As African countries migrate to broadband Internet, the signs are that internet crimes will leap to new heights making it only rational to act now rather than later.
Being wired to the rest of the world means we are now within the perimeter of cyber crime, making the continent’s information systems more vulnerable than ever before.
There is a need to develop National Cyber Strategies with a vision for a safe and trustworthy cyberspace.
Faced with the immediacy of cybercrime, which constitutes a real threat to the security of computer networks and the development of the information society in Africa, there is a need to set the main orientations of the strategy for curbing cybercrime.
Emerging cybersecurity threats are the result of increasingly sophisticated methods of attack and the blending of once distinct types of attack into more complex and damaging forms.
Examples of these threats include spam (unsolicited commercial e-mail), phishing (fraudulent messages to obtain personal or sensitive data), and spyware (software that monitors user activity without user knowledge or consent).
Providing penal protection to the system of values of the information society is a necessity that is dictated by security considerations.
This necessity is essentially made manifest in the need for appropriate criminal legislation to combat cyber crime.
The reality, however, is that having the laws in place only amounts to the initial steps that players must take in the quest to manage these crimes.
It takes well trained police cybercrime personnel capable of identifying and arresting cyber-criminals, competent prosecutors with cybercrime skills to compose water tight charges and judges with the competence to hear and decide on the cases.
Furthermore, as they say, prevention is better than cure, industry players too, need to seal loopholes that international hackers may use to penetrate local information systems.
“Perfect security” does not exist on the Internet, and should be addressed with the active participation of all stakeholders by playing a valuable part in cyber security as well.
Cybersecurity has many dimensions and people ultimately expect cyberspace systems to function in a trustworthy environment despite many potential threats.
Different ways of thinking about cybersecurity entails new directions in education, training, operational practice and liability laws.
There is thus a need to develop the necessary legal framework for ICT processes so that all anticipated stumbling blocks can be alleviated and all legal requirements necessitated by new and emerging technologies be set up.
As elaborated in the National ICT Policy and Plan for Rwanda (NICI 2010 Plan), to be e-ready and have a thriving ICT sector, the legal framework needed, must be addressed.
A comprehensive framework should address the following issues but not be restricted to them:
Cyber crime, E-Signatures, The legalization of e-Deeds (Documents produced by a computer system), The legality of web-based transactions, Electronic payments, E-Banking related issues, Encryption requirements and standards, misuse of meta-tags to drive traﬃc to one site, spamming, occupation of home pages (Changing default browser home page to one’s own), cyber-squatting or page hijacking (occupying someone’s website), Hacking, fraud, misuse of credit cards, virus generation and propagation, Taxation for web-based commercial transactions, Electronic contracts, Data protection and privacy, Liability issues, etc
Developing such a framework would result into a new integrated “ICT Bill or ACT” that would contribute to ensuring proper adoption of ICTs.
Successfully combating cyber crime and protecting critical information infrastructures will also require international cooperation to promote the exchange of experience, identification and application of compatible norms and standards and transfer of know-how.
The author is an ICT Expert in the Human Resources, Science and Technology Department African Union Commission.