Open Forum #39 From Research to Action Cybercrime Justice in Africa

Summary

This discussion focused on the launch of a research report titled “Access to Justice in the Digital Age: Empowering Victims of Cybercrime in Africa,” co-organized by UNICRI and ALT Advisory. The session examined cybercrime trends, challenges, and solutions across four African countries: South Africa, Namibia, Sierra Leone, and Uganda. Tina Power, the report’s main author, presented four key findings: cybercrime is rising in Africa but remains under-documented due to significant under-reporting, there’s a disparity in understanding between financial and personal cybercrimes, certain cybercrimes are inherently gendered in nature, and deep structural barriers continue to hinder access to justice.

Michael Ilishebo, a digital forensic analyst from Zambia Police, highlighted major law enforcement challenges including lack of technical capacity, increased use of AI by criminals, encryption technologies that delay investigations, and jurisdictional issues. He emphasized that most African countries are not party to the Budapest Convention, limiting international cooperation. Sandra Aceng from Women of Uganda Network discussed obstacles victims face, particularly women and gender minorities, including social stigma, limited digital literacy, dismissive police attitudes, and insufficient legal frameworks specifically addressing technology-facilitated gender-based violence.

The speakers provided recommendations including strengthening legal frameworks with victim-centered approaches, enhancing law enforcement capacity through training, improving public-private partnerships with tech companies, and developing comprehensive support services for victims. Senator Shweba Fola Besalisu from Nigeria emphasized the need for continental coordination and bringing civil society organizations into the conversation. The discussion concluded that addressing cybercrime in Africa requires a multi-stakeholder approach combining robust legal frameworks, institutional capacity building, and coordinated regional responses to effectively protect victims and ensure access to justice.

Keypoints

## Major Discussion Points:

– **Rising cybercrime in Africa with significant under-reporting challenges**: The discussion highlighted that while cybercrime is increasing across African countries, there’s a substantial gap in understanding the full scope due to victims not knowing they’ve been affected by crimes, lacking knowledge of reporting procedures, or facing stigma when reporting personal harms like non-consensual sharing of intimate images.

– **Gender-based dimensions of cybercrime and online harms**: A key focus was on how certain cybercrimes disproportionately affect women and LGBTQI+ communities, including revenge porn, cyber-stalking, and doxxing. The discussion emphasized how victims face cultural stigma, fear of public shaming, and dismissive attitudes from law enforcement when reporting these crimes.

– **Law enforcement capacity and technical challenges**: Speakers addressed the significant obstacles facing African law enforcement agencies, including lack of technical skills for digital forensics, inadequate legal frameworks, jurisdictional issues in cross-border crimes, and the increasing sophistication of criminals using AI and encryption technologies.

– **Legislative gaps and the need for comprehensive legal frameworks**: The conversation emphasized the importance of having well-crafted, human rights-based cybercrime laws that address both financial and personal harms, with clear definitions and accountability mechanisms. The discussion included recommendations for legislative audits and model laws tailored to African contexts.

– **Multi-stakeholder collaboration and capacity building needs**: Speakers stressed the necessity of partnerships between government, civil society, private sector (especially big tech companies), and international organizations to effectively combat cybercrime, along with comprehensive training for justice system actors and digital literacy programs for communities.

## Overall Purpose:

The discussion aimed to launch UNICRI’s research report “Access to Justice in the Digital Age: Empowering Victims of Cybercrime in Africa” and translate research findings into actionable recommendations. The session sought to identify common trends in cybercrime across African countries, understand barriers to justice for victims, and develop practical solutions through multi-stakeholder dialogue involving law enforcement, civil society, legal experts, and policymakers.

## Overall Tone:

The discussion maintained a professional, collaborative, and solution-oriented tone throughout. While speakers acknowledged serious challenges and shared concerning case studies of victims, the atmosphere remained constructive and focused on finding practical remedies. The tone was respectful and inclusive, with speakers building upon each other’s points rather than disagreeing. There was a sense of urgency about addressing the issues, but also optimism about the potential for positive change through coordinated efforts. The conversation became slightly more animated during the Q&A session when participants raised concerns about balancing civil liberties with victim protection and the need for continental approaches to regulation.

Speakers

– **Ottavia Galuzzi**: Social expert at UNICRI (United Nations Interregional Crime and Justice Research Institute), session moderator

– **Tina Power**: Director of ALT Advisory, Attorney of the High Court of South Africa, main author of the report being launched

– **Michael Ilishebo**: Digital Forensic Analyst and Cybercrime Investigator at the Zambia Police

– **Sandra Aceng**: Executive Director at WOGNET (Women of Uganda Network)

– **Audience**: Various audience members who asked questions during the Q&A session

**Additional speakers:**

– **Odhran McCarthy**: Program Management Officer and Liaison Officer in New York at UNICRI, online moderator

– **Senator Shweba Fola Besalisu**: Nigerian Senator, Chair of the Nigerian Senate Committee on ICT and Cyber Security, Chairman of the West African Parliamentarians Network on Internet Governance

– **Juri Bokovoy**: Member of the Finnish Green Party

– **Belford Doherty**: Cyber Policy Analyst and Head of IT at the Financial Intelligence Agency in Sierra Leone (mentioned as expected speaker but did not participate in the recorded portion)

# Report Launch: Access to Justice in the Digital Age – Empowering Victims of Cybercrime in Africa

## Executive Summary

This discussion centred on the launch of a research report titled “Access to Justice in the Digital Age: Empowering Victims of Cybercrime in Africa,” co-organised by UNICRI (United Nations Interregional Crime and Justice Research Institute) and ALT Advisory. The session brought together law enforcement officials, civil society representatives, legal experts, and policymakers to examine cybercrime trends and challenges across four African countries: South Africa, Namibia, Sierra Leone, and Uganda.

## Key Participants

**Ottavia Galuzzi**, Social Expert at UNICRI, served as moderator and explained UNICRI’s work stream on cybercrime and online harms, including terrorism, violent extremism, gender-based violence, child abuse and hate speech.

**Tina Power**, Director of ALT Advisory and Attorney of the High Court of South Africa, presented the report’s main findings as its principal author.

**Michael Ilishebo**, Digital Forensic Analyst and Cybercrime Investigator at the Zambia Police, provided law enforcement perspectives on operational challenges and technical capacity gaps.

**Sandra Aceng**, Executive Director at WOGNET (Women of Uganda Network), contributed civil society perspectives on victim experiences, particularly focusing on gender-based dimensions of cybercrime.

**Senator Shweba Fola Besalisu**, Nigerian Senator and Chair of the Nigerian Senate Committee on ICT and Cyber Security, as well as chairman of the West African Parliamentarians Network on Internet Governance, offered parliamentary perspectives on legislative challenges.

## Major Research Findings

### Rising Cybercrime with Under-Reporting

Tina Power highlighted that whilst cybercrime is increasing across African countries, significant under-reporting exists because victims often don’t recognise they’ve been affected by crimes, lack knowledge of reporting procedures, or face stigma when reporting personal harms such as non-consensual sharing of intimate images.

### Disparity Between Financial and Personal Cybercrimes

A key finding was the stark difference in how authorities respond to different types of cybercrimes. Financial crimes typically receive quicker responses from law enforcement, whilst personal crimes—particularly those affecting women—are often dismissed as intimate or domestic matters not warranting serious investigation.

### Legal Framework Gaps

The research identified inadequate legal frameworks across the studied countries, consisting of either patchwork legislation, outdated laws, or complete absence of relevant cybercrime statutes. Tina Power noted that “good laws matter as they provide clear definitions, guidance, and legal basis for victims to seek redress.”

## Law Enforcement Challenges

### Technical and Resource Constraints

Michael Ilishebo detailed significant obstacles facing African law enforcement agencies, including lack of technical skills for digital forensics, inadequate training programmes, insufficient resources for cybercrime investigations, and limited access to specialised equipment and software.

### Artificial Intelligence and Evolving Threats

Michael Ilishebo identified a concerning trend: “We have seen an increase in terms of the cyber crime that is happening due to the use of AI. We have seen people that may not even actually know how to code… They are using AI to enhance their criminal skills.”

### International Cooperation Challenges

The cross-border nature of cybercrime creates jurisdictional challenges. Michael Ilishebo noted that most African countries are not party to the Budapest Convention, limiting international cooperation opportunities. He mentioned the upcoming UN Convention against cybercrime to be signed in October in Vietnam as a potential solution.

### Africa Cryptocurrency Working Group

Michael Ilishebo described his involvement in the Africa Cryptocurrency Working Group under the US Department of Justice, which brings together African law enforcement agencies to address cryptocurrency-related crimes and share intelligence.

## Victim Experiences and Barriers

### Gender-Based Dimensions

Sandra Aceng provided insights into obstacles victims face when seeking justice, particularly women and gender minorities. She shared specific case examples, including a 2022 case from northern Uganda and a recent case reported to Kampala Central Police Station, illustrating how victims face social stigma and dismissive attitudes from law enforcement.

