Introduction 1. What is cyber legislation? 2. Cyber legislation harmonization process in Central

Africa

The sub-region concerned; Partner international organizations in the harmonization

of cyber legislation in Central Africa; ECCAS frame of reference for the harmonization; Retracing previous stages.

3. Conclusion

Harmonization of legislation can be defined as a legal integration phenomenon whereby official expertise of two or more countries are transferred to an international organization endowed with decision-making powers and supranational or supra state competencies, with a view to providing a single and coherent legal package encompassing the laws that will set the background for the required social and economic objectives of the Member States. To achieve this, the States can either choose the Convention’s technique or that of the Model law.

Harmonization or coordination is the approximation of rules of

different origins to make them consistent by reducing or eliminating the discrepancies and inconsistencies between them so as to reach the results that are “compatible with each other and with the desired community objectives”.

Cyber legislation is the term used today to refer to legal provisions dealing with such issues as: The use of electronic signatures; The fight against cybercrime; The protection of personal information; Data secrecy; Protection of intellectual property ; Control of digital identities, among others….

In a nutshell, cyber legislation is all about the thematic areas that will be addressed at this forum.

Several African organisations are rallying to work on a cyber-legislation framework and harmonization of legislation on electronic communications.

The sub-region concerned The Sub-region concerned by the harmonization of cyberlegislation is the Economic Community of Central African States/ECCAS. The Economic Community of Central African States (ECCAS) is an

international organization created to promote the economic, social and cultural development of the African continent, in order to set up regional structures that could progressively lead to a common market.

ECCAS stemmed from the Lagos Plan of Action of April 1980 to lead

the Central African regional integration process. It is an institution recognized by the African Union.

The organization brings together ten member States :

Angola ; Burundi ; Cameroon ; Central Africa; Chad; Congo ; Democratic Republic of Congo (DRC) ; Equatorial Guinea; Gabon ; Sao Tome and Principe

The countries in bulk are equally members of the Economic and Monetary Community of Central Africa (CEMAC/EMCAC).

Partner international organizations in the harmonization of cyber legislation in Central Africa;

The United Nations Economic Commission for Africa (UN-ECA) The Economic Commission for Africa (ECA) launched its project « African Information Society Initiative » (AISI) in May 1996. This initiative consisted in helping African countries create an environment in which knowledge is considered as being critical to economic growth and bridge the digital divide between Africa and the rest of the world. ECA also implemented the « National Information and Communication Infrastructure » (NICI) policy.

The African Union (AU) Commission During the extraordinary meeting of Johannesburg in 2009, the « Olivier Tambo Declaration » adopted by the Conference of African Ministers in charge of communication and information technologies entrusted the Commission of the African Union (AU) to draw up, together with ECA within the framework of the African Information Society Initiative (AISI), a convention on cyber-legislation that meets the needs of the continent and complies with good legal international practices on electronic transactions, cyber-security and the protection of personal information. In September 2012 in Khartoum, Sudan, during the 4th ordinary session of the biannual conference of African ministers in charge of communication and information technologies, the African commission was requested to submit the African Union draft Convention on cybersecurity for adoption by the Heads of States, in accordance with the internal rules of the African Union.

The International Telecommunications Union (ITU) The International Telecommunications (ITU) Union partnered with the International Multilateral Partnership Against Cyber Threats (IMPACT), a collaboration between the private sector and public authorities, to implement a programme to combat cybercrime. 145 of the 191 Member States of ITU have now joined the programme. The HIPSSA (Harmonization of the ICT Policies in Sub-Sahara Africa) project of the International Telecommunications Union (ITU) and the European Commission, with involvement of the AU commission and ECA is contributing to the implementation of actions identified as priorities in the AU reference framework to “establish harmonized policies and legal and regulatory frameworks at the regional and continental levels” in the field of electronic communications.

