The Sunday Mail
George Manyanya
ZIMBABWE is at risk of cybercrimes and cyber-attacks if it does not immediately establish and enforce the long overdue legal and institutional framework that insulate its citizens from the various pitfalls they are exposed to online.
This is important owing to the rapid digital revolution, which has precipitated convergence of technologies, services and devices, resulting in multiple ICT services and products being offered using the same devices for social and commercial transactions over the years.
The evolution of advanced technologies has brought about rapid digital transformation, which has come to be known as the Fourth Industrial Revolution (4IR).
The International Telecommunications Union (ITU) has over the years developed global standards and crafted conceptual frameworks for assisting administrations to transition from the first generation (1G) to fifth generation (5G) technologies.
Second generation networks (2G) were for voice-oriented services with low speed data such as General Packet Radio Service (GPRS). Third generation networks (3G) are mostly focused on high speed data.
3G has been further enhanced to 3.5G and ultimately evolved to fourth generation (4G) and what the ITU refers to as Next Generation Networks (NGNs).
Zimbabwe has implemented 3G mobile networks covering almost 85 percent of the country, which means consumers can access multiple media, voice and electronic services using their smart devices.
Normally these services are accessed using a single device as mobile network operators (MNOs) are allowed to offer both voice and mobile data or mobile broadband.
Convergence allowed our networks to shift from the classical voice mobile networks to mobile broadband networks, which can carry voice, video, data, internet and SMS in the same network.
Some network operators have rolled out the fourth generation network (4G) based on Long Term Evolutions (LTE) technology which is much faster in terms of access to the internet.
One can watch online television, use online applications and interactive gaming over the internet.
This merging of products and service offerings on unified platforms has led to further convergence.
Information Communication Technology (ICT) experts, Eunhee and Stephens, refer to convergence as the coming together of previously distinct technologies, primarily attributable to the emerging competencies from advancements in internet protocol and broadband networks, and the creation of new products and service competencies.
This ability to intertwine previously unrelated technologies through an online networked interconnection has led to the advancement of new Value-Added Services (VAS), thereby enabling innovative product and service capabilities to be commercially exploited.
However, while this adoption of the converged ecosystem has advanced the interests of consumers as they can access multiple internet-based services such as web-browsing, emailing, video on demand services such as Netflix, online banking and Over the Top Applications (OTT) such as WhatsApp, it has exposed them to various online vulnerabilities.
Consumers need to be protected from these vulnerabilities.
Despite the prevalence of these susceptibilities like cyberbullying, revenge pornography, child pornography, online fraud, data privacy infringement, sexting, cyber grooming, fake news and identity theft, among others, the existing legal and institutional frameworks in Zimbabwe are lagging behind the reach that this technology has attained.
Cyber vices do not respect country borders, hence we cannot control or enforce consumer protection using the current mechanisms at our disposal.
For example, we cannot predetermine the content that we receive from other countries.
Some content may be of a criminal nature or intended to destroy our ICT systems.
Covid-19 has validated the significance that ICTs play in ensuring that businesses, governments, and societies remain interconnected and functional.
The social distancing restrictions led to an exponential rise in the use of technology.
Business is now being conducted online and students, especially children, are using the internet more than ever before owing to e-learning.
Moreover, children are accessing applications such as TikTok, Instagram, Dubsmash, Tinder, Tellonym, House Party, YouTube and Facebook even without their parents’ consent.
However, there aren’t sufficient online protection frameworks in Zimbabwe, which poses significant risks to the protection of consumers of these various technologies.
According to the POTRAZ (Postal and Telecommunications Regulatory Authority of Zimbabwe)’s second-quarter sector performance report for 2020, mobile internet and data traffic increased by 56,2 percent to record 10,407 Terabytes from 6,661Terabytes recorded in the previous quarter.
“Used International Internet Bandwidth Capacity also increased by 2,8 percent to record 128,173 Megabytes per second from 124,627 Megabytes per second recorded in the previous quarter.
“Internet/data traffic will continue to grow due to the increased adoption of e-learning, telecommuting and e-conferencing,” said report.
In the face of all this, Zimbabwe does not have the adequate online consumer protection frameworks to regulate internet-based services, yet the converged environment is now more intricate than ever before.
In Zimbabwe, ICTs play a central role in today’s digital economy, which encompasses e-entertainment, e-learning/e-education, e-commerce, e-health, e-governance and numerous other forms of e-interaction.
Online consumer protection has become an issue of both rising concern and increasing importance in recent years due to rapid technological and scientific transformation.
This has led to increased efforts to redress the various malfeasances perpetrated by criminals operating in such an online environment.
The country needs to align its cyber security framework with other countries to limit the risks associated with cybercrime. A modern legal framework is overdue as we are trailing behind technological developments.
ICT platforms are the new playgrounds where people play, do business and get on with life, but if people are not protected, they become vulnerable to the vices in that field, hence it is key that we enforce and seek to modernise our online protection mechanisms for the sake of our citizens.
We must urgently enact the cyber-security and data protection law, otherwise the country will become a honeypot of cybercrime.
The online consumer in Zimbabwe does not have anywhere to turn to because we do not have legal safeguards, just as we do not have an institution distinctly responsible for combating cybercrime or data protection.
The enactment of the cybersecurity law will foster online confidence and security, and thus preserve law and order in the cyber space.
Developed countries have gone far in furthering the interests of consumers through protecting the online end-user as they have taken a unified approach like the European Union’s General Data Protection Rules (GDPR), which were designed to harmonise data privacy laws across all of its member countries as well as providing greater protection and rights to individuals.
