On 15 May 2020, the Cyber Security and Data Protection Bill (the Bill) was published in the Zimbabwean Government Gazette. The Bill is intended to consolidate cyber-related offences and provide for data protection and seeks to “create a technology driven business environment and encourage technological development and the lawful use of technology.”
The Bill provides for, among other things:
- The establishment of the Cyber Security Center and the Data Protection Authority within the Postal and Telecommunications Regulatory Authority (POTRAZ) and their relevant functions.
- The minimum standards and general rules on the processing of data.
- The permissibility and non-permissibility of the transfer of personal information outside Zimbabwe.
- The introduction of cybercrimes and their respective penalties, including hacking, the unlawful acquisition or use of data, the transmission of data messages inciting violence or damage to property, cyber-bullying and harassment, transmission of false data message intending to cause harm, the transmission of intimate images without consent, identity related offences and offences against children.
- The investigation and collection of evidence of cybercrime and unauthorized data collection and breaches.
- The obligations and immunity of electronic communications network or access service providers, hosting providers, caching providers and internet service providers.
According to Zimbabwe’s Parliament, now that the Bill has been published in the Government Gazette, the relevant portfolio committee should facilitate a public participation process.
The Bill (via Veritas Zimbabwe) can be accessed here.
Please note: The information contained in this note is for general guidance on matters of interest, and does not constitute legal advice. For any enquiries, please contact us at [email protected].