### Institutional Response Gaps

Sandra Aceng noted that law enforcement frequently lacks specific training for technology-facilitated gender-based violence, resulting in inadequate responses. She observed that police officers often don’t understand the serious impact of cybercrimes involving personal or intimate harms.

## Legal Successes and Practical Applications

Tina Power provided specific examples of successful legal interventions using South Africa’s Cybercrime Act and Protection from Harassment Act, demonstrating how well-crafted legislation can provide effective remedies for victims when properly implemented.

## Public-Private Partnership Challenges

### Platform Non-Cooperation

Michael Ilishebo identified frequent refusal of social media platforms to cooperate with African law enforcement agencies. Platforms often refuse to provide information or remove content, citing community guidelines over local laws.

### Continental Coordination Proposal

Senator Besalisu proposed a continental approach to address platform non-cooperation, suggesting that “Africa as a continent come together, does the same thing that happens in Europe. You violate the law in a part of Europe, the entire Europe will fine you.”

## Civil Society and Legislative Tensions

Senator Besalisu expressed frustration with civil society opposition to cybercrime legislation amendments, stating: “civil society organizations, every time there’s an attempt to amend the cyber crime law to protect citizens, the civil society organizations are always in arms, believing and thinking that it’s about to constrain the space.”

Tina Power acknowledged this “very fine line” and emphasised the importance of grounding legislation in human rights principles to address these concerns whilst protecting victims.

## Key Recommendations

### Victim-Centred Legal Frameworks

Tina Power emphasised that “laws must be victim-centered, grounded in human rights, and well-communicated to both public and justice system actors.”

### Capacity Building and Training

Speakers emphasised the need for comprehensive training programmes for law enforcement, judiciary, and other justice system actors, addressing both technical skills and gender-sensitive approaches.

### Specialised Response Units

Sandra Aceng recommended establishing specialised technology-facilitated gender-based violence response desks at police stations, staffed by trained female officers.

### Multi-Stakeholder Partnerships

Sandra Aceng emphasised the need for “multi-stakeholder partnerships including engagement of boys, men, and communities in prevention efforts.”

### Digital Literacy and Awareness

Speakers highlighted the importance of comprehensive digital literacy programmes targeting diverse audiences through multiple channels, including community workshops, radio programmes, and social media campaigns. Sandra Aceng mentioned successful initiatives including comic books and other educational materials.

## Conclusion

The discussion successfully launched UNICRI’s research report whilst generating substantive dialogue about cybercrime challenges in Africa. Key themes included the need for victim-centred approaches, enhanced institutional capacity, improved public-private partnerships, and better coordination between stakeholders. The session highlighted both the complexity of addressing cybercrime across diverse African contexts and the potential for collaborative solutions that balance victim protection with human rights considerations.

Tina Power’s framing of cybercrime as fundamentally “a justice issue” rather than merely a technical problem provided a central theme that influenced much of the subsequent discussion about legal frameworks, institutional responses, and victim support mechanisms.

Ottavia Galuzzi: Good morning everyone joining us in person and online and good afternoon or evening to disconnect from different time zones. For people present in the room you can wear the headset to hear us better, both us and people online. My name is Ottavia and I work as a social expert at UNICRE, the Interregional Crime and Justice Research Institute. We are very thankful for your time and interest in this session co-organized by UNICRE and ALT Advisory titled From Research to Action, Cybercrime and Justice in Africa. Very quickly during this session we will launch our research report just published today titled Access to Justice in the Digital Age, Empowering Victims of Cybercrime in Africa. We’re going to present its main findings, learn from our speakers about many topics from the common trends in cybercrime and online harms targeting African countries, the challenges national law enforcement agencies face in conducting investigations and the obstacles victims encounter in reporting cybercrime and online harms and in seeking fair redress. Then we will aim to discuss recommendations, what gaps we can fill in as a multi-psycholar community and what practical solutions we can improve or develop as next step. We will conclude the sessions with participant feedback and expertise including of course questions. for our speaker. This falls within UNIQRI’s work stream on cybercrime and online harms, which aims to explore the interplay of different cyber threats and harmful behaviours, seeking to develop inclusive and rights-based solutions to address the convergence of cyber crime and online harms, including terrorism, violent extremism online, gender-based violence, child abuse and exploitation, and hate speech. At UNIQRI, we address these threats through action-oriented research on niche thematic areas, but also capacity-building activities involving tech companies and technical assistance to member states and policy-making. So, of course, I would like to thank our great speakers for their time today and their direct contribution to the report we are launching, we just published. Let me quickly introduce them for you all. So, we have Tina Power, she’s Director of ALT Advisory and Attorney of the High Court of South Africa. Michael Ilishebo, Digital Forensic Analyst and Cybercrime Investigator at the Zambia Police. And then online, we have Sandra Aceng, thanks a lot for joining us online, Executive Director at WOGNET, Women Uganda Network. And we are waiting for another online speaker who might join us soon, Belford Doherty, who is Cyber Policy Analyst and Head of IT at the Financial Intelligence Agency in Sierra Leone. Last but not least, my colleague Odhran McCarthy, Program Management Officer and Liaison Officer in New York, is joining as online moderator. To all online participants, of course, leave your questions and comments and feedback in the chat, and we’re going to go through it during the Q&A. So, logistically speaking, we will, before opening the floor to participants, we will have two rounds of questions for our speakers, to firstly set the scene, and secondly, to discuss recommendations, opportunities. And I think we can just start. So my very first question is for Tina. So as the main author of this report we’re launching today, could you please share with us the main findings of this report? Thank you.

Tina Power: Thanks, Ottavia. Good morning, everyone. Maybe just a quick good morning to all of the early birds who joined us in person. We appreciate it’s a slightly chillier morning and it’s been a very busy week. So thank you for taking the time to be here. And thank you to everyone online as well. We know some colleagues are joining from very different time zones. So we appreciate that everyone has put in the effort. And a final thank you to the technical team at the back who’ve helped make all of this possible. We really do appreciate it. Thank you so much. So as a point of departure, it’s important to note that while many of the themes that we’ll be discussing today may be familiar, what sets this report apart is its focus on Africa, which is somewhat unique given that we’re launching it in Norway. But we don’t often speak about what’s going on in Africa from a cybercrime perspective. So that is important. It is also victim-centered in nature. We’re not talking about hacks of big banks. We’re talking about the lived and individual experiences of ordinary people who are victims of cybercrimes. And it is also informed by a diverse set of stakeholders, which is why this panel is also so unique. We’ve got members of the private sector. We’ve got members of civil society. We’ve got UN agencies and we’ve got government. So it was truly informed by everyone’s perspective and views. And lastly, it’s been geared towards finding meaningful and practical solutions to the present challenges. So quite simply, the report isn’t set to explain to us what cybercrimes are. It’s set to explain to us how people are being affected and why so many remain without justice. So there’s a lot to unpack in the report. But I’m going to just spend some time going through four of the overarching findings that we saw across four different countries. South Africa. Namibia, Sierra Leone, and Uganda. So the first finding is that we know cybercrimes are on the rise in Africa, but we don’t yet have the full picture. Secondly, there’s a significant disparity in how people are understanding various different forms of cybercrimes. Thirdly, certain types of cybercrimes are inherently gendered in nature. And finally, we are seeing deep structural barriers that are continuing to hinder access to justice. So I’ll briefly take us through these. So the first is we know that cybercrimes is on the rise. We’ve seen this through emerging data, anecdotal evidence, and engagement with stakeholders. But we don’t think we have the full picture yet. And this is largely due to significant under-reporting, which I know Sandra is going to touch on shortly. But we’ve seen that a lot of people who are victims of cybercrimes don’t know that they have been affected by a crime. Even if they do know it’s a crime, they don’t know where to report, how to report, or how to phrase what it is that has happened to them. There’s also, particularly in relation to more of the personal types of online harms, like the non-consensual sharing of intimate images, a lot of women in particular feel that there is significant stigma in reporting and that they will be blamed or re-victimized. So that hinders them from reporting. And in many instances, we’ve also just seen that frontline officers at police stations aren’t equipped to respond to these types of crimes. They don’t know what codes to use. They don’t know how to articulate what the crime is, which then hinders the whole justice process. So where data exists, it is very helpful and we can start seeing what the trends are and pick it up. But we do need to do a lot more to better capture what the actual reality is, because it means we’re tackling somewhat of an invisible problem. And this is not to say that the harms aren’t real, they’re just currently not captured on the system. Secondly, and this links to capturing, the report highlights quite an important distinction between financial harm and personal harm. Financial harms are the harms where you’ve been scammed, you’ve been hacked, someone has stolen your money. And then we have personal harms, which are far more intimate. This is the non-consensual sharing of intimate… and Mr. Michael Ilishebo. We’ve been talking about the two types of crimes. We’ve been talking about intimate images, being harassed online, being doxed, being threatened, instances of hate speech. And what is interesting about the distinction is how it is responded to. If you report a financial crime or a theft, there’s often a quicker response and a more immediate response, whereas reporting personal crimes are seen as more intimate or domestic in nature and not always taken as seriously. We’ve seen this in the case of cybercrime. We’ve seen this in the case of cybercrime. Cybercrime also came through incredibly strongly in the research and engagements with stakeholders on the ground. Where there are instances of harassment, doxing, intimate images, these are all very gendered in nature and it is clear that women are disproportionately affected as our members of the LGBTQI plus community. And finally, all of this culminates in us identifying the correct legal framework to enable this. It is either a patchwork of laws, non-existing laws, or laws that are outdated or outmoded. We’re also seeing that law enforcement and justice systems are often undercapacitated in Africa. Resources and budgeting is not directed towards these institutions, but it will be lovely to hear from Michael, as someone who is playing a critical role in these institutions, as to what the type of capacity is that we need. We’re also seeing that both victims and survivors of cyber-crimes are often under-reported. We’re also seeing that there is a lack of accountability for victims of cyber-crimes, and cyber-crimes legislation. We’re also seeing that people don’t recognize this as a crime, which then means that they are not reporting. Ultimately, the report has made it clear that cyber-crimes is not just a technical issue, it’s a justice issue. If we don’t have correct avenues for justice, victims and survivors will not be able to seek recourse, we will lack accountability, and we will not be able to move forward as a global country.

