The African Union (AU), formed in 2002 to replace the Organisation of African Unity, consists of 55 African states, and its broad objectives include establishing peace and security, and fostering development and socio-economic integration on the African continent.
Cyber security, and especially cybercrime, is viewed as a growing concern in Africa. An African Union Convention on Cyber Security and Personal Data Protection was drafted in 2011 to establish a ‘credible framework for cybersecurity in Africa through organization of electronic transactions, protection of personal data, promotion of cyber security, e-governance and combating cybercrime.’ The AU postponed the adoption of the Convention several times before finally adopting it in June 2014 (see INCYDER news item). The Convention addresses three main areas: (1) electronic transactions, (2) personal data protection, (3) cyber security and cybercrime. The treaty will enter into force 30 days after the 15th instrument of ratification or accession is deposited.
However, by now, the Convention is only ratified by 5 out of 55 AU members (Ghana, Guinea, Mauritius, Namibia and Senegal), while 14 more countries have signed it but have not ratified it, according to the Convention webpage.
The AU cooperates with the Council of Europe Cybercrime Programme Office (C-PROC) via the latter’s Global Action on Cybercrime Extended (GLACY+) project.