Assessing the need for cyberlaw harmonization Cécile Barayre-El Shami Programme Manager, E-Commerce and Law Reform ICT Analysis Section, UNCTAD cecile.barayre@unctad.org Commonwealth Cybersecurity Forum 2014 London, 5-6 February 2014 1
Cyberattacks have the potential to destabilize on a global scale. Cybersecurity must therefore be a matter of global concern. We need to work together to bolster confidence in our networks, which are central to international commerce and governance. We need to strengthen national legislation push for international frameworks for collaboration and adopt the necessary measures to detect and defuse cyber threats. Mr. Ban Ki-moon, UN Secretary-General, Seoul Conference on Cyberspace, Seoul, Republic of Korea, October 2013 2
Why cybersecurity matters Technology is pervasive and omnipresent Nearly as many SIM cards as people/applications 90% global penetration 60% in Africa 9% annual growth of Internet users worldwide Mobile money in expansion 2.5 billion people unbanked in lower to middle income countries 225 deployments as of February 2014, of which more than 50% in Africa Increased use of cloud computing Webmail and social networks Business applications G-cloud E-government initiatives E.g: the EAC 3 Sources: ITU, GSMA, UNCTAD (2014)
Signs of rapid growth of e-commerce in developing countries B2C e-commerce sales in 2012: $1 trillion China, India and Indonesia expected to grow fastest in 2013 China E-commerce has grown by 120% a year since 2003 Surpassed the US in 2013 as largest e-commerce market Requested UNCTAD to review its e-commerce legislation (2014) Latin America: from $1.6 billion to $43 billion in past decade Brazil accounts for largest market share (59%) Middle East and Africa: share in global e-commerce expected to rise from 1.6% to 3.5% by 2016 4 Sources: Economist, Morgan Stanley, emarketer
Issues to address Cybersecurity is multi-dimensional and complex Sovereignty, freedom of expression and privacy No international framework to address cybersecurity Security and trust of ICT users Lack of capacity: Policy and law makers preparing and enforcing laws Technical skills (security systems and CERTs) Enforcement bodies Differences among countries Legislation, capacity, resources Regional agreements/frameworks 5
Assessing cyberlaw status 1/3 of the world s jurisdictions lack e-commerce legislation 101 countries (including 55 developing countries) with data privacy laws Africa (18) Asia (8) Caribbean and Americas (13) Europe (3) Pacific (11) Privacy Laws (16) Ghana Mauritius Seychelles India Malaysia Singapore Bahamas Canada St Lucia St Vincent and The Grenadines Trinidad and Tobago Cyprus Malta United Kingdom Australia New Zealand Bills (10) Kenya Nigeria South Africa Tanzania Antigua and Barbados Barbados Dominica Grenada Jamaica St Kitts and Nevis 6 Source: UNCTAD, Greenleaf, 2013
UNCTAD's work on cyberlaw harmonization Provide technical assistance to more than 30 countries of which 10 Commonwealth countries building harmonized legal frameworks for e-commerce [Ghana, Kenya, Nigeria, Rwanda, Sierra Leone, Uganda, Tanzania, Brunei Darussalam, Malaysia, Singapore] Support developing countries efforts towards the preparation of an enabling legal and regulatory environment for e-commerce 1. Raise awareness and build capacity of policy and law makers, including parliamentarians; eg. CTO and CPA Briefing of parliamentarians, Commonwealth Cybersecurity Forum 2013 2. UNCTAD training course on the Legal Aspects of E-commerce : legal validity of e-transaction, consumer protection, taxation, security, privacy, IPRs, content regulation 3. Reviews of national laws and regional agreements 4. Assistance in the preparation of regionally harmonized legal frameworks Programme funded by Finland 7
ASEAN Frontrunner in Harmonization Harmonization of E-Commerce Legal Infrastructure in ASEAN Project (2004-2008) First developing region to adopt harmonized framework for e- commerce laws ICT Master Plan 2015 sets targets for further harmonization Recognize need for continuous improvement of framework and to ensure effective implementation at national level Conscious of new challenges as result of evolving ICT landscape 8
UNCTAD-ASEAN Review of E-Commerce Laws Harmonization in ASEAN Take stock of progress to date Surveys of 10 ASEAN Member States and of the Private Sector Workshop in Cebu, 10-11 November 2012 25 participants from all ASEAN Member States Country presentations Group discussions on key issues and priority legal areas Needs assessment Review published in 2013 and presented to the Telecommunications and IT Senior Official and Telecommunication Regulators' Council Leaders in September 2013 9
Status of e-commerce law harmonization in ASEAN (March 2013) Source: UNCTAD 10
UNCTAD's assistance in Africa The case of the EAC Main goal of the EAC Treaty: regional integration Regional e-government Programme adopted by the EAC Council of Ministers (2006) Enabling legal framework as a critical factor: e- transactions, cybersecurity Harmonized regional and national legal frameworks Creation of an EAC Task Force Regional ICT developments Improved fiber-optic links and expansion of mobile telephony and related services, notably mobile money Business process outsourcing 11
EAC cyberlaw harmonization : Processes 12
Great progress achieved in terms of harmonization in the EAC Two Cyberlaw Frameworks endorsed Phase I: e-transactions, cybercrime, consumer protection, data protection adopted by the EAC Council of Ministers (2010) Phase II: IPRs, competition, taxation and information security - adopted by the EAC Council of Ministers (2013) Progress at the country level Computer crime : Kenya, Rwanda and Uganda - (Drafts - Burundi and Tanzania) Data protection and privacy: Drafts in Burundi, Kenya, Rwanda and Tanzania- A draft is being prepared by Uganda - Request from the Ministry of Information and Communications Technology for UNCTAD review (2014) Awareness campaigns eg. Uganda: Training of ICT and legal personnel since 2012: banks, insurance, traders, manufacturers, judges, police and other agencies and bodies Success of the project based on: Ownership from the EAC secretariat Continuation and commitment of the EAC Task Force (TF) Members UNCTAD continued support: review of draft laws and capacitybuilding workshops 13
UNCTAD's assistance in Africa The case of ECOWAS Project started in 2013 in cooperation with the ECOWAS Commission To support the implementation at the national level of existing legal frameworks on e-transactions (Supplementary Act A/SA.2/01/10), cybercrime (Directive 1/08/11) and personal data protection (Supplementary Act A/SA.1/01/10) To review e-commerce law harmonization Building capacity of policy and law makers 220 trained through distance learning Two regional workshops (Dakar, February; Accra, March, 2014) Surveys of 15 ECOWAS Member States Recommendations to further cyberlaw harmonization "If we want to promote e-commerce in the region, we must raise consumer confidence in computer security and electronic transactions" - Dr. Raphael Koffi, Principal Programme Officer and Head of Telecommunication/ICT Division, ECOWAS Commission 14
15 Thank you for your attention! http://unctad.org/ict4d