The Law is struggling to keep up with technology

By Jacob Kudzai Mutisi

The Cyber Security and Data Protection Bill is awaiting the signature of the President of Zimbabwe to become law. The purpose of the bill is to consolidate cyber-related offences and provide for data protection with due regard to the Declaration of Rights under the Constitution and the public and national interest, to establish a Cyber Security Centre and a Data Protection Authority, to provide for their functions, provide for investigation and collection of evidence of cybercrime and unauthorised data collection and breaches, and to provide for admissibility of electronic evidence for such offences. The bill will create a technology-driven business environment and encourage technological development and the lawful use of technology. It is now over since the bill was proposed and crafted taking into cognisance how technology has and is fast progressing in our country let alone throughout.

Technology is advancing at a breakneck pace. With each passing day, new technologies and advancements make our world easier, safer, and point toward a brighter future. But with each advancement and innovation, legal issues arise. Due to the time it has taken to complete the legal process there are so many shortfalls on our current bill which has risen since the time it was formulated. As you peruse through the bill there are terms like mobile money, social media, and electronic transactions that are not mentioned anywhere in the bill.

The bill does not provide laws that protect the number one form of transacting in Zimbabwe which is the use of mobile money. In fact, the term mobile money is not referred to in the cyber security and data protection bill. Mobile money is an innovation that provides financial transaction services via mobile phone, including to the unbanked community in Zimbabwe. The technology has spread rapidly in Zimbabwe, “leapfrogging” the provision of formal banking services by solving the problems of weak institutional infrastructure and the cost structure of conventional banking.

The majority of Zimbabwean cyber crimes are now being executed through these platforms and are mostly recorded as fraud as our legal framework has no provision of mobile money crimes. There is now an immediate need to revisit the bill and include mobile money using the commonly used mode of introducing new law through the statutory instruments (SIs).

Another term that is missing in the bill is that social media has become one of the most prominent forms of communication. Messages conveyed via social media may have numerous ramifications which can lead to legal prosecution and dismissals. On a personal level, insensitive and quarrelsome users can significantly affect the lives of others through defamation, trolling, and bullying.

From a business perspective, the employer-employee relationship is complicated by, amongst other issues, risks to reputation, goodwill, defamation, vicarious liability, and the divulgence of confidential information. There is a need to immediately revisit the bill and include the implications of social media laws that protect the nation and its citizens.

We are a cashless society and Zimbabwe’s financial technology has continued to evolve at a faster rate than ever, and as banking and money management becomes increasingly electronic. It is a well-known fact that new capabilities are not only for convenience but also come with security issues. Electronic transacting refers to the transfer of funds from one account to another through electronic methods. This form of transacting is not fully covered in the bill.

With this new cyber security and data protection bill, ICT professionals are calling for the Government of Zimbabwe to immediately put together a group of ICT and cyber security advisory board that will revisit the bill and advise the government on areas that need immediate attention before the legal framework is put into action.