The Democratic Republic of Congo is a state in the heart of Africa that faces the challenges of new technologies. An extroverted state, a state that does not live in a bubble.
Faced with this reality, the Democratic Republic of Congo (DRC) must be in step with its regional partners (African Union).
As states are sovereign, they have the latitude to take internal measures to implement the recommendations as decided by the organization of states of the African Union.
Important questions arise, what are the legal texts that frame the protection of personal data on the African continent?
What is the responsibility of each state in the context of cybersecurity? What motivated the Democratic Republic of Congo to consider the establishment of a legal support fighting against cybercrime?
What can BENIJAH Consulting do for its clients to meet this challenge of personal data protection and sensitive one?
These are the questions which will be the subject of our present article.
The stakes of the moment
The development of the NTIC constitutes a major turning point of the human civilization at the beginning of the 21st century. The Internet is the perfect illustration of the possibilities offered by NICTs, which thanks to the services available (digital communication technologies, information transmission, etc.) remains a powerful communication vector used by millions of people.
The appearance of NICTs has led to a process of dematerialization of money, since financial flows abandon the medium of the atom and take the form of electron transfers. For example, the DRC alone has approximately 30 million users with an estimated one million Smartphone users in the city of Kinshasa. Banks carry out electronic financial transactions and offer their customers prepaid e-money cards, not to mention telephone operators: Airtel money, Orange money, M-pesa. In the current context, banks have equipped themselves with computers and computerized their services, which has created a reform of the banks’ activity in terms of product offering (ATMs, Eftpos).
The commitment of the member states is reflected in the establishment of a normative framework
Indeed, at the level of the African Union, member states have adopted an important text that we consider the precursor of the legal arsenal in Africa on cybercrime, it is the African Union Convention on Cybersecurity and Personal Data Protection of June 27, 2014.
The ratio legis of this convention justifies the call for the establishment of an appropriate normative framework corresponding to the African legal, cultural, economic and social environment ;
The purpose of this convention is therefore to ensure the security and legal framework necessary for the emergence of the knowledge economy in Africa; the protection of personal data as well as privacy is therefore presented as a major issue of the information society, both for public authorities and other actors, that of this protection requires a balance between the use of information and communication technologies and the protection of the privacy of citizens in their daily or professional life while ensuring the free flow of information.
The Member States consider that the ambition of this Convention is to meet the need for harmonized legislation in the field of cybersecurity in the Member States of the African Union, and that it aims to put in place, in each State Party, a mechanism to combat breaches of privacy that may be generated by the transmission, storage and use of personal data, that it guarantees, by proposing a kind of institutional anchoring, that any processing, in whatever form, respects the fundamental rights and freedoms of individuals while taking into account the prerogatives of States, the rights of local communities, the interests of businesses. … . while taking into account the best practices recognized at the international level.
The States consider that the criminal protection of the value system of the information society is a necessity dictated by security considerations; that it is manifested primarily by the need for appropriate criminal legislation to combat cybercrime in general and money laundering in particular.
The vision of the Democratic Republic of Congo
Since 2019, the Democratic Republic of Congo has put digital at the heart of its actions through the creation of a ministry dedicated to the digital economy and the implementation of the “national digital plan, horizon 2025”. A vast program aimed at making digital in the DRC a lever for integration, good governance, economic growth and progress. The adoption of this bill comes almost a month after the development and validation of the national cybersecurity strategy, with the creation of a National Cybersecurity Agency attached to the Presidency of the Republic as a key recommendation. An approach that aims to “build and have a strong and resilient cybersecurity ecosystem” in the country.
This tool is very important to clean up the Congolese digital space by cracking down on all criminal behavior easily spread on the web by individuals and structures well identified. Yesterday the web was considered as a jungle in DRC, because it did not have a legal tool of surveillance, today with the ratification of the Convention of Malabo, the Democratic Republic of Congo has the eyes riveted towards a healthy environment.
What can BENIJAH CONSULTING do for you?
BENIJAH Consulting offers you a range of services, with the aim of protecting your personal, strategic and financial data among others.
BENIJAH is thus positioned as an entity capable of taking up the challenge of data security in all its particularities.
We work with our customers in order to :
- Provide them with a strategy for securing sensitive data;
- Implement technical solutions to fight against data exfiltration;
- Provide incident management capabilities in the event of a data breach.
- Research the source of incidents to help qualify them and provide evidence for use in court.
All of these operations contribute to the security of our clients’ operations to enable them to run efficient and profitable businesses.