<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:18pt">Thank you Grace, <br><br>I am really getting good information about the AUCC with this discussion.<br><br>Regards<br><div><span><br></span></div><div> </div><div>NKURUNZIZA Jean Paul<br>TRAINER IN COMPUTING AND INTERNET POLICY</div><div><br><br></div><div>ISOC BURUNDI : VICE PRESIDENT<br>Réseau des Télécentres Communautaires du Burundi : Président</div><br><div><br><br><br></div><div>Burundi Youth Training Centre : Secrétaire Général</div><br><br><div><br><br></div><div>Skype : jpnkurunziz</div><br><div><br></div><div>Facebook : http://www.facebook.com/jeanpaul.nkurunziza<br>Tel : +257 79 981459</div><div style="display: block;" class="yahoo_quoted"> <br> <br> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 18pt;">
<div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 12pt;"> <div dir="ltr"> <font face="Arial" size="2"> Le Lundi 25 novembre 2013 22h32, Grace Githaiga <ggithaiga@hotmail.com> a écrit :<br> </font> </div> <div class="y_msg_container"><div id="yiv2719256656"><style>#yiv2719256656 #yiv2719256656 --
.yiv2719256656hmmessage P
{
margin:0px;padding:0px;}
#yiv2719256656 body.yiv2719256656hmmessage
{
font-size:12pt;font-family:Calibri;}
#yiv2719256656 </style><div><div dir="ltr">Thanks Jean Paul for the update on the cybersecurity sensitization workshop in Burundi. Suresh has answered your query on the Budapest Convention. Thanks Suresh.<div><br clear="none"></div><div>My response to your other two questions:</div><div>1. Who are the drafters of that Convention?</div><div>This has been drafted by the African Union Commission. </div><div><br clear="none"></div><div>2. How are African states involved? Which services at country level are involved?</div><div>The information that African governments were involved though it is not clear at what level i.e. whether it is from the point of conceptualization, or after the draft had been developed. However, this is a question I will include in our reporting template and hope that AUC will provide us with the information on the process. </div><div><br clear="none"></div><div>I attach our reporting template.</div><div><br
clear="none"></div><div>Once again, thank you so much and do keep this debate going.</div><div>Rgds</div><div>Grace</div><div><div><br clear="none"><div><div class="yiv2719256656yqt6136553628" id="yiv2719256656yqtfd98557"><hr id="yiv2719256656stopSpelling">To: nkurunziza1999@yahoo.fr; governance@lists.igcaucus.org; ggithaiga@hotmail.com<br clear="none">From: suresh@hserus.net<br clear="none">Subject: Re: [governance] Kenya/Uganda online debate on the African Union Convention on Cyber Security(AUCC)<br clear="none">Date: Mon, 25 Nov 2013 11:59:25 +0530<br clear="none"><br clear="none">
<div style="font-size:12pt;font-family:Calibri, sans-serif;"><div>It does appear that the au convention on a quick superficial reading does not substantially conflict with the Budapest convention. </div><div><br clear="none"></div><div>The advantage of joining the Budapest convention is harmonizing your local law with those of several countries around the world and also joining a network of mlats that make it easier for you to pursue cybercrime cases where the offender lives in another country that is a signatory to the convention. </div><div><br clear="none"></div><div>--srs (htc one x) </div><br clear="none"><div id="yiv2719256656ecxhtc_header">----- Reply message -----<br clear="none">From: "Jean Paul NKURUNZIZA" <nkurunziza1999@yahoo.fr><br clear="none">To: "governance@lists.igcaucus.org" <governance@lists.igcaucus.org>, "Grace Githaiga" <ggithaiga@hotmail.com>, "Suresh Ramasubramanian" <suresh@hserus.net><br
clear="none">Subject: [governance] Kenya/Uganda online debate on the African Union Convention on Cyber Security(AUCC)<br clear="none">Date: Mon, Nov 25, 2013 11:24 AM</div></div><br clear="none"><pre style="word-wrap:break-word;white-space:pre-wrap;">Hi all,
Thank you Grace for sharing those updates about the African Union Convention on Cyber Security(AUCC)
Just last week ( 21 and 22 November 2013) , the National Telecommunication Regulatory Authority of Burundi ( I am burundian based in Burundi) has conducted a sensitisation workshop about the issue of cybersecurity.
This workshop is the first step towards the drafting the cybersecurity law for Burundi. I attended it as a member of ISOC Burundi chapter.
Speaking about international legal frameworks about cyber security, the invited expert raised the Budapest Convetion. Representatives of the regulatory authority said they were not aware of this convetion.
I made an intervention and raised the fact that AU is drafting another convention.
Then, we had some discussions : the advantages and disadvantages for a country like Burundi to sign the Budapest Convention, ....
Allow me to ask some questions :
Who are the drafters of that convention ?
How are African states involved ? Which services at country level are involved ?
