Status regarding Budapest ConventionStatus : NA See legal profile
The Government of Angola has not yet adopted a cybercrime strategy. There is no specific legislation in place on cybersecurity and on cybercrime – even if a new Penal Code was already approved in the National Assembly (the Parliament), which includes a number of articles incriminating cybercrime. Regarding the protection of critical infrastructures, the Law no. 7/2017 is in place, on the protection of networks and computer systems.
State of cybercrime legislation
In Angola there is not a holistic legal framework respecting cybercrime and obtaining digital evidence. However, Law no. 7/2017 of 16 February 2017, mentioned above, respecting the protection of critical infrastructures includes a few procedural powers.
A Draft Law on combating crime in the field of ICT and Information Society legislation was introduced for public discussion in 2011. However, it was never introduced into the formal legislative process. This draft included definitions of crimes, provisions on penalties, as well as definitions and procedural measures related to tools for obtaining evidence.
One of the reasons why this draft was abandoned was the presentation to the national parliament (Assembleia Nacional) of a bill of a new Penal Code, which also includes a number of offences in the area of cybercrime.
In a general overview, this Bill covers the penal substantive part of the Budapest Convention. In fact, it includes definitions (Article 439 b, c, e and j and Article 252 d and e), illegal access (Article 440), illegal interception (Article 441), computer damage – or data interference (Article 442), computer sabotage – or system interference (Article 443), computer forgery (Article 444) and computer fraud (Article 445). On Article 446, this Bill also covers copyright infringement on computer programs. Finally, child pornography is described on Article 200.
This Bill was approved by the Assembleia Nacional in January 2019. However, it was not yet published in the official gazette (the Diário da República). Unofficially it is said that the members of the parliament are discussing now a draft new penal procedure code and intend to publish the two legal acts together. The preliminary version of this Bill, before the amendments as result of the discussions in the parliament, is available here.
As mentioned above, a draft Penal Procedure Code is being discussed in the parliament. (According to official sources (https://www.governo.gov.ao/VerNoticia.aspx?id=50386) this draft was already approved by some committees, but not in the final general discussion.)
This draft does not cover digital evidence measures, in general. The sole exception is interception of communications. In fact, draft Article 247 extends the regime of telephonic interceptions to the interception of other communications, including telematic communications.
However, some more procedural measures in the area of obtaining digital evidence are already in place in Angola. In fact, as mentioned above, Law no. 7/2017 of 16 February 2017, respecting the protection of critical infrastructures, includes procedural provisions.
Namely, expedited preservation of data is described in Article 20. In Article 21, it is foreseen expedited preservation and disclosure of traffic.
On the other hand, Articles 23 to 36 of this legal act describe a comprehensive system of data retention.
General rules apply to cybercrime.
In particular, the Constitution of the Republic of Angola 2010 includes a full range of rights and safeguards of the citizens. It is, for example, the case of access to courts and effective judicial protection of the citizens (Article 29), or respect for privacy (Article 32), or secrecy of communications (Article 34), among others.
Related laws and regulations
Angola regulates data privacy and protection issues under the following legal framework:
- Data Protection Law (Law no. 22/11, 17 June 2011)
- Electronic Communications and Information Society Services Law (Law no. 23/11, 20 June 2011)
- Protection of Information Systems and Networks Law (Law no. 7/17, 16 February 2017).
The Electronic Communication Regulatory Body is INACOM, or the ‘Instituto Angolano das Comunicações’.
The Data Protection Law establishes the Agência Angolana de Proteção de Dados (AAPD) as Angola’s data protection authority. Although Presidential Decree 214/2016 (currently in force) approved the AAPD’s Organic Statute in October 2016, the AAPD started functioning as of October 2019.
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). Available in Albanian, Bosnian,
Serbian and Turkish
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). Available in Albanian, Bosnian,
Serbian and Turkish