Zimbabwe’s Cyber and Data Protection Act is a law created to protect the private data of internet users from abuse. It however also covers cybersecurity and cybercrime issues in addition. The law creates new responsibilities for companies that collect data within Zimbabwe whether those data handlers are in Zimbabwe or not.
The Cyber and Data Protection Act [Chapter 12:07] came into effect on the 11th of March 2022, after it gazetted by GN 492/2022. The Data Protection Authority in charge of the administration this law is the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ).
This page has been created to help companies and individuals navigate this law.
Downloads
Cyber and Data Protection Act (2021) – PDF
The Act itself usually has the date 2021 in it. This is because it was initially gazetted in December 2021 with the wrong title “Data Protection Act”. It had to be gazetted again in March 2022 with the corrected title “Cyber and Data Protection Act”. The contents of the act did not change.
155 of 2024 Cyber and Data Protection Licensing Regulations – PDF
Zimbabwe’s Statutory Instrument (SI) 155 of 2024 Cyber and Data Protection Licensing Regulations was promulgated into law on the 13th September 2024
Cyber and Data Protection Implementation Guidelines on Appointment, Roles, Responsibilities, Training and Certification of Data Protection Officers. (Published by POTRAZ)
MISA Cyber and Data Protection Act Guide – PDF
In 2022, the Media Institute of Southern Africa created this useful guide to the law.
FAQ on Cyber and Data Protect
This really depends on the organisation – size, level of responsibility etc… In larger companies, the salary for this position can range from US $800 to US $2,500
No. Our conversations with officers at Potraz have revealed that the spirit of the law is not to require licensing for WhastApp community admins. It’s meant for organisations that keep people’s personal data.
Data Protection Act News
- WhatsApp Group Admins Now Need Data Protection License in Zimbabwe
- Dexter Nduna’s Graduation Drama is Beside the Point – Let’s Talk Data Privacy
- Here are your rights when people collect your data in Zim, can’t have them collect it willy-nilly
- POTRAZ invites your input on data protection regulations, you might want to participate
- Here’s your citizen’s guide to the Cyber Security & Data Protection Act
- Thoughts On The Cyber Security And Data Protection Bill