Products
By Use Cases By Roles
DataControls Cloud^TM
View
Learn more

Asset and Data Discovery

Discover Data Assets

Learn more

Data Access Intelligence & Governance

Identify which users have access to sensitive data and prevent unauthorized access

Learn more

Data Privacy Automation

PrivacyCenter.Cloud | Data Mapping | DSR Automation | Assessment Automation | Vendor Assessment | Breach Management | Privacy Notice

Learn more

Sensitive Data Intelligence

Discover & Classify Structured and Unstructured Data | People Data Graph

Learn more

Data Flow Intelligence & Governance

Discover & Classify Structured and Unstructured Streaming Data

Learn more

Data Consent Automation

First Party Consent | Third Party & Cookie Consent

Learn more

Data Security Posture Management

Protect data systems by discovering and automatically remediating misconfigurations

Learn more

Data Breach Impact Analysis & Response

Analyze impact of a data breach and coordinate response per global regulatory obligations

Learn more

Data Catalog

Automatically catalog enterprise datasets

Learn more

Data Lineage

Track changes and transformations of data throughout its lifecycle
Data Controls Orchestrator
View
DataControls Cloud^TM
View
Sensitive Data Intelligence
View

Asset Discovery
Data Discovery & Classification
Sensitive Data Catalog
People Data Graph
Learn more

Privacy

Automate compliance with global privacy regulations

Data Mapping Automation

View

Data Subject Request Automation

View

People Data Graph

View

Assessment Automation

View

Cookie Consent

View

Universal Consent

View

Vendor Risk Assessment

View

Breach Management

View

Privacy Policy Management

View

Privacy Center

View

Learn more

Security

Identify data risk and enable protection & control

Data Security Posture Management

View

Data Access Intelligence & Governance

View

Data Risk Management

View

Data Breach Analysis

View

Learn more

Governance

Optimize Data Governance with granular insights into your data

Data Catalog

View

Data Lineage

View

Data Quality

View
Data Controls Orchestrator
View
Solutions
Technologies

Covering you everywhere with 1000+ integrations across data systems.

Snowflake

View

AWS

View

Microsoft 365

View

Salesforce

View

Workday

View

GCP

View

Azure

View

Oracle

View

Learn more

Regulations

Automate compliance with global privacy regulations.

US California CCPA

View

US California CPRA

View

European Union GDPR

View

Thailand’s PDPA

View

China PIPL

View

Canada PIPEDA

View

Thailand PDPA

View

+ More

View

Learn more

Roles

Identify data risk and enable protection & control.

Privacy

View

Security

View

Governance

View

Marketing

View
Resources

Blog

Read through our articles written by industry experts

Videos

Solution and customer videos.

Collateral

Product brochures, white papers, infographics, analyst reports and more.

Knowledge Center

Learn about the data privacy, security and governance landscape.

Securiti Education

Courses and Certifications for data privacy, security and governance professionals.
Company

About Us

Learn all about Securiti, our mission and history

Partner Program

Join our Partner Program

Contact Us

Contact us to learn more or schedule a demo

News Coverage

Read about Securiti in the news

Press Releases

Find our latest press releases

Careers

Join the talented Securiti team

An Overview of Uganda’s Computer Misuse Amendment Act 2022

By Privacy Research Team

Published on December 23, 2022

Uganda’s Computer Misuse Amendment Act 2022 (Act) came into effect after President Yoweri Kaguta Museveni assented to the law on 14th October 2022.

Objective of the Act

The object of the Act, as specified by the Ugandan government, is to:

Amend the Computer Misuse Act, 2011, to enhance the provisions on unauthorized access to information or data;
Prohibit the sharing of any information relating to a child without authorization from a parent or guardian;
Prohibit the sending or sharing of information that promotes hate speech;
Provide for the prohibition of sending or sharing false, malicious, and unsolicited information; and
To restrict persons convicted of any offense under the Computer Misuse Act, 2011 from holding public office for a period of ten years; and for related matters.

