THE Centre for Trade Policy and Development says it is concerned about the implementation of digital security laws ahead of the August 12 general elections.
CTPD researcher – legal Chileshe Mange noted that in the second quarter of 2021 the government enacted legislation that regulates cyber security as well as the storage, processing, and protection of electronic data in relation to private and corporate citizens.
Mange said the laws include the cyber security Act No. 2 of 2021 which came into force on April 1 2021.
She said the cyber security Act was enacted primarily to provide for the protection of persons against cybercrime and the continuation of the Central Monitoring and Coordination Centre (the “Monitoring Centre”), as well as the protection of critical information infrastructure.
Mange said among its salient provisions were that it empowers law enforcement officers to intercept communication of private individuals without prior notification to the citizen that they were being investigated or that communication to which they are a party is being intercepted and transferred to the Monitoring Centre.
“Furthermore, cyber inspectors are allowed to access and inspect the operation of any computer or equipment forming part of an information system and any associated apparatus or material which is believed to have been used in connection with any offence (with a warrant) without prior notice,” she said.
She said the legislation also provides for broader crimes such as hate speech and other forms of abuse on social media.
Mange said hate speech or conduct through any form of communication or electronic communication or the publication of information through a computer system, with the intent to coerce, intimidate, harass, or cause emotional distress to a person or to compromise the safety and security of another person is an offence for which the penalty is a fine of K150,000 or imprisonment for a period not exceeding two years, or both.
She said although what constitutes hate speech was subject to interpretation, CTPD has noted with concern that certain politicians who have made derogatory comments directed at specific tribes or groups of people had not been brought to book pursuant to the cyber security Act, especially that the comments were published and streamed on social media.
“This brings into question the fairness and uniformity with which the law will be implemented especially given the concerns that were raised by civil society organisations and other stakeholders about the cyber security Act curtailing freedom of expression and being used as a tool for political gain,” Mange said. “In addition, the provisions that allow interception of communication appear to be in conflict with the provisions in the data protection Act No. 3 of 2021 which has specific guidelines for the manner in which data (such as personal information) should be stored, processed and managed.”
Mange said according to that act, personal data cannot be accessed or processed without the consent of the subject.
She said generally, the fundamental rights and freedoms of the private citizens require protection insofar as the use of personal data, unless pursuant to a lawful purpose.
Mange said the lack of harmonisation between the provisions in the statutes may present challenges in implementing and enforcing the law, especially as the country prepares to vote in the general elections scheduled for August 12.
She called for increased collaboration between the institutions tasked with the regulation of cyber space and digital communication such as Zambia Information Communication and Technology Agency (ZICTA) and law enforcement agencies, as well as civil society organisations.
Mange said the involvement of civil society organisations would ensure checks and balances insofar as ensuring uniformity in application of the law.