Guide to the Zimbabwean Cyber and Data Protection Act

This is a Guide to the Zimbabwean Cyber and Data Protection Act developed by MISA Zimbabwe

This Guide intends to assist ordinary citizens, data protection advocates, human rights advocates, media organisations and interested individuals in getting a basic understanding and application of the Cyber and Data Protection Act (Act).

This guide aims to contribute to the general citizens’ awareness of Zimbabwe’s data protection legal framework. Contents of the guide are not intended to constitute legal advice.

The guide will not include specific legal advice on how to comply with the Act. Compliance requires more than a legal analysis, as there are technical and organisational security requirements for effective data protection.

However, some sections might provide basic checklists for ease of understanding and interpretation of the Act’s provisions. For comparative regional and international experiences, reference and examples will be drawn from South Africa’s Protection of Personal Information Act (POPIA), and the European Union General Data Protection Regulation (GDPR). Other regional standards might also be referenced for their persuasive value. In addition, various court decisions will be referenced as relevant or necessary.

Source: Promoting Free Expression in South Africa