https://zimbabwe.misa.org Cybersecurity and Cybercrime Laws in the SADC Region The right to privacy is guaranteed in international and regional human rights instruments. It is enshrined in over 130 national constitutions across the world. It is enshrined in article 12 of the UDHR, article 17 of the ICCPR, article 16 of the Convention of the Rights of the Child (CRC), and article 10 of the African Charter on the Rights and Welfare of the Child (AFDEC, 2020). The African Charter does not have a provision on the right to privacy, but this right has been acknowledged under the Declaration of Principles on Freedom of Expression and Access to Information in Africa (2019) (the Declaration). This report looks at the following thematic issues: Key international and regional standards that protect the right to privacy and freedom of expression: Universal Declaration on Human Rights (UDHR) International Covenant on Civil and Political Rights (ICCPR) General Comment No. 34 on Article 19 of the ICCPR (General Comment No. 34) African Charter on Human and Peoples’ Rights (African Charter) Declaration of Principles on Freedom of Expression in Africa (African Declaration on Freedom of Expression) African Charter on Democracy, Elections and Governance (ACDEG) Overall Objectives The overall objective of this report is to critically analyse the impact of cybersecurity laws on exercise of rights in selected SADC countries. It falls within the broader ambit of the media freedoms and digital rights. As such, it aims to contribute towards the recognition, awareness, and enforcement of human rights in the Southern African Development Community (SADC) region. An overview of how the internet space has impacted the exercise of rights; Highlight regional and international legal frameworks on cybercrimes and cybersecurity and the key principles highlighted therein for the protection and promotion of rights; Analysis of cybersecurity laws in the Southern African region and how they impact the exercise of rights including countries like Zimbabwe, Botswana, Lesotho, South Africa, Namibia and Zambia; Assess the circumstances in which these laws have been relied on for surveillance purposes or to curtail free expression; and Provide strategies that can be relied on to ensure that these laws promote instead of curtailing exercise of rights. Conceptual Framework This report is anchored on the human rightsbased approach. It foregrounds the point that the 13 necessary and proportionate principles are important in the drafting of progressive legislation on cybercrimes and cybersecurity issues. A human rights-based approach (HRBA) is grounded on the principles drawn from international and regional treaties, and places human rights as the centre of all policy making and drafting of legislation. Some of the core principles of the human rights-based approach include: participation, accountability and transparency, non-discrimination and equality, empowerment of rights holders and legality. Thus, the incorporation of the human rightsbased approach ensures that policymakers are able to meet their human rights obligations, and achieve better outcomes that benefit rights-holders. This can be done through integrating international human rights system norms, principles (necessary and proportionate principles) and standards (model laws) and goals. 5