What will it take to make cybersecurity and data protection work for women in Africa?
A recent panel to mark Cybersecurity Awareness Month (October 2022) brought together three African women in policy, advocacy and cybersecurity to reflect on the opportunities to foreground gender in cybersecurity and data protection policy in the region.
Co-hosted by ALT Advisory and Lawyers Hub Kenya, the panel featured Sorene Assefa from the newly formed Network of African Women in Cybersecurity, and Dr Towela Nyirenda-Jere, head of economic integration at the African Union Development Agency (AUDA-NEPAD). It was moderated by Risper Onyango, Policy Lead on Digital Economy at Lawyers Hub Kenya.
Women are disproportionately vulnerable to data breaches and other forms of cybercrime, with women in Africa being no exception. Women are less likely than men to have access to the internet, to be digitally literate, and are often found to be more likely to experience cyberstalking and online harassment. Meanwhile, women reportedly represent only 9% of cybersecurity professionals globally.
Making Cybersecurity and Data Protection work better for Women in Africa https://t.co/FNlhHlykAi
— Lawyers Hub Kenya (@lawyershubkenya) October 25, 2022
On this point, Assefa noted the need to “build capacities to empower African women to develop gender cybersecurity strategies to contribute on digital rights and to build a network or legal frameworks.”
Assefa explained that the Network of African Women in Cybersecurity was formed in 2021 as an interdisciplinary group of women from across Africa, in order to address gender gaps in cybersecurity policy, personnel, and practice.
A key issue the panel identified is the lack of laws and regulations to protect individuals’ data privacy in many African countries.
[#Cybersecurity] Kicking us off is our moderator Risper Onyango from @lawyershubkenya, who sums up the gender gap in cybersecurity issues: women reportedly make up only 9% of cybersecurity professionals globally. pic.twitter.com/EnlQUpG3fI
— ALT Advisory (@altadvisory) October 25, 2022
Dr Nyirenda-Jere flagged the African Union’s Malabo Convention, which was adopted in 2014 but has yet to be ratified, as an important opportunity to advance data protection and cybersecurity across the continent. However, the Convention still faces challenges, because some elements are outdated or lack effective application in certain countries; and because the Convention still requires at least two states to ratify it before the framework comes into force.
The Convention, argued Dr Nyirenda-Jere, would help “make it possible for data protection to be the main agenda of African governments across the continent – making the connection with the national legislation.”
To achieve this, Dr Nyirenda-Jere stressed the importance of working with different stakeholders, including national parliaments, civic organisations, and local communities, to raise awareness about data protection and to advocate for laws and policies that protect the rights of all individuals, including women.
Assefa also emphasised that cybersecurity practices in the region must also consider local contexts and technological choice, adding that “We need to look at the mobile market, as many Africans use these platforms to connect.”
Finally, the panelists pointed out that to protect women’s data in Africa, governments and organisations must take steps to ensure that data is collected, stored, and shared in a secure manner. This includes, beyond the Malabo Convention, implementing data protection laws and regulations, as well as educating users on how to protect their data. Governments and organisations should also create systems and services designed with women in mind, with considerations for their safety and privacy.
For the NAWC, this means ensuring women also have seats at the table.
“As women nobody is going to give you the space, you need to claim the space,” says Nyirende-Jere. “In the context of cybersecurity that means understanding the issues, then moving to advocacy, raising awareness, and agitating our policy makers.”
On this, the panelists agreed. Any efforts to protect personal data in Africa must account for the specific needs and vulnerabilities of women and address the barriers that prevent them from accessing and using technology safely. Above all, institutions must ensure that data is used ethically and responsibly, and with due respect to women’s rights and dignity.
Watch the full panel here.