The Central African Economic and Monetary Community (CEMAC) Following the workshop on the role of information and communication technologies (ICTs) in the promotion of regional integration that held in Yaoundé in September 2007, ECA contributed to the 2010 e-CEMAC strategy drawn up by the member States of CEMAC, and subsequently proposed to extend the strategy to the other member States of ECCAS. A key component of the strategy is the development and implementation of an action plan to establish sub regional guidelines and introduce reforms in national policy frameworks. In 2008, upon the recommendation of the Ministers in charge of telecommunications who met in Brazzaville in November 2008, the Council of Ministers mandated the President of the CEMAC Commission to take necessary measures to “develop (…) a directive on cyber security”.

The Economic Community of Central African States (ECCAS)

At the second meeting of the Ministers in charge of telecommunications and ICTs of ECCAS Member States held in April 22, 2010 in N’djamena, the statutory Council of Ministers of ECCAS was requested to :

- Submit for the approval of the ECCAS Conference of Heads of State and Governments, four guidance documents including one on the harmonization of national policies and regulations and action plans for ICT development in Central Africa;

- Instruct the Secretary General of ECCAS to immediately work out, in collaboration with ECA and ITU, model laws and regulations relating to:

* Electronic transactions; * The protection of personal information; * The fight against cyber crime.

* Retracing previous stages. Libreville, Gabon from 28 November to 02 December 2011 In response to the requests by the Secretary General of ECCAS and the CEMAC Commission, with the technical support of ECA and ITU, a workshop on the harmonization of a legal framework for cybersecurity in Central Africa was organized in Libreville, Gabon. Three draft Model Laws were discussed at the workshop concerning: The protection of personal information, providing the States with a legal framework that will ensure effective protection; Electronic transactions, providing the States with efficient legal framework to regulate transactions and protect the users ;

Fight against cybercrime, providing Member States with a substantial and procedural repressive arsenal, to prevent the outburst of cybercrime.

These preliminary draft Model Laws will be adopted, subject to any subsequent amendments thereto.

Douala, Cameroon from 26 to 27 July 2012 The Secretary General of ECCAS organized a regional workshop, in collaboration with the ministry in charge of ICTs in Cameroon, backed by ECA and the International Telecommunications Union. The aim was to validate the three draft model laws above for adoption by the statutory bodies of ECCAS. Libreville, Gabon from 25 to 26 February 2013 The Central African Sub Regional Bureau of the United Nations Economic Commission for Africa organized an ad-hoc meeting of the experts group working on the harmonization of laws on information and communication technologies on the theme: “compliance framework for digital economy”, in collaboration with the Economic Community for Central African States (ECCAS) and the International Telecommunications Union.

The objective of the meeting was to establish a notice of compliance showing how the three draft model laws on cyber security validated by the experts of the Member States of ECCAS correlate with the draft African Union (AU) Convention on cyber security. The said notice was based on the analysis of a correlation table between the terms of the draft Convention and the consolidated provisions of the three draft model laws. The study revealed a 95% level of conformity. In delivering the outcome of the study of conformity, the ad hoc meeting endorsed the recommendations and observations with a view to improving the level of conformity of the draft model laws to be tabled for validation at the meeting of ICT ministers of ECCAS scheduled for 2013.

It is important that countries harmonize their legal framework, to combat cybercrime and facilitate international cooperation. Cameroon, Congo and Gabon has already theirs agencies in charge of cyber security installed. Though legislation on personal data is not yet available in Cameroon, there is a law governing the security of electronic communication networks and information systems that defines and criminalizes offences relating to the use of information and communication technologies. A law regulating electronic commerce was also promulgated in December 2010.

THANK YOU !

Justin Aimé TSANGA EBODE Deputy Director of the statutory Watch at the Direction of Legal Affairs and

International Cooperation in the Telecommunication Regulatory board of

Cameroon.

tsangajustin@yahoo.fr/tsangajustina@yahoo.fr +237 9977 31 00