cybersecurity governance in ethiopia halefom hailu cyber law and policy researcher and deputy...
TRANSCRIPT
![Page 1: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/1.jpg)
Cybersecurity Governance in Ethiopia
Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network Security Agency (INSA)
The African Internet Governance Forum 201506 – 08 September 2015
African Union Commission, Addis Ababa, Ethiopia
![Page 2: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/2.jpg)
Introduction:
• Cybersecurity is a domain involving all human activities.
• Addressing cyber security requires global and interdisciplinary efforts.
• This presentation focuses on Ethiopia’s efforts to address cybersecurity
![Page 3: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/3.jpg)
Ethiopia’s response to cybersecurity
Policies and Strategies
Legislative Measures
Institutional Arrangements
![Page 4: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/4.jpg)
Polic
ies
and
Stra
tegi
es
• National ICT Policy and Strategy 2009• focuses on ICT in general with cybersecurity
implication• GTP2010/11-2014/15
• a general five year national plan with cybersecurity implication
• Criminal Justice Policy 2011• cybercrime implication
• National Information Security Policy 2011• the first cyber-specific policy
![Page 5: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/5.jpg)
Excising legislations: Le
gal m
easu
res
• Criminal Code 2004 (repealed the Penal Code of 1957)
• The first legislative word on cybercrime
• criminalizes four cybercrime acts• Other Legislations with Cybersecurity Implication• National Payment System• National ID• Telecom Fraud
![Page 6: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/6.jpg)
Pending legislations:• Cybercrime law• E-commerce law• Electronic signature law• Data protection law
![Page 7: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/7.jpg)
The Draft Cybercrime law• Drafting methodology
– influenced by the Budapest convention– techno-neutrality– Required state of mind – intentional– Non-intentional acts excluded b/c of risk of over
criminalization • Criminalization
– Crimes against computer system and data (core cybercrimes) –including spam
– computer-related crimes (traditional crimes facilitated by computer system)
– Content-related crimes (child pornography, cyber stalking--)
![Page 8: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/8.jpg)
• Procedural and evidence rules• Rules on International cooperation In
stitu
tiona
l str
uctu
re • Information network security agency
• A government agency exclusively dedicated to cybersecurity
• National CERT (ETHIO-CERT established in
2012)• initiatives to establish cyber-units with in police and prosecutor authorities• other institutions such as MCIT
![Page 9: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/9.jpg)
Challenges : • Legislative challenges
– Laws always lag behind technology – We have 21st century crime but 20th century
procedures– inadequate rules of evidence (there is no separate
evidence law in Ethiopia. evidence rules are scattered within different substantive and procedural laws)
– every criminal activity now involves digital evidence
![Page 10: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/10.jpg)
• Lack of awareness – Cybersecurity incidents are not reported to
responsible authorities– Awareness creation campaigns (Radio program)
• Lack of capacity (investigative, judicial, prosecutorial)– Cybercrime cases are either closed for lack of
evidence or decided by interpretations of old laws, handled by non—specialized judges (do not receive any form of cybercrime related training)
– Law enforcement is not equipped with necessary resources and expertise
![Page 11: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/11.jpg)
• Inadequate cooperation among stakeholders – Duplication of efforts – overlapping powers
• Global nature of cybersecurity – cybercrime may be committed any where there is
internet connection – Ethiopians are consumers of foreign services such as
facebook and hence data stored or processed abroad– most Ethiopian websites are hosted abroad– even where offenders and victims are within Ethiopia,
the nature of networked communications means that data will routinely be routed through, stored in foreign states
![Page 12: Cybersecurity Governance in Ethiopia Halefom Hailu cyber law and policy researcher and deputy director of legal and policy affairs, Information network](https://reader036.vdocuments.mx/reader036/viewer/2022082820/56649ea05503460f94ba396e/html5/thumbnails/12.jpg)
THANK YOU!