Ottavia Galuzzi: Thank you Ottavia, that was a fantastic their report we are publishing today, but to the conversation and discussion of today. So now we’d like to move to you, Michael, and get your perspective as law enforcement. So could you please share with us, what do you think are the main challenges law enforcement authority face with cybercrime investigations today?

Michael Ilishebo: Thank you. Good morning, Ottavia, and good morning, my fellow panelists and those in this room and those online. So basically as a law enforcement officer from Africa, and also one of the law enforcement officers in this world was trying at all costs to ensure that we have a safer cyberspace for all, because as you know, cyber has no jurisdictional borders. So basically from the African perspective, the challenges are many. Cybercrime comes in a mouth face way. What I’m trying to mean is, in almost every crime that is committed today has elements of digital evidence. Digital evidence is highly policed using the cyber laws. So we find a situation where almost all traditional forms of crime that used to happen in the past are more prominent now, because of the use of ICT. Just as the increase in the nominal traditional crimes is on the rise, we’ve seen cybercrime also coming on the rise. So among us, the many challenges that we are facing as African law enforcement agencies or African law enforcers is that the first part of it is the lack of capacity in terms of technical skills. Because when we talk of cybercrime investigations, the process starts with a person reporting. In this case, there’s also an increase in under-reporting of these cases. Most cases that happen, people fail to report them to the police, not because they don’t want to report them. and Mr. Michael Ilishebo. I would like to start with the first point. First, because they know that either by time, even if they report, they may not get sufficient help. Secondly, because as she put it, it could not be a crime that has been committed from the aspect of financial gain but personal gain. There are people that would want to keep their privacy as in really private, knowing that if I go to the police station, they may not be able to report these cases. So, if they report these cases, they may not be able to report the nature or anything that may compromise their standing in society. They may end up failing to report these cases. So, as the cases are reported at police station levels, what happens next is the suspects are supposed to be arrested and arraigned before the courts of law. Then, if the police are failing to handle some of these cases due to technical skills, what happens at the courts? Then they hug them, maybe try to run others and then eventually, they will get a fine or they will actually have to join another city court. They will have to judge the acts that they had committed against themselves. They will have to do a lot of things. They will have to do a lot of things. So, we have seen an increase in terms of the cyber crime that is happening due to the use of AI. We have seen people that may not even actually know how to code. People may not even know how to frame this and that. They are using AI to enhance their criminal skills. Also, the use of encryption in order to hide whatever information that may be found on their mobile devices, on their cell phones, on their computers. So, the use of encryption in order to delay the later justice is enforced. Thirdly, also, the use of cryptocurrency. As you have seen, we have seen an increase where criminals no longer have to rely on fiat cash. In order for them to commit a crime, they hide under the cryptocurrency barrier. But of course in Africa, we are trying with the help of the US government an organization was a grouping was formed which is called Africa Cybers Africa Cryptocurrency Working Group, which is under the US Department of Justice attached to the AU in Addis Ababa. I think we are there is about eight countries and more countries will be joining We are trying to tackle the issues of cryptocurrency so sadly It’s the issues of legal frameworks as you know To fight cybercrime you start with domestic laws then let alone you Graduates to international conventions. So most African countries are not part to the Budapest Convention But fortunately enough the UN has come up with a draft UN Convention against cybercrime Which by nature in an African country which is a member of the UN may in a way or one way or the other may find themselves signing to the Budapest to the To the UN Convention when it comes into when it is signed. I think it will be signed in In October in Vietnam, then of course the process will start overseeing and all those So that would be the easier way for member states in Africa to be part to the international conventions of course, we have the Malabo Convention on data protection and Cyber security, but it does not address the current increase in terms of crime There is also the Budapest Convention which has been around for the last 20 years If I checked the last time I checked the data’s the only about Less than 15 if not 12 African countries who are part to the Budapest Convention this in itself has played a critical role in terms of us getting information when it comes to Cases or criminals who are out of the jurisdiction of Africa So that brings out to the issues of jurisdictions because we’ve seen an increase in crimes Being committed in nations that may not even have cyber laws in place So what is happening right now is if a country has poor cyber Crime registration somebody from another jurisdiction may actually cause financial and emotional harm and yet In that country, it’s not a crime So, we’ve seen so many challenges such that if I was to list them here, they would resonate with almost all the challenges all enforcement agencies are facing. But what I’ve just said, these are part of the most critical challenges that we are facing.

Ottavia Galuzzi: Thanks a lot, Michael, for this overview and snapshot, very detailed snapshot into the different challenges law enforcement may face in regards to cybercrime investigation. Something interesting you mentioned regarding the rise of cybercrime with AI, something we have seen via different research is that AI is really, is not creating new criminals, is actually allowing criminals in other fields moving into the cybercrime environment, which is a bit concerning because, yeah, I think we can all agree that AI reduce the level of barrier into everything that is technical. So thanks for bringing that up as well. Moving forward, I would love to come to you, Sandra, I hope you hear me. Yeah, we see you, that’s fantastic. And to you, given your line of work and the important work you do, I would like to focus more on the victim side. So we would love to hear from you, what are the obstacles that victims encounter in reporting cybercrime-reliant harms and in seeking fair redress, particularly from a gender perspective?

Sandra Aceng: Thanks to you. Thank you so much for the question. Could you please confirm that you can hear me? Yeah, we can hear you. Okay. It would have been lovely to be in that room, but nonetheless, I’m joining virtually and good morning, good afternoon, and might be evening for everyone, for some other people who are joining as well. I’m very glad to be speaking about this subject. So based on the work that we have done at Women of Uganda Network. Looking at some of the obstacles that victims encounter, especially women and gender minority groups, they face a lot of numerous challenges, especially in being able to report, but also being able to seek redress, which sometimes, in most cases, is shaped by social stigma, sometimes institutional gaps, and also digital illiteracy, as also clearly highlighted by Michael. So I would go deep into it. So one of the obstacles has been stigma and the fear of also public shaming, whereby women who experience tech-facilitated gender-based violence, such as non-consensual intimate distribution of intimate images, that in the context of Uganda is usually referred to as revenge porn, and also cyber-stalking and doxxing, they often really fear being blamed or ridiculed. And then there’s also the cultural norms that discourage women from speaking out, especially when the abuse is sexual in nature and also intimate in nature. So there’s this case in 2022, when we documented during our study, a young woman in the northern part of Uganda had intimate images leaked by her ex-partner. So rather than her posting it, reporting it, she withdrew from social media and also isolated herself. So when she reported this case to Women of Uganda Network, she expressed fear of being judged by police and also her community. So when the case was handled confidentially through Whoop Net’s toll-free line, but she never really… pursued for more justice as well. And then, also talking about the aspect of limited literacy and also awareness of rights, whereby many victims, especially those in the rural, rural women and youth, do not recognize online harms or crimes, or are unaware of, actually, the available legal protections. So, a lack of awareness of, for example, a data protection law, or the Computer Misuse Act amendment in 2022, or the the Uganda Police Cybercrime Units also limits reporting. Still an example during a workshop that we conducted in a district that is based in northern Uganda. It also found out that about 80 percent of the participants, majority of which were women, had never heard of what Uganda Data Protection and Privacy Act is. So, many believe that online reporting abuse was maybe for those who have strong political views or financial connection. So, you can see, really. So, there’s also a bit of lack of awareness in regards to that. And then, also talking about the weak law and also the enforcement response and institutional aspect of it, you find that victims also face very dimissive attitudes from police, especially when the harm is online and not physical. A serious case that we actually recently was reported to our police through one of our partners, whereby her private and intimate images were unlawfully shared in multiple WhatsApp groups, which we also were able to identify the WhatsApp group without consent. So, she strongly believed that these images were taken by her former boyfriend, which was also named. but I’ll keep it private for this. So as she was, he was the only person with access to her at that state and she also asserted that he took these photos without her consent. So she reported this case to the central police stations of Kampala. All the case details are with offensive registration registered and as an unsolicited information under the Computer Misuse Act, CAPT 96. So she was deeply very concerned that more content would be shared and also as she and also the ex-partner also engaged in intimate activities in his residence which also had a CCTV camera to which he had sole access to but the police could not help her because she didn’t have enough evidence. So we were able to provide some support of having screenshots which she was also able to share and either also if she has direct access to the WhatsApp group which she didn’t have but a friend had access to the WhatsApp group and also belong to the WhatsApp group but she couldn’t report this case because the friend could not report it. It needed someone in the WhatsApp group to be able to report and I was actually looking through the rules in the WhatsApp group which also says if you’re quiet in the WhatsApp group you will be able to be excluded and all that. So you can see that the aspect of law enforcement that lacks specific trainings especially to undertake tech-facilitated gender-based violence is still lacking and investigations often are slow and also very inclusive. So this requires a lot of training to be done and also linked to that also a university student also reported that cyberbullying and defamation via Facebook accounts to her local police post in Lira district that is also based in northern Uganda. So the police asked her to present the suspect, who was anonymous, and then told her to ignore it and deactivate her account. So through UGNET’s legal network, we were able to link them to the Belford law for digital legal support, but formal justice was not pursued. So you find that there’s a lot of issues that continue to happen, also with the insufficient legal frameworks and gender-sensitive provisions that we have, this continues to happen. For the case of Uganda, we have no specific law in Uganda that addresses technology-facilitated gender-based violence. Although we have the African Commission of Human and People’s Rights Resolution 522, which talks about the protection of women against digital violence in Africa, it’s still something that re-organizes online gender-based violence as a human right. And this is a step, and it’s also calling for all the member states countries to be able to work together to ensure that we have specific laws that address digital violence as a whole. So I would like to stop here, and I need to go back to you, thank you.

