African Nations Join UN Cyber Crime Initiative

African diplomats will meet their global counterparts in New York on January 17th to thrash out the details of a proposed new United Nations (UN) treaty to tackle cyber crime. It will be an opportunity for the African delegates to highlight growing digital threats and determine how to define, investigate and prosecute what is in effect a borderless crime.

Existing treaties such as the Budapest Convention or the African Union (AU) Convention on Cybercrime and Personal Data Protection (the Malabo Convention) are considered by some states to be useful if somewhat limited regional instruments. 

Russia has been among the countries arguing for a UN-wide convention, with cyberspace increasingly becoming a theatre of geopolitical competition.

The New York meeting is an example of the growing influence of cyber diplomacy. It is among a raft of multilateral forums, many of them led by the UN and driven by competing resolutions, where cyber governance, resilience, capacity and response are discussed. 

The core of such engagements is how states balance freedom of information, privacy and security in the rapidly evolving digital world.

An upcoming Institute for Security Studies (ISS) report explains why Africa cannot afford to take a back seat in such diplomatic discussions. The continent currently lags behind many other parts of the world when it comes to digital ‘capacity’, the people, processes and technology that define the digital age. Discussions on cybercrime, cyber security and how future digital technology is developed, diffused and deployed cannot be the sole preserve of richer nations with more advanced digital capabilities. 

Those same technologies are increasingly being used in Africa to shape the way business, government and security are conducted.

Africa’s more digitally advanced states, including Kenya, South Africa, Mauritius, Nigeria, Ghana, Morocco, Egypt and Rwanda, must articulate the continent’s digital priorities coherently and convert this into organisational strength. This would almost certainly bolster Africa’s influence in cyber diplomacy negotiations. One regional cyber security expert interviewed for the ISS report observed that in many multilateral forums, ‘cyber superpowers view Africans as junior partners needed to make up the numbers in possible coalitions.’ 

To counteract this, Africa needs continental champions who can negotiate common digital positions for presentation by continent-wide bodies such as the AU.

Examples of the most pressing issues include how African states can rapidly develop their digital capacity in line with the AU’s Digital Transformation Strategy. Beyond this are issues of cyber security. For instance, how should African states respond to attacks on critical infrastructure or the weaponisation of cyberspace to conduct disinformation campaigns and undermine democracy? 

It also includes the threat posed by cyber-enabled crimes. Their perpetrators use the internet to engage in traditional crimes like fraud and forgery, human trafficking or the illicit trade in drugs, wildlife products, weapons, precious stones etc.

The AU’s Digital Transformation Strategy emphasises the economic and developmental potential of rapid digital advances to the continent. A key part of this is ensuring equitable access to digital technologies and building the human capacity to benefit from them. However, discussions are needed on the unintended consequences of evolving technologies on human security. Without strategic thinking on shaping and taming the algorithms and deploying future digital technologies, African states risk being swept along by the more digitally mature superpowers and their agendas. 

The continent needs to upskill African cyber diplomats and embed digital knowledge across government. 
Competition over the ownership of emerging technologies and related power relationships are another reason Africa should engage more actively in cyber diplomacy.  African states need the infrastructure underpinning digital technologies such as the networks, hardware and other tools that define the cyber ecosystem. This makes them dependent on other state actors and their proxies but also leaves them vulnerable to influence and imported norms about privacy, mass surveillance and security.

The rapid rollout of CCTV camera systems along with facial recognition tools supplied by Chinese firms in countries including Ethiopia, South Africa, Kenya and Zimbabwe have ignited a debate about sovereignty, technological interdependence and digital feudalism.

Given the modest level of digital development among many of the AU’s 54 states, Africa seems particularly vulnerable to tech-infused geopolitics. The economic challenges facing many countries on the continent may incline them to opt for the cheapest tech rather than the most secure. The ISS report argues that the AU should encourage states to, where possible, delink trade from cyber diplomacy dialogue. Bilateral trading relationships with powerful state tech suppliers may cloud judgements over governance issues, for example. 

Delinking trade from tech may encourage continent-wide approaches to governance and cyber security rather than pursuing individual short-term economic gains. This would reduce the potential for global powers to adopt ‘divide and rule’ strategies on digital issues. With their relatively youthful populations, African states can also position themselves as a rapidly expanding future source and marketplace for new technology. The emergence of indigenous technologies such as M-Pesa in Kenya is an example of local innovation. 

According to World Bank figures, by 2050, one in four of the world’s people will come from sub-Saharan Africa. This, together with the continent’s large proportion of young people, provides leverage for African states to ensure their current digital needs and challenges are addressed as a global priority.

Article First published by ISS Today

Karen Allen is an  and former BBC Foreign Correspondent, an expert on international policy and founder of Karen Allen International

You Might Also Read: 

Internet Cable To Encircle Africa:

 

« The Cyber Skills Shortage & Training Gap - What Is The Solution?
Azure Active Directory Recycle Bin Won’t Save Your Critical Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Evidian

Evidian

Evidian, a Bull Group company, is the European leader and one of the major worldwide vendors of identity and access management software.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

CYE

CYE

Utilizing data, numbers, and facts, CYE helps security leaders know what business assets are at risk and execute cost-effective remediation projects for optimal risk prevention.

Optra Security

Optra Security

Optra Security specializes in information security with a focus on Application Security.

Danish Maritime Cybersecurity Unit

Danish Maritime Cybersecurity Unit

The Danish Maritime Cybersecurity Unit is tasked with delivering the initiatives set out in the Cyber and Information Security Strategy for the Maritime Sector.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

Nardello & Co

Nardello & Co

Nardello & Co. is a global investigations firm with experienced professionals handling a broad range of issues including Digital Investigations & Cybersecurity.

Arkphire

Arkphire

Arkphire provide solutions across every aspect of IT to help your business perform better.

CyberUK

CyberUK

CYBERUK is the UK government’s flagship cyber security event and the authoritative event for the UK’s cyber security community.

BigBear.ai

BigBear.ai

BigBear.ai delivers high-end analytics capabilities across the data and digital spectrum to deliver information superiority and decision support.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.