By 
The Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) has moved to dispel a wave of misinformation currently flooding social media platforms regarding the country’s cyber legislation. In an official public notice released recently, the regulatory body clarified that contrary to viral reports, Zimbabwe has not enacted a standalone Cyber Crimes Act.
The clarification comes as social media posts and online articles have been circulating widely, claiming that a new piece of legislation specifically named the Cyber Crimes Act had been put in place to govern digital behavior. POTRAZ, in its capacity as the designated Data Protection Authority, labeled these reports false and misleading.
For technology users and businesses operating within Zimbabwe’s digital ecosystem, the legal reality is more nuanced. While there is no standalone act by that name, cyber-related offenses are strictly codified.
POTRAZ explained that cybercrimes in Zimbabwe are prosecuted under the Criminal Law (Codification and Reform) Act [Chapter 9:23], commonly referred to as the Criminal Code.
In 2021, the Legislature amended this Code to integrate robust cybercrime provisions, ensuring the law evolved alongside technological advancements.
These amendments were facilitated by the Cyber and Data Protection Act [Chapter 12:07], which inserted Sections 163 to 168 into the Criminal Code to address crimes involving computer systems and data.
POTRAZ’s public notice includes a consolidated summary of 18 specific offenses that every internet user in Zimbabwe should be aware of. The penalties for these crimes are severe, ranging from heavy fines to decade-long prison sentences.
Here is what you need to know to avoid finding yourself in a tricky situation
- Hacking and Unauthorized Access (Section 163): Unlawfully securing access to data or computer systems carries a penalty of up to 10 years in prison.
- Cyber-bullying and Harassment (Section 164B): Posting content intended to coerce, intimidate, or cause substantial emotional distress can result in up to 10 years of imprisonment.
- Transmission of False Data (Section 164C): Known commonly as “fake news,” distributing false data about an identifiable person with the intent to cause harm can lead to a 5-year prison term.
- Intimate Images and Child Safety (Sections 164E, 165A, 165B): The law takes a hardline stance on the distribution of revenge porn and child sexual abuse material, with offenders facing up to 10 years in prison. This has become prevalent nowadays.
- Financial and Identity Crimes (Sections 167 & 168): The unauthorized use of credit/debit cards or another person’s password/PIN is punishable by up to 3 years in prison. There has been an ongoing trend of false advertising by scammers using some companies like Econet and EcoCash promotions to empty people’s digital wallets.
POTRAZ emphasized that Zimbabwe’s legal framework is not isolated. The country is a signatory to the UN Convention Against Cybercrime (2024), and the provisions within the Criminal Code are specifically designed to align with international legal standards.
In an era of rapid information sharing, POTRAZ has urged the public, media outlets, and organizations to verify legal information through official channels before sharing.
“This information is false and misleading” the statement read.
Comments