Table of ContentsCybercrime Reform in the East African RegionLegal Challenges of HarmonizationDifferent Systems legalLegislative and policy engagementData protection and privacyCybercrimeE-taxationIn 2006, the East African Community Council of Ministers met to discuss the need for e-government integration and e-commerce. Following this meeting, the EAC Working Group on Cyberlaws, in close collaboration with the EAC secretariat and with the support of UNCTAD, recommended a modern and effective harmonized regional framework for cyberlaws. The first phase of the framework covered electronic transactions, electronic signatures and authentication, cybercrime, data protection and privacy. The second phase of the framework covered intellectual property, e-tax and information security. Say no to plagiarism. Get a tailor-made essay on “Why violent video games should not be banned”? Get the original essay The East African Community is a regional economic bloc made up of five partner states, including the Republic of Kenya, the Republic of Rwanda and the Republic of Uganda. , the Republic of Burundi and the United Republic of Tanzania with its headquarters in Arusha, Tanzania. The main source of EAC law is the EAC Treaty which obliges Partner States, through their competent national institutions, to take all necessary measures to harmonize their national laws relating to the Community. Partner States are expected to plan and direct their policies and resources with a view to creating favorable conditions for regional development. In 2006, the EAC Council of Ministers adopted an e-government program with a view to deepening East Africa's regional integration through the provision of government information and services. This strategy aimed to improve and strengthen the delivery of public services through the use of information and communication technologies (ICT). To achieve the operational effectiveness of this strategy, it was necessary to provide strong support in legislation relating to data and network security, cybercrime and information security as well as electronic transactions. In this regard, cybersecurity laws have been identified as a strong pillar that must be put in place for the successful implementation of e-government. The adoption of the e-commerce initiative by the EAC is seen as having the potential to generate a significant economic boost for partner states by promoting investor confidence and exploiting a myriad of business opportunities across almost all sectors . This requires a modern cyber legislation framework that will ensure the interface between physical and electronic space. Mobile money is among the ICT developments that have triggered rapid economic growth in the EAC region. The laying of the first fiber optic submarine cable in 2009 ushered in an era of faster, cheaper internet and increased mobile penetration. The increase in online activities of the private sector as well as public administration has precipitated the need to develop modern and harmonized cyber laws that could be benchmarked against international standards and best practices. The legal challenges of harmonization. Different legal systems The partner states of the EAC economic bloc use two different legal systems. systems. WhileKenya, Uganda and Tanzania follow a common law system, Burundi and Rwanda both adhere primarily to civil law systems. This has led to contrasting legislative practices and procedures between groups of EAC countries and has significantly contributed to slowing down harmonization efforts in the region. When it comes to cybercrime, these historical legal differences, for example in the context of criminal law, often depend on the particular "legal family" – whether civil law or common law as well as criminal law. socio-cultural and constitutional orders in force. National laws are also written in different languages, further complicating the harmonization process as it requires extensive research and review and enormous financial resources to support the activities of the task force. Rwanda, after its admission into the EAC economic bloc, began to transition from its historical civil legal system to a common law system consistent with harmonization requirements. Legislative and Policy CommitmentThe most important factor in any reform project such as the Cybersecurity Law Reform Program is the recognition that there is a problem to be addressed in the process. It is necessary that the national political institutions of the partner states adopt the draft measures as well as implementation efforts focused on achieving a real impact on business and administrative attitudes and practices. Explicit political commitment is therefore necessary at the highest level of both the executive and the legislature. The common problem among partner states is ownership of reform projects by relevant ministries, thereby devoting sufficient internal resources to liaise and coordinate activities with all stakeholders. This situation is further compounded by the lack of experienced policymakers with legal expertise related to cyber laws. Capacity building is therefore necessary to adopt and manage the reformed environment. Regulatory authorities, law enforcement and judicial personnel must be trained to ensure the effectiveness of reforms. Data Protection and Privacy It is sometimes said that personal data is the fuel of the Internet economy. Companies use this data to strategize and for marketing purposes to know the viability of their various business products. However, within EAC Partner States, the use of this data is not governed by any written law. Many service providers claim to have rights to the data they collect and may use that data in accordance with their own policies. Within the EAC, no partner state has appropriate data protection and privacy laws in place. Kenya borrowed verbatim from the UK's Data Protection Act of 1998, but the process of enacting it into law appears to have stalled. In Rwanda, provisions relating to data protection and privacy are only present in the Telecommunications Act but mainly relate to voice and data privacy. In the United Republic of Tanzania, there is still no legal framework for data protection and regulation. In Uganda, this provision is enshrined in the Data Protection Bill 2015, which still fails to fully protect data and privacy as it lacks succinct clauses on key areas such as notification of violations and data portability. With the expansion of the information economy in the regionData protection and privacy are becoming increasingly important as more business models and practices move to the digital platform and share and exchange regional data. It follows that in the absence of appropriate data protection and privacy legislation, the harmonization process is difficult and it is absolutely necessary to strengthen control over collection and use personal data, including the imposition of obligations on those who process such data. It is evident that this is still an area of ​​vulnerability in the EAC for which regulations need to be established since data protection has a direct effect on global and regional trade. Cybercrime With the implementation of Phase 1 of the legislative reform framework by Partner, e-commerce is expected to grow with an increasing number of businesses moving their operations online. This also means that criminal activities will also be rampant in the region. Existing criminal laws in various partner states may not be adequate to effectively combat new online criminal behaviors, such as crimes committed through the use of ICT. This requires substantive and procedural law reforms by partner states to provide adequate powers to law enforcement and the judiciary to investigate and judge these new types of criminal activities. Kenya has released the Computer and Cybercrime Bill which seeks to provide for offenses relating to computer systems; enable the rapid and efficient collection of forensic material for use as evidence, and facilitate international cooperation in addressing cybercrime issues and related purposes. The Tanzania Cybercrime Act 2015 was enacted and signed into law in 2015. The Act provides for the criminalization of offenses relating to computer systems and information and communications technology, provides for the investigation, collection and use of electronic evidence in mainland Tanzania and Zanzibar. Uganda passed the Computer Misuse Act 2011 which provides for the safety and security of electronic transactions and information systems, abuse or misuse of information systems including computers , and which provides for the security of the conduct of electronic transactions. The main challenge in cybercrime legislation in the EAC region is that they are not harmonized in terms of penalties for cybercrime offenses. They reveal divergences in national approaches to acts of cybercrime. For example, examining a single crime, illegal access, shows a considerable difference in its perceived degree of seriousness between partner states. Furthermore, since cybercrime has no borders and is a type of crime that does not require the offender to cross the borders of a country to commit a crime, it does not There are no well-spelled jurisdictional authorities to punish cybercriminals, for example when cybercrime is committed across national borders. EAC Partner States. The other challenge is that cyberattacks are increasingly global in nature and therefore it is not always possible to simply manage them at a national level. “Cyberattacks have the potential to destabilize on a global scale. Cybersecurity must therefore be a matter of global concern. We must work together to build trust in our networks, which are essential to trade and governance..