Zimbabwe’s parliament has passed a controversial cybersecurity bill that gives authorities sweeping powers to tackle offences without any amendments.
The bill that has been criticised by several opposing voices particularly the media now awaits the president to assent into law.
The latest legal document for cyber players has many contentious clauses, and digital players and human rights activists have on several times lobbied the law makers to refine the document before passing it into law.
Recently, digital players in Zimbabwe including (ZOCC) Zimbabwe Online Content Creators working with MISA Zimbabwe petitioned the speaker of parliament to intensively consult with the public, debate on highlighted ‘restrictive’ clauses before hurriedly passing the document into law.
The Minister of ICT Postal and Courier Services Hon Muswere acceded to relook at Clauses 13, 17, 23 and 164 of the Bill with a view to amend them but refused to relook into the establishment of Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) as the national data security centre.
Some of the controversial clauses include Section 5 and 7 of the Bill that seek to establish the Postal & Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) as the Cybersecurity Centre and Data Protection Authority.
The clauses give POTRAZ authority over three sensitive roles and or bodies, that is, regulator of the telecommunications industry, the cybersecurity centre and the data protection authority.
In simple terms, POTRAZ has been given power to control data control in Zimbabwe thus defeating the purpose of separation of powers.
Other clauses in the bill criminalizes general freedoms of Zimbabweans and media players in particular.
164C Transmission of false data message intending to cause
harm Any person who unlawfully and intentionally by means of a computer
or information system makes available, broadcasts or distributes data to
any other person concerning an identified or identifiable person knowing
it to be false with intend to cause psychological or economic harm shall
be guilty of an offence and liable to a fine not exceeding level 10 or to
imprisonment for a period not exceeding five years or to both such fine
and such imprisonment.
Section 164 criminalizes the sending of data messages to any person, group or the public with the intention to incite violence or damage of property.
The clause provides for the imposition of a fine not exceeding level 10 or imprisonment of up to five years, which has been argued to be excessive.
Speaking to the Zimbabwe Online Content Creators (ZOCC) chairperson Toneo Rutsito following the latest sad development in the ICT sector, he said:
“This is a very sad day for digital player in Zimbabwe as the cyber bill which is marred by controversial clauses has been passed into law. Its going to restrict the digital freedom and rights of players in the sector particularly the online content creators. Basically, the bill has officially criminalized journalism as profession.”
Part of the bill which many stakeholders did not agree with reads:
4B Cyber-bullying and harassment
Any person who unlawfully and intentionally by means of a computer
or information system generates and sends any data message to another
person, or posts on any material whatsoever on any electronic medium
accessible by any person, with the intent to coerce, intimidate, harass,
threaten, bully or cause substantial emotional distress, or to degrade,
humiliate or demean the person of another or to encourage a person to
harm himself or herself, shall be guilty of an offence and liable to a fine
not exceeding level 10 or to imprisonment for a period not exceeding ten
years or to both such fine and such imprisonment.
164C Transmission of false data message intending to cause
harm
Any person who unlawfully and intentionally by means of a computer
or information system makes available, broadcasts or distributes data to
any other person concerning an identified or identifiable person knowing
it to be false with intend to cause psychological or economic harm shall
be guilty of an offence and liable to a fine not exceeding level 10 or to
imprisonment for a period not exceeding five years or to both such fine
and such imprisonment.
164D Spam
Any person who intentionally and without lawful excuse—
(a) uses a protected computer system to relay or retransmit
multiple electronic mail messages, with the intent to deceive
or mislead recipients or any electronic mail or internet service
provider as to the origin of such messages; or
(b) materially falsifies header information in multiple electronic mail messages and initiates the transmission of such messages
shall be guilty of an offence and liable to a fine not exceeding level 5 or
to imprisonment for a period not exceeding one year or to both such fine
and such imprisonment
164E Transmission of intimate images without consent
(1) Any person who unlawfully and intentionally by means of a
computer or information system makes available, broadcasts or distributes
a data message containing any intimate image of an identifiable person
without the consent of the person concerned causing the humiliation or
embarrassment of such person shall be guilty of an offence and liable to a
fine not exceeding level 10 or to imprisonment for a period not exceeding
five years or to both such fine and such imprisonment.
(2) For the purposes of subsection (1) “intimate image” means
a visual depiction of a person made by any means in which the person
is nude, the genitalia or naked female breasts are exposed or sexual acts
are displayed.
164F Production and dissemination of racist and xenophobic
materia
Comments