African Union
The African Union (AU) is an organization officially born in 2002, as a successor to the Organization of African Union (1963-1999). The AU is currently made up of 55 Member States and is intended to promote measures for a prosperous and peaceful Africa. As a part to this effort, the Union has started to develop a harmonization and advancement of ICT policies at a continental level. In 2013, as part of the Agenda 2063 project, a number of objectives were proposed for the development of cybersecurity and ICT infrastructures, and in June 2014 the Malabo Convention (currently ratified by a minority of Member States) was approved to guide the efforts in the sector. The Union is actively working on capacity-building programs with regional and international collaborations.
A Global Approach on Cybersecurity and Cybercrime in Africa
This document is divided into 4 sections. Namely, the third identifies the priorities for cybersecurity policies in Africa (with reference to strategic approaches, the creation of national cybersecurity frameworks, the fight against cybercrime, capacity building and regional and international cooperation). The 4th section indicates conclusions and recommendations at national, regional and continental level.
Internet Infrastructure Security Guidelines for Africa
This is a guide created by the African Union in collaboration with numerous operators in the ICT sector illustrating the importance of collaborating with various stakeholders for the protection of Internet infrastructure. The guide lists 4 fundamental principles for the security of this infrastructure: awareness, responsibility, cooperation and adherence to the fundamental principles and properties of the internet.
Report on Cyber Security Trends and Government Responses in Africa
https://docs.broadcom.com/doc/cyber-security-trends-report-africa-interactive-en
This Report indicates the trends related to the development of cyber-crimes in Africa and the challenges that derive from them. The document addresses in depth some of the most frequent types of cyber-crimes and cyber-attacks, such as ransomware, phishing and attacks exploiting vulnerabilities.
Personal Data Protection Guidelines for Africa
https://www.internetsociety.org/resources/doc/2018/personal-data-protection-guidelines-for-africa/
This document indicates 18 recommendations for the protection of personal data and is divided into 3 groups: recommendations for trust creation, privacy and responsible use of personal data, recommendations for governments and policymakers, DPA (Data Protection Authorities), Data controllers and data processors. The third set of recommendations regards multi-stakeholder solutions, well-being of digital citizens and how to integrate these recommendations.
Declaration on Internet Governance and Development of Africa's Digital Economy (Assembly/AU/Decl.3(XXX)
https://au.int/sites/default/files/decisions/33908-assembly_decisions_665_-_689_e.pdf
This document contains a set of declarations and resolutions adopted by the AU. The third declaration "Declaration on Internet Governance and Development of Africa's Digital Economy" contains the considerations of AU member countries regarding internet governance.
Communique on Mitigating the Threats of Cyber Security to Peace and Security in Africa
https://archives.au.int/handle/123456789/6336
A communication to AU member countries underlining the importance of increasing efforts to combat cybercrime, both nationally and through cooperation and capacity building programs.
Press Statement on the Crucial Role of Cybersecurity in the Promotion and Maintenance of Peace and Security in Africa
http://www.peaceau.org/uploads/psc-pr-627-cyber-security-26-9-2016.pdf
A Statement from participants of the AU PSC (Peace and Security Council) regarding cyberspace growing threats and the impact they can have on African peace and security. This statement underlines the importance of regional and international cooperation as well as the promotion of a culture on cybersecurity.
African Union Convention on Cyber Security and Personal Data Protection (The Malabo Convention)
https://au.int/en/treaties/african-union-convention-cyber-security-and-personal-data-protection
This Convention was adopted in June 2014, signed by 14 Member States and ratified by 8 (until June 2020), with the aiming to create basic rules and shared standards for African cyberspace. The document is divided into 4 sections: organization of electronic commerce, protection of personal data, promotion of cybersecurity and the fight against cybercrime, final measures.
Draft African Union Convention on the Establishment of a Legal Framework Conducive to Cyber Security in Africa (or Draft African Union Convention on the Confidence and Security in Cyberspace)
https://au.int/en/cyberlegislation
It is a Proposal for a Convention (not adopted), which seeks to harmonize cyber legislation on the organization’s electronic commerce, protection of personal data, control of cybercrime and promotion of cybersecurity.
Workshop for AU Member States on Cyber-Strategy, Cyber Legislation and Setting up CERTs
It is 5-day workshop, organized by the Department of Infrastructure and Energy, on topics of interest for cyberspace including cyber strategy, CERT / CIRT and cyber legislation.
Workshop on Cyber Security and Cybercrime Policies
It is a Workshop organized in collaboration with the European Union through the GLACY + program, regarding cybersecurity and the fight against cybercrime.
Capacity Building Workshop for International Cyber Security Negotiations
https://au.int/en/newsevents/19716/international-cyber-negotiations
It is a Workshop organized by the AU Commission in collaboration with ICT4Peace, regarding the possible impact of the misuse of ICTs on national and international security and stability.
Joint Statement of the Third Forum on China-Africa Media Cooperation
This Statement concluded the Third Forum on China-Africa Media Cooperation, which summarized the areas of work identified during the forum: capacity building with adequate training programs, the creation of specific agencies and development of infrastructures, the transfer of technologies for the improvement of African industry and cooperation in cybersecurity.
(Proposed) Africa Cybersecurity Collaboration and Coordination Committee (ACS3C)/ African Union Cyber Security Expert Group (AUCSEG)
https://au.int/sites/default/files/decisions/33909-ex_cl_decisions_986-1007_e.pdf
This Agency was proposed and approved by the Executive Council EX.CL/Dec.987(XXXII) decision in January 2018. The Agency’s purpose is to advise and provide recommendations on policies and strategies for the digital world to AU member countries.
Specialized Technical Committee on Communication and ICT (STC CICT)
This Committee reports directly to the Executive Council on ITC and communications. It wishes to oversee policies regarding freedom of information and expression, to develop common IT strategies for Africa and to promote investments in ICT infrastructures.
Department of Infrastructure and Energy (DIE)
https://au.int/en/directorates/about-infrastructure-and-energy
This Department is in charge of the implementation of the 2063 Agenda and all its activities of promotion, coordination and implementation of infrastructures’ development.