Archive for October, 2008


Posted in Uncategorized on October 2, 2008 by ubena


The rapid increase of employing IT in daily life in Tanzania has brought many challenges. The Tanzanian courts for quite a long time have been relying on the Common Law doctrine of Best Evidence Rule to which the primary evidence in most cases is the written and signed or authenticated documents[1].However the trend has changed recently. This paper therefore tries to give the highlight of Electronic Evidence in Tanzania.

It was not until 2000 when the wisdom of the High Court of Tanzania was called upon to rule whether electronic evidence is admissible as best evidence in the case of Trust Bank Ltd v. Le-Marsh Enterprises Ltd., Joseph Mbui Magari, Lawrence Macharia[2] in this case the court ruled that the electronic evidence is admissible in Tanzania courts and this was a departure from the strict rule of best evidence rule.

In admitting electronic evidence the judge stated that the court should not be ignorant of modern business methods and shut its eyes to the mysteries of the computer.[3]

This decision shows the judicial activism and the role of Judiciary in filling the gaps left by the legislature.

The Legislature[4]on the other hand responded by enacting Electronic Evidence Amendment Act 2007 which provided provision for the reception of electronic evidence in courts of law in Tanzania. The new section has been added in the Tanzania Evidence Act 1967, the said section is section 40 A.

This section provides inter alia that in any criminal proceedings-Information retrieved from computer systems, networks or servers; or records obtained through surveillance of means of preservation of information including facsimile machines, electronic transmission and communication facilities;

the audio or video recording of acts or behaviours or conversation of persons charged, shall be admissible in evidence

Section 76 of the Tanzania Evidence Act was also amended to the effect that the bankers book include the records kept or information system including but not limited to computers and storage devices , magnetic tapes, microfilm, video or computer display screen or any other form of mechanical or electronic data retrieval mechanism.

Section 78 of Tanzania Evidence Act is also amended to include Section 78A a printed out records kept or information system including but not limited to computers and storage devices , magnetic tapes, microfilm, video or computer display screen or any other form of mechanical or electronic data retrieval mechanism or other process which in itself ensures the accuracy of such print out, shall be received as evidence.

Section 78A (2) provides that the records received under section 78A (1) shall be deemed to be a primary evidence and a “document”[5] for the purpose of section 64(1) of the Tanzania Evidence Act.[6]

It is worthwhile to not that the wording of section 40A indicates that the provision is limited to criminal proceedings and not applicable in Civil suits proceedings.

In conclusion suffice to say that Tanzania response to IT challenges is not only in admissibility of electronic evidence but also have gone as far as enacting other IT related legislations[7] and the National ICT Policy of 2002 which indicates the vision of Tanzania government on ICT sector.[8]



Electronic Evidence Amendment Act 2007 is found in the Written Laws Miscellaneous Amendment Act 2007

Written Laws Miscellaneous Amendment Act, No. 15 of 2007 available at

Evidence Act No.6 of 1967 available at

Copyright And Neighbouring Right Act 1999 available at

Communications Act 1993 available at

Tanzania Communications Regulatory Authority Act 2003 available at


National ICT Policy 2002 available at


Trust Bank Ltd v. Le-Marsh Enterprises Ltd., Joseph Mbui Magari, Lawrence Macharia Commercial Case No. 4 of 2000


1. visited on 09/10/2007 visited on 10/10/2007

3. visited on 10/10/2007

4. visited on 10/10/2007

5. visited on 10/10/2007

[1]Documents in this respect do not include those kept in electronic form visited on 09/10/2007

[2] Commercial Case No. 4 of 2000

[3] Trust Bank Ltd. V. Le-Marsh Enterprises Ltd., Joseph Mbui Magari, Lawrence Macharia ( supra).

[4] visited on 10/10/2007

[5] However there is ambiguity here, does this mean the printed out information or even the information in the soft copy ( the information recorded or stored in the computer or other electronic device as stated in section 40A before being printed out) ? Or any form be it soft copy or hard copy?

