The proliferation of online bullying and violence is a fundamental challenge to maintaining stable and prosperous African societies. Whether improving infrastructure, raising awareness or participating in internet governance forums to shape policy and practice, Repongac actively contributes to these forums by advocating for policies that enhance digital security and protect against cyber threats. It shares the challenges and opportunities ahead as a regional coalition in Central Africa.
According to the Cybersecurity Exposure Index 2024, the African region has made the most progress in cybersecurity since 2021. However, a cyber capability gap – characterised by limitations in skills, people, equipment, and funding – is evident in many countries across Africa and globally.
Africa now has over 400 million active social media users and 600 million internet users. Online Africans rely on social media platforms to consume information at one of the highest rates in the world.
The proliferation of intimidation and all forms of online violence is a fundamental challenge to the maintenance of stable and prosperous African societies. The scale of these intentional efforts is aimed at promoting geostrategic interests and shaping narratives that undermine democratic processes and sow confusion in African societies in the throes of various crises.
Weak cybersecurity infrastructures and a lack of awareness of digital risks exacerbate the main risks for breaches and other threats facing Africans today. Businesses and public institutions are particularly vulnerable, often due to a lack of adequate security protocols.
These threats and breaches include several types of cybercrime: Sending fake emails or text messages claiming to come from legitimate sources to trick victims into divulging financial or personal information. Corporate email systems are hacked to gain access to sensitive information. Malicious software also paralyses the computer systems of hospitals and public institutions, demanding ransoms to restore their operation. Finally, networks of infected machines, known as botnets, are used to launch large-scale cyberattacks, further amplifying the risks to digital infrastructures.
Specific laws on cybersecurity in Central Africa
National cybersecurity strategies have become an increasingly common tool for governments to organise themselves around cybersecurity. In 2024, 132 countries had a national cybersecurity strategy, compared with 107 in 2020. Much of this progress is attributed to the African region, where 9 countries have adopted their first national cybersecurity strategy. In addition, many countries have worked to revise and update their existing strategies.
Many African countries – more than 40, including Côte d’Ivoire, Egypt, Ghana, Kenya, Morocco, Nigeria, Rwanda, Senegal, and South Africa – have specific laws on cybercrime.
Several countries, specifically in Central Africa, have introduced laws to strengthen cybersecurity. However, their implementation and application vary according to the resources and infrastructure available in each country.
Cameroon adopted a law on cybersecurity and cybercrime in 2010, aimed at protecting information systems and punishing offences related to the use of information and communication technologies (ICT). Gabon has also introduced cybersecurity legislation governing electronic transactions and providing for penalties for cybercrime offences. The DRC also adopted a law on ICT in 2018. This law includes specific provisions for cybersecurity and the protection of personal data. Chad enacted a law on cybercrime in 2015, which aims to prevent and punish acts of cybercrime, including online fraud and privacy breaches.
Regional forums and initiatives to strengthen cybersecurity
There are several regional initiatives – and spaces for dialogue – aimed at strengthening cybersecurity in Central Africa, reflecting a growing commitment to improving digital security in the region, although challenges remain in terms of implementation and coordination.
In 2014, the African Union adopted the Malabo Convention, also known as the African Union Convention on Cybersecurity and the Protection of Personal Data. The convention covers several vital areas: the protection of personal data, the security of networks and information systems, the fight against cybercrime, the promotion of digital trust, international cooperation, training, and awareness-raising. The convention aims to harmonise national cybersecurity legislation, promote cooperation among member states and create a solid legal and operational framework to protect citizens and digital infrastructures in Africa.
The Economic Community of Central African States (ECCAS) is working on initiatives to strengthen cybersecurity in the region, in particular by encouraging member states to adopt harmonised legislation and share information on threats and best practices.
The Africa Internet Governance Forum (AfIG), to be held in November in Addis Ababa, brings together representatives of governments, the private sector, civil society, and international organisations to discuss the challenges and opportunities related to Internet governance, including cybersecurity.
This year, a number of key themes are in the spotlight. Cybersecurity and cybercrime explores the latest trends, best practices, and legal frameworks for combating online threats and strengthening digital security. Emerging technologies and artificial intelligence interrogate the ethical, legal, and societal implications of AI, blockchain, the IoT and other technologies shaping Africa’s digital landscape. Data governance raises the challenges of data privacy, protection, localisation, and democratisation, while seeking to build trust in the digital ecosystem. Digital rights and human rights analyses online policies affecting freedom of expression, digital identity, and privacy, exploring ways to ensure a digital environment centred on human rights. Universal access and meaningful connectivity address the barriers to affordable and reliable internet access across Africa, focusing on gender inclusion, infrastructure, and digital literacy. The sustainability and environment dimension examines the intersection between technology and sustainable development, covering topics such as e-waste management and supply chain responsibility. The technical and operational dimension discusses the essential infrastructure of the internet, such as domain name systems (DNS), internet exchange points (IXPs), net neutrality, and community networks. Finally, the theme of local media and content focuses on content moderation, multilingualism, disinformation, and the role of local content in Africa’s digital transformation.
In addition, several international cooperation projects, funded by partners such as the European Union and the World Bank, aim to strengthen cybersecurity capacities in Central Africa through training, workshops, and investment in digital infrastructures.
Repongac’s approach to strengthening cybersecurity
Repongac has several levers at its disposal to strengthen cybersecurity in the sub-region, playing a key role in protecting populations against cyberthreats and creating a safer digital environment.
Firstly, the organisation offers workshops and information sessions to raise awareness among its members of best practice in cybersecurity. With the support of our partners, training courses on the fundamentals of cybersecurity are set up, including courses on risk management, personal data protection, and security incident management.
Working with schools, universities, local businesses, and civil society organisations, Repongac also encourages organising joint events, sharing resources, and creating awareness campaigns. The production and distribution of educational content, such as articles, explanatory videos and easy-to-understand infographics, are also part of our initiatives to provide better information on cybersecurity.
In addition, we encourage our members to get involved in local or national initiatives as volunteers to raise public awareness, offer security advice and report cybercrime incidents to the relevant authorities. This mobilisation would enable identifying emerging trends and taking preventive measures against future attacks.
We encourage the use of security software, such as anti-virus and firewalls, and provide advice on how to protect devices from online threats.
Repongac, as a member of the global civil society network Forus, is also involved in the EU co-funded CADE programme, which supports the meaningful participation of civil society in internet governance forums.
Repongac cares deeply about the well-being of the region’s citizens and is aware of the damaging effects that online violence can have on mental health. As well as combating content and behaviour aimed at humiliating, intimidating, or harassing people in the region, it is teaming up with experts to design a guide to help everyone learn more about how to improve their use and create safer, caring, and inclusive communities online.
This article was written by Repongac with support from Bibbi Abruzzini and Clarisse Sih from Forus as well as editing from Ginger Paque from Diplo. The article was originally posted by Forus, and is also available in French, Spanish, and Portuguese.