However, Africa does not have a communal approach to consumer protection, let alone a lot of countries do not have adequate data protection laws.
The communications sector (telecommunication and broadcasting) is characterised by highly fragmented regulatory frameworks.
The legal and regulatory framework in the telecommunications sector is currently anchored on the Postal and Telecommunications Act of 2000, while the broadcasting sector is governed by the Broadcasting Services Act.
The two frameworks are distinct.
The Postal and Telecommunications Act has managed to accommodate some evolutions and convergence of services that took place over the years such as Voice over Internet Protocol (VoIP) telephony, offering mobile broadband using 3G networks.
However, it has been overtaken by emerging trends and it is also failing to address convergence of broadcasting services.
There is need consolidate the telecommunications and broadcasting sectors.
In fact, these two have already technologically converged but for some reason they are only still being kept administratively separate within the regulatory framework.
Cabinet’s welcome decision to merge BAZ and POTRAZ was meant to foster technological convergence, but several years down the line it is yet to be implemented.
To his credit, President Mnangagwa was unequivocal when he affirmed that: “My Government recently took a decision to merge POTRAZ and BAZ, in view of the technological convergence which has blurred the distinction of platforms, in relation to services provided.
“The decision is expected to bring efficiency, effectiveness, ease of doing business and harnessing specialist skills with regards to the roles of both regulators.”
Indeed, this was strategically premeditated to avoid role duplication and cross-jurisdictional conflict from regulatory encroachment.
The country needs to urgently introduce the much-awaited full Converged Licensing Framework (CLF) in line with the current ICT policy.
While we must applaud the efforts made so far in enabling partial convergence that enabled mobile network operators to offer data services and internet access providers to offer VoIP services, there is a need for full convergence.
There is need for gazetting of the regulations that provide for full convergence, just as has been done in countries like Tanzania and Kenya, who adopted convergence legislation as early as the years 2003 and 2005 respectively.
We must exploit the fact that the Zimbabwe ICT policy comprehensively articulates converged licensing as it is to an extent more accommodative than the existent legal framework which calls for a catch-up.
It is not a secret that ICTs have permeated all sectors of the economy, so if there is no comprehensive mechanism, it exposes the convergence ecosystem to criminality.
Also, implementing such a framework of regulation and oversight as per Statutory Instrument 159 of 2020 will allow other operators to enter the market as Mobile Virtual Network Operators (MVNOs), which will encourage competition at service level to the benefit of consumers.
The Mobile Financial Services (MFS) sector has of late been rocked by various accusations of “phantom-money” creation to the extent that $8,4 billion in illicit money was alleged to have aided in destabilising the exchange rate and thereby affecting consumers’ purchasing power.
While Government must be applauded for its pro-activity, it remains the ultimate responsibility of the specific regulatory agencies to ensure that such malfeasances do not creep up or emerge again in the future.
A lot of work has been done in integrating ICTs into the operations of financial service operations.
The collaboration between POTRAZ and the RBZ is a welcome development and should be complemented by aggressive consumer education and awareness so that consumers know who to approach when faced with a challenge. Cohesive collaboration is thus a necessity across all utility regulatory bodies. The POTRAZ, RBZ and consumer representative bodies must continue to conduct aggressive educational and awareness campaigns on consumer rights and obligations. Child online protection must also be prioritised, especially in light of their increased online presence owing to Covid-19 imperatives.
This calls for extended roll-out of child online rights protection and awareness programmes through various available media channels.
The content should be packaged in vernacular for effective distribution through national newspapers, social media, road shows, training workshops, influencers, television and radio programmes.
Equally, support must be provided for teachers and parents who interact with children daily so as to empower them with the relevant educational material.
Consumer protection is a multi-stakeholder area and therefore requires extensive consultation and inputs from the many players involved.
Modern notions of “collaborative regulation” must be taken on board with a view to enhance the impact of regulatory efforts.
Consequently, a collaborative regulatory approach can also be enhanced through the introduction of international best practices such as the Consumer Parliament as seen in Nigeria or the institution of the Consumer Ombudsman of Sweden.
The Consumer Protection Commission (CPC), envisaged under the Consumer Protection Act (Chapter 14:14) must, therefore, be urgently constituted so that it can take up this central role to enhance consumer rights and safeguards.
There are many other relevant organisations which could be involved in this multi-stakeholder consumer empowerment.
The list includes various industry players, service providers and consumer representative bodies such as the Consumer Council of Zimbabwe (CCZ), the Information Society Initiatives Trust (ISIT), and the National Consumer Rights Association (NACORA), amongst others.
The country needs to avoid being a hub for cybercrime and protect its citizens by expeditiously enacting the long overdue cyber laws, create an enabling environment for convergence, effective policy implementation through merging duplicated bodies, continually updating the legal and regulatory frameworks, and empowering the relevant institutions with enforceable frameworks.
Cross-sectoral collaboration must be sustained, whilst consumers must be empowered with consumer education and awareness content on emerging online issues so as to eliminate the knowledge gap that exists between consumers and service providers on rights and obligations that arise from electronic interactions.
The late top consumer affairs guru, Virginia Knauer, postulated that: “Consumer confidence in an industry can be a very fragile thing. It only takes a few builders who promise but don’t deliver, who delay until the warranty expires rather than repair, to damage the reputation of an entire industry.”
As such, we should all make a deliberate effort to fight cybercrime through complementing Government efforts to enact these long overdue laws as a show of personal interest to public welfare.
George Munyaradzi Manyaya is a doctoral candidate in Business Administration. This is an extract from his recently submitted thesis titled, “Evaluating Consumer Protection in a Converged ICT Environment”.