Background of the Act

Since the enactment of the Computer Misuse Act, 2001 in Uganda, the world has witnessed ongoing rapid growth in computer-generated technologies. As a result, many internet and social media platforms have been adopted as means of communication and interaction.

While the development of computer-generated technology through the use of the internet has brought a multitude of economic, social, and educational advantages, it has also created opportunities for violating others' rights and freedoms, particularly the right to data privacy.

The right to privacy is safeguarded and preserved by Article 27 (2) of the Constitution of Uganda, 1995 (Constitution), which prohibits, among other things, interference with the privacy of correspondence or communications. The Constitution further protects an individual's right to privacy under Article 41 by outlawing the disclosure of such information that might infringe on another person's right to privacy.

The abuse of social media and online platforms through the dissemination of false, malicious, hateful and unwarranted information has adversely impacted the enjoyment of the right to privacy of individuals. Regrettably, a number of these violations have extended to minors, with information about, or relating to minors being shared on social media sites without the consent of their parents or legal guardians.

In light of the foregoing issues, the Computer Misuse Amendment Bill 2022 was introduced in Uganda to enhance the protection of the right to privacy by addressing the issues arising from the misuse of online and social media platforms.

Main Features of the Act

The Act applies to any person, regardless of their nationality or citizenship, and whether they are within or outside Uganda. If an offense under the Act is committed by any person in any place outside Uganda, they may be dealt with as if the offense was committed within Uganda.

The Act criminalizes the following actions and introduces corresponding penalties:

Without authorization:
- accessing or intercepting any program or another person's data or information;
- making audio or video recording of another person; or
- sharing any information about or relating to a person.
If a person is found guilty of committing any of the foregoing acts, they are liable to imprisonment for up to 10 years, or a fine for an amount up to 750 currency points (Uganda shillings 15,000,000), or both.
Using social media to publish, distribute or share information prohibited under the laws of Uganda under a disguised or false identity.

If a person is found guilty of committing the foregoing act, they are liable to imprisonment for up to 5 years, or a fine for an amount up to 500 currency points (Uganda shillings 10,000,000), or both.

If such information is published, shared or distributed on a social media account of an organization, the person who manages the social media account of the organization shall be held personally liable for the commission of the offense. Moreover, for the purposes of prosecution of the foregoing act, it shall be presumed, until the contrary is proved, that the information on a social media account which is:
- verified by a social media operator, has been published, distributed or shared by a legal or natural person;
- registered using a telephone contact, is published, distributed or shared by the person or organization in whose name the telephone contact is registered; or
- registered using an email address that has been used or submitted as data by any data collecting entity, is published, distributed or shared by the person or organization in whose name the email address is registered.
Sending, sharing or transmitting any information about or relating to a child through a computer unless an individual obtains consent of the child's parent, guardian, or any other person having the authority to make decisions on behalf of the child.
Writing, sending or sharing any information through a computer which is likely to:
- ridicule, degrade or demean another person, group of persons, a tribe, an ethnicity, a religion or gender;
- create divisions among persons, a tribe, an ethnicity, a religion or gender; or
- promote hostility against a person, group of persons, a tribe, an ethnicity, a religion or a gender.
Sending to or sharing with another person unsolicited information through a computer, unless the sending or sharing of the unsolicited information is in the public interest. Unsolicited information means information transmitted to a person using the internet without the person's consent, but does not include unsolicited commercial communication.
Sending, sharing or transmitting any misleading or malicious information about or relating to any person through a computer.If a person is found guilty of committing any of the foregoing acts, they are liable to imprisonment for up to 7 years, or a fine for an amount up to 750 currency points (Uganda shillings 15,000,000), or both.

How Securiti Can Help

Securiti’s robust tools enables businesses to ensure compliance with their privacy obligations under the Uganda Computer Misuse Amendment Act, 2022.

Securiti is an industry leader in offering business solutions for data compliance and governance. Its wide range of options, from consent management to data discovery, enables businesses to automate their compliance with all significant international data regulations.

Request a demo today and learn more about how Securiti can help your compliance efforts with the Uganda Computer Misuse Amendment Act as well as any other data-related regulations.