Digital Transformation can be the catalyst for the African continent to vault into the 21st century and will accelerate us toward achieving the UN Sustainable Development Goals and the Aspirations of the African Union Agenda 2063. Undoubtedly in the African context, the digital revolution will be led primarily by its young population. According to the United Nations population estimates and projections, 41% of the African population is under the age of 15 and roughly 60% is aged below 25 years. UNICEF’s State of the World’s Children: Children in a Digital World report in 2017 discloses that one in three Internet users is younger than 18 years.

However, the increasingly digital and data-driven information society comes with risks and challenges. New rules are required that would generate trust, while protecting and securing data across the entire value chain, particularly for vulnerable and marginalized groups, including children.

With this goal in mind, the Executive Council of the African Union (AU) endorsed in 2018 “The African Union development of the Digital Economy” and adopted “Cybersecurity as a Flagship project of the African Union Agenda 2063”.

Back in 2014, AU Summit adopted the African Union Convention on Cyber Security and Personal Data Protection (“the Malabo Convention”). The Declaration set a strong objective of African action on cybersecurity and personal data protection to deliver benefits to all Africans. Section II, Article 29 of the Convention pertains to offences specific to Information and Communication Technologies, and requires States to take necessary legislative and/or regulatory measures to make the production or dissemination of child sexual abuse through digital technologies a criminal offence.

To facilitate implementation of the Convention, the African Union Commission (AUC) developed the Privacy and Personal Data Protection Guidelines for Africa (“the Guidelines”) in collaboration with Internet Society (ISOC) in 2018. The Guidelines were created with contributions from regional and global privacy experts, including industry privacy specialists, academics and civil society groups. The AUC also published in 2016, in cooperation with Symantec and the US State Department, a report on Cybersecurity and Cybercrime trends in Africa.

Since the adoption of the Malabo Convention, the AUC has been organizing cybersecurity capacity building workshops, in collaboration with our key partners, Regional Economic Communities (RECs) and Member States. This work promotes cybersecurity culture and builds trust and confidence in the use of ICTs by, and for, the African citizens. The workshops provide guidance on cybersecurity policy and strengthen cyber capacities of various stakeholders on issues including: cybercrime prevention; online privacy and personal data pro-tection; preparation of cyber-strategies and cyber-legislation; and setting up incident response mechanisms such as Computer Emergency/Incident Response Teams (CERT/CIRT).

However, there are major challenges faced by Member States of the AU. They include achieving a level of technological security adequate enough to prevent and effectively control technological and informational risks in cyberspace, particularly for children; as well as building an information society that respects values, protects rights and freedoms, and guarantees the security of the property of individuals, organizations and nations. They also include how States can support citizens to contribute to the knowledge economy, guarantee equal access to information while stimulating the creation of authentic knowledge platforms, and creating a climate of confidence and trust, that is predictable, organized, protective of consumers and citizens, secured, and integrated into international order.

To overcome the abovementioned challenges, Member States of the AU must develop and update national cyber-security strategies in line with international standards and practices, and support the creation of a national governance structure for cyber-security. They must adopt and implement legal frameworks for online privacy and personal data protection to allow African citizens to safely and securely use ICT for their socio-economic development (health, education, commerce, governance, etc) as a sine qua none condition for peace and stability.

States should develop human and institutional capacity building in cybersecurity and prevention/prosecution of online crimes, particularly against the vulnerable groups, and implement ICT/cybersecurity awareness classes in early stages of children’s education. States must enforce the existing national criminal laws and adapt them to the realities of the digital environment to effectively fight against all kind of cybercrime and cyber-attacks, and develop legal and regulatory frameworks and specific provisions related to cyber legislation: with more emphasis on child online protection. Similarly, States should develop technical capabilities to monitor and defend national networks to protect Institutions against threats and attacks capable of endangering their survival and efficacy, and build and operate CERT/CIRTs. Finally, they must develop continental and regional mechanisms to increase regional and international cooperation on cybersecurity and the protection of children online.

It is important to move from establishing measures which purely protect children online, to those that actively empower them and provide them with the right competencies they need to ensure their wellbeing and fully enjoy their rights online. There is, therefore, an urgent need for a global structural approach, based on effective policies to benefit children in Africa and elsewhere, harnessing the power of digitalization so that they become active digital citizens. This requires that girls and boys are equally empowered with appropriate digital skills.