MISA Zimbabwe position on parly report on Cyber Bill public hearings
MISA Zimbabwe commends the relevant Parliamentary Portfolio Committees for producing a report that largely captures the submissions of citizens during the public consultation processes on the Cybersecurity and Data Protection Bill.
The report presented in parliament follows country-wide public hearings conducted by the Joint Portfolio Committees on the Information Communication Technology, Postal and Courier Services; Information, Media and Broadcasting Services; and, the Thematic Committee on Peace and Security.
The report highlights that during the hearings stakeholders stated that the Bill must be separated into two Bills that deal with cybersecurity and data protection separately in line with international best practice and instruments such as the SADC Model Law on Data Protection, African Convention on Cybersecurity and Data Protection.
Stakeholders also highlighted that by combining the two legislations, the Bill becomes difficult to understand.
“There were mixed views from the people regarding POTRAZ (Postal and Telecommunications Regulatory Authority of Zimbabwe), being the Cyber Security Centre and Data Controller. There were concerns from some stakeholders that, if POTRAZ is established as the Cyber Security Centre and Data Controller, this would limit the effectiveness, efficiency and independence of the Board since POTRAZ reports to the Executive.
“They pointed out that the POTRAZ Board was appointed by the Minister hence the Board would be a rubber stamp of the Executive decisions. The stakeholders proposed a separate institution as a Cyber Security Centre that is appointed by Parliament and reports to Parliament,” part of the report reads.
The report recommends, among others, the need for a clause that guarantees the protection of whistleblowers in terms of handling investigations. It further recommends the need for balance between the protection of national security and exercise of the rights of ordinary citizens.
The Committee report recommends that the Bill should adhere to constitutional requirements.
These positions closely reflect the submissions captured by MISA Zimbabwe and the Media Alliance of Zimbabwe in its Shadow Report on the public hearings into the Cybersecurity and Data Protection Bill.
Citizens also roundly rejected the idea of the Postal and Telecommunications Regulatory Authority (POTRAZ) being the Cyber Security Centre and Data Protection Authority preferring such a role to be given to an independent body that reports directly to parliament.
Participants were also concerned with aspects of the Bill pertaining to surveillance of citizens without regard to citizens’ right to privacy.
MISA Zimbabwe position
MISA Zimbabwe, therefore, calls for equal prioritisation and balancing of the functions of the Cybersecurity Centre and Data Protection Authority to ensure that significance is not placed only on cybersecurity while data protection, privacy and interrelated fundamental rights are neglected.
It is equally important to ensure that the proposed law is in conformity with the Constitution and international legal frameworks such as the African Declaration on Internet Rights and Freedoms.
MISA Zimbabwe, therefore, urges Parliament to robustly and freely debate this Bill without undue influence from the Executive which seems to view the Bill as a tool to silence its critics on social media platforms.
Parliament should therefore take into serious consideration the principle that democratic law-making processes place high significance and consideration on the views of key stakeholders and the citizens as articulated during the public hearings.