The reshuffled Cabinet ushered in a new portfolio called the Ministry of Cyber Security, Threat Detection and Mitigation. President Mugabe assigned former Finance Minister Patrick Chinamasa to head this new ministry. Minister Chinamasa has also previously held the Justice, Legal and Parliamentary Affairs portfolio before.
The rationale behind the creation of this ministry, according to the Government, is to develop laws to deal with cyber crime and set up new structures in that area. This is why Minister Chinamasa was deployed to this ministry as a legal fundi. Soon after the appointment was made, social media was awash with jokes on the minister’s new role, with some suggesting that it was insignificant. On the contrary, the issue of cyber security is a pertinent one and Zimbabwe would do well to focus on particularly where traditionally there have been no laws to govern cyberspace.
According to POTRAZ, mobile penetration in Zimbabwe stands at over 94 percent, while internet penetration is around 50 percent. While there is still room for growth with regards to internet connectivity and what people are doing online, the internet has essentially changed the way people live their lives in a massive way. With the right level of connectivity, one can do almost anything online from entertainment, education, social interactions, banking and finance, arrange travel to ordering food.
People put a vast amount of their personal data online and companies have taken advantage of this, hence the increase in targeted ads online or applications that integrate with social media applications like Facebook, Twitter and LinkedIn. Ferri Abolhassan (2017) argues that digitalisation has revolutionised the business world, particularly with new models, systems and processes being used. But there are risks. “Digitalisation,” he points out, “has led to exponential growth in the volume of data, and thus lures in those abusing this data — either by hackers and their ilk, or by intelligence services who disregard the right to informational self-determination and preservation of the private sphere.”
Protection from the abuse of data is therefore of paramount importance and having the legal framework within which to operate is the first port of call. With regards to cyber security, both the state and its citizens need protection. It is not only an issue of national security, but also individual security. In a paper titled “Cyber security in developing countries, a digital divide issue”, Ellada Gamerikildze argues, “through a qualitative study of cyber warfare between the two countries, one on the developed and one on the underdeveloped side of digital divide . . . that disadvantaged states are subject to cyber insecurity.”
The research looks at the case of Georgia and Russia and compares countries on the same side of the digital divide, Russia and Estonia and China and USA to show the vulnerability of developing states with regards to cyber security. The Organisation for Economic Co-operation and Development (OECD) defines the digital divide as “the gap between individuals, households, businesses and geographic areas at different socio-economic levels with regard both to their opportunities to access information and communication technologies (ICTs) and to their use of the internet for a wide variety of activities.”
Gamerikildze concludes that “even though relatively low dependence of their (developing countries) vital systems on online networks supposedly makes these countries less vulnerable to cyber offensives, disruptions to communication infrastructures causes these states to turn dysfunctional.”
Therefore, regardless of how connected a state is online, the volume of data and what people use the internet for, it is important that protective measures are taken. The fact that developing states have shown to be more vulnerable where cyber security is concerned, not only with regards to infrastructure, but also laws and systems, warrants the Zimbabwean Government looking to address this issue. The issue of cyber security is not only of importance to Zimbabwe, but also to the region and the continent. In August 2016, SADC Ministers of Information and Communication Technology met at a workshop on Cyber Security and Public Key Infrastructure (PKI) to share best practices, strengthen regional cooperation mechanisms pertaining to cyber crime offenses and develop a framework for PKIs for SADC member states.
In 2014, the African Union, at the 23rd Ordinary Session of the Assembly in Equatorial Guinea, adopted a Convention on Cyber Security and Personal Data Protection. They agreed to implement a number of policies related to e-commerce, security of electronic transactions, protection of personal data and structure of a legislation to ensure protection, but will also deal with cyber crime. The new ministry thus has its work cut out for it with regards to laws, building and setting up the infrastructure to ensure cyber protection, a task one assumes will be carried out in tandem with the Ministry of ICT and POTRAZ.
Aside from the laws and the infrastructure, there is also a need for the public to be aware of the threats that they face online and what they can do to protect themselves and their data. Noluxolo Kortjan and Rossouw von Solms (2014) point out that “many (online) users lack awareness and knowledge; consequently, they are ignorant of the need to protect their personal and confidential information.
“Moreover, users’ insecure online behaviour makes them easy targets for exploitation. The lack of cyber security awareness amongst adults negatively impact on their role of protecting the children in their care,” said Kortjan and Solms.
“Such a lack of the relevant knowledge,” they continued, “has made the African population easy targets for hackers and botnet operators.” The Government should therefore launch a role of cyber security awareness campaign. An inter-ministerial effort with the education and information ministries coming up with a framework for informing people of the threats they face and what they need to do to protect themselves.
The ubiquity of the internet and its importance to daily life is immediately evident. There are, however, real threats not only at an individual level, with the personal data that people put online, but also at a national level, with cyber warfare. Zimbabweans should therefore not take light the important work this new ministry has before it. A concern, however, will be the allocation of resources to fund what is a mammoth task if all things are to be considered. One is interested to see how Minister Chinamasa takes to this new task and expects an outcome that not only makes Zimbabwe and Zimbabweans safer online, but also improves the manner in which people interact and communicate in cyberspace.