My problem is that African countries may seek to sign the Budapest Convention and ignoring the AUCC.
Best regards
NKURUNZIZA Jean Paul
TRAINER IN COMPUTING AND INTERNET POLICY
ISOC BURUNDI : VICE PRESIDENT
Réseau des Télécentres Communautaires du Burundi : Président
Burundi Youth Training Centre : Secrétaire Général
Skype : jpnkurunziz
Facebook : <a rel="nofollow" shape="rect" target="_blank" href="http://www.facebook.com/jeanpaul.nkurunziza">http://www.facebook.com/jeanpaul.nkurunziza</a>
Tel : +257 79 981459
Le Lundi 25 novembre 2013 3h28, Suresh Ramasubramanian <suresh@hserus.net> a écrit :
Hi Grace
About I8 to I10 as I have worked extensively on spam at a technical and policy level since the late 90s
I8 : This is a convention and not an international law. It provides a criterion that nations in the American will commit to harmonize their current (or more likely proposed, in large parts of Africa) to be uniform on this and other provisions. In this case, it advocates transparency in direct marketing offers which is a best practice
I9 : this is an optin law, which is respectful of user privacy and doesn't allow the sending of unsolicited bulk email, which is the canonical definition of spam. This should not restrict itself to marketing but cover other sorts of bulk mail sent by other organizations or individuals. The law should be content neutral and cover all forms of unsolicited bulk email rather than just marketing mail.
I10 : this is a standard prior business relationship exception to make compliance simpler
The articles also need to additionally cover criminal forms of spam as the 419 scam, phishing etc.
They additionally need to specify penalties both for the organization that commissioned the spam and the marketing agency they contracted with to actually send the spam.
Specific language that would be appropriate is in the Australian spam act of 2003 and in the proposed Canadian antispam law, both of which were drafted after open, consultative and multistakeholder processes in the respective countries, including inputs from respected privacy groups.
Before that, data protection and net anonymity have to be carefully balanced to log data but retain it under strict controls and regulation of how it can be used (in accordance with privacy regulations). If you legislate blanket anonymity then scam artists and cybercriminals will extensively abuse it to remain undetected.
These are a first set of thoughts
--srs (htc one x)
----- Reply message -----
From: "Grace Githaiga" <ggithaiga@hotmail.com>
To: "governance@lists.igcaucus.org" <governance@lists.igcaucus.org>, "bestbits@lists.bestbits.net" <bestbits@lists.bestbits.net>
Subject: [governance] Kenya/Uganda online debate on the African Union Convention on Cyber Security(AUCC)
Date: Mon, Nov 25, 2013 3:30 AM
IGC and Bestbits Listers
I write to you to seek your views on the African Union Convention on Cyber Security(AUCC)<a rel="nofollow" shape="rect" target="_blank" href="http://pages.au.int/sites/default/files/AU%20Cybersecurity%20Convention%20ENGLISH_0.pdf">http://pages.au.int/sites/default/files/AU%20Cybersecurity%20Convention%20ENGLISH_0.pdf</a> KICTANet has been in discussion with AUC and the drafters have accepted to receive our input despite having gone through this process two years ago with African governments. The Convention will be signed in January 2014.
In light of this, Kenya and Uganda stakeholders will conduct an online debate on multiple lists of KICTANet and
ISOC-KE, and on I-Network list moderated by the Collaboration on International ICT
Policy in East and Southern Africa (CIPESA)
and ISOC -Uganda, starting Today Monday 25th to Friday 29th November 2013. Please feel free to send us your contribution. RgdsGrace
Below is the announcement ma</pre></div></div></div></div><div class="yiv2719256656yqt6136553628" id="yiv2719256656yqtfd54996"> </div></div></div></div><br><div class="yqt6136553628" id="yqtfd80850">____________________________________________________________<br clear="none">You received this message as a subscriber on the list:<br clear="none"> <a shape="rect" ymailto="mailto:governance@lists.igcaucus.org" href="mailto:governance@lists.igcaucus.org">governance@lists.igcaucus.org</a><br clear="none">To be removed from the list, visit:<br clear="none"> <a shape="rect" href="http://www.igcaucus.org/unsubscribing" target="_blank">http://www.igcaucus.org/unsubscribing</a><br clear="none"><br clear="none">For all other list information and functions, see:<br clear="none"> <a shape="rect" href="http://lists.igcaucus.org/info/governance" target="_blank">http://lists.igcaucus.org/info/governance</a><br
clear="none">To edit your profile and to find the IGC's charter, see:<br clear="none"> <a shape="rect" href="http://www.igcaucus.org/" target="_blank">http://www.igcaucus.org/</a><br clear="none"><br clear="none">Translate this email: <a shape="rect" href="http://translate.google.com/translate_t" target="_blank">http://translate.google.com/translate_t</a><br clear="none"></div><br><br></div> </div> </div> </div> </div></body></html>