Ottavia Galuzzi: Thanks a lot, Sandra, for sharing different, unfortunately different examples of cases related to cybercrime, online arms, and with a gender-based violence component as well. Your perspective is very much needed in this type of conversation. So now, you know, we set a bit the scene of what is happening, and what are the different and Mr. Michael Ilishebo, Mr. Odhran McCarthy. Thank you so much, Tina. I’m going to start with you, because I think you’ve already touched on a lot of different challenges that different sectors within this topic address. So perhaps we can we can move into recommendations, opportunities and next steps. And then, of course, opening to to the floor, both in on site and online floor. What can you share with us on the legislative aspect? So how can we use legislative instruments to to really advance the prevention and countering of cybercrime and online harms?

Tina Power: Thank you. Thanks, Ottavia. If there’s ever a question to get a lawyer excited, it’s what is the value of laws? So I’ll try to keep it brief, but I want to touch on why laws matter, how the right laws can lead to tangible, positive results and what we can do to make our laws better. So an important finding of the report is good laws matter for several reasons. They provide clear definitions and guidance as to what the crime is and what the options you have are. It’s also essential both for the public understanding of what the law means and what justice means, as well as for how the justice system will then unfold once it’s been reported. Laws also give victims a legal basis to seek redress and ensure that there is accountability and a well-drafted piece of legislation lays the foundation for action. It enables us to know what to do from the moment of reporting, which we’ve now heard multiple times is a clear challenge through to investigation, which is also there are complications as well as at the actual justice system level. Once we get to courts, what is going to happen? So the law gives us that foundation, which is much needed. So without laws and clear guidance that are grounded in human rights, victims will remain vulnerable and access to justice will remain limited. South Africa’s Cyber Crimes Act provides quite a useful tool. Thank you very much, everyone, for joining us. This is a very useful example of a law. I’m not going to say that it is good, but it does tick many of the boxes. It addresses both financial and personal harms. It provides institutional guidance. And requires the development of more sort of operational requirements, such as standing operational procedures. How do we gather the evidence? How do we store the evidence? How do we use the evidence in court? Having the right legal framework can tangibly support victims of various forms of cybercrimes. And I’m going to share a few examples in some of the work that we’ve done recently. So we’ve issued several cease and desist letters. In South Africa, we call them letters of demand. In cases involving threats of the disclosure of intimate images. So the image hasn’t yet been disclosed, but it’s a threatened disclosure. And in the letters, by simply referencing South Africa’s Cybercrime Act and explicitly stating what the criminal sanctions are, we have found that it’s an incredibly useful deterrent to stop the harm in its tracks. When people see that there is a real legal harm or a real legal risk at play, they generally have tended to stop, in our experience. And so this is quite an important reminder that even the threat of legal accountability can be a strong deterrent. A second successful example that we’ve had was using South Africa’s Protection from Harassment Act. And here we used it to obtain what we call a protection order. In other jurisdictions, it’s generally known as a restraining order. And we achieved this on behalf of a human rights defender who was being relentlessly attacked on X and threatened with real world violence. But fortunately for us, our act applies to both harassment and threats in the physical realm as well as the online realm. So we were able to go to court and explain to the judge both the online harms and the stresses and the consequences as well as how this could unfold in the offline world. And we were able to secure protection for our client in that way. and Mr. David B. Reid. So I want to start by saying that the UNRQ report can offer justice, but the law needs to be good. It needs to be well-crafted. Definitions need to be clear, the accountability mechanisms and the reporting mechanisms also need to be clear. So one of the useful things about the UNRQ report is that we don’t just stop there. We don’t say you need good laws. We actually want to figure out how we can make good laws. So that means that every agency and we are going to apply legislation to raise awareness of actually assessing things for, for concern at the country level. So each country assesses where they are at. Do we have overlapping laws, are we missing something fundamental? Do we simply not have a law like is the case in Namibia, they haven’t yet passed it and that means that victims are completely without redress. We then couple this with a cyber crimes model law that is victim-centered. We have seen other cyber crimes law that is not just a model law, it is a model law that is not just a model law, it is a model law that is actually affected. So we want to structure the legal approach in two forms. We set up the audit to assess where the challenges are, but then we also help you fill the gaps. This is what a model law could look like. Apply it to your jurisdiction and see what works. But we also know, and I’m sure other colleagues will discuss it as well, that law alone is not enough. This needs to be coupled with comprehensive training of just the sector actors so they know how to apply the law, but also to have a good piece of legislation. We need to have a good piece of legislation so that ordinary members of the public are able to know that they have been a victim of a cyber crime and they know how to report and what the reporting process looks like. So we want good laws, but we also want people to be able to use the laws. It is very unhelpful having a good piece of legislation, but no one knows how to use it or how to access it. So in summary and in closing, because I see our time is moving on, I will caveat all of this, as lawyers generally tend to do, to say that it is not the end line, it is not the finish line. For our laws to be effective, they need to be clear, they need to be grounded in human rights, and they need to be well communicated, both to members of the public and those within the justice system. This needs to be equally coupled with institutional capacity, and capacity has come up time and time again, both from Sandra and Michael. So we know there is a clear challenge there, and laws need to be able to support that and enable that. So when all is said and done, as a lawyer, I see huge potential and value in the law, and it is one of the solutions. It is an important one, and it does provide us with what we need to take us forward, but it needs to be coupled with everything else that we’ve discussed today as well. Thank you, Ottavia.

Ottavia Galuzzi: Thanks to you, Tina. That is very, I think, the perspective of having not just legislative framework, but the right legislative framework is a key message here. Michael, back to you again, from law enforcement perspective. Where do you think we should focus our efforts in enhancing law enforcement capabilities towards tackling cybercrime? And perhaps if we can get your views on one of the recommendations in the report is the use of clear coding systems for cybercrime investigations. If you could share anything on this, that would be very helpful. Thank you.

