Innovation and Cybersecurity

 0. Overview

To make sure that the government of Rwanda is providing a faster, secure and better service to its citizens through Rwanda ICT Master plan, there is a need to fully embrace online services, better protection of private information, more collaboration between different Governmental Institutions and change in the public sector culture.

It is in this scope that the Department of Innovation and Cybersecurity, with the help of the newly enacted ICT law, is making sure that a conducive environment and all the necessary requirements are being put in place for different ICT sectors such as Emerging Technologies, Big Data, FinTech, Internet of Things or other sectors such as E-Agriculture, E-commerce and Internet Governance. Furthermore as more disruptive applications are being introduced in the global world economy, there is a need to not only create a conducive environment for these applications, but also to define boundaries within which these applications must operate.

RURA Universal Access Fund under the department of Innovation and Cybersecurity had been created to motivate innovation and enhance ICT access to all Rwandans. In addition, one of the aims of the Universal Access Fund is to ensure that the lowest ICT maturity level observed in areas such as Cloud Data Centers, Cybersecurity, ICT ecosystem, etc. is increased through encouragement of innovation among ICT young innovators and investors.

Finally as more applications are being introduced in the market, therefore impacting the whole life of many Rwandans, there is a need to make sure that these applications are securely running on the market without causing major damages in the existing business environment and ICT ecosystem. Hence, the Department of Innovation and Cyber-Security is also in charge of the Public Key Infrastructure or PKI, an infrastructure whose major goal is to avail means of securing reliable applications to Rwandans. Last but not least, the Department of Innovation and Cybersecurity is in charge of developing strategies and appropriate regulatory instruments and tools to ensure Operator’s networks are secure, stable and reliable; Overseeing and developing strategies and appropriate regulatory framework to promote PKI services in Rwanda.

1. Big Data

Rwanda considers data as a critical resource and a precious asset, hence a strong regulatory framework plays a key role to promote data industry. Big Data analytics is mainly defined as integrate structured and unstructured data with real-time feeds and queries, opening new paths to innovation and insight.

Big Data is creating significant new opportunities for organizations to derive new value and create competitive advantage from their most valuable asset which is information. For businesses, Big Data helps drive efficiency, quality, and personalized products and services, producing improved levels of customer satisfaction and profit. For scientific efforts, Big Data analytics enable new avenues of investigation with potentially richer results and deeper insights than previously available. Big Data can also enhance effectiveness and innovation for the public sector.

For RURA as a multiple regulator in addition to the mentioned benefit, leveraging technology and analytics can make for a unique moment in regulation, that lets regulators see things they couldn’t have seen or understood as well before. The regulator plays an important role for supporting innovation and prosperity that big data can drive by maintaining consumer trust and data protection.

RURA as a regulator, ensure also personal data protection guidelines which help to create a stable environment in which companies and other organizations can operate. In order to encourage innovation through big data, companies and organizations need a high level regulatory principles.

2. Information Application

The introduction of iPhone in 2007, and the initial distribution of Android the same year, marked the birth of App Economy. Rwanda aspires to become a knowledge based and information rich society by the year 2020, and the infrastructure development made so far attests to the political resolve and will. While thriving in the app economy, a number of challenges have been recorded in Rwanda, Africa and globally and one would wonder if the app economy should not be regulated!

The advent of apps economy marked tremendous development in job and wealth creation globally and Rwanda like some other African countries decided to enable the market for apps developers and players. By creating a conducive environment, it was revealed that cooperation matters between different players and developers if every player is to benefit from the market share. It is therefore paramount to have light-touch regulations in place to help different players and developers not only make profit but also address common challenges in the society without prejudicing the end users.

The department of innovation and cybersecurity strives; under the guise of Smart Rwanda Master Plan implementation; to insure that following policy principles are adhered to across all sectors:

• Access to applications should be granted on cloud first approach,

• Applications designed to be accessed on Mobile by default,

• Application development effort should adhere to Infrastructure sharing and open data principles as stipulated in regulations and guidelines

• Systems and applications should be designed with highest security standards and as stipulated in the regulations and guidelines.

• Applications and systems developed should be able to embrace future trends and emerging technologies

3. Emerging Communication Technologies

Emerging technologies are technologies that are perceived as capable of changing the status quo. These are technologies that are characterized by radical novelty, a relatively fast growth, a certain degree of coherence, persisting over time, and with the potential to exert a considerable impact on the socio-economic domain(s) which is observed in terms of the composition of actors, institutions and patterns of interactions among those, along with the associated knowledge production processes.

