Back Uganda

    Status regarding Budapest Convention

Status regarding Budapest Convention

Status : NA Declarations and reservations : N/A See legal profile

Cybercrime policies/strategies

In 2014, Uganda established a National Information and Communications Technology Policy. One of the proposed updates concerns the Legal and Regulatory Framework (4.5.2), and the policy priority to review the existing legislation on cyber-crime and other forms of Information Security.

Based on the policy recommendations of 2014, Uganda established a Task Force with the objective of updating existing legislation on cybercrime and harmonising it with the international standards. The Task Force is in charge of the ratification process of the Budapest Convention on Cybercrime by the Republic of Uganda. The Task Force consists of:

  • Ministry of Security;
  • Ministry of Foreign Affairs;
  • Ministry of Justice and Constitutional Affairs;
  • Ministry of Internal Affairs;
  • Ministry of Information Communication Technology and National Guidance;
  • National Information Technology Authority;
  • Office of the Director of Public Prosecution;
  • Police;
  • Interpol National Central Bureau;
  • Uganda Law Reform Commission;
  • Uganda Registration Services Bureau;
  • Uganda Human Rights Commission.

As announced in August 2021, Uganda’s Ministry of ICT and National Guidance is in the process of finalising the development of a National Cybersecurity Strategy (draft). The strategy’s main objectives are to:

  • reinforce cyber security capacity through enhanced private public partnership
  • reinforce citizens’ trust in the use of ICT services
  • enhance international cooperation on cybersecurity
  • promote a culture of cyber security across all levels of society

Specialised institutions

Jurisprudence/case law

Uganda v. Nsubuga & 3 Ors (HCT-00-ACSC-0084-2012) [2013] UGHCCRD 13 (3 April 2013): the computer system of the Uganda Revenue Authority was compromised causing important losses. Several persons were prosecuted and convicted for, amongst other things, the unauthorised use and interception of computer services, electronic fraud, unauthorised access to data and producing, selling or procuring, designing and being in possession of devices, computers, and computer programs designed to overcome security measures for protection of data. The Court considered life imprisonment, but sentenced each of the persons to, cumulatively, 20 years of imprisonment and a fine.

Uganda v. Ssentongo & 4 Ors (Criminal Session Case 123 of 2012) [2017] UGHCACD 1 (14 February 2017): a case of conspiracy to steal money from the MTN mobile money system causing significant losses. Several persons were prosecuted and charged for, amongst other things, electronic fraud and the unauthorised disclosure of access codes. One of the accused was convicted for electronic fraud, but acquitted of the unauthorised disclosure of access codes as no loss occurred.

In Kalungi vs. Uganda (Corruption Division HCT-00-AC-CN-0041-2015) [2016] UGHCACD 2 (28 April 2016): the High Court of Uganda confirmed that a compact disc can be considered as electronic evidence and can be admissible in court proceedings. Based on the evidence, the Court affirmed the conviction of the accused persons.

Sources and links

Institutional websites and databases:

News, Reports and Research:

Tools on Cybercrime & Electronic Evidence Empowering You!

These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe. 


  Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?

  Share this information with us helping to keep this platform up to date.

Useful links