A global rights group, IFEX, has slammed Zimbabwe’s proposed Cyber Security and Data Protection Bill saying it has the potential of infringing citizens’ privacy, and that it lacks judicial oversight.
The Bill is now before Parliament and according to the drafters, its purpose is to consolidate cyber-related offences and provide data protection with due regard to the Declaration of Rights under the Constitution and the public and national interest.
However, in a letter addressed to Speaker of Parliament Jacob Mudenda by IFEX, the Bill does not meet international standards on protecting privacy and personal data.
IFEX, formerly International Freedom of Expression Exchange, is a global network of more than 119 independent non-governmental organisations.
“In its current form, the proposed Bill has a number of significant shortcomings that do not meet international standards on protecting privacy and personal data, and, therefore, risk undermining the purpose and scope of the law,” IFEX said.
The network said the proposed Bill lacks clearly defined circumstances and procedures for the use of forensic tools like keystroke logger, which is being permitted by this legislation and poses a high risk of infringement on the right to privacy.
A keystroke logger is an investigative tool or software that permits the user to remotely access data, monitor, and record computer activities of another person.
The network said the Bill does not provide for judicial oversight or other accountability measures for monitoring and reviewing potential abuses of such intrusive technologies.
“We stress that the Bill should place an emphasis on prioritising less intrusive methods of gathering evidence as a way to avoid the use of excessive investigative methods,” said IFEX.