Michael Ilishebo: So basically, I’ll pick it up from the previous speaker. You see, when we embark on the Know Your Light campaign to focus on victim-specific laws, what we’ve discovered is that, like from my experience, from examinee experience, is that in my country, those laws are there that actually protect the victim. But unfortunately, the civil society are coming up and saying that some of these laws are meant to stifle freedom of expression. So as much as the government, as much as the laws and Mr. David Njie. We have a lot of people here who want to speak life into protection of the victims. Somehow others would feel their freedom of expression is being hampered. So that’s one of the challenges that we need to find a balance. So coming to the question, so some of the major recommendations or working solutions that we need in order for us to address, fight and mitigate, of course, you cannot avoid, is that the first part is, as I alluded on, is on capacity building. Not only the police, but also the justice system, the wheel of justice starts with the law enforcement, ends with the courts. So once we tell in some causes that are specific to the needs of these players in the justice system, we’ll at least be able to address and mitigate some of these issues. You need to feel in the Courts to be ready, to navigate, so therefore, we need first, we need such a solution to limit crime in those areas, and once you have a solution that we have mature on that should be protected. In terms of the first part of what I said, we need a third form of communication and we need the leniency of the system, not just pass things through but rely on that decision. Believing that we also have the right to have such an initiative and we should not let it happen. So I give an example. The social media platforms where some of these I would like to say even financial, non-financial cases or cases or cases happen, sometimes it requests information from these service providers, I won’t name them, you know them, they will tell you what to do with it. an offence, an act that is an offence in a certain jurisdiction. So, in that case, they may not actually be able to give you the information you are seeking for. An image may be posted of someone online. You request for it to be pulled down. They will still say this does not go against our community guidelines. So, we need a clear balance. We need cohesion. We need to reach consensus. A situation where as much as it may not be able to go against their guidelines, but as long as the victim feels not safe, imbalanced, or public shamed by virtue of that post or image, this social media platform needs to be bringing down this information, this content. Also, when the law enforcement agencies also request for information, there is need for them to act swiftly to give the law enforcers the information they are after, as long as we meet the basic criteria of either a subpoena, a court order, or anything that they demand. So, once we address the issue of private-public partnership, we will halfway have solved the problem. Also, we have the issue of enhanced legal framework. I will give you an example for Zambia. Just two months ago, we amended our Cybersecurity and Cybercrimes Act into making the Cybersecurity Act a single piece of registration and also enhancing the Cybercrimes Act. We have come a long way in terms of addressing cybercrime. But again, if you look at the current law, it is able to address what challenges we are facing now. But that does not mean that in two, three, four years’ time, the same piece of registration will be as effective as it is now. So, the process of enhanced legal frameworks has to always be continuous because a cyber law has a shelf life. It does not sit like a criminal procedure. The Penal Code, the mighty Penal Code, that probably was enacted 50 years ago, and the same applies today. So, enhanced legal frameworks which are supposed to mirror to each other, meaning that if we have a mirrored cybercrimes act in Africa, where an offence in Benin, an offence in Kenya, an offence in Zambia speak to the same facts, unlike where it’s an offence in Zambia, you go to Kenya, it’s not an offence. Probably the perpetrator might be in another jurisdiction, in this case Kenya, and the victim is in Zambia. The damage has been done in Zambia, but the victim is in Kenya. And yet when you compare the cyberregistration, you discover that indeed in Zambia it’s an offence, in Kenya it’s not. So there it becomes more of a bilateral kind of arrangement. But if the laws are as clear in terms of speaking life into each other, they are mirrored, that way I can assure you we are going to probably reduce cybercrime by a huge percentage, because anyone in any African country will know that what I’m doing is an offence where I am, and the victim I’m targeting is in South Africa or anywhere else. So amongst these recommendations are that we need to have a mirrored cyberregistration. Also I already alluded to the aspect of international conventions, as I said the letter to which African countries are becoming part of the Budapest Convention, not to talk of the UN Convention, which is not yet to be signed. I think there is a need for us to push for African countries to be part of most of these international conventions, because cyber knows no border, cyber knows no jurisdiction, cyber knows, it’s not a respect of anyone. An infrastructure here in Norway can be messed up by somebody who is in Colombia or Zambia. So how do we address these issues is for us to meet somewhere through an international treaty. Thank you.

Ottavia Galuzzi: Thanks to you, Michael, and thanks for the different oversight and for the recommendations in general. But I also really appreciate you introducing the public-private partnership debacle. It’s something that is very hard to tackle. I think probably everybody in the room and also online have faced this issue in one way or the other. Before moving into questions and feedback from participants, we’d like to come back to you, Sandra, for, again, we are looking into recommendations. So perhaps your view on recommendations on how we can effectively support victims of these types of crimes, again, with a particular attention to the needs of women and girls. Thank you.

Sandra Aceng: Thank you for the question. Can you hear me? Yes. Okay, so I will start from where Tina Power actually stopped. She said the law is not enough and I like to say that you cannot fix what is broken by tech using the law. However, we also need the law. So for my recommendation, I would say there’s need, as also Michael highlighted, that there’s need to strengthen the legal and policy framework, enact specific laws that speaks about online gender-based violence or technology facilitated gender-based violence. And these laws should be able to explicitly cover issues around non-consensual intimate images or videos, cyber-stalking, doxing, and also online harassment. And more importantly, also the AI-generated sexual content referred to as defects. Now we also have cheap facts and also the gender disinformation that is also very much linked to AI-generated content. And also speaking about the law, we can also see how to integrate gender-sensitive provisions, especially into ICT legislation, ensure that about women’s rights, and also building institutional capacity and accountability. How do we ensure that we train law enforcement, the prosecutors, the judicial officers on digital crimes with agenda lengths, include models, especially on trauma-informed survivor support, ensure that there’s digital violence, ensure that also we have an inclusion of online investigation techniques that is built or taught to these people, and also establishing delegated technology-facilitated gender-based violence response desk, especially at the police post with female officers and also the digital crime experts, monitor also enforcements to ensure that justice for survivors is being guaranteed and not further victimization, and also the need to have expand access to survivor-centered support services. How do we develop and also scale up support platforms that are available? For instance, we have the OGPV web portal, like the WOCNET has, and it’s able to offer support to digital security tips, also referrals, and also we have the toll-free line that’s held for reporting and emotional support. So how do we scale that? and also have mobile outreach clinics, especially for psychosocial services in the rural areas because these are some of the areas that are most times thought all that they do not face this thing and ensure that there’s also multi-language access, disability inclusive services so that no cyber is left out. And facilitate also legal aid, free legal aid, digital security support through partnership with civil society organization and legal tech firms. Again, for us to be able to reduce, I would not like to say end because we cannot end, reduce cyber crimes against women and girls, we need to have a multi-stakeholder partnership which is very key. And also promote digital literacy and awareness, ensure that women and girls have education on online safety and these trainings should be able to focus on managing the privacy settings, recognizing that online scam and online harassment is real and also the reporting channels and how to determine evidence is also being taught. And conducting some of the regular community-based workshops, the use of radios, the use of social media. Recently we explored the use of comic books that was really very impactful, going to the community and reading to them a fun way to for them to be able to educate themselves on some of the digital security tips but also being aware that online gender-based violence or cyber crime is real. And integrating also some of the cyber safety. and Digital Rights skills, especially into the school curriculum, especially for women and marginalized learners is key. And I would like to conclude and say that for us to also be able to reduce online gender-based violence, we have to start thinking of how do we engage boys, men, and also the communities in prevention. How do we challenge harmful gender norms and also online misogyny? Let’s have a facilitated dialogue, especially on respectful digital behavior and content and support male champions, peer educators in school and communities, groups to be able to be models that can promote positive engagement so that we can really be able to see how to mitigate the increasing rate of online gender-based violence. Thank you.

Ottavia Galuzzi: Thanks to you, Sandra, for sharing all these recommendations and fantastic ideas. The use of common books, for instance, I think it’s a very great example of how to involve communities as well. So I think we have a bit more than 10 minutes left, so it would be fantastic to come to you all. And thanks again for your interest and time in joining our session. I don’t know if there is any questions or comments from the… Yes, please. I think you would need to go to the mic. Thanks a lot.

Audience: Thank you and good morning. Can you hear me? I am Senator Shweba Fola Besalisu from Nigeria. I chair the Nigerian Senate Committee on ICT and Cyber Security. And I’m also the chairman of the West African Parliamentarians Network on Internet Governance. We are very delighted to be here and listening to the conversation in the last one hour or so. You could also be speaking about Nigerian situation, I mean listening to Zambia, to Uganda, and I’ve come to the conclusion that the issues are fairly the same, particularly on the African continent. My brother gentleman spoke about the civil society organization, and I think that’s why this conversation needs to also extend to the civil society organization. Nigeria first enacted the cyber crime law in 2015. Last year we amended it, and we’re also in the process of amending it again, particularly because of the UN Convention that was just adopted in December. But the challenge is that the civil society organizations, every time there’s an attempt to amend the cyber crime law to protect citizens, the civil society organizations are always in arms, believing and thinking that it’s about to constrain the space, forgetting that sometimes where your own rights stop is where the rights of somebody else start. So I think we need to bring the civil society organizations into the conversation. The second point for me, and I spoke about this two days ago at the parliamentary track, unless and until we are able to bring the big text into the table, and I suggest a situation where Africa as a continent come together, does the same thing that happens in Europe. You violate the law in a part of Europe, the entire Europe will fine you. Unless and until all of those big texts know that if you violate the law in South Africa, your sanction is not limited to South Africa. Same sanction will be applicable in Côte d’Ivoire, in Ghana, in Nigeria. That is the only time they will respect our national laws, our national values. As of now, we almost appear helpless. When we make the laws, devalue the laws, the same content that they will bring down in less than one day in Europe, you’ll be shuffling papers up and down for the next two weeks. Meanwhile, the victims continue to suffer. Sometimes people go into depression on account of that. I think we need a continental approach to come to the table and say, you violate the law, you don’t respect the norms here, that sanction will be applicable across the African continent. I would like to thank you again for this beautiful conversation. You speak to the African issue, you speak to the African continent, and I think now we need to move from talking about it to having a concerted African position.

