Download presentation
1
Cybersecurity Governance in Ethiopia
Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network Security Agency (INSA) The African Internet Governance Forum 2015 06 – 08 September 2015 African Union Commission, Addis Ababa, Ethiopia
2
Introduction: Cybersecurity is a domain involving all human activities. Addressing cyber security requires global and interdisciplinary efforts. This presentation focuses on Ethiopia’s efforts to address cybersecurity
3
Ethiopia’s response to cybersecurity
Policies and Strategies Legislative Measures Institutional Arrangements
4
Policies and Strategies
National ICT Policy and Strategy 2009 focuses on ICT in general with cybersecurity implication GTP2010/ /15 a general five year national plan with cybersecurity implication Criminal Justice Policy 2011 cybercrime implication National Information Security Policy 2011 the first cyber-specific policy Policies and Strategies
5
The first legislative word on cybercrime
Excising legislations: Criminal Code 2004 (repealed the Penal Code of 1957) The first legislative word on cybercrime criminalizes four cybercrime acts Other Legislations with Cybersecurity Implication National Payment System National ID Telecom Fraud Legal measures
6
Pending legislations:
Cybercrime law E-commerce law Electronic signature law Data protection law
7
The Draft Cybercrime law
Drafting methodology influenced by the Budapest convention techno-neutrality Required state of mind – intentional Non-intentional acts excluded b/c of risk of over criminalization Criminalization Crimes against computer system and data (core cybercrimes) –including spam computer-related crimes (traditional crimes facilitated by computer system) Content-related crimes (child pornography, cyber stalking--)
8
Institutional structure
Procedural and evidence rules Rules on International cooperation Information network security agency A government agency exclusively dedicated to cybersecurity National CERT (ETHIO-CERT established in 2012) initiatives to establish cyber-units with in police and prosecutor authorities other institutions such as MCIT Institutional structure
9
Legislative challenges
Laws always lag behind technology We have 21st century crime but 20th century procedures inadequate rules of evidence (there is no separate evidence law in Ethiopia. evidence rules are scattered within different substantive and procedural laws) every criminal activity now involves digital evidence
10
Lack of capacity (investigative, judicial, prosecutorial)
Lack of awareness Cybersecurity incidents are not reported to responsible authorities Awareness creation campaigns (Radio program) Lack of capacity (investigative, judicial, prosecutorial) Cybercrime cases are either closed for lack of evidence or decided by interpretations of old laws, handled by non—specialized judges (do not receive any form of cybercrime related training) Law enforcement is not equipped with necessary resources and expertise
11
Inadequate cooperation among stakeholders Duplication of efforts
overlapping powers Global nature of cybersecurity cybercrime may be committed any where there is internet connection Ethiopians are consumers of foreign services such as facebook and hence data stored or processed abroad most Ethiopian websites are hosted abroad even where offenders and victims are within Ethiopia, the nature of networked communications means that data will routinely be routed through, stored in foreign states
12
THANK YOU!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.