Adoption of 'flawed' AU cybersecurity convention postponed

Adoption of 'flawed' AU cybersecurity convention postponed

A controversial cybercrime convention is not being adopted by the African Union (AU) this January as initially planned.

A draft African Union Convention on Cyber Security (AUCC) proposes “establishing a credible framework for cyber security in Africa through organisation of electronic transactions, protection of personal data, promotion of cyber security, e-governance and combating cybercrime.”

The AU wants to establish the convention because it claims African states are in “dire need” of cybercrime strategies that also enable cross-border cooperation

The AU initially planned to vote on the convention at an AU summit in Ethiopia this week.

But technical delays and even opposition to the convention have stalled the process.

Last year, Kenyan based Strathmore University's Centre for Intellectual Property and Information Technology Law (CIPIT) drew up a petition to prevent the AU cybercrime convention from being adopted in its current form.

CIPIT has said the convention, if adopted as is, could abuse Africans’ right to privacy, harm freedom of expression, introduce legislative overkill and place too much power in the hands of judges.

A draft version of the convention allows judges, in the “public interest”, to call for the interception of individuals’ electronic communications without their permission.

“The convention is not being passed this January,” Robert Mureithi, a researcher at CIPIT has told ITWeb Africa.

“We attended African ICT Week last year in Addis (Ababa) where we met the info society division of the AU. The draft AUCC is yet to be endorsed by AU Ministers of Justice. As it stands the draft might be up for adoption by heads of states either in July when the next AU Summit will be taking place or January 2015,” Mureithi told ITWeb Africa.

“However, in the time being, (the) info society division of the AU was kind enough to entertain our petition and we have been given until May 2014 to come up with a unified memo from Kenya on some of the issues we might have and remedies we think are appropriate in such circumstances,” Mureithi added.

Deliberations surrounding the controversial convention; though, come as cybercrime is costing the continent billions.

Kenya’s Director of Public Prosecutions (DPP), Keriako Tobiko, has said cybercrime is costing the East African nation up to Ksh 2 billion annually.

Meanwhile, the likes of the South African Cyber Threat Barometer 2012/13 put the total direct losses to cybercrime in the country between January 2011 and August 2012 at R2.65 billion.

Read more