Mozambique has passed a Cybersecurity Law and a Cybercrime Law. That is timely news. The country now offers a useful case study for a lasting issue across Africa. Digital economies need trust. People need safe payment systems, secure public platforms, and real protection against fraud. At the same time, citizens need laws that do not silence criticism, block access, or punish lawful reporting. Strong cyber laws can help build trust. Strong safeguards make that trust real.
Cybercrime has become a daily business risk, not a distant policy issue. Online fraud, phishing, business email compromise, ransomware, and digital extortion now affect banks, telecom operators, public agencies, small merchants, and ordinary users. That wider reality gives this story real shelf life. Readers not only need to know that a law was passed. They need to know what good cyber laws should do, what bad enforcement looks like, and what African governments must get right next.
The law gives the state real tools
The new framework gives Mozambique stronger legal powers to protect critical information infrastructure and act against online offences. The Cybercrime Law sets criminal provisions and procedural rules, includes mechanisms for international cooperation, and covers the investigation of cyber offences and the collection of electronic evidence. That matters because cybercrime rarely stays inside one border. Digital evidence often sits on foreign servers, inside third-party platforms, or across payment systems that span many countries.
Mozambique’s minister of communications and digital transformation also said the law covers computer forgery, computer fraud, abuse of electronic payment methods, telecommunications fraud, illicit recordings, unauthorised access, and violation of correspondence. Those are not abstract offences. They touch common risks that affect mobile money users, online traders, banks, and media workers. A law that speaks to real harms has far more value than a broad promise of digital safety.
The government has also tied the law to practical goals. It says the framework should protect the state, institutions, citizens, computer systems, communication networks, and critical infrastructure. It has also been argued that a safer digital environment can support e-commerce and attract foreign investment. That logic makes sense. Investors and operators want legal certainty around fraud, evidence, incident response, and liability.
Cybercrime is no longer a side issue
Mozambique did not pass these laws in a vacuum. The country recorded 173,770 cyberattacks in 2024, which led to 1,061 criminal cases, up from 912 a year earlier. In the first half of 2025 alone, the government recorded 36,330 attacks. Those figures show steady pressure, not a one-off spike. Any country facing that pattern needs rules that help investigators move faster and help critical systems recover better.
Cybercrime now accounts for more than 30 per cent of all reported crime in Western and Eastern Africa. Online scams, ransomware, business email compromise, and digital sextortion rank among the most reported threats on the continent. In some African countries, suspected scam notifications jumped by as much as 3,000 per cent in a single year. That scale changes the policy debate. Cyber law now sits close to public safety, trade, banking, education, and trust in digital services.
Clear rules help digital business grow
Good cyber laws do more than punish offenders. They help businesses understand risk and plan around it. They help payment firms know what counts as fraud. They help platforms preserve evidence. They help regulators decide when to intervene. They also help cross-border partners cooperate during an investigation. That is why cyber law should be embedded in a trust framework for digital growth.
UNCTAD has made that wider link clear in its work on Africa’s digital economy. The organisation says African countries need strong policy frameworks for market access, cross-border data flows, data protection, cybersecurity, digital infrastructure, and related skills if they want to attract investment and fully participate in the digital economy. In simple terms, digital growth needs trust, and trust needs rules that people can understand and rely on.
That point gives this Mozambique story real evergreen value. Readers in Kenya, South Africa, Ghana, Rwanda, Egypt, Senegal, and beyond face the same core issue. They want safer online systems. They also want predictable rules that support commerce without giving public agencies a blank cheque. A useful tech policy article should help readers see both sides at once.
Rights need firm protection
Mozambique’s recent record shows why safeguards matter. During post-election unrest in late 2024, rights groups and researchers documented repeated internet restrictions and social media blocks. Human Rights Watch said those restrictions hurt access to information, peaceful assembly, online business, and schooling. It also noted that the communications regulator did not provide a clear legal justification for the shutdowns. That history does not prove the new cyber laws will target speech. It does show why many readers will judge the new framework by how the state enforces it.
Press freedom groups raised similar concerns. Reporters Without Borders said journalists in Mozambique faced tear gas, arrests, threats, confiscation of devices, and internet blackouts during the same period of tension. For a cyber law to earn trust, it cannot sit beside loose enforcement that blocks communication during moments of public importance. People do not trust digital rules when those rules seem to serve power first and the public second.
African human rights standards already offer a clear baseline. In March 2024, the African Commission on Human and Peoples’ Rights urged states to ensure open and secure internet access before, during, and after elections. It also told states to refrain from shutting down the internet or disrupting digital communication platforms around elections. That principle matters far beyond election periods. It says digital order should not come at the cost of basic civic access.
Enforcement will decide the outcome
The hard part starts after parliament votes yes. A country can pass a sound law and still lose public trust through poor enforcement. INTERPOL says 90 per cent of African countries report that law enforcement or prosecution capacity still needs significant improvement. It also says most countries lack key tools such as incident reporting systems, digital evidence repositories, and cyberthreat intelligence databases. That gap matters because a law on paper does not stop fraud, trace attackers, or protect a hospital network. Skilled investigators and functioning systems do that work.
Mozambique will need more than legal text to make these laws work well. It will need trained investigators, judges who understand digital evidence, prosecutors who can handle cross-border cases, and clear rules for how agencies request data or restrict access. It will also need public reporting. People should be able to see how many cases authorities open, what offences they prioritise, how often courts approve digital evidence requests, and how often agencies misuse their powers. Transparent enforcement builds more trust than broad promises ever can.
Good cyber law needs clear limits
A balanced framework does not treat every digital problem as a security threat. It defines offences with care. It sets narrow and lawful conditions for surveillance or access restrictions. It protects journalistic work, lawful speech, and public interest reporting. It also creates due process, court oversight, and a clear path to challenge abuse. Those limits do not weaken cyber law. They make the law stronger because they give citizens, companies, and courts a standard they can test.
That is the line Mozambique now needs to hold. The country has a real cybercrime problem. It also has a recent history of digital restrictions during political tension. A serious state should be able to fight fraud and protect infrastructure without punishing lawful expression or disrupting public access. If enforcement stays narrow, transparent, and accountable, the new laws can support digital growth. If enforcement drifts into opacity and broad control, trust will drop fast.
The lesson for Africa
Mozambique’s new cyber laws matter because they capture a bigger African challenge in one story. Governments need stronger tools against fraud, extortion, and attacks on critical systems. Citizens and businesses need open internet access, legal clarity, and confidence that cyber rules will not turn into speech controls. The countries that get both sides right will build stronger digital economies. The countries that ignore the rights side will weaken the very trust they claim to protect.
This is not only a Mozambique story. It is an African digital trust story with lasting value for founders, policymakers, investors, rights groups, telecom operators, and everyday users.