Ottavia Galuzzi: Thanks a lot, Senator. That is very important, what you’re sharing, both involving civil society and bringing the big tag at the table. I don’t know if panelists would like, speakers would like to comment.

Michael Ilishebo: So basically, I will engage the Senator after this session. As this area put on, our challenges are not almost the same. What Nigeria is going through is what any other African country is going through. As I said earlier on, we’ll continue the conversations beyond the panel session.

Tina Power: I just have one brief comment. I see there’s more questions. But just to note, on the question about civil society responding to legislation, there’s a very fine line. And what the report recommends and proposes is when we’re drafting legislation, it must be grounded in human rights. So where there are tensions around freedom of expression, or there is the potential misuse of the act to potentially curb other people’s rights, we need to strike that balance. And that’s why the report very much suggests any law reform efforts must be grounded in human rights, must align with our international law. and Ms. Sophia Bokovoy, members of the Finnish Green Party. I appreciate the tension. It is a difficult one, and it is a fine line to navigate, but that is why we want our laws to be grounded in human rights, so that all human rights are taken into account when drafting the legislation. I see there are some more questions.

Ottavia Galuzzi: We can take one more question from the floor, and then we have a few questions online. Please go ahead.

Audience: Juri Bokovoy from the Finnish Green Party. It is good that it is highlighted that the big tech still washes their hands of any responsibility of monitoring their platforms for crime everywhere in the world. But my comment was mostly about the same point that was raised about civil societies. I originally come from Belarus, which is struggling from completely the same issues, but there the civil societies have been basically crushed by the government to do whatever they want. And I just want to remind people that civil societies can kind of be seen as a symptom of public distrust of the government’s capabilities and resources to handle these issues. And they should really be worked together with, even if they are annoying to compromise with on cyber law. But yeah, my question is mostly about what is the view of you, Michael, and as a prosecutor and law enforcer on the weight of public trust in these institutions in ways to handle these situations. I mean, you highlighted it about the trust affecting under-reporting quite heavily, but is there any specific way you can see that being improved significantly in this?

Michael Ilishebo: and various engagements to ensure that at least at any given situation at any police station they may start a case they may do something but when it goes beyond their technical capabilities they are able to reach us at the force headquarters which is the police headquarters so we are trying but I hope within the next coming year or two or so we’ll reach that but it’s not something that is easy.

Ottavia Galuzzi: I think we can we can have more questions I can respond to people afterwards. Sorry I’m just gonna take the two questions online if that’s okay with you very quickly and so we have one question on for you Sandra specifically on existing mechanism to support victims of crime and the second question for you Sandra but also for the other speakers is do we have example of countries where countries have enacted and robustly implemented laws against tech-facilitated gender-based violence and if yes how do they go about popularizing and implementing them? Thank you perhaps Sandra if you’d like to start thank you

Sandra Aceng: yeah so the existing mechanism, where is the person from, from which country?

Ottavia Galuzzi: I think we is Emi Okwir Oguele who asked the question online, but I’m not sure about the country but perhaps.

Sandra Aceng: Oh, so he was just saying he was happy to learn some of the existing mechanism highlighted by Sandra. So it wasn’t a question.

Ottavia Galuzzi: And then there is the question about if you know about countries that have enacted and robustly implemented laws against tech-facilitated gender-based violence.

Sandra Aceng: Okay, so that question is asked by Dr. Wakavi, who is also my friend and our partner from Uganda. So it’s a hard question, but there are some notable examples of countries that have enacted and actively also implemented laws that address technology-facilitated gender-based violence. Of course, there is really no legal framework that is perfect and universally that is comprehensive, but some countries have really made a meaningful stride, especially in the legislation. Maybe Tina Power could talk about the South African one that also have done the Cybercrime Act 2020 and also some of the key provisions, especially around it is it’s criminalizing malicious communication, including those intended to cause mental, psychological, and also emotional harm. And as far as I know, they have implemented a strategy of also doing partnership with women’s rights organization. and also to disseminate information, but also the creation of the cybercrime apps under the South African police services. But Tina Power would like maybe to explore more on that. Some of the countries that I also know is like Australia that also have the Online Safety Act of 2021 and that focus really on targeting sex-facilitated gender-based violence, including image-based abuse, cyber bullying, and also serious online harassment. From conversation, they have also the e-safety. Sorry, Sandra, we are out of time. If you can just quickly close it, that would be fantastic, sorry. Yes, so they also have the e-safety commissioner that also is very important. And also some of the examples that I know Dr. Waakabi knows about in Kenya, but explicitly we don’t have policies that really specifically might be talking about technology-facilitated gender-based violence, but things that relate to that. Thank you and over to you.

Ottavia Galuzzi: Thanks, thanks a lot. I’m sorry, we don’t have time for this, but you can come to us to share any comments or the questions you might have. Apologies for running out of time. But yeah, I would really like to thank all the speakers, Tina, Michael, and Sandra for your fantastic contribution. Thanks also to my colleague, Odhran McCarthy, who has been up late to follow us. And please feel free to come to us for any comments and questions. Thanks again for your time. Thank you. ,

Agreement points

Cybercrime is rising in Africa but full scope remains unclear due to significant under-reporting

Speakers

– Tina Power
– Michael Ilishebo
– Sandra Aceng

Arguments

Cybercrimes are rising in Africa but full picture unclear due to significant under-reporting

Law enforcement faces capacity challenges including lack of technical skills and inadequate training

Many victims don’t recognize online harms as crimes or are unaware of available legal protections

Summary

All speakers agree that cybercrime is increasing across Africa, but the true extent is hidden by massive under-reporting caused by victims not recognizing crimes, lack of awareness of reporting mechanisms, and inadequate law enforcement capacity to handle cases properly.

Topics

Cybercrime | Capacity development | Digital access

Law enforcement and justice systems lack adequate capacity and training to handle cybercrime cases

Speakers

– Tina Power
– Michael Ilishebo
– Sandra Aceng

Arguments

Deep structural barriers hinder access to justice including patchwork of laws, non-existing laws, or outdated legislation

Law enforcement faces capacity challenges including lack of technical skills and inadequate training

Police often display dismissive attitudes toward online harms and lack specific training for tech-facilitated gender-based violence

Summary

There is unanimous agreement that law enforcement agencies across Africa lack the technical skills, training, and resources needed to effectively investigate cybercrime cases, leading to dismissive attitudes and inadequate responses to victims.

Topics

Cybercrime | Capacity development | Legal and regulatory

Legal frameworks across Africa are inadequate, fragmented, or non-existent for addressing cybercrime

Speakers

– Tina Power
– Michael Ilishebo
– Sandra Aceng

Arguments

Deep structural barriers hinder access to justice including patchwork of laws, non-existing laws, or outdated legislation

Most African countries are not party to the Budapest Convention, limiting international cooperation

Need for specific laws addressing technology-facilitated gender-based violence including non-consensual intimate images and AI-generated sexual content

Summary

All speakers acknowledge that current legal frameworks are insufficient, consisting of either patchwork legislation, outdated laws, or complete absence of relevant cybercrime legislation, particularly for gender-based online violence.

Topics

Legal and regulatory | Cybercrime | Gender rights online

Gender-based cybercrimes disproportionately affect women and require specialized approaches

Speakers

– Tina Power
– Sandra Aceng

Arguments

Certain types of cybercrimes are inherently gendered with women disproportionately affected, especially regarding harassment, doxing, and intimate images

Victims face stigma, fear of public shaming, and cultural norms that discourage reporting, especially for sexual/intimate abuse

Summary

Both speakers agree that women face unique challenges in cybercrime victimization, experiencing disproportionate targeting for intimate and personal harms, combined with cultural barriers that prevent reporting and seeking justice.

Topics

Gender rights online | Cybercrime | Human rights principles

Similar viewpoints

Both speakers emphasize the critical importance of well-crafted, up-to-date legislation as the foundation for addressing cybercrime, with Tina focusing on victim-centered legal frameworks and Michael highlighting the need for continuous updates due to evolving technology.

Speakers

– Tina Power
– Michael Ilishebo

Arguments

Good laws matter as they provide clear definitions, guidance, and legal basis for victims to seek redress

Enhanced legal frameworks must be continuously updated as cyber laws have limited shelf life unlike traditional criminal codes

Topics

Legal and regulatory | Cybercrime | Human rights principles

Both speakers highlight the inadequate institutional responses to cybercrime, with Michael focusing on platform non-cooperation and Sandra on police dismissiveness, both contributing to victims’ inability to access justice.

