Cybercrime policies/strategies
Zimbabwe has not yet published a national cybercrime strategy. The Zimbabwe National Policy for Information and Communications Technology (ICT) of 2016 highlights the importance of improving cybersecurity readiness in Zimbabwe notably by enacting the necessary cyber laws to regulate cyber-related activities.
Cybercrime legislation
State of cybercrime legislation
The Criminal Law Act amended by the Cyber and Data Protection Act of 2021 covers some of the Budapest Convention provisions. In January 2019, a new Cybercrime and Cybersecurity Bill which contains more specific cyber-related provisions was approved but has not been promulgated yet.
Substantive law
The Cyber and Data Protection Act of 2021 amends the Criminal Law Act and redefines some computer-related crimes. Section 35 of Part XI “Consequential amendments” provides for new definitions (“computer system”, “service provider”, “traffic data”) and substitutes new computer-related crimes such as hacking (art. 163), unlawful acquisition of data (art. 163A), unlawful interference with data or data storage medium (art. 163B), unlawful interference with computer system (art. 163C), unlawful disclosure of data code (art. 163D) and unlawful use of data or devices (art. 163E). The 2021 Act also contains provisions on child pornography (art. 165A and 165B).
Procedural law
The Cyber and Data Protection Act of 2021 also amends the Criminal Procedure and Evidence Act by inserting new provisions relating to cybercrime. It includes: search and seizure (art. 379A), expedited preservation (art. 379B), obligations and immunity of service providers (art. 379C), jurisdiction (art. 379D) and admissibility of electronic evidence (art. 379E).
Safeguards
The Constitution of Zimbabwe provides for several safeguards including:
- Art. 44: duty to respect fundamental human rights and freedoms
- Art. 54: right to privacy
- Art. 61: freedom of expression and freedom of the media
- Art. 71: property rights
Article 86 and 87 contains provisions on how fundamental human rights and freedoms may be limited by the State of Zimbabwe.
Related laws and regulations
Specialised institutions
The Cyber and Data Protection Act of 2021 created a new Data Protection Authority and Cyber Security Centre within the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) which is part of the Ministry of Information Communication Technology, Postal and Courier Services. They will be in charge of advising the Ministry on matters relating to right to privacy, access to information and cybersecurity, conducting research on policy and legal matters as well as facilitating cross border cooperation relating to data protection and cybersecurity in consultation with the Ministry.
The Zimbabwe Republic Police does not have a specified department or unit dedicated to cybercrime yet. No National Computer Incident Response Teams (CIRT) in Zimbabwe has been created yet.
International cooperation
Competent authorities and channels
The Cyber and Data Protection Act of 2021 do not provide for specific provisions on international cooperation. The latter can be found in the Criminal Matters (Mutual Assistance) Act of 1990 and in the Extradition Act of 1982.
Jurisprudence/case law
The Judicial Service Commission of Zimbabwe offers a data base to find case law.
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.