One of the main aspect of technology to be identified as emergent is its fast adoption, within a very short and generally recent period of time. However, the technology itself doesn’t necessarily have to be new. This can encompass older technologies that are still controversial and relatively undeveloped in potential. Sometimes these old technologies gain momentum due to technological development or a paradigm shift into the thinking of both industrials and individuals.

The newly enacted law mandates that RURA regulates ICT, however, the ICT landscape is extremely evolving, the lifecycle of products is mere days, instead of years. With this high velocity of innovation, it becomes challenging for regulators to adapt, even to know what technologies are coming on the market, with potential destructive power. In this regards, RURA has taken a lead, in getting over the market, identifying emerging technologies and trying to craft regulatory frameworks before these technologies become mainstream.

The early stages of an emerging technology’s development present a unique opportunity to shape its future. But, it is an opportunity that does not remain open forever. Interests, investment, and opinion can quickly begin to vest around certain regulatory and governance expectations. It is important to put an appropriate governance system in place early in a technology’s developmental stages, and before the commitment to the status quo becomes too great.

4. Cyber Security

One of the biggest challenges that cybersecurity incurs in the whole industry of ICT is that entities conveys ungenuine identities by claiming who they are not, therefore intruding systems and causing damages which result in lack of trust among entities that exchange information. Moreover, though there would be trust on identity of entities exchanging information, entities trust each other for a given set of event of outcomes and context, but for other contexts there would be lack of trust for a given set of event outcomes. Here the challenge lies in how to trust not only identity of entities involved in exchanging information, but also in how to universally trust all possible event outcomes in which entities are involved. 

These challenges relating to building the trust among entities are found in emerging technologies that most African countries are embracing such as fin techs, etc. To ensure that identities of entities involved in transactions are private and real, transactions are safer, RURA Innovation and Cyber-Security Department is putting in place Cyber-security regulations tools based of the newly enacted ICT law by adopting and promoting enabling technologies such as the Digital Object Architecture, Public Key Infrastructure, and Blockchain with IoT. Indeed, since all these technologies incorporate the PKI, they are the right ones to address issues of unguine identities and unprotected transactions among entities exchanging information using different applications on the market.

5. Internet Governance

As per Tunis Agenda for the Information Society, “Internet governance is the development and application by governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the internet”. The purpose of the Internet Governance is to maximize the opportunity for open and inclusive dialogue and the exchange of ideas on Internet governance (IG) related issues; create opportunities to share best practices and experiences; identify emerging issues and bring them to the attention of the relevant bodies and the general public and  contribute to capacity building for Internet governance.

The office in charge of Internet Governance at RURA develops appropriate mechanisms for the management and administration of .rw country code top level domain (.rw ccTLD) and registration of domain names; assesses and analyses  the Internet development issues and develop and ensure appropriate policies,  regulations, guidelines, processes & procedures to foster the sustainability, robustness, stability, scalability, resilience, availability, affordability, accessibility  and development of the Internet. It also handles and resolves all issues related to Domain Name System (DNS) and Internet   Protocol (IP) addresses based on ITU, ICANN and other regional organizations’ recommendations. 

The office provides technical  expertise  needed  to  ensure  smooth  transition  from    current  Internet resources, IPv4 to  IPv6 and develops appropriate mechanisms for the management of Rwanda Exchange Points.

The office consults with stakeholders on Internet Governance related issues, facilitate the exchange of information and best practices, proposing ways and means to accelerate the availability and affordability of the Internet, and make appropriate recommendations through Rwanda IGF, and International IGF including East Africa IGF, Africa IGF and World IGF. 

The office considers appropriate implementation of the global new generic top level (gTLD) domains development and protection of Rwanda reserved name list (RNL). The office represents the institution in national, regional and international fora and conferences related to the Internet resources management and International Internet related policies including AFRINIC, ICANN, and ITU.

6. Innovation Fund

The Government of Rwanda (GoR) decided to promote and implement the concept of Universal Access (UA) in ICT sector as per the Presidential Order No 05/01 of 13/03/2004, which determines the functioning of the Universal Access Fund (UAF) and public operator’s contribution. The fund is financed by contributions from licensed operators who contribute 2% of their annual turnover. The Regulatory Board has the mandate to manage this fund in a way that favours the spread and take-up of ICTs in designated remote and underserved areas of the country. Projects under Universal Access complement and integrate the overall NICI policy framework for Rwanda.

As some projects require very important investments, the Government of Rwanda (GoR) has also contributed towards making accessible the broadband connectivity in rural areas by subsidizing the layout of fibre optic backbone networks up to districts level. 2500 Km of fibre have been installed by RDB as NICI II implementation programme and the network is operational since end of 2010, providing broadband connectivity to institutions in remote and underserved areas.


Innovation and Cybersecurity