[6] Act No. Of 1967

[7] Copyright and Neighbouring Rights Act 1999 and the Tanzania Communications Regulatory Authority Act 2003, all these Acts can be found at



Posted in Uncategorized on October 1, 2008 by ubena


Information age has turned information to be a precious resource. And thus any organization which wishes to compete be it a private company or public corporation the question of Information security must be given priority. Such wake for information security has taken pace in Tanzania. This paper tries to highlight that wake in Tanzania.

The initiative for information security in Tanzania can historically be linked with the 1970s incidence, where in 1970s there was a plan to computerize the whole Tanzania- Government accounting system using the computer model ICL 1900 which was located at the Ministry of Finance headquarter in Dar es salaam. The project terribly failed and has scrapped after a heavy loss. For two consecutive years the government could not tell how much money it had spent or collected as revenue.[1]

As a response to that in 1974 the law was passed to ban importation of computers and related equipments after suffering heavy financial losses.

Though later in 1980s the computer importation was allowed in the country under the scrutiny of the Advisory Committee which had a duty to grant import licences.[2]

With the coming of mobile phones and internet, ICT application in Tanzania got many clients. And the concern of about information security was and yet is more alarming.

There are hackers, malicious programs like computer viruses, worms, just to mention a few.

Attackers are assumed to have various levels of expertise, resources, and motivation. Attackers can either be insiders or outsiders. Relevant expertise may be in general semiconductor technology, software engineering, hacker techniques, or the specific system. Resources may range from personal computers and inexpensive card reading/coding devices to very expensive and sophisticated engineering test, measurement devices, and replica of Company vending devices. They may also include software routines, some of which are readily available on the Internet. Motivation may include economic reward, resentment, or notoriety of defeating high-grade security. [3]Given sufficient time and expertise, any particular company vending application software can be compromised.

Threat to Security

The PP is required to counter threats that may be broadly categorized as:

Threats addressed by the system:

– Threats associated with physical attack on the system

– Threats associated with logical attack on the system

– Threats associated with control of access

– Threats associated with unanticipated interactions

– Threats regarding the security module

– Threats that monitor informational[4]

All these if not taken care of they will always be very costly to an individual or organization. “Information security assurance therefore must be taken into consideration as part of the business and systems engineering process.”[5]


How information security is secured.

Information security program, blending best management practices with key physical and information technology safeguards. Drilling down to the critical building blocks of information security, covers security policies, awareness, administration, models, mechanisms, and architectures; availability, backup, recovery, and business continuity planning; firewalls; user authentication; cryptography; network concepts and security.[6]

The initiatives so far undertaken are only in technical and training as such and here there are several IT vendors like the Agumba Computers Company which is very well known in Tanzania for providing inter alia IT Security training and consultancy. Agumba has presented several papers on IT Security in Tanzania. The other company dealing with providing IT Security Training is Tanzania Global Development Learning Centre.

Despite the initiatives undertaken there is yet still a problem particularly on the legal system. The legal infrastructure in Tanzania is yet to incorporate Information Security as an area worth legal safeguard. In this way it is not surprising to find hackers or those defrauding the IT system walking away unpunished by the law.

It is therefore prudent and sound that the initiatives should not only be on technical area put also the legal infrastructure should address such matters related to information security in Tanzania.


It Security: Security Management Practices – Theory and Practical.

Klodwig Mgaya, Development of Information Technology in Tanzania.

E-Security and Cyber Crimes Training Workshop

Job Asheri Chaula, at el , A Framework for Evaluation of Information Security Systems, A Case Study of Tanzania Electric Supply Company ( TANESCO).

Regional Information Security Consultative Forum; Status of Information Security in Tanzania, Paul Koyi, Agumba Computers, Tanzania

Howard Shila, Effectiveness of Informatics Policy Instruments in Africa, Tanzania. Available at visited on 03/02/2008

Tanzania Communications Regulatory Authority.

National Information and Communications and Technology Policy

The Parliament of Tanzania

[2] Ibid

[3] Job Asheri Chaula, at el , A Framework for Evaluation of Information Security Systems, A Case Study of Tanzania Electric Supply Company ( TANESCO). Available at last visited on 01/02/2008

[4] Ibid

[5] Ibid