Guideline for a Model Cybersecurity Law in African Union Member States

Following endorsement by the 2019 Sharm El Sheikh Declaration, in February 2020, the African Union Commission (AUC) adopted the Digital Transformation Strategy for Africa. The African Digital Transformation Strategy has highlighted the need for a greater capacity to detect and mitigate cyber-attacks

This Guideline provides guidance to African Member States for designing cybersecurity legislation and explains the key features and benefits of a standard cybersecurity law. It is not a binding law or legislation, but rather a set of guiding principles which African Member States may follow as they set out to establish standards for ensuring cybersecurity or cybercrime laws.

The guideline is designed to assist African Member States in drafting, reforming and modernizing their cybersecurity laws so as to take into account the particular features and needs of promoting cybersecurity in the region. It addressed to African States, African policymakers and legislators who wish to understand the valuable components of a model cybersecurity law.

It attempts to bridge the best practice principles of substantive offences, powers, and mutual legal assistance, such as those enunciated in regional and international cybersecurity treaties, with specific examples of standards, principles and measures that elaborate the various elements that need to be included in a cybersecurity legislation. It also provides guidelines for provisions in relation to principles such as the respect for human rights, law enforcement standards and judicial or other .

Ultimately, this guideline identifies recommendations on standards for cybersecurity laws and regulation in respective African jurisdictions. It also provides guidance on law enforcement activities for ensuring cybersecurity which underscore the respect for human rights in accordance with international and regional human rights standards.