2015.

The setback comes amid growing concern over cybercrime in the region.5 At the moment, only 5 out of 57 states have cybercrime laws.6 The overall lack of legislation is seen as one of the reasons why Africa could become ‘a new safe harbor’ for cyber criminals.4

  1. The Draft AU Convention on Cyber Security is available at: [] []
  2. Gareth van Zyl, „Adoption of ‘flawed’ AU cybersecurity convention postponed,“ ITWeb Africa, January 21, 2014.… []
  3. Joel Macharia, “Africa Needs A Cybersecurity Law but AU’s Proposal is Flawed, Advocates Say,” techPresident, January 31, 2014.… []
  4. Ibid. [] [] []
  5. Paul Tentena, “Cyber crime on the increase in Africa,” East African Business Week, March 31, 2014. []
  6. Richard Medugno, “Africa: A New Safe Harbor for Cybercriminals,” Trend Micro Fearless Web, April 15, 2014.… []