Speakers

– Michael Ilishebo
– Sandra Aceng

Arguments

Social media platforms often refuse to provide information or remove content, citing community guidelines over local laws

Police often display dismissive attitudes toward online harms and lack specific training for tech-facilitated gender-based violence

Topics

Legal and regulatory | Liability of intermediaries | Cybercrime

Both speakers advocate for comprehensive, rights-based approaches that involve multiple stakeholders and prioritize victim needs, emphasizing the importance of community engagement and human rights principles in addressing cybercrime.

Speakers

– Tina Power
– Sandra Aceng

Arguments

Laws must be victim-centered, grounded in human rights, and well-communicated to both public and justice system actors

Multi-stakeholder partnerships needed including engagement of boys, men, and communities in prevention efforts

Topics

Human rights principles | Gender rights online | Capacity development

Unexpected consensus

AI is enabling criminals from other fields to transition into cybercrime by lowering technical barriers

Speakers

– Michael Ilishebo
– Ottavia Galuzzi

Arguments

AI is enabling criminals from other fields to move into cybercrime by lowering technical barriers

AI is reducing technical barriers and enabling criminals from other fields to move into cybercrime

Explanation

It’s unexpected that both a law enforcement practitioner and a research organization representative would specifically identify the same emerging trend about AI democratizing cybercrime capabilities, showing sophisticated understanding of how technology is reshaping the criminal landscape.

Topics

Cybercrime | Digital business models

Need for continental approach to cybercrime legislation and enforcement

Speakers

– Michael Ilishebo
– Audience (Senator)

Arguments

Need for mirrored cybercrime legislation across African countries to address jurisdictional challenges

Need for continental approach where violations in one African country result in sanctions applicable across the continent

Explanation

The convergence between a law enforcement officer’s technical perspective and a parliamentarian’s policy perspective on the need for harmonized African cybercrime laws demonstrates unexpected alignment between operational and legislative viewpoints.

Topics

Legal and regulatory | Jurisdiction | Cybercrime

Tension between civil society concerns about freedom of expression and victim protection needs

Speakers

– Michael Ilishebo
– Audience (Senator)
– Tina Power

Arguments

Law enforcement faces capacity challenges including lack of technical skills and inadequate training

Civil society organizations sometimes oppose cybercrime law amendments believing they constrain freedom of expression

Laws must be victim-centered, grounded in human rights, and well-communicated to both public and justice system actors

Explanation

Unexpected consensus emerged on the challenge of balancing victim protection with civil liberties, with speakers from different sectors acknowledging this tension and the need for human rights-grounded solutions.

Topics

Human rights principles | Freedom of expression | Legal and regulatory

Overall assessment

Summary

Strong consensus exists on core challenges: rising cybercrime with massive under-reporting, inadequate legal frameworks, insufficient law enforcement capacity, and disproportionate impact on women. Speakers also agree on fundamental solutions including better laws, enhanced capacity building, and multi-stakeholder approaches.

Consensus level

High level of consensus with remarkable alignment across different sectors (law enforcement, civil society, legal experts, policymakers) on both problem identification and solution directions. This strong agreement suggests a mature understanding of cybercrime challenges in Africa and creates a solid foundation for coordinated action. The consensus spans technical, legal, and social dimensions, indicating comprehensive shared understanding of the issue’s complexity.

Different viewpoints

Civil society role in cybercrime legislation

Speakers

– Michael Ilishebo
– Audience (Senator)
– Tina Power

Arguments

Civil society organizations sometimes oppose cybercrime law amendments believing they constrain freedom of expression

Need for continental approach where violations in one African country result in sanctions applicable across the continent

Laws must be victim-centered, grounded in human rights, and well-communicated to both public and justice system actors

Summary

There’s tension between law enforcement/government officials who see civil society as obstructing victim protection laws, and the legal perspective that emphasizes balancing human rights including freedom of expression. The Senator and Michael view civil society opposition as problematic, while Tina acknowledges the need to strike a balance and ground laws in human rights principles.

Topics

Freedom of expression | Legal and regulatory | Human rights principles

Unexpected differences

Approach to big tech accountability

Speakers

– Michael Ilishebo
– Audience (Senator)

Arguments

Social media platforms often refuse to provide information or remove content, citing community guidelines over local laws

Need for continental approach where violations in one African country result in sanctions applicable across the continent

Explanation

While both speakers identify big tech non-compliance as a problem, they propose different solutions. Michael focuses on improving public-private partnerships and meeting platforms’ criteria for information sharing, while the Senator advocates for a more confrontational continental sanctions approach similar to Europe’s model. This represents a tactical disagreement on engagement versus enforcement strategies.

Topics

Legal and regulatory | Liability of intermediaries | Jurisdiction

Overall assessment

Summary

The discussion shows remarkable consensus on problem identification but reveals nuanced disagreements on solutions and implementation strategies. Main areas of disagreement center on balancing human rights with victim protection, the role of civil society in legislation, and strategies for big tech accountability.

Disagreement level

Low to moderate disagreement level with high strategic alignment. The disagreements are primarily tactical rather than fundamental, focusing on implementation approaches rather than core objectives. This suggests strong potential for collaborative solutions that incorporate different perspectives, though careful navigation of civil society relations and human rights balance will be crucial for effective policy development.

Partial agreements

Similar viewpoints

Both speakers emphasize the critical importance of well-crafted, up-to-date legislation as the foundation for addressing cybercrime, with Tina focusing on victim-centered legal frameworks and Michael highlighting the need for continuous updates due to evolving technology.

Speakers

– Tina Power
– Michael Ilishebo

Arguments

Good laws matter as they provide clear definitions, guidance, and legal basis for victims to seek redress

Enhanced legal frameworks must be continuously updated as cyber laws have limited shelf life unlike traditional criminal codes

Topics

Legal and regulatory | Cybercrime | Human rights principles

Both speakers highlight the inadequate institutional responses to cybercrime, with Michael focusing on platform non-cooperation and Sandra on police dismissiveness, both contributing to victims’ inability to access justice.

Speakers

– Michael Ilishebo
– Sandra Aceng

Arguments

Social media platforms often refuse to provide information or remove content, citing community guidelines over local laws

Police often display dismissive attitudes toward online harms and lack specific training for tech-facilitated gender-based violence

Topics

Legal and regulatory | Liability of intermediaries | Cybercrime

Both speakers advocate for comprehensive, rights-based approaches that involve multiple stakeholders and prioritize victim needs, emphasizing the importance of community engagement and human rights principles in addressing cybercrime.

Speakers

– Tina Power
– Sandra Aceng

Arguments

Laws must be victim-centered, grounded in human rights, and well-communicated to both public and justice system actors

Multi-stakeholder partnerships needed including engagement of boys, men, and communities in prevention efforts

Topics

Human rights principles | Gender rights online | Capacity development

Key takeaways

Cybercrime is a growing justice issue in Africa, not just a technical problem, requiring comprehensive legal frameworks and institutional capacity building

There is significant under-reporting of cybercrimes due to victims not recognizing crimes, lack of awareness of reporting mechanisms, stigma (especially for gender-based violence), and inadequate police response

Gender-based cybercrimes disproportionately affect women and LGBTQI+ communities, with personal/intimate crimes receiving less serious treatment than financial crimes

Legal frameworks across Africa are inadequate – either non-existent, outdated, or fragmented – and most African countries are not party to international conventions like Budapest Convention

Law enforcement faces critical capacity gaps including lack of technical skills, training, and resources to handle cybercrime investigations effectively

AI is lowering barriers to cybercrime entry, enabling criminals from other fields to move into cyber offenses

Public-private partnerships with tech companies are problematic, with platforms often refusing to cooperate with African law enforcement or remove harmful content

Effective solutions require victim-centered, human rights-based approaches that balance crime prevention with protection of fundamental rights like freedom of expression

Resolutions and action items

UNICRI and ALT Advisory published and launched the research report ‘Access to Justice in the Digital Age: Empowering Victims of Cybercrime in Africa’

The report provides a cybercrime legislative audit tool for countries to assess their current legal frameworks and identify gaps

A victim-centered cybercrime model law is being developed to help countries fill legislative gaps

Recommendation to establish specialized technology-facilitated gender-based violence response desks at police stations with trained female officers

Proposal for African countries to adopt a continental approach to cybercrime sanctions, similar to Europe’s coordinated response

Call for enhanced international cooperation through increased African participation in cybercrime conventions, particularly the upcoming UN Convention

Development of clear coding systems for cybercrime investigations to improve data collection and case management

Unresolved issues

How to effectively balance cybercrime legislation with freedom of expression concerns raised by civil society organizations

Lack of cooperation from major tech platforms in providing information to African law enforcement and removing harmful content

Jurisdictional challenges when perpetrators and victims are in different countries with varying legal frameworks

Insufficient funding and resources for law enforcement capacity building and training programs

Limited public trust in institutions’ ability to handle cybercrime cases effectively

How to scale up victim support services, particularly in rural areas with limited digital literacy

The challenge of keeping cybercrime laws current as technology evolves rapidly, unlike traditional criminal codes

Addressing the root causes of gender-based online violence through community engagement and changing social norms

Suggested compromises

Grounding all cybercrime legislation in human rights principles to address civil society concerns about freedom of expression while protecting victims

Developing multi-stakeholder partnerships that include government, civil society, private sector, and international organizations in crafting solutions

Creating mirrored cybercrime legislation across African countries to address jurisdictional issues while respecting national sovereignty

Balancing the need for swift content removal with due process rights by establishing clear criteria for when platforms must act on law enforcement requests

Implementing graduated training approaches that build capacity at different levels of the justice system rather than trying to address all gaps simultaneously

Using multiple communication channels (community workshops, radio, social media, comic books) to reach diverse populations with cybercrime awareness

Ultimately, the report has made it clear that cyber-crimes is not just a technical issue, it’s a justice issue. If we don’t have correct avenues for justice, victims and survivors will not be able to seek recourse, we will lack accountability, and we will not be able to move forward as a global country.

