Uganda, like many countries, has embraced ICT use in its entire social, economic and political structures. Uganda with a population of about 35 millions people, with an average GDP growth rate of about 6.9 per annum since 1990. The country has 18,300,000 mobile subscribers, 4,800,000 (3.2%) Internet users, 464,849 fixed lines, current teledensity of 52% , combining both mobile and fixed. As you can tell, there’s rapid growth of mobile and internet usage in the country putting it in the 9th position in Africa as of the latest Mushroom Networks research, a California-based company.
Hence ICTs in Uganda are increasing in importance and uptake is also increasing, therefore issues of cyber security, laws and data privacy are therefore of paramount importance.
Last week, TechPost through a fusion of twitter conversation from its community and live interview at their offices spoke to the National Information Technology Authority-Uganda (NITA-U). NITA-U is an autonomous statutory body established under the NITA-U Act 2009, to coordinate and regulate Information Technology services in Uganda. It has been given the mandate to coordinate, promote and monitor Information Technology(IT) developments in Uganda within the context of National Social and Economic development.
Here’s how The Government of Uganda through NITA-U is reading itself to building a e-government that’s in-tune with the new digital world.
TechPost: What cyber laws do we have in Uganda?
NITA: So far, we’ve four cyber laws which include the Computer Misuse Act , Electronic Transactions Act, Electronic Signatures Act, and NITA-U Act.
TechPost: Now that you’ve drafted laws that tackle the cyberspace, how are you implementing or enforcing some of these laws.
NITA: Apart from prescribing penalties for those who commit cyber-crimes, these laws (and their respective regulations) also seek to create order in the Information Technology arena by describing the necessary requirements for secure electronic transactions in Uganda. NITA has conducted sensitization and continues to conduct sensitization sessions across Government to ensure that everyone understands them. In addition, NITA has developed the National Information Security Framework that consists of policies, standards, and procedures to be used across Government. They can all be found on the NITA-U website: www.nita.go.ug.
Patrick Tumusiime @marpat2000: A Cyber security team was put in place last year, has it made any achievements so far!
NITA: The National Information Security Framework #NISF and the National CERT (www.cert.ug) are now in place.
TechPost: What level of readiness and preparedness does NITA have to combat cyber attacks before and after they happen?
NITA: In terms of human resource, we’ve been building human capacity through training personnel in public and private sector. We’ve largely been working with partners in South Korea specifically in the area of digital forensics.
We’ve also set up a division called Computer Emergency Response Team (CERT) which has got a website that informs users of threats and also provides a platform for them to report these threats to us. Other than that, we proactively send out alerts via email, Twitter and facebook.
TechPost: Following Edward Snowden’s NSA revelation of the US government’s massive surveillance of its citizens, how do you balance between liberal internet freedoms and national security?
NITA: We do believe in internet freedoms. However, these must be used responsibly. Recently developed a National Information Security Framework which will standardize our approach to information security.
TechPost: Most companies use Internet. So, has the government prescribed any basic norms on prevention of crime and the follow up action afterwards?
NITA: The recently developed National Information Security Framework prescribes basic norms that organizations must follow to ensure a relatively safe cyberspace, limit the likelihood of cyber crime occurring and ensure detection of cyber-crimes.
NITA: Because Cybersecurity is a borderless endeavour, our MoUs seek to acquire capacity building in digital forensics and malware analysis.
National Information Backbone
TechPost: The national backbone is poised to facilitate the rapid flow of information among government institutions. Could you give us an update on how far the project has gone and when it’ll launch.
NITA: The national backbone is completely operational. As of now, we already have 33 government agencies inter-connected.
The 1st and 2nd Phases of the National Backbone were completed last year and are in operation. We hope to commence the 3rd Phase by December 2014 which will help connect Uganda to the undersea cables using an alternative route via Tanzania. This will help lower the cost of internet access and improve its reliability as well.
TechPost: What can you tell us about the capacity of this link?
The link has installed capacity of 2.5Gbps upgradable to 1920 Gbps. The network is managed by a private company Soliton.
With this link, we provide low-cost internet to government bodies and lease the excess capacity to the private sector specifically service providers.
Simon Kaheru @skaheru: As govt depts are made to go online how will you ensure that only Ugandan companies do the
NITA: In observance with the Procurement laws and regulations, we do not discriminate against local companies.
NITA: We have began hosting emails for Government agencies within Uganda in a phased approach. We started by building the infrastructure needed for hosting governments sites within the country as opposed offshore. With the national backbone and our datacentres, we think we’re on track. Already we’re hosting Email services locally for two government bodies as pilot project.
However, we also have to factor in the economic viabilities. It’s way cheaper and more reliable to host websites with offshore hosting companies who enjoy the economies of scale compared to hosting locally.
NITA: Yes we can. The classification of data/information under the National Information Security Framework will ensure that the bulk of Government data is unclassified to promote opendata.
However, currently there’s a lot of government data that’s released in the press. Also couple that with the fact that every government agency also has a website with information published on it. Beyond that, we’re seriously working on opendata starting with creating an opendata readiness assessment report. This will ensure that we’re the right structures in various government agencies so that the right data-sets are uploaded to the system. The completion of this is subject to the availability of funds.
National ID project
TechPost: National ID project has been marred by procurement issues, contentions between different government bodies and has such stalled upto today. But national ID project constitutes part of national information, how is NITA-U playing a more proactive role in ensuring the successive implementation of this project.
NITA: The National Security Information System (NSIS) project, commonly referred to as the National ID project is now on course and in full gear. NITA-U is responsible for Technology and Quality Assurance of the project. Please visit the project website at: www.nsis.go.ug for all information regarding the project.
Image: NITA-U Director-Regulation and Legal Services at a Sensitisation of Cyber Laws