Speaker

Tina Power

Reason

This comment reframes the entire cybercrime discourse by shifting focus from technical solutions to justice mechanisms. It challenges the common assumption that cybercrime is primarily a technological problem requiring technological fixes, instead positioning it as fundamentally about access to justice and human rights.

Impact

This insight established the foundational framework for the entire discussion, steering subsequent speakers to focus on victim-centered approaches, legal frameworks, and institutional capacity rather than purely technical solutions. It influenced how other panelists framed their responses, with Michael discussing law enforcement capacity and Sandra emphasizing victim support mechanisms.

We have seen an increase in terms of the cyber crime that is happening due to the use of AI. We have seen people that may not even actually know how to code. People may not even know how to frame this and that. They are using AI to enhance their criminal skills.

Speaker

Michael Ilishebo

Reason

This observation introduces a critical new dimension to cybercrime – that AI is democratizing criminal capabilities by lowering technical barriers. It’s particularly insightful because it identifies AI not as creating new criminals, but as enabling existing criminals to migrate into cybercrime with minimal technical knowledge.

Impact

This comment prompted Ottavia to elaborate that ‘AI is not creating new criminals, is actually allowing criminals in other fields moving into the cybercrime environment,’ deepening the discussion about evolving threat landscapes. It shifted the conversation toward understanding how technological advancement is changing the nature of criminal activity and the implications for law enforcement preparedness.

You cannot fix what is broken by tech using the law. However, we also need the law.

Speaker

Sandra Aceng

Reason

This paradoxical statement captures the complex relationship between technology and legal frameworks in addressing cybercrime. It acknowledges both the limitations of legal solutions for technological problems while affirming their necessity, highlighting the need for multi-faceted approaches.

Impact

This comment reinforced Tina’s earlier point about laws not being sufficient alone, while adding nuance about the inherent limitations of legal remedies for technology-facilitated harms. It helped establish consensus among panelists about the need for comprehensive, multi-stakeholder approaches rather than single-solution thinking.

Unless and until we are able to bring the big text into the table, and I suggest a situation where Africa as a continent come together, does the same thing that happens in Europe. You violate the law in a part of Europe, the entire Europe will fine you. Unless and until all of those big texts know that if you violate the law in South Africa, your sanction is not limited to South Africa. Same sanction will be applicable in Côte d’Ivoire, in Ghana, in Nigeria. That is the only time they will respect our national laws, our national values.

Speaker

Senator Shweba Fola Besalisu

Reason

This comment introduces a geopolitical power analysis to the cybercrime discussion, highlighting how continental unity could create leverage against global tech platforms. It’s insightful because it moves beyond individual country approaches to propose collective action as a solution to the power imbalance between African nations and multinational tech companies.

Impact

This intervention shifted the discussion from national-level solutions to continental strategy, introducing themes of digital sovereignty and collective bargaining power. It prompted Michael to acknowledge that challenges are similar across African countries and suggested the need for continued conversations beyond the panel, indicating this perspective opened new avenues for thinking about regional cooperation.

Civil society organizations, every time there’s an attempt to amend the cyber crime law to protect citizens, the civil society organizations are always in arms, believing and thinking that it’s about to constrain the space, forgetting that sometimes where your own rights stop is where the rights of somebody else start.

Speaker

Senator Shweba Fola Besalisu

Reason

This comment exposes a fundamental tension in cybercrime legislation between protecting victims and preserving civil liberties. It’s thought-provoking because it challenges civil society’s role and suggests that advocacy for digital rights might sometimes conflict with victim protection, raising questions about balancing competing human rights.

Impact

This comment prompted Tina to acknowledge the ‘very fine line’ and emphasize the need for human rights-grounded legislation, while an audience member from Finland provided a counter-perspective about civil society as a ‘symptom of public distrust.’ This exchange deepened the discussion about the complex relationship between different stakeholders and the challenges of multi-stakeholder governance in cybercrime policy.

The report highlights quite an important distinction between financial harm and personal harm… what is interesting about the distinction is how it is responded to. If you report a financial crime or a theft, there’s often a quicker response and a more immediate response, whereas reporting personal crimes are seen as more intimate or domestic in nature and not always taken as seriously.

Speaker

Tina Power

Reason

This distinction reveals systemic bias in how different types of cybercrimes are prioritized and investigated. It’s insightful because it exposes how traditional gender biases in law enforcement extend into the digital realm, where crimes affecting women disproportionately receive less serious treatment.

Impact

This categorization provided a framework that other speakers built upon throughout the discussion. Sandra’s examples of intimate image sharing and the dismissive police responses directly illustrated this distinction, while Michael’s discussion of law enforcement challenges implicitly acknowledged these different response patterns. It helped structure the conversation around understanding why certain victims face greater barriers to justice.

Overall assessment

These key comments fundamentally shaped the discussion by establishing it as a victim-centered, justice-focused conversation rather than a purely technical cybersecurity discussion. Tina’s reframing of cybercrime as a justice issue set the tone for examining systemic barriers and human rights implications. The insights about AI democratizing criminal capabilities and the distinction between financial and personal harms added analytical depth by revealing how technological and social factors intersect to create new challenges. The Senator’s interventions introduced crucial geopolitical and governance dimensions, highlighting power imbalances and stakeholder tensions that often remain unaddressed in cybercrime discussions. Together, these comments elevated the conversation from a problem-identification exercise to a nuanced exploration of structural inequalities, continental cooperation strategies, and the complex balance between rights protection and victim support. The discussion evolved from individual country experiences to broader systemic analysis, ultimately emphasizing the need for comprehensive, multi-stakeholder, rights-based approaches to cybercrime in Africa.

How can we better capture the full picture of cybercrime in Africa given significant under-reporting?

Speaker

Tina Power

Explanation

There’s a gap between known cybercrime trends and actual reality due to victims not knowing they’ve been affected, not knowing where to report, or facing stigma in reporting

What specific technical capacity building is needed for law enforcement institutions in Africa?

Speaker

Michael Ilishebo

Explanation

Law enforcement faces challenges with technical skills for cybercrime investigations, and more detailed understanding of capacity needs would help address these gaps

How can we achieve better balance between protecting victims and preserving freedom of expression in cybercrime legislation?

Speaker

Michael Ilishebo

Explanation

There’s tension between civil society concerns about freedom of expression being stifled and the need for victim-specific laws

How can we improve cooperation between social media platforms and law enforcement for victim protection?

Speaker

Michael Ilishebo

Explanation

Current challenges exist where platforms refuse to remove content or provide information even when victims feel unsafe, citing community guidelines

How can African countries develop mirrored cybercrime legislation across jurisdictions?

Speaker

Michael Ilishebo

Explanation

Cross-border nature of cybercrime requires harmonized laws so that offenses are consistently defined across African countries

What are effective models for scaling up survivor-centered support services, particularly in rural areas?

Speaker

Sandra Aceng

Explanation

Need to expand access to support platforms, toll-free lines, and psychosocial services, especially for underserved communities

How can we effectively engage boys, men, and communities in preventing online gender-based violence?

Speaker

Sandra Aceng

Explanation

Prevention requires challenging harmful gender norms and promoting positive digital behavior through community engagement

How can civil society organizations be better integrated into cybercrime law development processes?

Speaker

Senator Shweba Fola Besalisu

Explanation

Need to address tensions between civil society concerns about rights restrictions and victim protection needs

How can Africa develop a continental approach to enforce cybercrime sanctions against big tech companies?

Speaker

Senator Shweba Fola Besalisu

Explanation

Current enforcement is ineffective because sanctions are limited to individual countries rather than coordinated continental response

How can public trust in law enforcement institutions be improved to increase cybercrime reporting?

Speaker

Juri Bokovoy

Explanation

Under-reporting is significantly affected by lack of trust in government capabilities to handle cybercrime cases

What are comprehensive examples of countries that have successfully implemented tech-facilitated gender-based violence laws and how do they popularize them?

Speaker

Dr. Wakavi (online participant)

Explanation

Need concrete models of successful implementation strategies for other countries to learn from